@java.lang.Override public Builder newBuilderForType() { return newBuilder(); }
/** * Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with * [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_SIGN, producing a * signature that can be verified with the public key retrieved from * [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]. * * <p>Sample code: * * <pre><code> * try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) { * CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]"); * Digest digest = Digest.newBuilder().build(); * AsymmetricSignResponse response = keyManagementServiceClient.asymmetricSign(name.toString(), digest); * } * </code></pre> * * @param name Required. The resource name of the * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for signing. * @param digest Required. The digest of the data to sign. The digest must be produced with the * same digest algorithm as specified by the key version's * [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm]. * @throws com.google.api.gax.rpc.ApiException if the remote call fails */ public final AsymmetricSignResponse asymmetricSign(String name, Digest digest) { AsymmetricSignRequest request = AsymmetricSignRequest.newBuilder().setName(name).setDigest(digest).build(); return asymmetricSign(request); }
AsymmetricSignRequest.newBuilder() .setName(name == null ? null : name.toString()) .setDigest(digest)
/** * Create a signature for a message using a private key stored on Cloud KMS * * Example keyName: * "projects/PROJECT_ID/locations/global/keyRings/RING_ID/cryptoKeys/KEY_ID/cryptoKeyVersions/1" */ public static byte[] signAsymmetric(String keyName, byte[] message) throws IOException, NoSuchAlgorithmException { // Create the Cloud KMS client. try (KeyManagementServiceClient client = KeyManagementServiceClient.create()) { // Note: some key algorithms will require a different hash function // For example, EC_SIGN_P384_SHA384 requires SHA-384 byte[] messageHash = MessageDigest.getInstance("SHA-256").digest(message); AsymmetricSignRequest request = AsymmetricSignRequest.newBuilder() .setName(keyName) .setDigest(Digest.newBuilder().setSha256(ByteString.copyFrom(messageHash))) .build(); AsymmetricSignResponse response = client.asymmetricSign(request); return response.getSignature().toByteArray(); } } // [END kms_sign_asymmetric]
@java.lang.Override public Builder newBuilderForType() { return newBuilder(); }
/** * Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with * [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_SIGN, producing a * signature that can be verified with the public key retrieved from * [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]. * * <p>Sample code: * * <pre><code> * try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) { * CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]"); * Digest digest = Digest.newBuilder().build(); * AsymmetricSignResponse response = keyManagementServiceClient.asymmetricSign(name.toString(), digest); * } * </code></pre> * * @param name Required. The resource name of the * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for signing. * @param digest Required. The digest of the data to sign. The digest must be produced with the * same digest algorithm as specified by the key version's * [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm]. * @throws com.google.api.gax.rpc.ApiException if the remote call fails */ public final AsymmetricSignResponse asymmetricSign(String name, Digest digest) { AsymmetricSignRequest request = AsymmetricSignRequest.newBuilder().setName(name).setDigest(digest).build(); return asymmetricSign(request); }
AsymmetricSignRequest.newBuilder() .setName(name == null ? null : name.toString()) .setDigest(digest)