AWS KMS在加密时抛出异常

时间:2017-06-20 20:46:38

标签: amazon-web-services aws-sdk aws-kms

创建了一种使用AWS KMS加密数据的方法。它工作了一段时间然后我遇到了以下异常。即使尝试创建一个新的密钥,但没有运气!不确定这是否与帐户限制有关!

方法调用:

String keyArn = "arn:aws:kms:eu-west-1:account-id:key/key-id"; 
ByteBuffer record = ByteBuffer.wrap("Testing Encryption".getBytes("UTF-8"));                                          
DataEncryptor.encrypt(record, keyArn);

方法:

public static ByteBuffer encrypt(ByteBuffer record, String keyArn) {
    kms = new AWSKMSClient(new DefaultAWSCredentialsProviderChain().getCredentials()).withRegion(Regions.EU_WEST_1);
    EncryptRequest req = new EncryptRequest().withKeyId(keyArn).withPlaintext(record);
    EncryptResult encrypt = kms.encrypt(req);
    return encrypt.getCiphertextBlob();
}

这不是

com.amazonaws.services.kms.model.AWSKMSException: 1 validation error detected: Value at 'plaintext' failed to satisfy constraint: Member must have length greater than or equal to 1 (Service: AWSKMS; Status Code: 400; Error Code: ValidationException; Request ID: a9cb4684-55f1-11e7-8e35-b1ca13e97a3e)

at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1588)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1258)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1030)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:742)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:716)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:699)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:667)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:649)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:513)
at com.amazonaws.services.kms.AWSKMSClient.doInvoke(AWSKMSClient.java:2607)
at com.amazonaws.services.kms.AWSKMSClient.invoke(AWSKMSClient.java:2583)
at com.amazonaws.services.kms.AWSKMSClient.encrypt(AWSKMSClient.java:1256)
at com.amazon.kinesis.kafka.encryption.RecordEncryptor.encrypt(RecordEncryptor.java:41)
at com.amazon.kinesis.kafka.encryption.RecordEncryptorTest.decrypt_shouldDecryptAGivenEncryptedRecord(RecordEncryptorTest.java:37)

1 个答案:

答案 0 :(得分:0)

我认为您的文件为空,请检查您是否引用了正确的文件。 我有同样的错误,但是我引用的是错误的文件。所以我的内容在ExampleSecret中,我在命令中引用了ExampleSecret.txt。