AWS SDK KMS ListKeysAsync Failing on Xamarin/Android

Question

I'm using AWSSDK.KeyManagementService and AWSSDK.Core on a Xamarin-based project with Visual Studio 2015, and am trying to test it on my Android build (SDK 23). I installed the AWS stuff via NuGet and all is well there. This is my first time trying to use the AWS SDK.

When I attempt to use the KMS for something as simple as ListKeysAsync(), I get a dump of an Amazon.Runtime.Internal.HttpErrorResponseException. I'm am not using a proxy.

Here's the top-level exception:

ERROR|An exception of type HttpErrorResponseException was handled in ErrorHandler. --> Amazon.Runtime.Internal.HttpErrorResponseException: Exception of type 'Amazon.Runtime.Internal.HttpErrorResponseException' was thrown.
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at Amazon.Runtime.HttpWebRequestMessage+<GetResponseAsync>d__20.MoveNext () [0x000fa] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\Amazon.Runtime\Pipeline\HttpHandler\_mobile\HttpRequestMessageFactory.cs:404 

There's a very large stack trace below that:

12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883): --- End of stack trace from previous location where exception was thrown ---
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x0000c] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/exceptionservices/exceptionservicescommon.cs:143 
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x00047] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/compilerservices/TaskAwaiter.cs:187 
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x0002e] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/compilerservices/TaskAwaiter.cs:156 
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x0000b] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/compilerservices/TaskAwaiter.cs:128 
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1+ConfiguredTaskAwaiter[TResult].GetResult () [0x00000] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/compilerservices/TaskAwaiter.cs:535 
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at Amazon.Runtime.Internal.HttpHandler`1+<InvokeAsync>d__9`1[TRequestContent,T].MoveNext () [0x00233] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\Amazon.Runtime\Pipeline\HttpHandler\HttpHandler.cs:175 
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883): --- End of stack trace from previous location where exception was thrown ---
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x0000c] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/exceptionservices/exceptionservicescommon.cs:143 
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x00047] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/compilerservices/TaskAwaiter.cs:187 
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x0002e] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/compilerservices/TaskAwaiter.cs:156 
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x0000b] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/compilerservices/TaskAwaiter.cs:128 
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1+ConfiguredTaskAwaiter[TResult].GetResult () [0x00000] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/compilerservices/TaskAwaiter.cs:535 
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at Amazon.Runtime.Internal.Unmarshaller+<InvokeAsync>d__3`1[T].MoveNext () [0x00031] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\Amazon.Runtime\Pipeline\Handlers\Unmarshaller.cs:85 
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883): --- End of stack trace from previous location where exception was thrown ---
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x0000c] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/exceptionservices/exceptionservicescommon.cs:143 
12-27 15:47:20.083 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x0
12-27 15:47:20.113 D/Mono    (30883): Assembly Ref addref AWSSDK.Core[0xad97ef20] -> System.Xml[0x98fee280]: 7

Then there's a second exception below the top one:

ERROR|Failed to unmarshall a service error response. --> Amazon.Runtime.AmazonUnmarshallingException: Error unmarshalling response back from AWS.  ---> ThirdParty.Json.LitJson.JsonException: Invalid character 'T' in input string

And its stack trace:

12-27 15:47:20.163 E/AmazonKeyManagementServiceClient(30883):   at ThirdParty.Json.LitJson.Lexer.NextToken () [0x00027] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\ThirdParty\Json\Lexer.cs:884 
12-27 15:47:20.163 E/AmazonKeyManagementServiceClient(30883):   at ThirdParty.Json.LitJson.JsonReader.ReadToken () [0x0000a] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\ThirdParty\Json\JsonReader.cs:251 
12-27 15:47:20.163 E/AmazonKeyManagementServiceClient(30883):   at ThirdParty.Json.LitJson.JsonReader.Read () [0x0003d] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\ThirdParty\Json\JsonReader.cs:297 
12-27 15:47:20.163 E/AmazonKeyManagementServiceClient(30883):   at Amazon.Runtime.Internal.Transform.JsonUnmarshallerContext.Read () [0x0001e] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\Amazon.Runtime\Internal\Transform\JsonUnmarshallerContext.cs:182 
12-27 15:47:20.163 E/AmazonKeyManagementServiceClient(30883):   at Amazon.Runtime.Internal.Transform.JsonErrorResponseUnmarshaller.Unmarshall (Amazon.Runtime.Internal.Transform.JsonUnmarshallerContext context) [0x000dc] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\Amazon.Runtime\Internal\Transform\JsonErrorResponseUnmarshaller.cs:47 
12-27 15:47:20.163 E/AmazonKeyManagementServiceClient(30883):   at Amazon.KeyManagementService.Model.Internal.MarshallTransformations.ListKeysResponseUnmarshaller.UnmarshallException (Amazon.Runtime.Internal.Transform.JsonUnmarshallerContext context, System.Exception innerException, System.Net.HttpStatusCode statusCode) [0x00005] in <b3a8ad2de97f4b7db1231ba6a3cc3cf4>:0 
12-27 15:47:20.163 E/AmazonKeyManagementServiceClient(30883):   at Amazon.Runtime.Internal.Transform.JsonResponseUnmarshaller.UnmarshallException (Amazon.Runtime.Internal.Transform.UnmarshallerContext input, System.Exception innerException, System.Net.HttpStatusCode statusCode) [0x00015] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\Amazon.Runtime\Internal\Transform\ResponseUnmarshallers.cs:198 
12-27 15:47:20.163 E/AmazonKeyManagementServiceClient(30883):   at Amazon.Runtime.Internal.HttpErrorResponseExceptionHandler.HandleException (Amazon.Runtime.IExecutionContext executionContext, Amazon.Runtime.Internal.HttpErrorResponseException exception) [0x00063] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\Amazon.Runtime\Pipeline\ErrorHandler\HttpErrorResponseExceptionHandler.cs:78 
12-27 15:47:20.163 E/AmazonKeyManagementServiceClient(30883):    --- End of inner exception stack trace ---
12-27 15:47:20.163 E/AmazonKeyManagementServiceClient(30883):   at Amazon.Runtime.Internal.HttpErrorResponseExceptionHandler.HandleException (Amazon.Runtime.IExecutionContext executionContext, Amazon.Runtime.Internal.HttpErrorResponseException exception) [0x000a0] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\Amazon.Runtime\Pipeline\ErrorHandler\HttpErrorResponseExceptionHandler.cs:93 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883): 4|2016-12-27T15:47:20.193Z|ERROR|AmazonUnmarshallingException making request ListKeysRequest to https://kms.us-east-1.amazonaws.com/. Attempt 1. --> Amazon.Runtime.AmazonUnmarshallingException: Error unmarshalling response back from AWS.  ---> ThirdParty.Json.LitJson.JsonException: Invalid character 'T' in input string
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at ThirdParty.Json.LitJson.Lexer.NextToken () [0x00027] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\ThirdParty\Json\Lexer.cs:884 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at ThirdParty.Json.LitJson.JsonReader.ReadToken () [0x0000a] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\ThirdParty\Json\JsonReader.cs:251 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at ThirdParty.Json.LitJson.JsonReader.Read () [0x0003d] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\ThirdParty\Json\JsonReader.cs:297 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at Amazon.Runtime.Internal.Transform.JsonUnmarshallerContext.Read () [0x0001e] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\Amazon.Runtime\Internal\Transform\JsonUnmarshallerContext.cs:182 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at Amazon.Runtime.Internal.Transform.JsonErrorResponseUnmarshaller.Unmarshall (Amazon.Runtime.Internal.Transform.JsonUnmarshallerContext context) [0x000dc] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\Amazon.Runtime\Internal\Transform\JsonErrorResponseUnmarshaller.cs:47 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at Amazon.KeyManagementService.Model.Internal.MarshallTransformations.ListKeysResponseUnmarshaller.UnmarshallException (Amazon.Runtime.Internal.Transform.JsonUnmarshallerContext context, System.Exception innerException, System.Net.HttpStatusCode statusCode) [0x00005] in <b3a8ad2de97f4b7db1231ba6a3cc3cf4>:0 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at Amazon.Runtime.Internal.Transform.JsonResponseUnmarshaller.UnmarshallException (Amazon.Runtime.Internal.Transform.UnmarshallerContext input, System.Exception innerException, System.Net.HttpStatusCode statusCode) [0x00015] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\Amazon.Runtime\Internal\Transform\ResponseUnmarshallers.cs:198 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at Amazon.Runtime.Internal.HttpErrorResponseExceptionHandler.HandleException (Amazon.Runtime.IExecutionContext executionContext, Amazon.Runtime.Internal.HttpErrorResponseException exception) [0x00063] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\Amazon.Runtime\Pipeline\ErrorHandler\HttpErrorResponseExceptionHandler.cs:78 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):    --- End of inner exception stack trace ---
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at Amazon.Runtime.Internal.HttpErrorResponseExceptionHandler.HandleException (Amazon.Runtime.IExecutionContext executionContext, Amazon.Runtime.Internal.HttpErrorResponseException exception) [0x000a0] in E:\JenkinsWorkspaces\v3-stage-release\AWSDotNetPublic\sdk\src\Core\Amazon.Runtime\Pipeline\ErrorHandler\HttpErrorResponseExceptionHandler.cs:93 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883): --- End of stack trace from previous location where exception was thrown ---
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw () [0x0000c] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/exceptionservices/exceptionservicescommon.cs:143 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Threading.Tasks.Task task) [0x00047] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/compilerservices/TaskAwaiter.cs:187 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Threading.Tasks.Task task) [0x0002e] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/compilerservices/TaskAwaiter.cs:156 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd (System.Threading.Tasks.Task task) [0x0000b] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorlib/system/runtime/compilerservices/TaskAwaiter.cs:128 
12-27 15:47:20.183 E/AmazonKeyManagementServiceClient(30883):   at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1+ConfiguredTaskAwaiter[TResult].GetResult () [0x00000] in /Users/builder/data/lanes/3511/77cb8568/source/mono/mcs/class/referencesource/mscorli

The Request Metrics after this second error are:

Request metrics: {"properties":{"AsyncCall":"True","CanonicalRequest":"POST
/

content-type:application/x-amz-json-1.1
host:kms.us-east-1.amazonaws.com
user-agent:aws-sdk-dotnet-pcl/3.3.1.7 aws-sdk-dotnet-core/3.3.7.0 Mono/4.6.2(mono-4.6.0-branch:db69866) OS/ANDROID_6.0.1 PCL/Xamarin.Android ClientAsync
x-amz-content-sha256:1846efdbd7179f8a8d12f3d7c2f638c0c4d1983c994e36f14c47045f02702d36
x-amz-date:20161227T234717Z
x-amz-target:TrentService.ListKeys

content-type;host;user-agent;x-amz-content-sha256;x-amz-date;x-amz-target
1846efdbd7179f8a8d12f3d7c2f638c0c4d1983c994e36f14c47045f02702d36","StringToSign":"AWS4-HMAC-SHA256
20161227T234717Z
20161227/us-east-1/kms/aws4_request 0023aa3cf6e3e310f35016f9a186645be47313670761e59664a3743b768e68a7","ServiceName":"    Amazon.KeyManagementService","ServiceEndpoint":"https://kms.us-east-1.amazonaws.com/","MethodName":"ListKeysRequest","RequestSize":"12","Exception":"Amazon.Runtime.Internal.HttpErrorResponseException: Exception of type 'Amazon.Runtime.Internal.HttpErrorResponseException' was thrown.

My gut is telling me that the unmarshalling error has to do with the Java Date/time string in x-amz-date" (20161227T234717Z), where there's a 'T' sandwiched between the date and time portions. The error says there is an invalid character 'T'.

I ran into a similar problem when unmarshalling a Java-created JSON request using Json.Net, and had to use my own custom converter for .Net's DateTime object.

I'm not sure if that unmarshalling error is tied to the first HTTP exception.

I'm new to the AWS SDK, and only need to use the KMS portions of the systems for the project I'm on.

When I imported the AWSSDK.Core and AWSSDK.KeyManagementService, it loaded some dependencies. Here's the list:

• AWSSDK.CognitoIdentity v3.3.0.0 - Runtime v4.0.30319 [Used only for testing]
• AWSSDK.Core v3.3.0.0 - Runtime v4.0.30319
• AWSSDK.KeyManagementService v3.3.0.0 - Runtime v4.0.30319
• AWSSDK.SecurityToken v3.3.0.0 - Runtime v4.0.30319
• PCLCrypto v1.0.0.0 Runtime v4.0.30319
• PCLStorage v1.0.2.0 - Runtime v4.0.30319
• PCLStorage.Abstractions v1.0.2.0 v4.0.30319

My Android project is built for SDK 23 (Marshmallow) with Visual Studio 2015 Update 3.

Here's the code I'm having problems with:

LoggingConfig _awsLogging    = AWSConfigs.LoggingConfig;

_awsLogging.LogMetrics       = true;
_awsLogging.LogResponses     = ResponseLoggingOption.Always;
_awsLogging.LogMetricsFormat = LogMetricsFormatOption.JSON;
_awsLogging.LogTo            = LoggingOptions.SystemDiagnostics;

AWSConfigs.AWSRegion           = "us-east-1";
//AWSConfigs.CorrectForClockSkew = true;

// Used only for testing of Cognito [works]
CognitoAWSCredentials creds  =  new CognitoAWSCredentials( "<<identity pool ID>>",
                                                         RegionEndpoint.USEast1 );

// Create a new credential option using our Cognito 
// identity pool for Plexus, using N. Virginia-1 region
AmazonKeyManagementServiceClient kmsClient  =
                new AmazonKeyManagementServiceClient( "<<access key>>",
                                                        "<<secret key>>",
                                                        RegionEndpoint.USEast1 );

kmsClient.Config.Validate();        // Validate configuration

ListKeysRequest request  =  new ListKeysRequest();
request.Limit = 20;

Task.Run( () =>
{
    try
    {
        // This line returned without error
        Task<ListKeysResponse> taskResponse  =  kmsClient.ListKeysAsync(request);

        // This line of code throws an exception down in the SDK / mscorlib
        taskResponse.Wait();

        ListKeysResponse response  =  taskResponse.Result;
    }
    catch ( Exception ex )
    {
        DebugLog.Fatal(ex);
    }
} );

I'm only using the Cognito stuff for testing. It's the ListKeysAsync() call I'm having problems with.

Does anybody have any ideas? There is no other AWS code anywhere else in my app - except for "using" statements. BTW, this code is invoked from the Application.OnStart() method if that is important.

Thank you in advance.

Jeff Reeder