Decrypt Method

Decrypts data using a CMK.

Syntax

int Decrypt(const QString& qsKeyId, const QString& qsAlgorithm);

Remarks

This method decrypts data using the CMK specified by KeyId and the given Algorithm. The data to decrypt is taken from the the specified InputFile or the InputData property. The decrypted data is output to the the specified OutputFile or the OutputData property.

The value passed for the KeyId parameter must be the Id or ARN of a CMK, or the name or ARN of an alias, in the current Region. If an ARN is provided, it can be for a CMK or alias in another account so long as the appropriate permissions are in place.

The Algorithm parameter specifies which algorithm to use to decrypt the data; it must match the algorithm used to encrypt the data previously. Possible values vary depending on the specified CMK's key spec:

CMK's Key Spec Valid Algorithms
SYMMETRIC_DEFAULT SYMMETRIC_DEFAULT (default if empty)
RSA_2048 RSAES_OAEP_SHA_1
RSAES_OAEP_SHA_256
RSA_3072 RSAES_OAEP_SHA_1
RSAES_OAEP_SHA_256
RSA_4096 RSAES_OAEP_SHA_1
RSAES_OAEP_SHA_256

If Algorithm is SYMMETRIC_DEFAULT, the encryption context items in the EncryptionContext* properties will be included in the request. Keep in mind that in order to successfully decrypt the data, the exact same encryption context items that were present when the data was encrypted must be supplied again. Encryption context items are case-sensitive, but not order-sensitive.

This method will fail if any of the following are true regarding the specified CMK:

  • Its KeyState is anything other than aksEnabled (0).
  • It is for signing/verification instead of encryption/decryption (see KeyForSigning).
  • It is an AWS-managed CMK (see KeyAWSManaged).

Error Handling

This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)

Copyright (c) 2022 /n software inc. - All rights reserved.
Cloud Keys 2020 Qt Edition - Version 20.0 [Build 8157]