com.google.cloud.kms.v1.DecryptResponse Java Examples

The following examples show how to use com.google.cloud.kms.v1.DecryptResponse. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: KMSEncryptedNestedValueProvider.java    From DataflowTemplates with Apache License 2.0 6 votes vote down vote up
/** Uses the GCP KMS client to decrypt an encrypted value using a KMS key of the form
 *  projects/{gcp_project}/locations/{key_region}/keyRings/{key_ring}/cryptoKeys/{kms_key_name}
 *  The encrypted value should be a base64 encrypted string which has been encrypted using
 *  the KMS encrypt API call.
 *  See <a href="https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys/encrypt">
 *  this KMS API Encrypt Link</a>.
 */
private static String decryptWithKMS(String encryptedValue, String kmsKey) throws IOException {
  /*
  kmsKey should be in the following format:
  projects/{gcp_project}/locations/{key_region}/keyRings/{key_ring}/cryptoKeys/{kms_key_name}
   */

  byte[] cipherText = Base64.getDecoder().decode(encryptedValue.getBytes("UTF-8"));


  try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {

    // Decrypt the ciphertext with Cloud KMS.
    DecryptResponse response = client.decrypt(kmsKey, ByteString.copyFrom(cipherText));

    // Extract the plaintext from the response.
    return new String(response.getPlaintext().toByteArray());
  }
}
 
Example #2
Source File: DecryptSymmetric.java    From java-docs-samples with Apache License 2.0 6 votes vote down vote up
public void decryptSymmetric(
    String projectId, String locationId, String keyRingId, String keyId, byte[] ciphertext)
    throws IOException {
  // Initialize client that will be used to send requests. This client only
  // needs to be created once, and can be reused for multiple requests. After
  // completing all of your requests, call the "close" method on the client to
  // safely clean up any remaining background resources.
  try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
    // Build the key version name from the project, location, key ring, and
    // key.
    CryptoKeyName keyName = CryptoKeyName.of(projectId, locationId, keyRingId, keyId);

    // Decrypt the response.
    DecryptResponse response = client.decrypt(keyName, ByteString.copyFrom(ciphertext));
    System.out.printf("Plaintext: %s%n", response.getPlaintext().toStringUtf8());
  }
}