Update KMS method signatures to standardize on KeyringException

It came up during the review of [] that it doesn't make a lot of sense for encrypt() and decrypt() to not throw the same kinds of Exceptions, especially not for the same kind of problem, just because one happens to use a Retrier in its internal implementation and the other doesn't. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=201054057
2025-05-14 08:27:14 +02:00 · 2018-06-18 14:01:37 -07:00 · 2018-06-18 14:01:37 -07:00 · a7256f5edd
commit a7256f5edd
parent f971583dc0
4 changed files with 24 additions and 10 deletions
--- a/java/google/registry/keyring/kms/KmsConnection.java
+++ b/java/google/registry/keyring/kms/KmsConnection.java
@ -14,7 +14,7 @@

 package google.registry.keyring.kms;

-import java.io.IOException;
+import google.registry.keyring.api.KeyringException;

 /** An abstraction to simplify Cloud KMS operations. */
 interface KmsConnection {
@ -34,9 +34,15 @@ interface KmsConnection {
   * {@code MAX_SECRET_SIZE_BYTES}.
   *
   * <p>If no applicable CryptoKey or CryptoKeyVersion exist, they will be created.
+   *
+   * @throws KeyringException on encryption failure.
   */
-  EncryptResponse encrypt(String cryptoKeyName, byte[] plaintext) throws IOException;
+  EncryptResponse encrypt(String cryptoKeyName, byte[] plaintext);

-  /** Decrypts a Cloud KMS encrypted and encoded value with CryptoKey {@code cryptoKeyName}. */
-  byte[] decrypt(String cryptoKeyName, String encodedCiphertext) throws IOException;
+  /**
+   * Decrypts a Cloud KMS encrypted and encoded value with CryptoKey {@code cryptoKeyName}.
+   *
+   * @throws KeyringException on decryption failure.
+   */
+  byte[] decrypt(String cryptoKeyName, String encodedCiphertext);
 }