Skip to content

Support KMS asymmetric keys #237

New issue
New issue
Open
Open
Support KMS asymmetric keys#237
Labels
enhancement
@anmgarg

Description

@anmgarg
anmgarg
opened on Feb 18, 2021

Hello,

I am unable to figure out few things while using kms. I have the following use case:

  1. GenerateDataKeyPairWithoutPlainText - CLI
  2. Store the above generated keys in the AWS secret manager - Console
  3. Fetch the public key and give it to the client - Java
  4. Client encrypts data and send it to us.- Java
  5. We fetch the private key from the secret manager and decrypt data sent to us by client. - Java

I have executed the first three steps and need a Java Example for the last two. Thanks!

Activity

alex-chew

alex-chew commented on Feb 22, 2021

@alex-chew
alex-chew
on Feb 22, 2021
Contributor

Hi, thanks for reaching out. The Encryption SDK doesn't support using KMS asymmetric keys for encryption and decryption, and so we don't have examples for that.

For the use case you describe, you probably don't need to involve Secrets Manager - you can use KMS directly. The KMS Developer Guide [1] explains how to use asymmetric key pairs [2] and how access the public key [3].

[1] https://docs.aws.amazon.com/kms/latest/developerguide/overview.html
[2] https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html#asymmetric-cmks
[3] https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html

lavaleri
added
enhancement
on Dec 9, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancement

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      Support KMS asymmetric keys · Issue #237 · aws/aws-encryption-sdk-java