Search in sources :

Example 1 with KeyManagementServiceClient

use of com.google.cloud.kms.v1.KeyManagementServiceClient in project java-docs-samples by GoogleCloudPlatform.

the class UpdateKeyRemoveRotation method updateKeyRemoveRotation.

// Update a key to remove all labels.
public void updateKeyRemoveRotation(String projectId, String locationId, String keyRingId, String keyId) throws IOException {
    // safely clean up any remaining background resources.
    try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
        // Build the name from the project, location, key ring, and keyId.
        CryptoKeyName cryptoKeyName = CryptoKeyName.of(projectId, locationId, keyRingId, keyId);
        // Build an empty key with no labels.
        CryptoKey key = CryptoKey.newBuilder().setName(cryptoKeyName.toString()).clearRotationPeriod().clearNextRotationTime().build();
        // Construct the field mask.
        FieldMask fieldMask = FieldMaskUtil.fromString("rotation_period,next_rotation_time");
        // Create the key.
        CryptoKey createdKey = client.updateCryptoKey(key, fieldMask);
        System.out.printf("Updated key %s%n", createdKey.getName());
    }
}
Also used : CryptoKeyName(com.google.cloud.kms.v1.CryptoKeyName) CryptoKey(com.google.cloud.kms.v1.CryptoKey) FieldMask(com.google.protobuf.FieldMask) KeyManagementServiceClient(com.google.cloud.kms.v1.KeyManagementServiceClient)

Example 2 with KeyManagementServiceClient

use of com.google.cloud.kms.v1.KeyManagementServiceClient in project java-docs-samples by GoogleCloudPlatform.

the class SnippetsIT method createSymmetricKey.

private static CryptoKey createSymmetricKey(String keyId) throws IOException {
    try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
        CryptoKey key = CryptoKey.newBuilder().setPurpose(CryptoKeyPurpose.ENCRYPT_DECRYPT).setVersionTemplate(CryptoKeyVersionTemplate.newBuilder().setAlgorithm(CryptoKeyVersionAlgorithm.GOOGLE_SYMMETRIC_ENCRYPTION).build()).putLabels("foo", "bar").putLabels("zip", "zap").build();
        CryptoKey createdKey = client.createCryptoKey(getKeyRingName(), keyId, key);
        return createdKey;
    }
}
Also used : CryptoKey(com.google.cloud.kms.v1.CryptoKey) KeyManagementServiceClient(com.google.cloud.kms.v1.KeyManagementServiceClient)

Example 3 with KeyManagementServiceClient

use of com.google.cloud.kms.v1.KeyManagementServiceClient in project java-docs-samples by GoogleCloudPlatform.

the class SnippetsIT method createAsymmetricSignEcKey.

private static CryptoKey createAsymmetricSignEcKey(String keyId) throws IOException {
    try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
        CryptoKey key = CryptoKey.newBuilder().setPurpose(CryptoKeyPurpose.ASYMMETRIC_SIGN).setVersionTemplate(CryptoKeyVersionTemplate.newBuilder().setAlgorithm(CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256).build()).putLabels("foo", "bar").putLabels("zip", "zap").build();
        CryptoKey createdKey = client.createCryptoKey(getKeyRingName(), keyId, key);
        return createdKey;
    }
}
Also used : CryptoKey(com.google.cloud.kms.v1.CryptoKey) KeyManagementServiceClient(com.google.cloud.kms.v1.KeyManagementServiceClient)

Example 4 with KeyManagementServiceClient

use of com.google.cloud.kms.v1.KeyManagementServiceClient in project java-docs-samples by GoogleCloudPlatform.

the class RestoreKeyVersion method restoreKeyVersion.

// Schedule destruction of the given key version.
public void restoreKeyVersion(String projectId, String locationId, String keyRingId, String keyId, String keyVersionId) throws IOException {
    // safely clean up any remaining background resources.
    try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
        // Build the key version name from the project, location, key ring, key,
        // and key version.
        CryptoKeyVersionName keyVersionName = CryptoKeyVersionName.of(projectId, locationId, keyRingId, keyId, keyVersionId);
        // Restore the key version.
        CryptoKeyVersion response = client.restoreCryptoKeyVersion(keyVersionName);
        System.out.printf("Restored key version: %s%n", response.getName());
    }
}
Also used : CryptoKeyVersionName(com.google.cloud.kms.v1.CryptoKeyVersionName) CryptoKeyVersion(com.google.cloud.kms.v1.CryptoKeyVersion) KeyManagementServiceClient(com.google.cloud.kms.v1.KeyManagementServiceClient)

Example 5 with KeyManagementServiceClient

use of com.google.cloud.kms.v1.KeyManagementServiceClient in project java-docs-samples by GoogleCloudPlatform.

the class UpdateKeyRemoveLabels method updateKeyRemoveLabels.

// Update a key to remove all labels.
public void updateKeyRemoveLabels(String projectId, String locationId, String keyRingId, String keyId) throws IOException {
    // safely clean up any remaining background resources.
    try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
        // Build the name from the project, location, key ring, and keyId.
        CryptoKeyName cryptoKeyName = CryptoKeyName.of(projectId, locationId, keyRingId, keyId);
        // Build an empty key with no labels.
        CryptoKey key = CryptoKey.newBuilder().setName(cryptoKeyName.toString()).build();
        // Construct the field mask.
        FieldMask fieldMask = FieldMaskUtil.fromString("labels");
        // Create the key.
        CryptoKey createdKey = client.updateCryptoKey(key, fieldMask);
        System.out.printf("Updated key %s%n", createdKey.getName());
    }
}
Also used : CryptoKeyName(com.google.cloud.kms.v1.CryptoKeyName) CryptoKey(com.google.cloud.kms.v1.CryptoKey) FieldMask(com.google.protobuf.FieldMask) KeyManagementServiceClient(com.google.cloud.kms.v1.KeyManagementServiceClient)

Aggregations

KeyManagementServiceClient (com.google.cloud.kms.v1.KeyManagementServiceClient)93 CryptoKey (com.google.cloud.kms.v1.CryptoKey)38 CryptoKeyVersionName (com.google.cloud.kms.v1.CryptoKeyVersionName)31 CryptoKeyName (com.google.cloud.kms.v1.CryptoKeyName)28 CryptoKeyVersion (com.google.cloud.kms.v1.CryptoKeyVersion)16 FieldMask (com.google.protobuf.FieldMask)14 KeyRingName (com.google.cloud.kms.v1.KeyRingName)13 ByteString (com.google.protobuf.ByteString)11 PublicKey (com.google.cloud.kms.v1.PublicKey)10 Test (org.junit.Test)9 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)8 Digest (com.google.cloud.kms.v1.Digest)6 KeyRing (com.google.cloud.kms.v1.KeyRing)6 Binding (com.google.iam.v1.Binding)6 Policy (com.google.iam.v1.Policy)6 MessageDigest (java.security.MessageDigest)6 LocationName (com.google.cloud.kms.v1.LocationName)5 IOException (java.io.IOException)5 EncryptResponse (com.google.cloud.kms.v1.EncryptResponse)4 Signature (java.security.Signature)4