use of com.google.cloud.kms.v1.MacSignResponse in project java-kms by googleapis.
the class SignMac method signMac.
// Sign data with a given mac key.
public void signMac(String projectId, String locationId, String keyRingId, String keyId, String keyVersionId, String data) throws IOException {
// safely clean up any remaining background resources.
try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
// Build the key version name from the project, location, key ring, key,
// and key version.
CryptoKeyVersionName keyVersionName = CryptoKeyVersionName.of(projectId, locationId, keyRingId, keyId, keyVersionId);
// Generate an HMAC of the data.
MacSignResponse response = client.macSign(keyVersionName, ByteString.copyFromUtf8(data));
// The data comes back as raw bytes, which may include non-printable
// characters. This base64-encodes the result so it can be printed below.
String encodedSignature = Base64.getEncoder().encodeToString(response.getMac().toByteArray());
System.out.printf("Signature: %s%n", encodedSignature);
}
}
use of com.google.cloud.kms.v1.MacSignResponse in project java-kms by googleapis.
the class SnippetsIT method verifyMac.
@Test
public void verifyMac() throws IOException, GeneralSecurityException {
String data = "my data";
try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
CryptoKeyVersionName versionName = CryptoKeyVersionName.of(PROJECT_ID, LOCATION_ID, KEY_RING_ID, MAC_KEY_ID, "1");
MacSignResponse response = client.macSign(versionName, ByteString.copyFromUtf8(data));
new VerifyMac().verifyMac(PROJECT_ID, LOCATION_ID, KEY_RING_ID, MAC_KEY_ID, "1", data, response.getMac().toByteArray());
assertThat(stdOut.toString()).contains("Success: true");
}
}
Aggregations