Skip to content

chore(docs): update README get started example #423

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Nov 30, 2021
Merged

chore(docs): update README get started example #423

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
14d3ddc
chore(docs): update README get started example
josecorella Nov 23, 2021
f633791
chore: update feedback
josecorella Nov 24, 2021
c81a95d
Create README.md
juneb Nov 30, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 14 additions & 9 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,8 @@ The following code sample demonstrates how to get started:
// You provide the KMS key ARN and plaintext string as arguments.
package com.amazonaws.crypto.examples;

import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Collections;
import java.util.Map;

Expand All @@ -97,20 +99,22 @@ public class StringExample {

// Set up the master key provider
final KmsMasterKeyProvider prov = KmsMasterKeyProvider.builder().buildStrict(keyArn);

// Set up encryption context
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// Set up encryption context
// Set up the encryption context

final Map<String, String> context = Collections.singletonMap("ExampleContextKey", "ExampleContextValue");

// Encrypt the data
//
// NOTE: Encrypted data should have associated encryption context
// to protect integrity. For this example, just use a placeholder
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// to protect integrity. For this example, just use a placeholder
// to protect its integrity. This example uses placeholder values.

We don't want to tell users to use placeholder values.

// value. For more information about encryption context, see
// https://amzn.to/1nSbe9X (blogs.aws.amazon.com)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/concepts.html#encryption-context

final Map<String, String> context = Collections.singletonMap("Example", "String");

final String ciphertext = crypto.encryptString(prov, data, context).getResult();
System.out.println("Ciphertext: " + ciphertext);
final CryptoResult<byte[], KmsMasterKey> encryptResult = crypto.encryptData(prov, data.getBytes(StandardCharsets.UTF_8), context);
final byte[] ciphertext = encryptResult.getResult();
System.out.println("Ciphertext: " + Arrays.toString(ciphertext));

// Decrypt the data
final CryptoResult<String, KmsMasterKey> decryptResult = crypto.decryptString(prov, ciphertext);
final CryptoResult<byte[], KmsMasterKey> decryptResult = crypto.decryptData(prov, ciphertext);
// Check the encryption context (and ideally the master key) to
// ensure this is the expected ciphertext
if (!decryptResult.getMasterKeyIds().get(0).equals(keyArn)) {
Expand All @@ -119,14 +123,15 @@ public class StringExample {

// The SDK may add information to the encryption context, so check to
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// The SDK may add information to the encryption context, so check to
// The AWS Encryption SDK may add information to the encryption context, so check to

// ensure all of the values are present
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// ensure all of the values are present
// ensure all of the values that you specified when encrypting are included in the returned encryption context.

for (final Map.Entry<String, String> e : context.entrySet()) {
if (!e.getValue().equals(decryptResult.getEncryptionContext().get(e.getKey()))) {
if (!context.entrySet().stream
.allMatch( e -> e.getValue().equals(decryptResult.getEncryptionContext().get(e.getKey())))) {
throw new IllegalStateException("Wrong Encryption Context!");
}
}

assert Arrays.equals(decryptResult.getResult(), data.getBytes(StandardCharsets.UTF_8));

// The data is correct, so output it.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// The data is correct, so output it.
// The data is correct, so return it.

System.out.println("Decrypted: " + decryptResult.getResult());
System.out.println("Decrypted: " + Arrays.toString(decryptResult.getResult()));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should print the decrypted data as a string since that's how it arrived:

Suggested change
System.out.println("Decrypted: " + Arrays.toString(decryptResult.getResult()));
System.out.println("Decrypted: " + new String(decryptResult.getResult(), StandardCharsets.UTF8));

}
}
```
Expand Down