func decrypt(c *kms.KMS, b *[]byte) ([]byte, error) {
resp, err := c.Decrypt(&kms.DecryptInput{
CiphertextBlob: *b,
})
if err != nil {
return nil, err
}
return resp.Plaintext, nil
}
// decrypt returns a KMS decrypted byte array
// See http://docs.aws.amazon.com/sdk-for-go/api/service/kms/KMS.html#Decrypt-instance_method
func decrypt(payload []byte, svc *kms.KMS) ([]byte, error) {
params := &kms.DecryptInput{
CiphertextBlob: payload,
EncryptionContext: aws.StringMap(map[string]string{
"Key": "EncryptionContextValue",
}),
GrantTokens: aws.StringSlice([]string{
"GrantTokenType",
}),
}
resp, err := svc.Decrypt(params)
if err != nil {
return nil, err
}
return resp.Plaintext, nil
}
