Enum aws_sdk_kms::error::DecryptErrorKind

#[non_exhaustive]
pub enum DecryptErrorKind {
    DependencyTimeoutException(DependencyTimeoutException),
    DisabledException(DisabledException),
    IncorrectKeyException(IncorrectKeyException),
    InvalidCiphertextException(InvalidCiphertextException),
    InvalidGrantTokenException(InvalidGrantTokenException),
    InvalidKeyUsageException(InvalidKeyUsageException),
    KeyUnavailableException(KeyUnavailableException),
    KmsInternalException(KmsInternalException),
    KmsInvalidStateException(KmsInvalidStateException),
    NotFoundException(NotFoundException),
    Unhandled(Box<dyn Error + Send + Sync + 'static>),
}

Types of errors that can occur for the Decrypt operation.

Variants (Non-exhaustive)

Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.

DependencyTimeoutException(DependencyTimeoutException)

The system timed out while trying to fulfill the request. The request can be retried.

DisabledException(DisabledException)

The request was rejected because the specified KMS key is not enabled.

IncorrectKeyException(IncorrectKeyException)

The request was rejected because the specified KMS key cannot decrypt the data. The KeyId in a Decrypt request and the SourceKeyId in a ReEncrypt request must identify the same KMS key that was used to encrypt the ciphertext.

InvalidCiphertextException(InvalidCiphertextException)

From the Decrypt or ReEncrypt operation, the request was rejected because the specified ciphertext, or additional authenticated data incorporated into the ciphertext, such as the encryption context, is corrupted, missing, or otherwise invalid.

From the ImportKeyMaterial operation, the request was rejected because KMS could not decrypt the encrypted (wrapped) key material.

InvalidGrantTokenException(InvalidGrantTokenException)

The request was rejected because the specified grant token is not valid.

InvalidKeyUsageException(InvalidKeyUsageException)

The request was rejected for one of the following reasons:

• The KeyUsage value of the KMS key is incompatible with the API operation.

• The encryption algorithm or signing algorithm specified for the operation is incompatible with the type of key material in the KMS key (KeySpec).

For encrypting, decrypting, re-encrypting, and generating data keys, the KeyUsage must be ENCRYPT_DECRYPT. For signing and verifying messages, the KeyUsage must be SIGN_VERIFY. For generating and verifying message authentication codes (MACs), the KeyUsage must be GENERATE_VERIFY_MAC. To find the KeyUsage of a KMS key, use the DescribeKey operation.

To find the encryption or signing algorithms supported for a particular KMS key, use the DescribeKey operation.

KeyUnavailableException(KeyUnavailableException)

The request was rejected because the specified KMS key was not available. You can retry the request.

KmsInternalException(KmsInternalException)

The request was rejected because an internal exception occurred. The request can be retried.

KmsInvalidStateException(KmsInvalidStateException)

The request was rejected because the state of the specified resource is not valid for this request.

For more information about how key state affects the use of a KMS key, see Key states of KMS keys in the Key Management Service Developer Guide .

NotFoundException(NotFoundException)

The request was rejected because the specified entity or resource could not be found.

Unhandled(Box<dyn Error + Send + Sync + 'static>)

An unexpected error, e.g. invalid JSON returned by the service or an unknown error code

Trait Implementations

impl Debug for DecryptErrorKind

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.