Skip to content

Instantly share code, notes, and snippets.

@awswithdotnet
Created March 3, 2022 19:23
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save awswithdotnet/a4c0310ff59ea55b2e0e7f71c7097be4 to your computer and use it in GitHub Desktop.
kms Crypto AESDecrypter Decrypt
using System;
using System.IO;
using System.Security.Cryptography;
using System.Threading.Tasks;
using Abstractions;
using Amazon.KeyManagementService;
using Amazon.KeyManagementService.Model;
namespace Crypto
{
public class AESDecrypter : IDecrypter
{
private readonly string _keyId = "<your-key>";
private readonly byte[] _iv = new byte[] { 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
public async Task<string> Decrypt(IEncryptionPackage encryptionPackage)
{
AmazonKeyManagementServiceClient kmsClient = new AmazonKeyManagementServiceClient();
MemoryStream ciphertextBlob = new MemoryStream(Convert.FromBase64String((encryptionPackage.EncryptedKey)));
DecryptRequest decryptRequest = new DecryptRequest()
{
CiphertextBlob = ciphertextBlob,
KeyId = _keyId
};
DecryptResponse decryptResponse = await kmsClient.DecryptAsync(decryptRequest);
byte[] key = decryptResponse.Plaintext.ToArray();
string plainText = String.Empty;
byte[] byteData = Convert.FromBase64String(encryptionPackage.CipherText);
using (Aes aes = Aes.Create())
{
using (MemoryStream memoryStream = new MemoryStream(byteData))
{
using (CryptoStream cryptoStream = new CryptoStream(memoryStream, aes.CreateDecryptor(key, _iv), CryptoStreamMode.Read))
{
using (StreamReader streamReader = new StreamReader(cryptoStream))
{
plainText = streamReader.ReadToEnd();
}
}
}
}
return plainText;
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment