-
Notifications
You must be signed in to change notification settings - Fork 610
/
Copy pathkey_management_service.encrypt.js
139 lines (129 loc) · 6.25 KB
/
key_management_service.encrypt.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
// Copyright 2025 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// ** This file is automatically generated by gapic-generator-typescript. **
// ** https://github.com/googleapis/gapic-generator-typescript **
// ** All changes to this file may be overwritten. **
'use strict';
function main(name, plaintext) {
// [START cloudkms_v1_generated_KeyManagementService_Encrypt_async]
/**
* This snippet has been automatically generated and should be regarded as a code template only.
* It will require modifications to work.
* It may require correct/in-range values for request initialization.
* TODO(developer): Uncomment these variables before running the sample.
*/
/**
* Required. The resource name of the
* CryptoKey google.cloud.kms.v1.CryptoKey or
* CryptoKeyVersion google.cloud.kms.v1.CryptoKeyVersion to use for
* encryption.
* If a CryptoKey google.cloud.kms.v1.CryptoKey is specified, the server
* will use its primary version google.cloud.kms.v1.CryptoKey.primary.
*/
// const name = 'abc123'
/**
* Required. The data to encrypt. Must be no larger than 64KiB.
* The maximum size depends on the key version's
* protection_level google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level.
* For SOFTWARE google.cloud.kms.v1.ProtectionLevel.SOFTWARE,
* EXTERNAL google.cloud.kms.v1.ProtectionLevel.EXTERNAL, and
* EXTERNAL_VPC google.cloud.kms.v1.ProtectionLevel.EXTERNAL_VPC keys, the
* plaintext must be no larger than 64KiB. For
* HSM google.cloud.kms.v1.ProtectionLevel.HSM keys, the combined length of
* the plaintext and additional_authenticated_data fields must be no larger
* than 8KiB.
*/
// const plaintext = Buffer.from('string')
/**
* Optional. Optional data that, if specified, must also be provided during
* decryption through
* DecryptRequest.additional_authenticated_data google.cloud.kms.v1.DecryptRequest.additional_authenticated_data.
* The maximum size depends on the key version's
* protection_level google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level.
* For SOFTWARE google.cloud.kms.v1.ProtectionLevel.SOFTWARE,
* EXTERNAL google.cloud.kms.v1.ProtectionLevel.EXTERNAL, and
* EXTERNAL_VPC google.cloud.kms.v1.ProtectionLevel.EXTERNAL_VPC keys the
* AAD must be no larger than 64KiB. For
* HSM google.cloud.kms.v1.ProtectionLevel.HSM keys, the combined length of
* the plaintext and additional_authenticated_data fields must be no larger
* than 8KiB.
*/
// const additionalAuthenticatedData = Buffer.from('string')
/**
* Optional. An optional CRC32C checksum of the
* EncryptRequest.plaintext google.cloud.kms.v1.EncryptRequest.plaintext.
* If specified,
* KeyManagementService google.cloud.kms.v1.KeyManagementService will
* verify the integrity of the received
* EncryptRequest.plaintext google.cloud.kms.v1.EncryptRequest.plaintext
* using this checksum.
* KeyManagementService google.cloud.kms.v1.KeyManagementService will
* report an error if the checksum verification fails. If you receive a
* checksum error, your client should verify that
* CRC32C(EncryptRequest.plaintext google.cloud.kms.v1.EncryptRequest.plaintext)
* is equal to
* EncryptRequest.plaintext_crc32c google.cloud.kms.v1.EncryptRequest.plaintext_crc32c,
* and if so, perform a limited number of retries. A persistent mismatch may
* indicate an issue in your computation of the CRC32C checksum. Note: This
* field is defined as int64 for reasons of compatibility across different
* languages. However, it is a non-negative integer, which will never exceed
* 2^32-1, and can be safely downconverted to uint32 in languages that support
* this type.
*/
// const plaintextCrc32c = {}
/**
* Optional. An optional CRC32C checksum of the
* EncryptRequest.additional_authenticated_data google.cloud.kms.v1.EncryptRequest.additional_authenticated_data.
* If specified,
* KeyManagementService google.cloud.kms.v1.KeyManagementService will
* verify the integrity of the received
* EncryptRequest.additional_authenticated_data google.cloud.kms.v1.EncryptRequest.additional_authenticated_data
* using this checksum.
* KeyManagementService google.cloud.kms.v1.KeyManagementService will
* report an error if the checksum verification fails. If you receive a
* checksum error, your client should verify that
* CRC32C(EncryptRequest.additional_authenticated_data google.cloud.kms.v1.EncryptRequest.additional_authenticated_data)
* is equal to
* EncryptRequest.additional_authenticated_data_crc32c google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c,
* and if so, perform a limited number of retries. A persistent mismatch may
* indicate an issue in your computation of the CRC32C checksum. Note: This
* field is defined as int64 for reasons of compatibility across different
* languages. However, it is a non-negative integer, which will never exceed
* 2^32-1, and can be safely downconverted to uint32 in languages that support
* this type.
*/
// const additionalAuthenticatedDataCrc32c = {}
// Imports the Kms library
const {KeyManagementServiceClient} = require('@google-cloud/kms').v1;
// Instantiates a client
const kmsClient = new KeyManagementServiceClient();
async function callEncrypt() {
// Construct request
const request = {
name,
plaintext,
};
// Run request
const response = await kmsClient.encrypt(request);
console.log(response);
}
callEncrypt();
// [END cloudkms_v1_generated_KeyManagementService_Encrypt_async]
}
process.on('unhandledRejection', err => {
console.error(err.message);
process.exitCode = 1;
});
main(...process.argv.slice(2));