in sdk1/src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/materials/WrappedRawMaterials.java [157:180]
protected SecretKey unwrapKey(
Map<String, String> description, byte[] encryptedKey, String wrappingAlgorithm)
throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
if (unwrappingKey instanceof DelegatedKey) {
return (SecretKey)
((DelegatedKey) unwrappingKey)
.unwrap(
encryptedKey,
description.get(CONTENT_KEY_ALGORITHM),
Cipher.SECRET_KEY,
null,
wrappingAlgorithm);
} else {
Cipher cipher = Cipher.getInstance(wrappingAlgorithm);
// This can be of the form "AES/256" as well as "AES" e.g.,
// but we want to set the SecretKey with just "AES" in either case
String[] algPieces = description.get(CONTENT_KEY_ALGORITHM).split("/", 2);
String contentKeyAlgorithm = algPieces[0];
cipher.init(Cipher.UNWRAP_MODE, unwrappingKey, Utils.getRng());
return (SecretKey) cipher.unwrap(encryptedKey, contentKeyAlgorithm, Cipher.SECRET_KEY);
}
}