Search in sources :

Example 11 with CloudKMS

use of com.google.api.services.cloudkms.v1.CloudKMS in project java-docs-samples by GoogleCloudPlatform.

the class CryptFile method decrypt.

// [END kms_encrypt]
// [START kms_decrypt]
/**
 * Decrypts the provided ciphertext with the specified crypto key.
 */
public static byte[] decrypt(String projectId, String locationId, String keyRingId, String cryptoKeyId, byte[] ciphertext) throws IOException {
    // Create the Cloud KMS client.
    CloudKMS kms = createAuthorizedClient();
    // The resource name of the cryptoKey
    String cryptoKeyName = String.format("projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s", projectId, locationId, keyRingId, cryptoKeyId);
    DecryptRequest request = new DecryptRequest().encodeCiphertext(ciphertext);
    DecryptResponse response = kms.projects().locations().keyRings().cryptoKeys().decrypt(cryptoKeyName, request).execute();
    return response.decodePlaintext();
}
Also used : DecryptResponse(com.google.api.services.cloudkms.v1.model.DecryptResponse) CloudKMS(com.google.api.services.cloudkms.v1.CloudKMS) DecryptRequest(com.google.api.services.cloudkms.v1.model.DecryptRequest)

Example 12 with CloudKMS

use of com.google.api.services.cloudkms.v1.CloudKMS in project java-docs-samples by GoogleCloudPlatform.

the class CryptFile method encrypt.

// [START kms_encrypt]
/**
 * Encrypts the given plaintext using the specified crypto key.
 */
public static byte[] encrypt(String projectId, String locationId, String keyRingId, String cryptoKeyId, byte[] plaintext) throws IOException {
    // The resource name of the cryptoKey
    String resourceName = String.format("projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s", projectId, locationId, keyRingId, cryptoKeyId);
    // Create the Cloud KMS client.
    CloudKMS kms = createAuthorizedClient();
    EncryptRequest request = new EncryptRequest().encodePlaintext(plaintext);
    EncryptResponse response = kms.projects().locations().keyRings().cryptoKeys().encrypt(resourceName, request).execute();
    return response.decodeCiphertext();
}
Also used : EncryptResponse(com.google.api.services.cloudkms.v1.model.EncryptResponse) CloudKMS(com.google.api.services.cloudkms.v1.CloudKMS) EncryptRequest(com.google.api.services.cloudkms.v1.model.EncryptRequest)

Example 13 with CloudKMS

use of com.google.api.services.cloudkms.v1.CloudKMS in project java-docs-samples by GoogleCloudPlatform.

the class Snippets method listCryptoKeyVersions.

/**
 * Prints all the versions for the given crypto key.
 */
public static void listCryptoKeyVersions(String projectId, String locationId, String keyRingId, String cryptoKeyId) throws IOException {
    // Create the Cloud KMS client.
    CloudKMS kms = createAuthorizedClient();
    // The resource name of the cryptoKey
    String cryptoKeys = String.format("projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s", projectId, locationId, keyRingId, cryptoKeyId);
    ListCryptoKeyVersionsResponse versions = kms.projects().locations().keyRings().cryptoKeys().cryptoKeyVersions().list(cryptoKeys).execute();
    for (CryptoKeyVersion version : versions.getCryptoKeyVersions()) {
        System.out.println(version);
    }
}
Also used : CloudKMS(com.google.api.services.cloudkms.v1.CloudKMS) ListCryptoKeyVersionsResponse(com.google.api.services.cloudkms.v1.model.ListCryptoKeyVersionsResponse) CryptoKeyVersion(com.google.api.services.cloudkms.v1.model.CryptoKeyVersion)

Example 14 with CloudKMS

use of com.google.api.services.cloudkms.v1.CloudKMS in project java-docs-samples by GoogleCloudPlatform.

the class Snippets method disableCryptoKeyVersion.

// [END kms_create_cryptokey_version]
// [START kms_disable_cryptokey_version]
/**
 * Disables the given version of the crypto key.
 */
public static CryptoKeyVersion disableCryptoKeyVersion(String projectId, String locationId, String keyRingId, String cryptoKeyId, String version) throws IOException {
    // Create the Cloud KMS client.
    CloudKMS kms = createAuthorizedClient();
    // The resource name of the cryptoKey version
    String cryptoKeyVersion = String.format("projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s/cryptoKeyVersions/%s", projectId, locationId, keyRingId, cryptoKeyId, version);
    CryptoKeyVersion newVersionState = new CryptoKeyVersion().setState("DISABLED");
    CryptoKeyVersion response = kms.projects().locations().keyRings().cryptoKeys().cryptoKeyVersions().patch(cryptoKeyVersion, newVersionState).setUpdateMask("state").execute();
    System.out.println(response);
    return response;
}
Also used : CloudKMS(com.google.api.services.cloudkms.v1.CloudKMS) CryptoKeyVersion(com.google.api.services.cloudkms.v1.model.CryptoKeyVersion)

Example 15 with CloudKMS

use of com.google.api.services.cloudkms.v1.CloudKMS in project java-docs-samples by GoogleCloudPlatform.

the class Snippets method getKeyRingPolicy.

// [END kms_get_cryptokey_policy]
// [START kms_get_keyring_policy]
/**
 * Retrieves the IAM policy for the given crypto key.
 */
public static Policy getKeyRingPolicy(String projectId, String locationId, String keyRingId) throws IOException {
    // Create the Cloud KMS client.
    CloudKMS kms = createAuthorizedClient();
    // The resource name of the keyring
    String keyring = String.format("projects/%s/locations/%s/keyRings/%s", projectId, locationId, keyRingId);
    // Get the current IAM policy and add the new account to it.
    Policy iamPolicy = kms.projects().locations().keyRings().getIamPolicy(keyring).execute();
    System.out.println(iamPolicy.getBindings());
    return iamPolicy;
}
Also used : Policy(com.google.api.services.cloudkms.v1.model.Policy) CloudKMS(com.google.api.services.cloudkms.v1.CloudKMS)

Aggregations

CloudKMS (com.google.api.services.cloudkms.v1.CloudKMS)20 CryptoKeyVersion (com.google.api.services.cloudkms.v1.model.CryptoKeyVersion)6 Policy (com.google.api.services.cloudkms.v1.model.Policy)6 Binding (com.google.api.services.cloudkms.v1.model.Binding)4 SetIamPolicyRequest (com.google.api.services.cloudkms.v1.model.SetIamPolicyRequest)4 CryptoKey (com.google.api.services.cloudkms.v1.model.CryptoKey)3 KeyRing (com.google.api.services.cloudkms.v1.model.KeyRing)3 ListKeyRingsResponse (com.google.api.services.cloudkms.v1.model.ListKeyRingsResponse)2 DecryptRequest (com.google.api.services.cloudkms.v1.model.DecryptRequest)1 DecryptResponse (com.google.api.services.cloudkms.v1.model.DecryptResponse)1 DestroyCryptoKeyVersionRequest (com.google.api.services.cloudkms.v1.model.DestroyCryptoKeyVersionRequest)1 EncryptRequest (com.google.api.services.cloudkms.v1.model.EncryptRequest)1 EncryptResponse (com.google.api.services.cloudkms.v1.model.EncryptResponse)1 ListCryptoKeyVersionsResponse (com.google.api.services.cloudkms.v1.model.ListCryptoKeyVersionsResponse)1 ListCryptoKeysResponse (com.google.api.services.cloudkms.v1.model.ListCryptoKeysResponse)1 RestoreCryptoKeyVersionRequest (com.google.api.services.cloudkms.v1.model.RestoreCryptoKeyVersionRequest)1 UpdateCryptoKeyPrimaryVersionRequest (com.google.api.services.cloudkms.v1.model.UpdateCryptoKeyPrimaryVersionRequest)1