How can I read from the memory stream the "Plaintext" property returned by New-KMSDataKey?

Question

How can I read from the memory stream the "Plaintext" property returned by New-KMSDataKey?

I use the AWS Powershell cmdlet New-KMSDataKey, which creates System.IO.MemoryStreamone that contains an encryption key that I need to use to encrypt some files.

This is the documentation for the command:

http://docs.aws.amazon.com/powershell/latest/reference/items/New-KMSDataKey.html

And this is the object that this cmdlet returns:

http://docs.aws.amazon.com/sdkfornet/latest/apidocs/items/TKeyManagementServiceGenerateDataKeyResult_NET3_5.html

I am trying to get a property plaintext. How can I access System.IO.MemoryStreamto get the key?

This is my example script:

$KMSKeyS3 = New-KMSDataKey -KeyId $KMSKeySource -KeySpec AES_256 -Region "ap-southeast-2"

This gives me:

CiphertextBlob           KeyId                                           Plaintext                                                   
--------------           -----                                           ---------
System.IO.MemoryStream   arn:aws:kms:ap-southeast-2:<Customer>:key/<Key> System.IO.MemoryStream

+4

powershell amazon-web-services aws-powershell aws-kms

Chris May 20, '15 at 1:35

source share

1

obscurerichard · Answer 1 · 2016-12-15T05:39:09+0000

,

# generate a data key
$KMSKeyS3 = New-KMSDataKey -KeyId $KMSKeySource -KeySpec AES_256 -Region "ap-southeast-2"

[byte[]]$plaintextDataKey = $KMSKeyS3.Plaintext.ToArray()
[byte[]]$encryptedDataKey = $KMSKeyS3.CiphertextBlob.ToArray()
[string]$encryptedDatakeyBase64 = $([Convert]::ToBase64String($encryptedDataKey))

. PowerShell KMS , , base64.

How can I read from the memory stream the "Plaintext" property returned by New-KMSDataKey?

More articles: