diff --git a/.github/readme/synth.metadata/synth.metadata b/.github/readme/synth.metadata/synth.metadata
index e8d15d2b..db1eb80b 100644
--- a/.github/readme/synth.metadata/synth.metadata
+++ b/.github/readme/synth.metadata/synth.metadata
@@ -4,14 +4,14 @@
"git": {
"name": ".",
"remote": "https://github.com/googleapis/java-kms.git",
- "sha": "8127d1c0a99818ac581ec3155cd006a811e4a0ee"
+ "sha": "baf981a398939331ee7e8a863b9975d69d1627a9"
}
},
{
"git": {
"name": "synthtool",
"remote": "https://github.com/googleapis/synthtool.git",
- "sha": "3d32990b6f4b57be77455e3ca89e6e21cd0c06b3"
+ "sha": "484b7ec7bdef3909589a83e3d763e7588cb8c37c"
}
}
]
diff --git a/.kokoro/build.sh b/.kokoro/build.sh
index cb57b9fa..9ff56432 100755
--- a/.kokoro/build.sh
+++ b/.kokoro/build.sh
@@ -115,7 +115,7 @@ fi
# fix output location of logs
bash .kokoro/coerce_logs.sh
-if [[ "${ENABLE_BUILD_COP}" == "true" ]]
+if [[ "${ENABLE_FLAKYBOT}" == "true" ]]
then
chmod +x ${KOKORO_GFILE_DIR}/linux_amd64/flakybot
${KOKORO_GFILE_DIR}/linux_amd64/flakybot -repo=googleapis/java-kms
diff --git a/.kokoro/nightly/integration.cfg b/.kokoro/nightly/integration.cfg
index 0048c8ec..e51c7b4c 100644
--- a/.kokoro/nightly/integration.cfg
+++ b/.kokoro/nightly/integration.cfg
@@ -22,7 +22,7 @@ env_vars: {
}
env_vars: {
- key: "ENABLE_BUILD_COP"
+ key: "ENABLE_FLAKYBOT"
value: "true"
}
diff --git a/.kokoro/nightly/samples.cfg b/.kokoro/nightly/samples.cfg
index f2542931..9761fd86 100644
--- a/.kokoro/nightly/samples.cfg
+++ b/.kokoro/nightly/samples.cfg
@@ -33,6 +33,6 @@ env_vars: {
}
env_vars: {
- key: "ENABLE_BUILD_COP"
+ key: "ENABLE_FLAKYBOT"
value: "true"
}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index f644f7b6..a858e821 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,12 @@
# Changelog
+### [2.0.2](https://www.github.com/googleapis/java-kms/compare/v2.0.1...v2.0.2) (2021-08-23)
+
+
+### Dependencies
+
+* update dependency com.google.cloud:google-cloud-shared-dependencies to v2.1.0 ([#583](https://www.github.com/googleapis/java-kms/issues/583)) ([3d2ec3c](https://www.github.com/googleapis/java-kms/commit/3d2ec3c588fc58c6c9d1bf0dc27acd5062ad2ef2))
+
### [2.0.1](https://www.github.com/googleapis/java-kms/compare/v2.0.0...v2.0.1) (2021-08-11)
diff --git a/README.md b/README.md
index 8ae1296d..26ae0f54 100644
--- a/README.md
+++ b/README.md
@@ -19,7 +19,7 @@ If you are using Maven with [BOM][libraries-bom], add this to your pom.xml file
com.google.cloud
libraries-bom
- 20.9.0
+ 21.0.0
pom
import
@@ -42,7 +42,7 @@ If you are using Maven without BOM, add this to your dependencies:
com.google.cloud
google-cloud-kms
- 1.43.0
+ 2.0.1
```
@@ -50,20 +50,20 @@ If you are using Maven without BOM, add this to your dependencies:
If you are using Gradle 5.x or later, add this to your dependencies
```Groovy
-implementation platform('com.google.cloud:libraries-bom:20.9.0')
+implementation platform('com.google.cloud:libraries-bom:21.0.0')
compile 'com.google.cloud:google-cloud-kms'
```
If you are using Gradle without BOM, add this to your dependencies
```Groovy
-compile 'com.google.cloud:google-cloud-kms:1.43.0'
+compile 'com.google.cloud:google-cloud-kms:2.0.1'
```
If you are using SBT, add this to your dependencies
```Scala
-libraryDependencies += "com.google.cloud" % "google-cloud-kms" % "1.43.0"
+libraryDependencies += "com.google.cloud" % "google-cloud-kms" % "2.0.1"
```
## Authentication
@@ -111,6 +111,7 @@ Samples are in the [`samples/`](https://github.com/googleapis/java-kms/tree/mast
| Create Key Asymmetric Sign | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/CreateKeyAsymmetricSign.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/CreateKeyAsymmetricSign.java) |
| Create Key Hsm | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/CreateKeyHsm.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/CreateKeyHsm.java) |
| Create Key Labels | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/CreateKeyLabels.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/CreateKeyLabels.java) |
+| Create Key Mac | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/CreateKeyMac.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/CreateKeyMac.java) |
| Create Key Ring | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/CreateKeyRing.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/CreateKeyRing.java) |
| Create Key Rotation Schedule | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/CreateKeyRotationSchedule.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/CreateKeyRotationSchedule.java) |
| Create Key Symmetric Encrypt Decrypt | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/CreateKeySymmetricEncryptDecrypt.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/CreateKeySymmetricEncryptDecrypt.java) |
@@ -122,6 +123,7 @@ Samples are in the [`samples/`](https://github.com/googleapis/java-kms/tree/mast
| Enable Key Version | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/EnableKeyVersion.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/EnableKeyVersion.java) |
| Encrypt Asymmetric | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/EncryptAsymmetric.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/EncryptAsymmetric.java) |
| Encrypt Symmetric | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/EncryptSymmetric.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/EncryptSymmetric.java) |
+| Generate Random Bytes | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/GenerateRandomBytes.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/GenerateRandomBytes.java) |
| Get Key Labels | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/GetKeyLabels.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/GetKeyLabels.java) |
| Get Key Version Attestation | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/GetKeyVersionAttestation.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/GetKeyVersionAttestation.java) |
| Get Public Key | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/GetPublicKey.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/GetPublicKey.java) |
@@ -131,6 +133,7 @@ Samples are in the [`samples/`](https://github.com/googleapis/java-kms/tree/mast
| Quickstart | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/Quickstart.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/Quickstart.java) |
| Restore Key Version | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/RestoreKeyVersion.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/RestoreKeyVersion.java) |
| Sign Asymmetric | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/SignAsymmetric.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/SignAsymmetric.java) |
+| Sign Mac | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/SignMac.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/SignMac.java) |
| Update Key Add Rotation | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/UpdateKeyAddRotation.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/UpdateKeyAddRotation.java) |
| Update Key Remove Labels | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/UpdateKeyRemoveLabels.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/UpdateKeyRemoveLabels.java) |
| Update Key Remove Rotation | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/UpdateKeyRemoveRotation.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/UpdateKeyRemoveRotation.java) |
@@ -138,6 +141,7 @@ Samples are in the [`samples/`](https://github.com/googleapis/java-kms/tree/mast
| Update Key Update Labels | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/UpdateKeyUpdateLabels.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/UpdateKeyUpdateLabels.java) |
| Verify Asymmetric Ec | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/VerifyAsymmetricEc.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/VerifyAsymmetricEc.java) |
| Verify Asymmetric Rsa | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/VerifyAsymmetricRsa.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/VerifyAsymmetricRsa.java) |
+| Verify Mac | [source code](https://github.com/googleapis/java-kms/blob/master/samples/snippets/src/main/java/kms/VerifyMac.java) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/java-kms&page=editor&open_in_editor=samples/snippets/src/main/java/kms/VerifyMac.java) |
diff --git a/google-cloud-kms-bom/pom.xml b/google-cloud-kms-bom/pom.xml
index 147079b9..e2ad4cbe 100644
--- a/google-cloud-kms-bom/pom.xml
+++ b/google-cloud-kms-bom/pom.xml
@@ -3,12 +3,12 @@
4.0.0
com.google.cloud
google-cloud-kms-bom
- 2.0.1
+ 2.0.2
pom
com.google.cloud
google-cloud-shared-config
- 1.0.0
+ 1.0.1
Google Cloud kms BOM
@@ -53,17 +53,17 @@
com.google.api.grpc
grpc-google-cloud-kms-v1
- 0.91.1
+ 0.91.2
com.google.api.grpc
proto-google-cloud-kms-v1
- 0.91.1
+ 0.91.2
com.google.cloud
google-cloud-kms
- 2.0.1
+ 2.0.2
diff --git a/google-cloud-kms/pom.xml b/google-cloud-kms/pom.xml
index ae7ee471..65b1d764 100644
--- a/google-cloud-kms/pom.xml
+++ b/google-cloud-kms/pom.xml
@@ -3,7 +3,7 @@
4.0.0
com.google.cloud
google-cloud-kms
- 2.0.1
+ 2.0.2
jar
Google Cloud KMS
https://github.com/googleapis/java-kms
@@ -11,7 +11,7 @@
com.google.cloud
google-cloud-kms-parent
- 2.0.1
+ 2.0.2
google-cloud-kms
diff --git a/grpc-google-cloud-kms-v1/pom.xml b/grpc-google-cloud-kms-v1/pom.xml
index 73fcdaea..b9d520e0 100644
--- a/grpc-google-cloud-kms-v1/pom.xml
+++ b/grpc-google-cloud-kms-v1/pom.xml
@@ -4,13 +4,13 @@
4.0.0
com.google.api.grpc
grpc-google-cloud-kms-v1
- 0.91.1
+ 0.91.2
grpc-google-cloud-kms-v1
GRPC library for grpc-google-cloud-kms-v1
com.google.cloud
google-cloud-kms-parent
- 2.0.1
+ 2.0.2
diff --git a/pom.xml b/pom.xml
index aae4fbec..fcdd9e8a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
com.google.cloud
google-cloud-kms-parent
pom
- 2.0.1
+ 2.0.2
Google Cloud KMS Parent
https://github.com/googleapis/java-kms
@@ -14,7 +14,7 @@
com.google.cloud
google-cloud-shared-config
- 1.0.0
+ 1.0.1
@@ -61,28 +61,28 @@
com.google.api.grpc
proto-google-cloud-kms-v1
- 0.91.1
+ 0.91.2
com.google.api.grpc
grpc-google-cloud-kms-v1
- 0.91.1
+ 0.91.2
com.google.cloud
google-cloud-kms
- 2.0.1
+ 2.0.2
com.google.cloud
google-cloud-kms-bom
- 2.0.1
+ 2.0.2
com.google.cloud
google-cloud-shared-dependencies
- 2.0.1
+ 2.1.0
pom
import
diff --git a/proto-google-cloud-kms-v1/pom.xml b/proto-google-cloud-kms-v1/pom.xml
index 855f7bf2..55131def 100644
--- a/proto-google-cloud-kms-v1/pom.xml
+++ b/proto-google-cloud-kms-v1/pom.xml
@@ -4,13 +4,13 @@
4.0.0
com.google.api.grpc
proto-google-cloud-kms-v1
- 0.91.1
+ 0.91.2
proto-google-cloud-kms-v1
PROTO library for proto-google-cloud-kms-v1
com.google.cloud
google-cloud-kms-parent
- 2.0.1
+ 2.0.2
diff --git a/samples/install-without-bom/pom.xml b/samples/install-without-bom/pom.xml
index 0ac7eba1..b227b879 100644
--- a/samples/install-without-bom/pom.xml
+++ b/samples/install-without-bom/pom.xml
@@ -29,7 +29,7 @@
com.google.cloud
google-cloud-kms
- 1.43.0
+ 2.0.1
diff --git a/samples/snapshot/pom.xml b/samples/snapshot/pom.xml
index 7bef4030..48ad8f80 100644
--- a/samples/snapshot/pom.xml
+++ b/samples/snapshot/pom.xml
@@ -28,7 +28,7 @@
com.google.cloud
google-cloud-kms
- 2.0.1
+ 2.0.2
diff --git a/samples/snippets/pom.xml b/samples/snippets/pom.xml
index 4b52a572..64babaa2 100644
--- a/samples/snippets/pom.xml
+++ b/samples/snippets/pom.xml
@@ -30,7 +30,7 @@
com.google.cloud
libraries-bom
- 20.9.0
+ 21.0.0
pom
import
diff --git a/samples/snippets/src/main/java/kms/CreateKeyAsymmetricDecrypt.java b/samples/snippets/src/main/java/kms/CreateKeyAsymmetricDecrypt.java
index 2eccd6e3..5e4fafee 100644
--- a/samples/snippets/src/main/java/kms/CreateKeyAsymmetricDecrypt.java
+++ b/samples/snippets/src/main/java/kms/CreateKeyAsymmetricDecrypt.java
@@ -23,6 +23,7 @@
import com.google.cloud.kms.v1.CryptoKeyVersionTemplate;
import com.google.cloud.kms.v1.KeyManagementServiceClient;
import com.google.cloud.kms.v1.KeyRingName;
+import com.google.protobuf.Duration;
import java.io.IOException;
public class CreateKeyAsymmetricDecrypt {
@@ -55,6 +56,9 @@ public void createKeyAsymmetricDecrypt(
.setVersionTemplate(
CryptoKeyVersionTemplate.newBuilder()
.setAlgorithm(CryptoKeyVersionAlgorithm.RSA_DECRYPT_OAEP_2048_SHA256))
+
+ // Optional: customize how long key versions should be kept before destroying.
+ .setDestroyScheduledDuration(Duration.newBuilder().setSeconds(24 * 60 * 60))
.build();
// Create the key.
diff --git a/samples/snippets/src/main/java/kms/CreateKeyAsymmetricSign.java b/samples/snippets/src/main/java/kms/CreateKeyAsymmetricSign.java
index b3c4ca1d..d5d1b9b4 100644
--- a/samples/snippets/src/main/java/kms/CreateKeyAsymmetricSign.java
+++ b/samples/snippets/src/main/java/kms/CreateKeyAsymmetricSign.java
@@ -23,6 +23,7 @@
import com.google.cloud.kms.v1.CryptoKeyVersionTemplate;
import com.google.cloud.kms.v1.KeyManagementServiceClient;
import com.google.cloud.kms.v1.KeyRingName;
+import com.google.protobuf.Duration;
import java.io.IOException;
public class CreateKeyAsymmetricSign {
@@ -54,6 +55,9 @@ public void createKeyAsymmetricSign(
.setVersionTemplate(
CryptoKeyVersionTemplate.newBuilder()
.setAlgorithm(CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256))
+
+ // Optional: customize how long key versions should be kept before destroying.
+ .setDestroyScheduledDuration(Duration.newBuilder().setSeconds(24 * 60 * 60))
.build();
// Create the key.
diff --git a/samples/snippets/src/main/java/kms/CreateKeyHsm.java b/samples/snippets/src/main/java/kms/CreateKeyHsm.java
index ce6a6e6d..cc5b8dfd 100644
--- a/samples/snippets/src/main/java/kms/CreateKeyHsm.java
+++ b/samples/snippets/src/main/java/kms/CreateKeyHsm.java
@@ -24,6 +24,7 @@
import com.google.cloud.kms.v1.KeyManagementServiceClient;
import com.google.cloud.kms.v1.KeyRingName;
import com.google.cloud.kms.v1.ProtectionLevel;
+import com.google.protobuf.Duration;
import java.io.IOException;
public class CreateKeyHsm {
@@ -56,6 +57,9 @@ public void createKeyHsm(String projectId, String locationId, String keyRingId,
CryptoKeyVersionTemplate.newBuilder()
.setProtectionLevel(ProtectionLevel.HSM)
.setAlgorithm(CryptoKeyVersionAlgorithm.GOOGLE_SYMMETRIC_ENCRYPTION))
+
+ // Optional: customize how long key versions should be kept before destroying.
+ .setDestroyScheduledDuration(Duration.newBuilder().setSeconds(24 * 60 * 60))
.build();
// Create the key.
diff --git a/samples/snippets/src/main/java/kms/CreateKeyMac.java b/samples/snippets/src/main/java/kms/CreateKeyMac.java
new file mode 100644
index 00000000..efc59329
--- /dev/null
+++ b/samples/snippets/src/main/java/kms/CreateKeyMac.java
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2021 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package kms;
+
+// [START kms_create_key_mac]
+import com.google.cloud.kms.v1.CryptoKey;
+import com.google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose;
+import com.google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm;
+import com.google.cloud.kms.v1.CryptoKeyVersionTemplate;
+import com.google.cloud.kms.v1.KeyManagementServiceClient;
+import com.google.cloud.kms.v1.KeyRingName;
+import java.io.IOException;
+
+public class CreateKeyMac {
+
+ public void createKeyMac() throws IOException {
+ // TODO(developer): Replace these variables before running the sample.
+ String projectId = "your-project-id";
+ String locationId = "us-east1";
+ String keyRingId = "my-key-ring";
+ String id = "my-mac-key";
+ createKeyMac(projectId, locationId, keyRingId, id);
+ }
+
+ // Create a new key for use with MacSign.
+ public void createKeyMac(String projectId, String locationId, String keyRingId, String id)
+ throws IOException {
+ // Initialize client that will be used to send requests. This client only
+ // needs to be created once, and can be reused for multiple requests. After
+ // completing all of your requests, call the "close" method on the client to
+ // safely clean up any remaining background resources.
+ try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
+ // Build the parent name from the project, location, and key ring.
+ KeyRingName keyRingName = KeyRingName.of(projectId, locationId, keyRingId);
+
+ // Build the mac key to create.
+ CryptoKey key =
+ CryptoKey.newBuilder()
+ .setPurpose(CryptoKeyPurpose.MAC)
+ .setVersionTemplate(
+ CryptoKeyVersionTemplate.newBuilder()
+ .setAlgorithm(CryptoKeyVersionAlgorithm.HMAC_SHA256))
+ .build();
+
+ // Create the key.
+ CryptoKey createdKey = client.createCryptoKey(keyRingName, id, key);
+ System.out.printf("Created mac key %s%n", createdKey.getName());
+ }
+ }
+}
+// [END kms_create_key_mac]
diff --git a/samples/snippets/src/main/java/kms/GenerateRandomBytes.java b/samples/snippets/src/main/java/kms/GenerateRandomBytes.java
new file mode 100644
index 00000000..2d1e4a1d
--- /dev/null
+++ b/samples/snippets/src/main/java/kms/GenerateRandomBytes.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2021 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package kms;
+
+// [START kms_generate_random_bytes]
+import com.google.cloud.kms.v1.GenerateRandomBytesResponse;
+import com.google.cloud.kms.v1.KeyManagementServiceClient;
+import com.google.cloud.kms.v1.LocationName;
+import com.google.cloud.kms.v1.ProtectionLevel;
+import java.io.IOException;
+import java.util.Base64;
+
+public class GenerateRandomBytes {
+
+ public void generateRandomBytes() throws IOException {
+ // TODO(developer): Replace these variables before running the sample.
+ String projectId = "your-project-id";
+ String locationId = "us-east1";
+ int numBytes = 256;
+ generateRandomBytes(projectId, locationId, numBytes);
+ }
+
+ // Create a new key for use with MacSign.
+ public void generateRandomBytes(String projectId, String locationId, int numBytes)
+ throws IOException {
+ // Initialize client that will be used to send requests. This client only
+ // needs to be created once, and can be reused for multiple requests. After
+ // completing all of your requests, call the "close" method on the client to
+ // safely clean up any remaining background resources.
+ try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
+ // Build the parent name for the location.
+ LocationName locationName = LocationName.of(projectId, locationId);
+
+ // Generate the bytes.
+ GenerateRandomBytesResponse response =
+ client.generateRandomBytes(locationName.toString(), numBytes, ProtectionLevel.HSM);
+
+ // The data comes back as raw bytes, which may include non-printable
+ // characters. This base64-encodes the result so it can be printed below.
+ String encodedData = Base64.getEncoder().encodeToString(response.getData().toByteArray());
+
+ System.out.printf("Random bytes: %s", encodedData);
+ }
+ }
+}
+// [END kms_generate_random_bytes]
diff --git a/samples/snippets/src/main/java/kms/SignMac.java b/samples/snippets/src/main/java/kms/SignMac.java
new file mode 100644
index 00000000..41a5e905
--- /dev/null
+++ b/samples/snippets/src/main/java/kms/SignMac.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2021 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package kms;
+
+// [START kms_sign_mac]
+import com.google.cloud.kms.v1.CryptoKeyVersionName;
+import com.google.cloud.kms.v1.KeyManagementServiceClient;
+import com.google.cloud.kms.v1.MacSignResponse;
+import com.google.protobuf.ByteString;
+import java.io.IOException;
+import java.util.Base64;
+
+public class SignMac {
+
+ public void signMac() throws IOException {
+ // TODO(developer): Replace these variables before running the sample.
+ String projectId = "your-project-id";
+ String locationId = "us-east1";
+ String keyRingId = "my-key-ring";
+ String keyId = "my-key";
+ String keyVersionId = "123";
+ String data = "Data to sign";
+ signMac(projectId, locationId, keyRingId, keyId, keyVersionId, data);
+ }
+
+ // Sign data with a given mac key.
+ public void signMac(
+ String projectId,
+ String locationId,
+ String keyRingId,
+ String keyId,
+ String keyVersionId,
+ String data)
+ throws IOException {
+ // Initialize client that will be used to send requests. This client only
+ // needs to be created once, and can be reused for multiple requests. After
+ // completing all of your requests, call the "close" method on the client to
+ // safely clean up any remaining background resources.
+ try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
+ // Build the key version name from the project, location, key ring, key,
+ // and key version.
+ CryptoKeyVersionName keyVersionName =
+ CryptoKeyVersionName.of(projectId, locationId, keyRingId, keyId, keyVersionId);
+
+ // Generate an HMAC of the data.
+ MacSignResponse response = client.macSign(keyVersionName, ByteString.copyFromUtf8(data));
+
+ // The data comes back as raw bytes, which may include non-printable
+ // characters. This base64-encodes the result so it can be printed below.
+ String encodedSignature = Base64.getEncoder().encodeToString(response.getMac().toByteArray());
+ System.out.printf("Signature: %s%n", encodedSignature);
+ }
+ }
+}
+// [END kms_sign_mac]
diff --git a/samples/snippets/src/main/java/kms/VerifyMac.java b/samples/snippets/src/main/java/kms/VerifyMac.java
new file mode 100644
index 00000000..209d71c4
--- /dev/null
+++ b/samples/snippets/src/main/java/kms/VerifyMac.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2021 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package kms;
+
+// [START kms_verify_mac]
+import com.google.cloud.kms.v1.CryptoKeyVersionName;
+import com.google.cloud.kms.v1.KeyManagementServiceClient;
+import com.google.cloud.kms.v1.MacVerifyResponse;
+import com.google.protobuf.ByteString;
+import java.io.IOException;
+
+public class VerifyMac {
+
+ public void verifyMac() throws IOException {
+ // TODO(developer): Replace these variables before running the sample.
+ String projectId = "your-project-id";
+ String locationId = "us-east1";
+ String keyRingId = "my-key-ring";
+ String keyId = "my-key";
+ String keyVersionId = "123";
+ String data = "Data to sign";
+ byte[] signature = null;
+ verifyMac(projectId, locationId, keyRingId, keyId, keyVersionId, data, signature);
+ }
+
+ // Sign data with a given mac key.
+ public void verifyMac(
+ String projectId,
+ String locationId,
+ String keyRingId,
+ String keyId,
+ String keyVersionId,
+ String data,
+ byte[] signature)
+ throws IOException {
+ // Initialize client that will be used to send requests. This client only
+ // needs to be created once, and can be reused for multiple requests. After
+ // completing all of your requests, call the "close" method on the client to
+ // safely clean up any remaining background resources.
+ try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
+ // Build the key version name from the project, location, key ring, key,
+ // and key version.
+ CryptoKeyVersionName keyVersionName =
+ CryptoKeyVersionName.of(projectId, locationId, keyRingId, keyId, keyVersionId);
+
+ // Verify the signature
+ MacVerifyResponse response =
+ client.macVerify(
+ keyVersionName, ByteString.copyFromUtf8(data), ByteString.copyFrom(signature));
+
+ // The data comes back as raw bytes, which may include non-printable
+ // characters. This base64-encodes the result so it can be printed below.
+ System.out.printf("Success: %s%n", response.getSuccess());
+ }
+ }
+}
+// [END kms_verify_mac]
diff --git a/samples/snippets/src/test/java/kms/SnippetsIT.java b/samples/snippets/src/test/java/kms/SnippetsIT.java
index aa7f0b01..fd2f228b 100644
--- a/samples/snippets/src/test/java/kms/SnippetsIT.java
+++ b/samples/snippets/src/test/java/kms/SnippetsIT.java
@@ -33,6 +33,7 @@
import com.google.cloud.kms.v1.KeyRingName;
import com.google.cloud.kms.v1.ListCryptoKeyVersionsRequest;
import com.google.cloud.kms.v1.LocationName;
+import com.google.cloud.kms.v1.MacSignResponse;
import com.google.cloud.kms.v1.ProtectionLevel;
import com.google.cloud.kms.v1.PublicKey;
import com.google.common.base.Strings;
@@ -76,6 +77,7 @@ public class SnippetsIT {
private static String ASYMMETRIC_SIGN_EC_KEY_ID;
private static String ASYMMETRIC_SIGN_RSA_KEY_ID;
private static String HSM_KEY_ID;
+ private static String MAC_KEY_ID;
private static String SYMMETRIC_KEY_ID;
private ByteArrayOutputStream stdOut;
@@ -99,6 +101,9 @@ public static void beforeAll() throws IOException {
HSM_KEY_ID = getRandomId();
createHsmKey(HSM_KEY_ID);
+ MAC_KEY_ID = getRandomId();
+ createMacKey(MAC_KEY_ID);
+
SYMMETRIC_KEY_ID = getRandomId();
createSymmetricKey(SYMMETRIC_KEY_ID);
}
@@ -231,6 +236,24 @@ private static CryptoKey createHsmKey(String keyId) throws IOException {
}
}
+ private static CryptoKey createMacKey(String keyId) throws IOException {
+ try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
+ CryptoKey key =
+ CryptoKey.newBuilder()
+ .setPurpose(CryptoKeyPurpose.MAC)
+ .setVersionTemplate(
+ CryptoKeyVersionTemplate.newBuilder()
+ .setAlgorithm(CryptoKeyVersionAlgorithm.HMAC_SHA256)
+ .setProtectionLevel(ProtectionLevel.HSM)
+ .build())
+ .putLabels("foo", "bar")
+ .putLabels("zip", "zap")
+ .build();
+ CryptoKey createdKey = client.createCryptoKey(getKeyRingName(), keyId, key);
+ return createdKey;
+ }
+ }
+
private static CryptoKey createSymmetricKey(String keyId) throws IOException {
try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
CryptoKey key =
@@ -310,6 +333,12 @@ public void testCreateKeyLabels() throws IOException {
assertThat(stdOut.toString()).contains("Created key with labels");
}
+ @Test
+ public void testCreateKeyMac() throws IOException {
+ new CreateKeyMac().createKeyMac(PROJECT_ID, LOCATION_ID, KEY_RING_ID, getRandomId());
+ assertThat(stdOut.toString()).contains("Created mac key");
+ }
+
@Test
public void testCreateKeyRing() throws IOException {
new CreateKeyRing().createKeyRing(PROJECT_ID, LOCATION_ID, getRandomId());
@@ -432,6 +461,12 @@ public void testEncryptSymmetric() throws IOException {
assertThat(stdOut.toString()).contains("Ciphertext");
}
+ @Test
+ public void testGenerateRandomBytes() throws IOException {
+ new GenerateRandomBytes().generateRandomBytes(PROJECT_ID, LOCATION_ID, 256);
+ assertThat(stdOut.toString()).contains("Random bytes");
+ }
+
@Test
public void testGetKeyVersionAttestation() throws IOException {
new GetKeyVersionAttestation()
@@ -482,6 +517,12 @@ public void testSignAsymmetric() throws IOException, GeneralSecurityException {
assertThat(stdOut.toString()).contains("Signature");
}
+ @Test
+ public void testsignMac() throws IOException, GeneralSecurityException {
+ new SignMac().signMac(PROJECT_ID, LOCATION_ID, KEY_RING_ID, MAC_KEY_ID, "1", "my message");
+ assertThat(stdOut.toString()).contains("Signature");
+ }
+
@Test
public void testUpdateKeyAddRotation() throws IOException {
new UpdateKeyAddRotation()
@@ -574,4 +615,27 @@ public void testVerifyAsymmetricRsa() throws IOException, GeneralSecurityExcepti
signature);
assertThat(stdOut.toString()).contains("Signature");
}
+
+ @Test
+ public void verifyMac() throws IOException, GeneralSecurityException {
+ String data = "my data";
+
+ try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) {
+ CryptoKeyVersionName versionName =
+ CryptoKeyVersionName.of(PROJECT_ID, LOCATION_ID, KEY_RING_ID, MAC_KEY_ID, "1");
+
+ MacSignResponse response = client.macSign(versionName, ByteString.copyFromUtf8(data));
+
+ new VerifyMac()
+ .verifyMac(
+ PROJECT_ID,
+ LOCATION_ID,
+ KEY_RING_ID,
+ MAC_KEY_ID,
+ "1",
+ data,
+ response.getMac().toByteArray());
+ assertThat(stdOut.toString()).contains("Success: true");
+ }
+ }
}
diff --git a/synth.metadata b/synth.metadata
index f7f184f0..af66d92f 100644
--- a/synth.metadata
+++ b/synth.metadata
@@ -4,7 +4,7 @@
"git": {
"name": ".",
"remote": "https://github.com/googleapis/java-kms.git",
- "sha": "49661d3d2601a7a628ad56a1ae136a23a60994a9"
+ "sha": "2f569c967b5fda5adbcab92244c279146086f4bc"
}
},
{
@@ -19,7 +19,7 @@
"git": {
"name": "synthtool",
"remote": "https://github.com/googleapis/synthtool.git",
- "sha": "1a2878d6909dd10ca4e3c1b5943d6622e996054e"
+ "sha": "ff01716e16d2c6e87eaf87197b753ac9fcbbed5d"
}
}
],
diff --git a/versions.txt b/versions.txt
index 12a01727..447d41ad 100644
--- a/versions.txt
+++ b/versions.txt
@@ -1,7 +1,7 @@
# Format:
# module:released-version:current-version
-proto-google-cloud-kms-v1:0.91.1:0.91.1
-grpc-google-cloud-kms-v1:0.91.1:0.91.1
-google-cloud-kms:2.0.1:2.0.1
-google-cloud-kms-bom:2.0.1:2.0.1
\ No newline at end of file
+proto-google-cloud-kms-v1:0.91.2:0.91.2
+grpc-google-cloud-kms-v1:0.91.2:0.91.2
+google-cloud-kms:2.0.2:2.0.2
+google-cloud-kms-bom:2.0.2:2.0.2
\ No newline at end of file