diff --git a/kms/pom.xml b/kms/pom.xml
index 059eb14d0a8..5d9c2453854 100644
--- a/kms/pom.xml
+++ b/kms/pom.xml
@@ -17,6 +17,17 @@
com.google.apis
google-api-services-cloudkms
v1beta1-rev51-1.18.0-rc
+
+
+ com.google.guava
+ guava-jdk5
+
+
+
+
+ com.google.guava
+ guava
+ 20.0
com.google.api-client
diff --git a/kms/src/main/java/com/example/CryptFile.java b/kms/src/main/java/com/example/CryptFile.java
index 08c2d0914af..094aec04a55 100644
--- a/kms/src/main/java/com/example/CryptFile.java
+++ b/kms/src/main/java/com/example/CryptFile.java
@@ -60,15 +60,31 @@ public static CloudKMS createAuthorizedClient() throws IOException {
}
/**
- * Encrypts the given bytes, using the specified crypto key.
+ * Encrypts the given bytes, using the primary version of the specified crypto key.
+ *
+ * The primary version can be updated via the updatePrimaryVersion
+ * method.
*/
public static byte[] encrypt(String projectId, String ringId, String keyId, byte[] plaintext)
throws IOException {
+ return encrypt(projectId, ringId, keyId, null, plaintext);
+ }
+
+ /**
+ * Encrypts the given bytes, using the specified crypto key version.
+ */
+ public static byte[] encrypt(
+ String projectId, String ringId, String keyId, String version, byte[] plaintext)
+ throws IOException {
String location = "global";
// The resource name of the cryptoKey
String cryptoKeyName = String.format(
"projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s",
projectId, location, ringId, keyId);
+ if (null != version) {
+ cryptoKeyName += "/cryptoKeyVersions/" + version;
+ }
// Create the Cloud KMS client.
CloudKMS kms = createAuthorizedClient();
diff --git a/kms/src/main/java/com/example/Quickstart.java b/kms/src/main/java/com/example/Quickstart.java
deleted file mode 100644
index 69abd5b0597..00000000000
--- a/kms/src/main/java/com/example/Quickstart.java
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * Copyright (c) 2017 Google Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
- * in compliance with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-
-package com.example;
-
-import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
-import com.google.api.client.http.HttpTransport;
-import com.google.api.client.http.javanet.NetHttpTransport;
-import com.google.api.client.json.JsonFactory;
-import com.google.api.client.json.jackson2.JacksonFactory;
-import com.google.api.services.cloudkms.v1beta1.CloudKMS;
-import com.google.api.services.cloudkms.v1beta1.CloudKMSScopes;
-import com.google.api.services.cloudkms.v1beta1.model.KeyRing;
-import com.google.api.services.cloudkms.v1beta1.model.ListKeyRingsResponse;
-
-import java.io.IOException;
-
-// [START kms_quickstart]
-public class Quickstart {
- /**
- * Creates an authorized CloudKMS client service using Application Default Credentials.
- *
- * @return an authorized CloudKMS client
- * @throws IOException if there's an error getting the default credentials.
- */
- public static CloudKMS createAuthorizedClient() throws IOException {
- // Create the credential
- HttpTransport transport = new NetHttpTransport();
- JsonFactory jsonFactory = new JacksonFactory();
- // Authorize the client using Application Default Credentials
- // @see https://g.co/dv/identity/protocols/application-default-credentials
- GoogleCredential credential = GoogleCredential.getApplicationDefault(transport, jsonFactory);
-
- // Depending on the environment that provides the default credentials (e.g. Compute Engine, App
- // Engine), the credentials may require us to specify the scopes we need explicitly.
- // Check for this case, and inject the scope if required.
- if (credential.createScopedRequired()) {
- credential = credential.createScoped(CloudKMSScopes.all());
- }
-
- return new CloudKMS.Builder(transport, jsonFactory, credential)
- .setApplicationName("CloudKMS quickstart")
- .build();
- }
-
- public static void main(String... args) throws IOException {
- if (args.length != 1) {
- System.err.println("Usage: Quickstart ");
- System.exit(1);
- }
-
- // Your Google Cloud Platform project ID
- String projectId = args[0];
-
- // Lists keys in the "global" location.
- String location = "global";
- // The resource name of the location associated with the KeyRings
- String parent = String.format("projects/%s/locations/%s", projectId, location);
- // Instantiate the client
- CloudKMS kms = createAuthorizedClient();
- // list all key rings for your project
- ListKeyRingsResponse response = kms.projects().locations().keyRings().list(parent).execute();
- // Print the key rings
- System.out.println("Key Rings: ");
- if (null != response.getKeyRings()) {
- for (KeyRing keyRing : response.getKeyRings()) {
- System.out.println(keyRing.getName());
- }
- } else {
- System.out.println("No keyrings defined.");
- }
- }
-}
-// [END kms_quickstart]
diff --git a/kms/src/main/java/com/example/SnippetCommands.java b/kms/src/main/java/com/example/SnippetCommands.java
index e872b79b8e6..4ae9fe506b9 100644
--- a/kms/src/main/java/com/example/SnippetCommands.java
+++ b/kms/src/main/java/com/example/SnippetCommands.java
@@ -68,6 +68,18 @@ public void run() throws IOException {
}
}
+ public static class CreateCryptoKeyVersionCommand extends KeyArgs implements Command {
+ public void run() throws IOException {
+ Snippets.createCryptoKeyVersion(projectId, ringId, keyId);
+ }
+ }
+
+ public static class ListKeyRingsCommand extends ProjectIdArgs implements Command {
+ public void run() throws IOException {
+ Snippets.listKeyRings(projectId);
+ }
+ }
+
public static class ListCryptoKeysCommand extends KeyRingArgs implements Command {
public void run() throws IOException {
Snippets.listCryptoKeys(projectId, ringId);
@@ -173,6 +185,8 @@ public void run() throws IOException {
@SubCommands({
@SubCommand(name = "createKeyRing", impl = CreateKeyRingCommand.class),
@SubCommand(name = "createCryptoKey", impl = CreateCryptoKeyCommand.class),
+ @SubCommand(name = "createCryptoKeyVersion", impl = CreateCryptoKeyVersionCommand.class),
+ @SubCommand(name = "listKeyRings", impl = ListKeyRingsCommand.class),
@SubCommand(name = "listCryptoKeys", impl = ListCryptoKeysCommand.class),
@SubCommand(name = "listCryptoKeyVersions", impl = ListCryptoKeyVersionsCommand.class),
@SubCommand(name = "disableCryptoKeyVersion", impl = DisableCryptoKeyVersionCommand.class),
diff --git a/kms/src/main/java/com/example/Snippets.java b/kms/src/main/java/com/example/Snippets.java
index 2b6f486ec73..42dd7329cd7 100644
--- a/kms/src/main/java/com/example/Snippets.java
+++ b/kms/src/main/java/com/example/Snippets.java
@@ -28,6 +28,7 @@
import com.google.api.services.cloudkms.v1beta1.model.KeyRing;
import com.google.api.services.cloudkms.v1beta1.model.ListCryptoKeyVersionsResponse;
import com.google.api.services.cloudkms.v1beta1.model.ListCryptoKeysResponse;
+import com.google.api.services.cloudkms.v1beta1.model.ListKeyRingsResponse;
import com.google.api.services.cloudkms.v1beta1.model.Policy;
import com.google.api.services.cloudkms.v1beta1.model.SetIamPolicyRequest;
@@ -114,6 +115,30 @@ public static CryptoKey createCryptoKey(String projectId, String ringId, String
return createdKey;
}
+ /**
+ * Creates a new crypto key version for the given id.
+ */
+ public static void createCryptoKeyVersion(
+ String projectId, String ringId, String keyId) throws IOException {
+ String location = "global";
+ // Create the Cloud KMS client.
+ CloudKMS kms = createAuthorizedClient();
+
+ // The resource name of the cryptoKey
+ String cryptoKeys = String.format(
+ "projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s",
+ projectId, location, ringId, keyId);
+
+ CryptoKeyVersion version = new CryptoKeyVersion();
+
+ CryptoKeyVersion newVersion = kms.projects().locations().keyRings().cryptoKeys()
+ .cryptoKeyVersions()
+ .create(cryptoKeys, version)
+ .execute();
+
+ System.out.println(newVersion);
+ }
+
/**
* Disables the given version of the crypto key.
*/
@@ -263,11 +288,12 @@ public static Policy addMemberToCryptoKeyPolicy(
iamPolicy.setBindings(bindings);
// Set the new IAM Policy.
- Policy newIamPolicy = kms.projects().locations().keyRings().cryptoKeys()
+ Policy newIamPolicy = kms.projects().locations().keyRings()
+ .cryptoKeys()
.setIamPolicy(cryptoKey, new SetIamPolicyRequest().setPolicy(iamPolicy))
.execute();
- System.out.println(newIamPolicy);
+ System.out.println("Response: " + newIamPolicy);
return newIamPolicy;
}
@@ -320,11 +346,12 @@ public static Policy addMemberToKeyRingPolicy(
iamPolicy.setBindings(bindings);
// Set the new IAM Policy.
- Policy newIamPolicy = kms.projects().locations().keyRings()
+ Policy newIamPolicy = kms.projects().locations()
+ .keyRings()
.setIamPolicy(keyring, new SetIamPolicyRequest().setPolicy(iamPolicy))
.execute();
- System.out.println(newIamPolicy);
+ System.out.println("Response: " + newIamPolicy);
return newIamPolicy;
}
@@ -346,21 +373,26 @@ public static Policy removeMemberFromCryptoKeyPolicy(
// Get the current IAM policy and add the new account to it.
Policy iamPolicy = getCryptoKeyPolicy(projectId, ringId, keyId);
- List bindings = iamPolicy.getBindings();
+ if (null == iamPolicy.getBindings()) {
+ // Nothing to remove
+ return null;
+ }
+
// Filter out the given member
- for (Binding b : bindings) {
+ for (Binding b : iamPolicy.getBindings()) {
if (role.equals(b.getRole()) && b.getMembers().contains(member)) {
- b.getMembers().remove(member);
+ b.getMembers().removeAll(Collections.singletonList(member));
break;
}
}
// Set the new IAM Policy.
- Policy newIamPolicy = kms.projects().locations().keyRings().cryptoKeys()
+ Policy newIamPolicy = kms.projects().locations().keyRings()
+ .cryptoKeys()
.setIamPolicy(cryptoKey, new SetIamPolicyRequest().setPolicy(iamPolicy))
.execute();
- System.out.println(newIamPolicy);
+ System.out.println("Response: " + newIamPolicy);
return newIamPolicy;
}
@@ -382,9 +414,8 @@ public static Policy removeMemberFromKeyRingPolicy(
// Get the current IAM policy and add the new account to it.
Policy iamPolicy = getKeyRingPolicy(projectId, ringId);
- List bindings = iamPolicy.getBindings();
// Filter out the given member
- for (Binding b : bindings) {
+ for (Binding b : iamPolicy.getBindings()) {
if (role.equals(b.getRole()) && b.getMembers().contains(member)) {
b.getMembers().remove(member);
break;
@@ -392,14 +423,45 @@ public static Policy removeMemberFromKeyRingPolicy(
}
// Set the new IAM Policy.
- Policy newIamPolicy = kms.projects().locations().keyRings().cryptoKeys()
+ Policy newIamPolicy = kms.projects().locations()
+ .keyRings()
.setIamPolicy(cryptoKey, new SetIamPolicyRequest().setPolicy(iamPolicy))
.execute();
- System.out.println(newIamPolicy);
+ System.out.println("Response: " + newIamPolicy);
return newIamPolicy;
}
+ /**
+ * Prints all the keyrings in the given project.
+ */
+ public static void listKeyRings(String projectId) throws IOException {
+ String location = "global";
+ // Create the Cloud KMS client.
+ CloudKMS kms = createAuthorizedClient();
+
+ // The resource name of the cryptoKey
+ String keyRingPath = String.format(
+ "projects/%s/locations/%s",
+ projectId, location);
+
+ // Make the RPC call
+ ListKeyRingsResponse response = kms.projects().locations()
+ .keyRings()
+ .list(keyRingPath)
+ .execute();
+
+ // Print the returned key rings
+ if (null != response.getKeyRings()) {
+ System.out.println("Key Rings: ");
+ for (KeyRing keyRing : response.getKeyRings()) {
+ System.out.println(keyRing.getName());
+ }
+ } else {
+ System.out.println("No keyrings defined.");
+ }
+ }
+
/**
* Prints all the keys in the given key ring.
*/
diff --git a/kms/src/test/java/com/example/SnippetsIT.java b/kms/src/test/java/com/example/SnippetsIT.java
new file mode 100644
index 00000000000..58f420a5bc2
--- /dev/null
+++ b/kms/src/test/java/com/example/SnippetsIT.java
@@ -0,0 +1,278 @@
+/*
+ * Copyright (c) 2017 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package com.example;
+
+import static com.google.common.truth.Truth.assertThat;
+import static org.junit.Assert.assertTrue;
+
+import com.google.api.client.googleapis.json.GoogleJsonError;
+import com.google.api.client.googleapis.json.GoogleJsonResponseException;
+
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+import java.io.ByteArrayOutputStream;
+import java.io.PrintStream;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+/**
+ * Integration (system) tests for {@link Snippets}.
+ */
+@RunWith(JUnit4.class)
+@SuppressWarnings("checkstyle:abbreviationaswordinname")
+public class SnippetsIT {
+
+ static final String PROJECT_ID = "java-docs-samples-tests";
+ static final String KEY_RING_ID = "test-snippets-key-ring";
+ static final String CRYPTO_KEY_ID = "test-snippets-crypto-key";
+ static final String TEST_USER = "serviceAccount:"
+ + "131304031188-compute@developer.gserviceaccount.com";
+ static final String TEST_ROLE = "roles/viewer";
+ static final String ENCRYPT_STRING = "Everyone shall sit under their own vine and fig tree";
+
+ private static PrintStream realOut;
+
+ private ByteArrayOutputStream bout;
+ private PrintStream out;
+
+ @BeforeClass
+ public static void setUpClass() throws Exception {
+ ByteArrayOutputStream bout = new ByteArrayOutputStream();
+ PrintStream out = new PrintStream(bout);
+ realOut = System.out;
+ System.setOut(out);
+
+ // Since you can't delete keyrings & cryptokeys atm, these tests assume they already exist.
+ // Use the snippets functions to create them.
+ try {
+ Snippets.createKeyRing(PROJECT_ID, KEY_RING_ID);
+
+ // Since there's no way to delete keyrings atm, have two branches - one for the first time the
+ // test is run, one for after the key already exists
+ assertThat(bout.toString()).contains("keyRings/" + KEY_RING_ID);
+
+ } catch (GoogleJsonResponseException e) {
+ GoogleJsonError error = e.getDetails();
+ assertThat(error.getCode()).isEqualTo(409);
+ assertThat(error.getMessage()).contains("keyRings/" + KEY_RING_ID);
+ }
+
+ try {
+ Snippets.createCryptoKey(PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID);
+
+ // Since there's no way to delete keyrings atm, have two branches - one for the first time the
+ // test is run, one for after the key already exists
+ assertThat(bout.toString()).contains(String.format(
+ "keyRings/%s/cryptoKeys/%s", KEY_RING_ID, CRYPTO_KEY_ID));
+
+ } catch (GoogleJsonResponseException e) {
+ GoogleJsonError error = e.getDetails();
+ assertThat(error.getCode()).isEqualTo(409);
+ assertThat(error.getMessage()).contains(String.format(
+ "keyRings/%s/cryptoKeys/%s", KEY_RING_ID, CRYPTO_KEY_ID));
+ }
+ }
+
+ /**
+ * Destroys all the keys created during this test run.
+ */
+ @AfterClass
+ public static void tearDownClass() throws Exception {
+ ByteArrayOutputStream bout = new ByteArrayOutputStream();
+ PrintStream out = new PrintStream(bout);
+ System.setOut(out);
+
+ String stdout;
+ try {
+ Snippets.listCryptoKeyVersions(PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID);
+ stdout = bout.toString();
+ } finally {
+ System.setOut(realOut);
+ }
+
+ String[] lines = stdout.split("\n");
+ Pattern keyVersion = Pattern.compile(
+ ".*cryptoKeyVersions/(\\d+)\",\"state\":\"(EN|DIS)ABLED\".*",
+ Pattern.DOTALL | Pattern.MULTILINE);
+
+ for (String line : lines) {
+ Matcher matcher = keyVersion.matcher(line);
+ if (!matcher.matches()) {
+ continue;
+ }
+
+ String version = matcher.group(1);
+ Snippets.destroyCryptoKeyVersion(PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID, version);
+ }
+ }
+
+ @Before
+ public void setUp() throws Exception {
+ bout = new ByteArrayOutputStream();
+ out = new PrintStream(bout);
+ System.setOut(out);
+
+ Snippets.createCryptoKeyVersion(PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID);
+ }
+
+ @After
+ public void tearDown() {
+ System.setOut(realOut);
+ }
+
+ @Test
+ public void listKeyRings_printsKeyRing() throws Exception {
+ Snippets.listKeyRings(PROJECT_ID);
+
+ assertThat(bout.toString()).contains(String.format("keyRings/%s", KEY_RING_ID));
+ }
+
+ @Test
+ public void listCryptoKeys_printsCryptoKeys() throws Exception {
+ Snippets.listCryptoKeys(PROJECT_ID, KEY_RING_ID);
+
+ assertThat(bout.toString()).contains(
+ String.format("keyRings/%s/cryptoKeys/%s", KEY_RING_ID, CRYPTO_KEY_ID));
+ }
+
+ @Test
+ public void listCryptoKeyVersions_printsVersions() throws Exception {
+ Snippets.listCryptoKeyVersions(PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID);
+
+ assertThat(bout.toString()).containsMatch(String.format(
+ "keyRings/%s/cryptoKeys/%s/cryptoKeyVersions/\\d+\",\"state\":\"ENABLED\"",
+ KEY_RING_ID, CRYPTO_KEY_ID));
+ }
+
+ @Test
+ public void disableCryptoKeyVersion_disables() throws Exception {
+ Snippets.listCryptoKeyVersions(PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID);
+
+ Matcher matcher = Pattern.compile(".*cryptoKeyVersions/(\\d+)\",\"state\":\"ENABLED\".*",
+ Pattern.DOTALL | Pattern.MULTILINE).matcher(bout.toString().trim());
+ assertTrue(matcher.matches());
+ String version = matcher.group(1);
+
+ Snippets.disableCryptoKeyVersion(PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID, version);
+ assertThat(bout.toString()).containsMatch(String.format(
+ "keyRings/%s/cryptoKeys/%s/cryptoKeyVersions/%s\",\"state\":\"DISABLED\"",
+ KEY_RING_ID, CRYPTO_KEY_ID, version));
+ }
+
+ @Test
+ public void destroyCryptoKeyVersion_destroys() throws Exception {
+ Snippets.listCryptoKeyVersions(PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID);
+
+ Matcher matcher = Pattern.compile(".*cryptoKeyVersions/(\\d+)\",\"state\":\"ENABLED\".*",
+ Pattern.DOTALL | Pattern.MULTILINE).matcher(bout.toString().trim());
+ assertTrue(matcher.matches());
+
+ String version = matcher.group(1);
+
+ Snippets.destroyCryptoKeyVersion(PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID, version);
+
+ assertThat(bout.toString()).containsMatch(String.format(
+ "keyRings/%s/cryptoKeys/%s/cryptoKeyVersions/%s\",\"state\":\"DESTROY_SCHEDULED\"",
+ KEY_RING_ID, CRYPTO_KEY_ID, version));
+ }
+
+ @Test
+ public void addAndRemoveMemberToCryptoKeyPolicy_addsDisplaysAndRemoves() throws Exception {
+ // Make sure the policy doesn't already have our test user
+ Snippets.getCryptoKeyPolicy(PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID);
+
+ assertThat(bout.toString()).doesNotContainMatch(TEST_USER);
+
+ try {
+ // Add the test user, and make sure the policy has it
+ Snippets.addMemberToCryptoKeyPolicy(
+ PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID, TEST_USER, TEST_ROLE);
+
+ Snippets.getCryptoKeyPolicy(PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID);
+
+ assertThat(bout.toString()).containsMatch(TEST_USER);
+
+ // Now remove the test user, and make sure the policy no longer has it
+ bout.reset();
+ } finally {
+ Snippets.removeMemberFromCryptoKeyPolicy(
+ PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID, TEST_USER, TEST_ROLE);
+ }
+
+ assertThat(bout.toString()).doesNotContainMatch("Response:.*" + TEST_USER);
+
+ bout.reset();
+ Snippets.getCryptoKeyPolicy(PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID);
+
+ assertThat(bout.toString()).doesNotContainMatch(TEST_USER);
+ }
+
+ @Test
+ public void addAndRemoveMemberToKeyRingPolicy_addsDisplaysAndRemoves() throws Exception {
+ // Make sure the policy doesn't already have our test user
+ Snippets.getKeyRingPolicy(PROJECT_ID, KEY_RING_ID);
+
+ assertThat(bout.toString()).doesNotContainMatch(TEST_USER);
+
+ try {
+ // Add the test user, and make sure the policy has it
+ Snippets.addMemberToKeyRingPolicy(
+ PROJECT_ID, KEY_RING_ID, TEST_USER, TEST_ROLE);
+
+ Snippets.getKeyRingPolicy(PROJECT_ID, KEY_RING_ID);
+
+ assertThat(bout.toString()).containsMatch(TEST_USER);
+
+ // Now remove the test user, and make sure the policy no longer has it
+ bout.reset();
+ } finally {
+ Snippets.removeMemberFromKeyRingPolicy(
+ PROJECT_ID, KEY_RING_ID, TEST_USER, TEST_ROLE);
+ }
+
+ assertThat(bout.toString()).doesNotContainMatch("Response:.*" + TEST_USER);
+
+ bout.reset();
+ Snippets.getKeyRingPolicy(PROJECT_ID, KEY_RING_ID);
+
+ assertThat(bout.toString()).doesNotContainMatch(TEST_USER);
+ }
+
+ @Test
+ public void encryptDecrypt_encryptsAndDecrypts() throws Exception {
+ // Get an enabled crypto key version, since the primary version is likely disabled
+ Snippets.listCryptoKeyVersions(PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID);
+ Matcher matcher = Pattern.compile(".*cryptoKeyVersions/(\\d+)\",\"state\":\"ENABLED\".*",
+ Pattern.DOTALL | Pattern.MULTILINE).matcher(bout.toString().trim());
+ assertTrue(matcher.matches());
+ String version = matcher.group(1);
+
+ byte[] encrypted = CryptFile.encrypt(
+ PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID, version, ENCRYPT_STRING.getBytes());
+
+ assertThat(new String(encrypted)).isNotEqualTo(ENCRYPT_STRING);
+
+ byte[] decrypted = CryptFile.decrypt(
+ PROJECT_ID, KEY_RING_ID, CRYPTO_KEY_ID, encrypted);
+
+ assertThat(new String(decrypted)).isEqualTo(ENCRYPT_STRING);
+ }
+}
diff --git a/pom.xml b/pom.xml
index 26cc5708d72..ef8d9412ee3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -44,6 +44,7 @@
+
appengine/analytics
appengine/appidentity
appengine/channel
@@ -76,16 +77,7 @@
appengine/urlfetch
appengine/users
-
- bigquery
- bigquery/cloud-client
- bigquery/rest
- compute/cmdline
- compute/error-reporting
- compute/mailjet
- compute/sendgrid
- datastore
- datastore/cloud-client
+
flexible/analytics
flexible/async-rest
flexible/cloudsql
@@ -102,6 +94,17 @@
flexible/sparkjava
flexible/static-files
flexible/twilio
+
+ bigquery
+ bigquery/cloud-client
+ bigquery/rest
+ compute/cmdline
+ compute/error-reporting
+ compute/mailjet
+ compute/sendgrid
+ datastore
+ datastore/cloud-client
+ kms
language/analysis
language/cloud-client
logging