Examples with DecryptRequest com.google.cloud.kms.v1.DecryptRequest used on opensource projects

Example 1 with DecryptRequest

use of com.google.cloud.kms.v1.DecryptRequest in project gapic-generator-java by googleapis.

the class AsyncDecrypt method asyncDecrypt.

public static void asyncDecrypt() throws Exception {
    // It may require modifications to work in your environment.
    try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
        DecryptRequest request = DecryptRequest.newBuilder().setName(CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]").toString()).setCiphertext(ByteString.EMPTY).setAdditionalAuthenticatedData(ByteString.EMPTY).setCiphertextCrc32C(Int64Value.newBuilder().build()).setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build()).build();
        ApiFuture<DecryptResponse> future = keyManagementServiceClient.decryptCallable().futureCall(request);
        // Do something.
        DecryptResponse response = future.get();
    }
}

Example 2 with DecryptRequest

use of com.google.cloud.kms.v1.DecryptRequest in project gapic-generator-java by googleapis.

the class SyncDecrypt method syncDecrypt.

public static void syncDecrypt() throws Exception {
    // It may require modifications to work in your environment.
    try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
        DecryptRequest request = DecryptRequest.newBuilder().setName(CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]").toString()).setCiphertext(ByteString.EMPTY).setAdditionalAuthenticatedData(ByteString.EMPTY).setCiphertextCrc32C(Int64Value.newBuilder().build()).setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build()).build();
        DecryptResponse response = keyManagementServiceClient.decrypt(request);
    }
}

Example 3 with DecryptRequest

use of com.google.cloud.kms.v1.DecryptRequest in project aliyun-oss-java-sdk by aliyun.

the class KmsEncryptionMaterials method decryptCipherBlob.

/**
 * Decrypt the cipherBlob to palin text.
 */
private DecryptResponse decryptCipherBlob(KmsClientSuite kmsClientSuite, String cipherBlob) throws ClientException {
    final DefaultAcsClient kmsClient = createKmsClient(kmsClientSuite.region, kmsClientSuite.credentialsProvider);
    final DecryptRequest decReq = new DecryptRequest();
    decReq.setSysProtocol(ProtocolType.HTTPS);
    decReq.setAcceptFormat(FormatType.JSON);
    decReq.setSysMethod(MethodType.POST);
    decReq.setCiphertextBlob(cipherBlob);
    final DecryptResponse decResponse;
    try {
        decResponse = kmsClient.getAcsResponse(decReq);
    } catch (Exception e) {
        throw new ClientException("The kms client decrypt data faild." + e.getMessage(), e);
    }
    return decResponse;
}

Example 4 with DecryptRequest

use of com.google.cloud.kms.v1.DecryptRequest in project java-docs-samples by GoogleCloudPlatform.

the class DecryptSymmetric method decryptSymmetric.

// Decrypt data that was encrypted using a symmetric key.
public void decryptSymmetric(String projectId, String locationId, String keyRingId, String keyId, byte[] ciphertext) throws IOException {
    // safely clean up any remaining background resources.
    try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
        // Build the key version from the project, location, key ring, and key.
        CryptoKeyName keyName = CryptoKeyName.of(projectId, locationId, keyRingId, keyId);
        // Optional, but recommended: compute ciphertext's CRC32C. See helpers below.
        long ciphertextCrc32c = getCrc32cAsLong(ciphertext);
        // Decrypt the ciphertext.
        DecryptRequest request = DecryptRequest.newBuilder().setName(keyName.toString()).setCiphertext(ByteString.copyFrom(ciphertext)).setCiphertextCrc32C(Int64Value.newBuilder().setValue(ciphertextCrc32c).build()).build();
        DecryptResponse response = client.decrypt(request);
        // https://cloud.google.com/kms/docs/data-integrity-guidelines
        if (!crcMatches(response.getPlaintextCrc32C().getValue(), response.getPlaintext().toByteArray())) {
            throw new IOException("Decrypt: response from server corrupted");
        }
        System.out.printf("Plaintext: %s%n", response.getPlaintext().toStringUtf8());
    }
}

Example 5 with DecryptRequest

use of com.google.cloud.kms.v1.DecryptRequest in project spring-cloud-gcp by GoogleCloudPlatform.

the class KmsTemplate method decryptBytes.

@Override
public byte[] decryptBytes(String cryptoKey, byte[] cipherText) {
    CryptoKeyName cryptoKeyName = KmsPropertyUtils.getCryptoKeyName(cryptoKey, projectIdProvider);
    ByteString encryptedByteString = ByteString.copyFrom(cipherText);
    long crc32c = longCrc32c(encryptedByteString);
    DecryptRequest request = DecryptRequest.newBuilder().setName(cryptoKeyName.toString()).setCiphertext(encryptedByteString).setCiphertextCrc32C(Int64Value.newBuilder().setValue(crc32c).build()).build();
    DecryptResponse response = client.decrypt(request);
    assertCrcMatch(response);
    return response.getPlaintext().toByteArray();
}