ImportKeyMaterial request failed - InvalidCiphertextException

Hi,

I understand that you are receiving an error ”InvalidCiphertextException” when trying to import a key generated from the command “openssl rand -base64 32 > symmetric.key; openssl rand -base64 16 >> symmetric.key” .

In regards to your first question this would not be possible to use the command listed. You would need to ensure that the key material is a 256-bit symmetric key and the file size of the encrypted key material is 32 bytes. I am attaching the following documentation that goes over the error here (1).

For a guideline on symmetric key generation I am attaching the following documentation that has a step by step walk-through of how to create and import key material in AWS KMS (2). Lastly I am attaching the following that goes over the certain considerations when deciding to import key material into AWS KMS (3).

Let us know if you need any further information! I hope you have a great rest of your day!

References

(1) https://aws.amazon.com/premiumsupport/knowledge-center/invalidciphertext-kms/

(2) https://aws.amazon.com/premiumsupport/knowledge-center/import-keys-kms/

(3) https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html#importing-keys-considerations