I am using @aws-sdk/client-kms to encrypt the data. I was getting the base64 string as a response. Now I am getting Uint8Array.
const encryptedBlob = await kms.encrypt({
KeyId: kmsKey,
Plaintext: Buffer.from(JSON.stringify('data to encrypt')),
});
The encrypted plaintext. When you use the HTTP API or the AWS CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded. Mentioned in AWS docs
Is there any way to get base64 as response in nodeJs.
As mentioned in AWS SDK v3 docs Docs - Only HTTP API and CLI will get the base64 data. Other mediums will get Uint8Array as response.
So, we need some extra data conversion to achieve encryption and decryption using SDK.
const { KMSClient, EncryptCommand, DecryptCommand } = require('@aws-sdk/client-kms');
const client = new KMSClient({ region: AWS_REGION });
// Encrypt
// Convert Uint8Array data to base64
const input = {
KeyId: kmsKey,
Plaintext: Buffer.from(JSON.stringify(credentials)),
};
const command = new EncryptCommand(input);
const encryptedBlob = await client.send(command);
const buff = Buffer.from(encryptedBlob.CiphertextBlob);
const encryptedBase64data = buff.toString('base64');
// Decrypt
// Convert Base64 data to Uint8Array
// Uint8Array(response) convert to string.
const command = new DecryptCommand({
CiphertextBlob: Uint8Array.from(atob(item.credentials), (v) => v.charCodeAt(0)),
});
const decryptedBinaryData = await client.send(command);
const decryptedData = String.fromCharCode.apply(null, new Uint16Array(decryptedBinaryData.Plaintext));