Refactored KMS code examples (#550)

tokio = { version = "1", features = ["full"]}

structopt = { version = "0.3", default-features = false }

base64 = "0.13.0"

# optional

env_logger = "0.8.2"

tracing-subscriber = { version = "0.2.16", features = ["fmt"] }

 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.

 * SPDX-License-Identifier: Apache-2.0.

 */

use std::process;

use kms::{Client, Config, Region};

use aws_types::region::ProvideRegion;

use kms::{Client, Config, Error, Region, PKG_VERSION};

use structopt::StructOpt;

use tracing_subscriber::fmt::format::FmtSpan;

use tracing_subscriber::fmt::SubscriberBuilder;

#[derive(Debug, StructOpt)]

struct Opt {

    /// The region. Overrides environment variable AWS_DEFAULT_REGION.

    /// The default AWS Region.

    #[structopt(short, long)]

    default_region: Option<String>,

    /// Activate verbose mode    

    /// Whether to display additional information.

    #[structopt(short, long)]

    verbose: bool,

}

/// Creates an AWS KMS key.

/// # Arguments

///

/// * `[-d DEFAULT-REGION]` - The region in which the client is created.

///    If not supplied, uses the value of the **AWS_DEFAULT_REGION** environment variable.

/// * `[-d DEFAULT-REGION]` - The Region in which the client is created.

///    If not supplied, uses the value of the **AWS_REGION** environment variable.

///    If the environment variable is not set, defaults to **us-west-2**.

/// * `[-v]` - Whether to display additional information.

#[tokio::main]

async fn main() {

async fn main() -> Result<(), Error> {

    tracing_subscriber::fmt::init();

    let Opt {

        default_region,

        verbose,

        .or_else(|| aws_types::region::default_provider().region())

        .unwrap_or_else(|| Region::new("us-west-2"));

    println!();

    if verbose {

        println!("KMS client version: {}\n", kms::PKG_VERSION);

        println!("KMS version: {}", PKG_VERSION);

        println!("Region:      {:?}", &region);

        SubscriberBuilder::default()

            .with_env_filter("info")

            .with_span_events(FmtSpan::CLOSE)

            .init();

        println!();

    }

    let conf = Config::builder().region(region).build();

    let client = Client::from_conf(conf);

    match client.create_key().send().await {

        Ok(resp) => {

    let resp = client.create_key().send().await?;

    let id = resp

        .key_metadata

        .unwrap()

        .key_id

        .unwrap_or_else(|| String::from("No ID!"));

    println!("Key: {}", id);

        }

        Err(e) => {

            println!("Got error creating key:");

            println!("{}", e);

            process::exit(1);

        }

    };

    Ok(())

}

 * SPDX-License-Identifier: Apache-2.0.

 */

use std::fs;

use std::process;

use kms::{Blob, Client, Config, Region};

use aws_types::region::ProvideRegion;

use kms::{Blob, Client, Config, Error, Region, PKG_VERSION};

use std::fs;

use structopt::StructOpt;

use tracing_subscriber::fmt::format::FmtSpan;

use tracing_subscriber::fmt::SubscriberBuilder;

#[derive(Debug, StructOpt)]

struct Opt {

    /// The region. Overrides environment variable AWS_DEFAULT_REGION.

    /// The default AWS Region.

    #[structopt(short, long)]

    default_region: Option<String>,

    /// Specifies the encryption key

    /// The encryption key.

    #[structopt(short, long)]

    key: String,

    /// The name of the input file with encrypted text to decrypt

    /// The name of the input file with encrypted text to decrypt.

    #[structopt(short, long)]

    input: String,

    input_file: String,

    /// Specifies whether to display additonal runtime informmation

    /// Whether to display additonal informmation.

    #[structopt(short, long)]

    verbose: bool,

}

/// # Arguments

///

/// * `-k KEY` - The encryption key.

/// * `-i INPUT` - The encrypted string.

/// * `[-d DEFAULT-REGION]` - The region in which the client is created.

///    If not supplied, uses the value of the **AWS_DEFAULT_REGION** environment variable.

/// * `-i INPUT-FILE` - The name of the file containing the encrypted string.

/// * `[-d DEFAULT-REGION]` - The Region in which the client is created.

///    If not supplied, uses the value of the **AWS_REGION** environment variable.

///    If the environment variable is not set, defaults to **us-west-2**.

/// * `[-v]` - Whether to display additional information.

#[tokio::main]

async fn main() {

async fn main() -> Result<(), Error> {

    tracing_subscriber::fmt::init();

    let Opt {

        key,

        input,

        input_file,

        default_region,

        verbose,

    } = Opt::from_args();

        .or_else(|| aws_types::region::default_provider().region())

        .unwrap_or_else(|| Region::new("us-west-2"));

    println!();

    if verbose {

        println!("KMS client version: {}\n", kms::PKG_VERSION);

        println!("KMS version: {}", PKG_VERSION);

        println!("Region:      {:?}", &region);

        println!("Key:    {}", key);

        println!("Input:  {}", input);

        SubscriberBuilder::default()

            .with_env_filter("info")

            .with_span_events(FmtSpan::CLOSE)

            .init();

        println!("Key:         {}", &key);

        println!("Input:       {}", &input_file);

        println!();

    }

    let conf = Config::builder().region(region).build();

    // Open input text file and get contents as a string

    // input is a base-64 encoded string, so decode it:

    let data = fs::read_to_string(input)

    let data = fs::read_to_string(input_file)

        .map(|input| {

            base64::decode(input).expect("Input file does not contain valid base 64 characters.")

        })

        .map(Blob::new);

    let resp = match client

    let resp = client

        .decrypt()

        .key_id(key)

        .ciphertext_blob(data.unwrap())

        .send()

        .await

    {

        Ok(output) => output,

        Err(e) => {

            eprintln!("Encryption failure: {}", e);

            process::exit(1);

        }

    };

        .await?;

    let inner = resp.plaintext.unwrap();

    let bytes = inner.as_ref();

    let s = match String::from_utf8(bytes.to_vec()) {

        Ok(v) => v,

        Err(e) => panic!("Invalid UTF-8 sequence: {}", e),

    };

    let s = String::from_utf8(bytes.to_vec()).expect("Could not convert to UTF-8");

    println!();

    println!("Decoded string:");

    println!("{}", s);

    Ok(())

}

 * SPDX-License-Identifier: Apache-2.0.

 */

use aws_types::region::ProvideRegion;

use kms::{Blob, Client, Config, Error, Region, PKG_VERSION};

use std::fs::File;

use std::io::Write;

use std::process;

use kms::{Blob, Client, Config, Region};

use aws_types::region::ProvideRegion;

use structopt::StructOpt;

use tracing_subscriber::fmt::format::FmtSpan;

use tracing_subscriber::fmt::SubscriberBuilder;

#[derive(Debug, StructOpt)]

struct Opt {

    /// The region. Overrides environment variable AWS_DEFAULT_REGION.

    /// The default AWS Region.

    #[structopt(short, long)]

    default_region: Option<String>,

    /// Specifies the encryption key

    /// The encryption key.

    #[structopt(short, long)]

    key: String,

    /// Specifies the text to encrypt

    /// The text to encrypt.

    #[structopt(short, long)]

    text: String,

    /// Specifies the name of the file to store the encrypted text in

    /// The name of the file to store the encrypted text in.

    #[structopt(short, long)]

    out: String,

    out_file: String,

    /// Whether to display additional runtime information

    /// Whether to display additional information.

    #[structopt(short, long)]

    verbose: bool,

}

/// # Arguments

///

/// * `-k KEY` - The KMS key.

/// * `-o OUT` - The name of the file to store the encryped key in.

/// * `-o OUT-FILE` - The name of the file to store the encryped key in.

/// * `-t TEXT` - The string to encrypt.

/// * `[-d DEFAULT-REGION]` - The region in which the client is created.

///    If not supplied, uses the value of the **AWS_DEFAULT_REGION** environment variable.

/// * `[-d DEFAULT-REGION]` - The Region in which the client is created.

///    If not supplied, uses the value of the **AWS_REGION** environment variable.

///    If the environment variable is not set, defaults to **us-west-2**.

/// * `[-v]` - Whether to display additional information.

#[tokio::main]

async fn main() {

async fn main() -> Result<(), Error> {

    tracing_subscriber::fmt::init();

    let Opt {

        key,

        out,

        out_file,

        default_region,

        text,

        verbose,

        .or_else(|| aws_types::region::default_provider().region())

        .unwrap_or_else(|| Region::new("us-west-2"));

    println!();

    if verbose {

        println!("KMS client version: {}\n", kms::PKG_VERSION);

        println!("KMS version: {}", PKG_VERSION);

        println!("Region:      {:?}", &region);

        println!("Key:    {}", key);

        println!("Text:   {}", text);

        println!("Out:    {}", out);

        SubscriberBuilder::default()

            .with_env_filter("info")

            .with_span_events(FmtSpan::CLOSE)

            .init();

        println!("Key:         {}", &key);

        println!("Text:        {}", &text);

        println!("Output file: {}", &out_file);

        println!();

    }

    let conf = Config::builder().region(region).build();

    let blob = Blob::new(text.as_bytes());

    let resp = match client.encrypt().key_id(key).plaintext(blob).send().await {

        Ok(output) => output,

        Err(e) => {

            eprintln!("Encryption failure: {}", e);

            process::exit(1);

        }

    };

    let resp = client.encrypt().key_id(key).plaintext(blob).send().await?;

    // Did we get an encrypted blob?

    let blob = resp.ciphertext_blob.expect("Could not get encrypted text");

    let s = base64::encode(&bytes);

    let mut ofile = File::create(&out).expect("unable to create file");

    let mut ofile = File::create(&out_file).expect("unable to create file");

    ofile.write_all(s.as_bytes()).expect("unable to write");

    if verbose {

        println!("Wrote the following to {}", &out);

        println!("Wrote the following to {:?}", out_file);

        println!("{}", s);

    }

    Ok(())

}

 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.

 * SPDX-License-Identifier: Apache-2.0.

 */

use std::process;

use kms::model::DataKeySpec;

use kms::{Client, Config, Region};

use aws_types::region::ProvideRegion;

use kms::model::DataKeySpec;

use kms::{Client, Config, Error, Region, PKG_VERSION};

use structopt::StructOpt;

use tracing_subscriber::fmt::format::FmtSpan;

use tracing_subscriber::fmt::SubscriberBuilder;

#[derive(Debug, StructOpt)]

struct Opt {

    /// The region. Overrides environment variable AWS_DEFAULT_REGION.

    /// The default AWS Region.

    #[structopt(short, long)]

    default_region: Option<String>,

    /// Specifies the encryption key

    /// The encryption key.

    #[structopt(short, long)]

    key: String,

    /// Specifies whether to display additonal runtime information

    /// Whether to display additonal information.

    #[structopt(short, long)]

    verbose: bool,

}

/// # Arguments

///

/// * `[-k KEY]` - The name of the data key.

/// * `[-d DEFAULT-REGION]` - The region in which the client is created.

///    If not supplied, uses the value of the **AWS_DEFAULT_REGION** environment variable.

/// * `[-d DEFAULT-REGION]` - The Region in which the client is created.

///    If not supplied, uses the value of the **AWS_REGION** environment variable.

///    If the environment variable is not set, defaults to **us-west-2**.

/// * `[-v]` - Whether to display additional information.

#[tokio::main]

async fn main() {

async fn main() -> Result<(), Error> {

    tracing_subscriber::fmt::init();

    let Opt {

        key,

        default_region,

        .or_else(|| aws_types::region::default_provider().region())

        .unwrap_or_else(|| Region::new("us-west-2"));

    println!();

    if verbose {

        println!("GenerateDataKeyWithoutPlaintext called with options:");

        println!("KMS version: {}", PKG_VERSION);

        println!("Region:      {:?}", &region);

        println!("KMS key: {}", key);

        SubscriberBuilder::default()

            .with_env_filter("info")

            .with_span_events(FmtSpan::CLOSE)

            .init();

        println!("KMS key:     {}", &key);

        println!();

    }

    let conf = Config::builder().region(region).build();

    let client = Client::from_conf(conf);

    let resp = match client

    let resp = client

        .generate_data_key_without_plaintext()

        .key_id(key)

        .key_spec(DataKeySpec::Aes256)

        .send()

        .await

    {

        Ok(output) => output,

        Err(e) => {

            eprintln!("Encryption failure: {}", e);

            process::exit(1);

        }

    };

        .await?;

    // Did we get an encrypted blob?

    let blob = resp.ciphertext_blob.expect("Could not get encrypted text");

    let s = base64::encode(&bytes);

    println!("\nData key:");

    println!();

    println!("Data key:");

    println!("{}", s);

    Ok(())

}