public object Execute(ExecutorContext context) { System.IO.MemoryStream _CiphertextBlobStream = null; try { var cmdletContext = context as CmdletContext; // create request var request = new Amazon.KeyManagementService.Model.DecryptRequest(); if (cmdletContext.CiphertextBlob != null) { _CiphertextBlobStream = new System.IO.MemoryStream(cmdletContext.CiphertextBlob); request.CiphertextBlob = _CiphertextBlobStream; } if (cmdletContext.EncryptionContext != null) { request.EncryptionContext = cmdletContext.EncryptionContext; } if (cmdletContext.GrantToken != null) { request.GrantTokens = cmdletContext.GrantToken; } CmdletOutput output; // issue call var client = Client ?? CreateClient(_CurrentCredentials, _RegionEndpoint); try { var response = CallAWSServiceOperation(client, request); object pipelineOutput = null; pipelineOutput = cmdletContext.Select(response, this); output = new CmdletOutput { PipelineOutput = pipelineOutput, ServiceResponse = response }; } catch (Exception e) { output = new CmdletOutput { ErrorResponse = e }; } return(output); } finally { if (_CiphertextBlobStream != null) { _CiphertextBlobStream.Dispose(); } } }
/// <summary> /// Initiates the asynchronous execution of the Decrypt operation. /// </summary> /// /// <param name="request">Container for the necessary parameters to execute the Decrypt operation.</param> /// <param name="cancellationToken"> /// A cancellation token that can be used by other objects or threads to receive notice of cancellation. /// </param> /// <returns>The task object representing the asynchronous operation.</returns> public Task<DecryptResponse> DecryptAsync(DecryptRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken)) { var marshaller = new DecryptRequestMarshaller(); var unmarshaller = DecryptResponseUnmarshaller.Instance; return InvokeAsync<DecryptRequest,DecryptResponse>(request, marshaller, unmarshaller, cancellationToken); }
/// <summary> /// Decrypts ciphertext. Ciphertext is plaintext that has been previously encrypted by /// using any of the following functions: <ul> <li><a>GenerateDataKey</a></li> <li><a>GenerateDataKeyWithoutPlaintext</a></li> /// <li><a>Encrypt</a></li> </ul> /// /// /// <para> /// Note that if a caller has been granted access permissions to all keys (through, for /// example, IAM user policies that grant <code>Decrypt</code> permission on all resources), /// then ciphertext encrypted by using keys in other accounts where the key grants access /// to the caller can be decrypted. To remedy this, we recommend that you do not grant /// <code>Decrypt</code> access in an IAM user policy. Instead grant <code>Decrypt</code> /// access only in key policies. If you must grant <code>Decrypt</code> access in an IAM /// user policy, you should scope the resource to specific keys or to specific trusted /// accounts. /// </para> /// </summary> /// <param name="request">Container for the necessary parameters to execute the Decrypt service method.</param> /// /// <returns>The response from the Decrypt service method, as returned by KeyManagementService.</returns> /// <exception cref="Amazon.KeyManagementService.Model.DependencyTimeoutException"> /// The system timed out while trying to fulfill the request. /// </exception> /// <exception cref="Amazon.KeyManagementService.Model.DisabledException"> /// A request was rejected because the specified key was marked as disabled. /// </exception> /// <exception cref="Amazon.KeyManagementService.Model.InvalidCiphertextException"> /// The request was rejected because the specified ciphertext has been corrupted or is /// otherwise invalid. /// </exception> /// <exception cref="Amazon.KeyManagementService.Model.InvalidGrantTokenException"> /// A grant token provided as part of the request is invalid. /// </exception> /// <exception cref="Amazon.KeyManagementService.Model.KeyUnavailableException"> /// The request was rejected because the key was disabled, not found, or otherwise not /// available. /// </exception> /// <exception cref="Amazon.KeyManagementService.Model.KMSInternalException"> /// The request was rejected because an internal exception occurred. This error can be /// retried. /// </exception> /// <exception cref="Amazon.KeyManagementService.Model.NotFoundException"> /// The request was rejected because the specified entity or resource could not be found. /// </exception> public DecryptResponse Decrypt(DecryptRequest request) { var marshaller = new DecryptRequestMarshaller(); var unmarshaller = DecryptResponseUnmarshaller.Instance; return Invoke<DecryptRequest,DecryptResponse>(request, marshaller, unmarshaller); }
private Amazon.KeyManagementService.Model.DecryptResponse CallAWSServiceOperation(IAmazonKeyManagementService client, Amazon.KeyManagementService.Model.DecryptRequest request) { Utils.Common.WriteVerboseEndpointMessage(this, client.Config, "AWS Key Management Service", "Decrypt"); try { #if DESKTOP return(client.Decrypt(request)); #elif CORECLR return(client.DecryptAsync(request).GetAwaiter().GetResult()); #else #error "Unknown build edition" #endif } catch (AmazonServiceException exc) { var webException = exc.InnerException as System.Net.WebException; if (webException != null) { throw new Exception(Utils.Common.FormatNameResolutionFailureMessage(client.Config, webException.Message), webException); } throw; } }
/// <summary> /// Initiates the asynchronous execution of the Decrypt operation. /// </summary> /// /// <param name="request">Container for the necessary parameters to execute the Decrypt operation on AmazonKeyManagementServiceClient.</param> /// <param name="callback">An AsyncCallback delegate that is invoked when the operation completes.</param> /// <param name="state">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback /// procedure using the AsyncState property.</param> /// /// <returns>An IAsyncResult that can be used to poll or wait for results, or both; this value is also needed when invoking EndDecrypt /// operation.</returns> public IAsyncResult BeginDecrypt(DecryptRequest request, AsyncCallback callback, object state) { var marshaller = new DecryptRequestMarshaller(); var unmarshaller = DecryptResponseUnmarshaller.Instance; return BeginInvoke<DecryptRequest>(request, marshaller, unmarshaller, callback, state); }
public byte[] DecryptKey(byte[] cipherText, IDictionary<string, string> context) { var req = new DecryptRequest { CiphertextBlob = new MemoryStream(cipherText), EncryptionContext = AsDictionary(context) }; return _client.Decrypt(req).Plaintext.ToArray(); }