Azure 存储 blob，使用客户端加密上传 blob，使用 CEK 和 KEK。现在尝试在客户端使用 KEK 下载解密的文件。但文件已下载但未解密。仅显示加密文件。public class KeyVaultGettingStarted {    public static void main(String[] args) throws StorageException,            NoSuchAlgorithmException, InterruptedException, ExecutionException,            URISyntaxException, InvalidKeyException, IOException {        Utility.printSampleStartInfo("KeyVaultGettingStarted");        // Get the key ID from Utility if it exists.        String keyID = Utility.keyVaultKeyID;        // If no key ID was specified, we will create a new secret in Key Vault.        // To create a new secret, this client needs full permission to Key        // Vault secrets.        // Once the secret is created, its ID can be added to App.config. Once        // this is done,        // this client only needs read access to secrets.        if (keyID == null || keyID.isEmpty()) {            keyID = KeyVaultUtility.createSecret("KVGettingStartedSecret");        }        // Retrieve storage account information from connection string        // How to create a storage connection string -        // https://azure.microsoft.com/en-us/documentation/articles/storage-configure-connection-string/        CloudStorageAccount storageAccount = CloudStorageAccount                .parse(Utility.storageConnectionString);        CloudBlobClient client = storageAccount.createCloudBlobClient();        CloudBlobContainer container = client                .getContainerReference("blobencryptioncontainer"                        + UUID.randomUUID().toString().replace("-", ""));        container.createIfNotExists();        // Construct a resolver capable of looking up keys and secrets stored in        // Key Vault.        KeyVaultKeyResolver cloudResolver = new KeyVaultKeyResolver(                KeyVaultUtility.GetKeyVaultClient());}Azure 存储 blob，使用客户端加密上传 blob，使用 CEK 和 KEK。现在尝试在客户端使用 KEK 下载解密的文件。但文件已下载但未解密。仅显示加密文件。