All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.aliyun.kms.kms20160120.handlers.GenerateDataKeyTransferHandler Maven / Gradle / Ivy

Go to download

Alibaba Cloud KMS SDK for Java Copyright (C) Alibaba Cloud Computing All rights reserved. 版权所有 (C)阿里云计算有限公司 http://www.aliyun.com

There is a newer version: 1.2.5
Show newest version
package com.aliyun.kms.kms20160120.handlers;

import com.aliyun.dkms.gcs.openapi.util.models.RuntimeOptions;
import com.aliyun.dkms.gcs.sdk.Client;
import com.aliyun.dkms.gcs.sdk.models.*;
import com.aliyun.kms.kms20160120.model.KmsConfig;
import com.aliyun.kms.kms20160120.model.KmsRuntimeOptions;
import com.aliyun.kms.kms20160120.utils.ArrayUtils;
import com.aliyun.kms.kms20160120.utils.Constants;
import com.aliyun.kms.kms20160120.utils.EncryptionContextUtils;
import com.aliyun.kms20160120.models.GenerateDataKeyResponseBody;
import com.aliyun.tea.TeaException;
import com.aliyun.tea.utils.StringUtils;
import com.aliyun.teaopenapi.models.OpenApiRequest;

import java.net.HttpURLConnection;
import java.util.HashMap;
import java.util.Map;

import static com.aliyun.kms.kms20160120.utils.KmsErrorCodeTransferUtils.INVALID_PARAMETER_ERROR_CODE;
import static com.aliyun.kms.kms20160120.utils.KmsErrorCodeTransferUtils.INVALID_PARAMETER_KEY_SPEC_ERROR_MESSAGE;

public class GenerateDataKeyTransferHandler implements KmsTransferHandler {
    private Client client;
    private KmsConfig kmsConfig;
    private String action;

    public GenerateDataKeyTransferHandler(Client client, KmsConfig kmsConfig, String action) {
        this.client = client;
        this.kmsConfig = kmsConfig;
        this.action = action;
    }

    @Override
    public GenerateDataKeyRequest buildDKMSRequest(OpenApiRequest request, KmsRuntimeOptions runtimeOptions) throws TeaException {
        Map query = request.getQuery();
        com.aliyun.dkms.gcs.sdk.models.GenerateDataKeyRequest generateDataKeyDKmsRequest = new com.aliyun.dkms.gcs.sdk.models.GenerateDataKeyRequest();
        generateDataKeyDKmsRequest.setKeyId(query.get("KeyId"));
        String keySpec = query.get("KeySpec");
        Integer numberOfBytes = null;
        if (query.get("NumberOfBytes") == null) {
            if (StringUtils.isEmpty(keySpec) || Constants.KMS_KEY_PAIR_AES_256.equals(keySpec)) {
                numberOfBytes = Constants.NUMBER_OF_BYTES_AES_256;
            } else if (Constants.KMS_KEY_PAIR_AES_128.equals(keySpec)) {
                numberOfBytes = Constants.NUMBER_OF_BYTES_AES_128;
            } else {
                throw new TeaException(new HashMap() {
                    {
                        put("code", INVALID_PARAMETER_ERROR_CODE);
                        put("message", INVALID_PARAMETER_KEY_SPEC_ERROR_MESSAGE);
                    }
                });
            }
        } else {
            numberOfBytes = Integer.parseInt(query.get("NumberOfBytes"));
        }
        generateDataKeyDKmsRequest.setNumberOfBytes(numberOfBytes);
        String encryptionContext = query.get("EncryptionContext");
        if (!StringUtils.isEmpty(encryptionContext)) {
            generateDataKeyDKmsRequest.setAad(EncryptionContextUtils.sortAndEncode(encryptionContext, runtimeOptions.getCharset() == null ? this.kmsConfig.getCharset() : runtimeOptions.getCharset()));
        }
        return generateDataKeyDKmsRequest;
    }


    @Override
    public GenerateDataKeyResponse callDKMS(GenerateDataKeyRequest generateDataKeyRequest, KmsRuntimeOptions runtimeOptions) throws Exception {
        RuntimeOptions dkmsRuntimeOptions = transferRuntimeOptions(runtimeOptions);
        dkmsRuntimeOptions.setResponseHeaders(responseHeaders);
        com.aliyun.dkms.gcs.sdk.models.GenerateDataKeyResponse generateDataKeyResponse = client.generateDataKeyWithOptions(generateDataKeyRequest, dkmsRuntimeOptions);
        EncryptRequest encryptRequest = new EncryptRequest();
        encryptRequest.setKeyId(generateDataKeyRequest.getKeyId());
        encryptRequest.setPlaintext(base64.encodeAsString(generateDataKeyResponse.getPlaintext()).getBytes(runtimeOptions.getCharset() == null ? this.kmsConfig.getCharset() : runtimeOptions.getCharset()));
        encryptRequest.setAad(generateDataKeyRequest.getAad());
        EncryptResponse encryptResponse = client.encryptWithOptions(encryptRequest, dkmsRuntimeOptions);
        generateDataKeyResponse.setCiphertextBlob(encryptResponse.getCiphertextBlob());
        generateDataKeyResponse.setIv(encryptResponse.getIv());
        return generateDataKeyResponse;
    }

    @Override
    public Map transferToOpenApiResponse(GenerateDataKeyResponse generateDataKeyResponse, KmsRuntimeOptions runtimeOptions) throws TeaException {
        Map responseHeaders = generateDataKeyResponse.getResponseHeaders();
        String keyVersionId;
        if (responseHeaders == null || responseHeaders.size() == 0 || StringUtils.isEmpty(keyVersionId = responseHeaders.get(Constants.MIGRATION_KEY_VERSION_ID_KEY))) {
            throw new RuntimeException(String.format("Can not found response headers parameter[%s]", Constants.MIGRATION_KEY_VERSION_ID_KEY));
        }
        byte[] ciphertextBlob = ArrayUtils.concatAll(keyVersionId.getBytes(runtimeOptions.getCharset() == null ? this.kmsConfig.getCharset() : runtimeOptions.getCharset()), generateDataKeyResponse.getIv(), generateDataKeyResponse.getCiphertextBlob());
        GenerateDataKeyResponseBody body = new GenerateDataKeyResponseBody();
        body.setKeyId(generateDataKeyResponse.getKeyId());
        body.setKeyVersionId(keyVersionId);
        body.setRequestId(generateDataKeyResponse.getRequestId());
        body.setPlaintext(base64.encodeToString(generateDataKeyResponse.getPlaintext()));
        body.setCiphertextBlob(base64.encodeToString(ciphertextBlob));
        final com.aliyun.kms20160120.models.GenerateDataKeyResponse generateDataKeyKmsResponse = new com.aliyun.kms20160120.models.GenerateDataKeyResponse();
        generateDataKeyKmsResponse.setBody(body);
        generateDataKeyKmsResponse.setHeaders(responseHeaders);
        generateDataKeyKmsResponse.setStatusCode(HttpURLConnection.HTTP_OK);
        return generateDataKeyKmsResponse.toMap();
    }

    @Override
    public com.aliyun.dkms.gcs.openapi.Client getClient() {
        return client;
    }

    @Override
    public String getAction() {
        return action;
    }
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy