use of com.google.cloud.kms.v1.CryptoKeyVersionName in project java-kms by googleapis.
the class EncryptAsymmetric method encryptAsymmetric.
// Encrypt data that was encrypted using the public key component of the given
// key version.
public void encryptAsymmetric(String projectId, String locationId, String keyRingId, String keyId, String keyVersionId, String plaintext) throws IOException, GeneralSecurityException {
// safely clean up any remaining background resources.
try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
// Build the key version name from the project, location, key ring, key,
// and key version.
CryptoKeyVersionName keyVersionName = CryptoKeyVersionName.of(projectId, locationId, keyRingId, keyId, keyVersionId);
// Get the public key.
PublicKey publicKey = client.getPublicKey(keyVersionName);
// Convert the public PEM key to a DER key (see helper below).
byte[] derKey = convertPemToDer(publicKey.getPem());
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(derKey);
java.security.PublicKey rsaKey = KeyFactory.getInstance("RSA").generatePublic(keySpec);
// Encrypt plaintext for the 'RSA_DECRYPT_OAEP_2048_SHA256' key.
// For other key algorithms:
// https://docs.oracle.com/javase/7/docs/api/javax/crypto/Cipher.html
Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
OAEPParameterSpec oaepParams = new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT);
cipher.init(Cipher.ENCRYPT_MODE, rsaKey, oaepParams);
byte[] ciphertext = cipher.doFinal(plaintext.getBytes(StandardCharsets.UTF_8));
System.out.printf("Ciphertext: %s%n", ciphertext);
}
}
use of com.google.cloud.kms.v1.CryptoKeyVersionName in project java-kms by googleapis.
the class RestoreKeyVersion method restoreKeyVersion.
// Schedule destruction of the given key version.
public void restoreKeyVersion(String projectId, String locationId, String keyRingId, String keyId, String keyVersionId) throws IOException {
// safely clean up any remaining background resources.
try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
// Build the key version name from the project, location, key ring, key,
// and key version.
CryptoKeyVersionName keyVersionName = CryptoKeyVersionName.of(projectId, locationId, keyRingId, keyId, keyVersionId);
// Restore the key version.
CryptoKeyVersion response = client.restoreCryptoKeyVersion(keyVersionName);
System.out.printf("Restored key version: %s%n", response.getName());
}
}
use of com.google.cloud.kms.v1.CryptoKeyVersionName in project java-kms by googleapis.
the class DecryptAsymmetric method decryptAsymmetric.
// Decrypt data that was encrypted using the public key component of the given
// key version.
public void decryptAsymmetric(String projectId, String locationId, String keyRingId, String keyId, String keyVersionId, byte[] ciphertext) throws IOException {
// safely clean up any remaining background resources.
try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
// Build the key version name from the project, location, key ring, key,
// and key version.
CryptoKeyVersionName keyVersionName = CryptoKeyVersionName.of(projectId, locationId, keyRingId, keyId, keyVersionId);
// Decrypt the ciphertext.
AsymmetricDecryptResponse response = client.asymmetricDecrypt(keyVersionName, ByteString.copyFrom(ciphertext));
System.out.printf("Plaintext: %s%n", response.getPlaintext().toStringUtf8());
}
}
use of com.google.cloud.kms.v1.CryptoKeyVersionName in project gapic-generator-java by googleapis.
the class SyncAsymmetricDecryptCryptokeyversionnameBytestring method syncAsymmetricDecryptCryptokeyversionnameBytestring.
public static void syncAsymmetricDecryptCryptokeyversionnameBytestring() throws Exception {
// It may require modifications to work in your environment.
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
ByteString ciphertext = ByteString.EMPTY;
AsymmetricDecryptResponse response = keyManagementServiceClient.asymmetricDecrypt(name, ciphertext);
}
}
use of com.google.cloud.kms.v1.CryptoKeyVersionName in project gapic-generator-java by googleapis.
the class SyncAsymmetricSignCryptokeyversionnameDigest method syncAsymmetricSignCryptokeyversionnameDigest.
public static void syncAsymmetricSignCryptokeyversionnameDigest() throws Exception {
// It may require modifications to work in your environment.
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
Digest digest = Digest.newBuilder().build();
AsymmetricSignResponse response = keyManagementServiceClient.asymmetricSign(name, digest);
}
}
Aggregations