public object Execute(ExecutorContext context)
{
System.IO.MemoryStream _CiphertextBlobStream = null;
try
{
var cmdletContext = context as CmdletContext;
// create request
var request = new Amazon.KeyManagementService.Model.DecryptRequest();
if (cmdletContext.CiphertextBlob != null)
{
_CiphertextBlobStream = new System.IO.MemoryStream(cmdletContext.CiphertextBlob);
request.CiphertextBlob = _CiphertextBlobStream;
}
if (cmdletContext.EncryptionContext != null)
{
request.EncryptionContext = cmdletContext.EncryptionContext;
}
if (cmdletContext.GrantToken != null)
{
request.GrantTokens = cmdletContext.GrantToken;
}
CmdletOutput output;
// issue call
var client = Client ?? CreateClient(_CurrentCredentials, _RegionEndpoint);
try
{
var response = CallAWSServiceOperation(client, request);
object pipelineOutput = null;
pipelineOutput = cmdletContext.Select(response, this);
output = new CmdletOutput
{
PipelineOutput = pipelineOutput,
ServiceResponse = response
};
}
catch (Exception e)
{
output = new CmdletOutput {
ErrorResponse = e
};
}
return(output);
}
finally
{
if (_CiphertextBlobStream != null)
{
_CiphertextBlobStream.Dispose();
}
}
}
/// <summary>
/// Initiates the asynchronous execution of the Decrypt operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the Decrypt operation.</param>
/// <param name="cancellationToken">
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
/// </param>
/// <returns>The task object representing the asynchronous operation.</returns>
public Task<DecryptResponse> DecryptAsync(DecryptRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var marshaller = new DecryptRequestMarshaller();
var unmarshaller = DecryptResponseUnmarshaller.Instance;
return InvokeAsync<DecryptRequest,DecryptResponse>(request, marshaller,
unmarshaller, cancellationToken);
}
/// <summary>
/// Decrypts ciphertext. Ciphertext is plaintext that has been previously encrypted by
/// using any of the following functions: <ul> <li><a>GenerateDataKey</a></li> <li><a>GenerateDataKeyWithoutPlaintext</a></li>
/// <li><a>Encrypt</a></li> </ul>
///
///
/// <para>
/// Note that if a caller has been granted access permissions to all keys (through, for
/// example, IAM user policies that grant <code>Decrypt</code> permission on all resources),
/// then ciphertext encrypted by using keys in other accounts where the key grants access
/// to the caller can be decrypted. To remedy this, we recommend that you do not grant
/// <code>Decrypt</code> access in an IAM user policy. Instead grant <code>Decrypt</code>
/// access only in key policies. If you must grant <code>Decrypt</code> access in an IAM
/// user policy, you should scope the resource to specific keys or to specific trusted
/// accounts.
/// </para>
/// </summary>
/// <param name="request">Container for the necessary parameters to execute the Decrypt service method.</param>
///
/// <returns>The response from the Decrypt service method, as returned by KeyManagementService.</returns>
/// <exception cref="Amazon.KeyManagementService.Model.DependencyTimeoutException">
/// The system timed out while trying to fulfill the request.
/// </exception>
/// <exception cref="Amazon.KeyManagementService.Model.DisabledException">
/// A request was rejected because the specified key was marked as disabled.
/// </exception>
/// <exception cref="Amazon.KeyManagementService.Model.InvalidCiphertextException">
/// The request was rejected because the specified ciphertext has been corrupted or is
/// otherwise invalid.
/// </exception>
/// <exception cref="Amazon.KeyManagementService.Model.InvalidGrantTokenException">
/// A grant token provided as part of the request is invalid.
/// </exception>
/// <exception cref="Amazon.KeyManagementService.Model.KeyUnavailableException">
/// The request was rejected because the key was disabled, not found, or otherwise not
/// available.
/// </exception>
/// <exception cref="Amazon.KeyManagementService.Model.KMSInternalException">
/// The request was rejected because an internal exception occurred. This error can be
/// retried.
/// </exception>
/// <exception cref="Amazon.KeyManagementService.Model.NotFoundException">
/// The request was rejected because the specified entity or resource could not be found.
/// </exception>
public DecryptResponse Decrypt(DecryptRequest request)
{
var marshaller = new DecryptRequestMarshaller();
var unmarshaller = DecryptResponseUnmarshaller.Instance;
return Invoke<DecryptRequest,DecryptResponse>(request, marshaller, unmarshaller);
}
private Amazon.KeyManagementService.Model.DecryptResponse CallAWSServiceOperation(IAmazonKeyManagementService client, Amazon.KeyManagementService.Model.DecryptRequest request)
{
Utils.Common.WriteVerboseEndpointMessage(this, client.Config, "AWS Key Management Service", "Decrypt");
try
{
#if DESKTOP
return(client.Decrypt(request));
#elif CORECLR
return(client.DecryptAsync(request).GetAwaiter().GetResult());
#else
#error "Unknown build edition"
#endif
}
catch (AmazonServiceException exc)
{
var webException = exc.InnerException as System.Net.WebException;
if (webException != null)
{
throw new Exception(Utils.Common.FormatNameResolutionFailureMessage(client.Config, webException.Message), webException);
}
throw;
}
}
/// <summary>
/// Initiates the asynchronous execution of the Decrypt operation.
/// </summary>
///
/// <param name="request">Container for the necessary parameters to execute the Decrypt operation on AmazonKeyManagementServiceClient.</param>
/// <param name="callback">An AsyncCallback delegate that is invoked when the operation completes.</param>
/// <param name="state">A user-defined state object that is passed to the callback procedure. Retrieve this object from within the callback
/// procedure using the AsyncState property.</param>
///
/// <returns>An IAsyncResult that can be used to poll or wait for results, or both; this value is also needed when invoking EndDecrypt
/// operation.</returns>
public IAsyncResult BeginDecrypt(DecryptRequest request, AsyncCallback callback, object state)
{
var marshaller = new DecryptRequestMarshaller();
var unmarshaller = DecryptResponseUnmarshaller.Instance;
return BeginInvoke<DecryptRequest>(request, marshaller, unmarshaller,
callback, state);
}
public byte[] DecryptKey(byte[] cipherText, IDictionary<string, string> context)
{
var req = new DecryptRequest
{
CiphertextBlob = new MemoryStream(cipherText),
EncryptionContext = AsDictionary(context)
};
return _client.Decrypt(req).Plaintext.ToArray();
}
