Skip to content

KmsMasterKeyProvider regionalClientSupplier_ does not appear to be getting set correctly by default #93

New issue
New issue
Open
Open
KmsMasterKeyProvider regionalClientSupplier_ does not appear to be getting set correctly by default#93
Labels
bug
@mattsb42-aws

Description

@mattsb42-aws
mattsb42-aws
opened on Jan 11, 2019

When a KmsMasterKeyProvider is constructed using the default builder[1] and is then used to attempt to decrypt a ciphertext message from another region, the decrypt call fails with this error[2].

It appears that something is not connecting with the default supplier in build()[3].

[1] KmsMasterKeyProvider.builder().build()
[2]

aws-encryption-sdk-java/src/main/java/com/amazonaws/encryptionsdk/kms/KmsMasterKeyProvider.java

Line 526 in 6cb1c42

throw new AwsCryptoException("Can't use keys from region " + regionName_);

[3]

aws-encryption-sdk-java/src/main/java/com/amazonaws/encryptionsdk/kms/KmsMasterKeyProvider.java

Lines 245 to 259 in 6cb1c42

public KmsMasterKeyProvider build() {
// If we don't have a default region, we need to check that all key IDs will be usable
if (defaultRegion_ == null) {
for (String keyId : keyIds_) {
if (parseRegionfromKeyArn(keyId) == null) {
throw new AwsCryptoException("Can't use non-ARN key identifiers or aliases when " +
"no default region is set");
}
}
}
RegionalClientSupplier supplier = clientFactory();
return new KmsMasterKeyProvider(supplier, defaultRegion_, keyIds_, emptyList(), false);
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions