GenerateDataKeyWithoutPlaintext does not send KeySpec when sending Nu…

…mberOfBytes (#15) This behavior is now consistent with GenerateDataKey and fixes `GenerateDataKeyWithoutPlaintext` with a `NumberOfBytes` specified causing KMS to return `{"ValidationException", "Please specify either number of bytes or key spec."}`.
ex-aws · Aug 17, 2024 · bdbc084 · bdbc084
1 parent 3a072ca
commit bdbc084
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 3 deletions.
diff --git a/lib/ex_aws/kms.ex b/lib/ex_aws/kms.ex
@@ -298,11 +298,14 @@ defmodule ExAws.KMS do
       |> Map.merge(%{
         "Action" => "GenerateDataKeyWithoutPlaintext",
         "Version" => @version,
-        "KeyId" => key_id,
-        "KeySpec" => opts[:key_spec] || "AES_256"
+        "KeyId" => key_id
       })
 
-    request(:generate_data_key_without_plaintext, query_params)
+    if !Map.has_key?(query_params, "KeySpec") and !Map.has_key?(query_params, "NumberOfBytes") do
+      request(:generate_data_key_without_plaintext, Map.put(query_params, "KeySpec", "AES_256"))
+    else
+      request(:generate_data_key_without_plaintext, query_params)
+    end
   end
 
   @doc "Generates an unpredictable byte string"

diff --git a/test/lib/kms_test.exs b/test/lib/kms_test.exs
@@ -481,6 +481,36 @@ defmodule ExAws.KMSTest do
                key_spec: "AES_128",
                number_of_bytes: 16
              )
+
+    operation_with_number_of_bytes =
+      ExAws.KMS.generate_data_key_without_plaintext("key-id",
+        encryption_context: %{"key" => "value"},
+        grant_tokens: ["token"],
+        number_of_bytes: 32
+      )
+
+    assert %ExAws.Operation.JSON{
+             before_request: nil,
+             data: %{
+               "Action" => "GenerateDataKeyWithoutPlaintext",
+               "Version" => @version,
+               "KeyId" => "key-id",
+               "EncryptionContext" => %{"key" => "value"},
+               "GrantTokens" => ["token"],
+               "NumberOfBytes" => 32
+             },
+             headers: [
+               {"x-amz-target", "TrentService.GenerateDataKeyWithoutPlaintext"},
+               {"content-type", "application/x-amz-json-1.0"}
+             ],
+             http_method: :post,
+             parser: _,
+             path: "/",
+             service: :kms,
+             stream_builder: nil
+           } = operation_with_number_of_bytes
+
+    refute operation_with_number_of_bytes.data["KeySpec"]
   end
 
   test "GenerateRandom" do