How to use @google-cloud/kms - 9 common examples

To help you get started, we’ve selected a few @google-cloud/kms examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github forseti-security / forseti-visualizer / forseti-api / server / services / crypto-service.js View on Github external
async encrypt(
        plaintextFileName = '/Users/garrettwong/Git/forseti-visualizer/forseti-api/dockersource.env',
        ciphertextFileName = 'dockersource.env.enc'
    ) {
        const fs = require('fs');
        const {
            promisify
        } = require('util');

        // Import the library and create a client
        const kms = require('@google-cloud/kms');
        const client = new kms.KeyManagementServiceClient();

        // The location of the crypto key's key ring, e.g. "global"
        const locationId = 'global';

        // Reads the file to be encrypted
        const readFile = promisify(fs.readFile);
        const contentsBuffer = await readFile(plaintextFileName);
        console.log(contentsBuffer);

        const plaintext = contentsBuffer.toString('base64');

        console.log(plaintext);

        const name = client.cryptoKeyPath(
            this.projectId,
            locationId,
github sethvargo / secrets-in-serverless / encrypted-envvars / node / index.js View on Github external
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

'use strict';

const cryptoKeyID = process.env.KMS_CRYPTO_KEY_ID;

const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient();

let username;
client.decrypt({
  name: cryptoKeyID,
  ciphertext: process.env.DB_USER,
}).then(res => {
  username = res[0].plaintext.toString().trim();
}).catch(err => {
  console.error(err);
});

let password;
client.decrypt({
  name: cryptoKeyID,
  ciphertext: process.env.DB_PASS,
}).then(res => {
github googleapis / nodejs-kms / samples / disableCryptoKeyVersion.js View on Github external
async function disableCryptoKeyVersion(
  projectId = 'your-project-id', // Your GCP Project ID
  keyRingId = 'my-key-ring', // Name of the crypto key version's key ring
  cryptoKeyId = 'my-key', // Name of the version's crypto key
  version = 1234 // The version's id
) {
  // Import the library and create a client
  const kms = require('@google-cloud/kms');
  const client = new kms.KeyManagementServiceClient();

  // The location of the crypto key versions's key ring, e.g. "global"
  const locationId = 'global';

  // Get the full path to the crypto key
  const name = client.cryptoKeyVersionPath(
    projectId,
    locationId,
    keyRingId,
    cryptoKeyId,
    version
  );

  // Gets a crypto key version
  const [cryptoKeyVersion] = await client.getCryptoKeyVersion({name});
github googleapis / nodejs-kms / samples / decrypt.js View on Github external
async function decrypt(
  projectId = 'your-project-id', // Your GCP projectId
  keyRingId = 'my-key-ring', // Name of the crypto key's key ring
  cryptoKeyId = 'my-key', // Name of the crypto key, e.g. "my-key"
  ciphertextFileName = './path/to/plaintext.txt.encrypted',
  plaintextFileName = './path/to/plaintext.txt.decrypted'
) {
  const fs = require('fs');
  const {promisify} = require('util');

  // Import the library and create a client
  const kms = require('@google-cloud/kms');
  const client = new kms.KeyManagementServiceClient();

  // The location of the crypto key's key ring, e.g. "global"
  const locationId = 'global';

  // Reads the file to be decrypted
  const readFile = promisify(fs.readFile);
  const ciphertext = await readFile(ciphertextFileName);
  const name = client.cryptoKeyPath(
    projectId,
    locationId,
    keyRingId,
    cryptoKeyId
  );

  // Decrypts the file using the specified crypto key
  const [result] = await client.decrypt({name, ciphertext});
github googleapis / nodejs-kms / samples / enableCryptoKeyVersion.js View on Github external
async function enableCryptoKeyVersion(
  projectId = 'your-project-id', // Your GCP projectId
  keyRingId = 'my-key-ring', // Name of the crypto key version's key ring
  cryptoKeyId = 'my-key', // Name of the version's crypto key
  version = 1234 // The version's id
) {
  // Import the library and create a client
  const kms = require('@google-cloud/kms');
  const client = new kms.KeyManagementServiceClient();

  // The location of the crypto key versions's key ring, e.g. "global"
  const locationId = 'global';

  // Get the full path to the crypto key
  const name = client.cryptoKeyVersionPath(
    projectId,
    locationId,
    keyRingId,
    cryptoKeyId,
    version
  );

  // Gets a crypto key version
  const [cryptoKeyVersion] = await client.getCryptoKeyVersion({name});
github forseti-security / forseti-visualizer / forseti-api / server / services / crypto-service.js View on Github external
async decrypt(
        ciphertextFileName = 'dockersource.env.enc',
        plaintextFileName = 'dockersource.env.decrypted'
    ) {
        const fs = require('fs');
        const {
            promisify
        } = require('util');

        // Import the library and create a client
        const kms = require('@google-cloud/kms');
        const client = new kms.KeyManagementServiceClient();

        // The location of the crypto key's key ring, e.g. "global"
        const locationId = 'global';

        // Reads the file to be decrypted
        const readFile = promisify(fs.readFile);
        const contentsBuffer = await readFile(ciphertextFileName);
        const name = client.cryptoKeyPath(
            this.projectId,
            locationId,
            this.keyRingId,
            this.cryptoKeyId
        );
        const ciphertext = contentsBuffer.toString('base64');

        // Decrypts the file using the specified crypto key
github googleapis / nodejs-kms / samples / encrypt.js View on Github external
async function encrypt(
  projectId = 'your-project-id', // Your GCP projectId
  keyRingId = 'my-key-ring', // Name of the crypto key's key ring
  cryptoKeyId = 'my-key', // Name of the crypto key, e.g. "my-key"
  plaintextFileName = './path/to/plaintext.txt',
  ciphertextFileName = './path/to/plaintext.txt.encrypted'
) {
  const fs = require('fs');
  const {promisify} = require('util');

  // Import the library and create a client
  const kms = require('@google-cloud/kms');
  const client = new kms.KeyManagementServiceClient();

  // The location of the crypto key's key ring, e.g. "global"
  const locationId = 'global';

  // Reads the file to be encrypted
  const readFile = promisify(fs.readFile);
  const plaintext = await readFile(plaintextFileName);
  const name = client.cryptoKeyPath(
    projectId,
    locationId,
    keyRingId,
    cryptoKeyId
  );

  // Encrypts the file using the specified crypto key
  const [result] = await client.encrypt({name, plaintext});
github googleapis / repo-automation-bots / packages / gcf-utils / src / bin / genkey.ts View on Github external
async function run() {
  let encblob: Buffer = Buffer.from('');

  const opts = project
    ? ({
        projectId: project,
      } as KMS.v1.KeyManagementServiceClient.ConfigurationObject)
    : undefined;

  const kmsclient = new KMS.KeyManagementServiceClient(opts);

  const name = kmsclient.cryptoKeyPath(project, location, keyring, botname);

  const plaintext = Buffer.from(JSON.stringify(blob), 'utf-8');
  const [kmsresult] = await kmsclient.encrypt({ name, plaintext });
  encblob = kmsresult.ciphertext;

  const options = project ? ({ project } as StorageOptions) : undefined;
  const storage = new Storage(options);

  const tmpobj = tmp.dirSync();
  console.log('Dir: ', tmpobj.name);

  const fileName = path.join(tmpobj.name, botname);

  fs.writeFileSync(fileName, encblob);
github exasol / script-languages / google-cloud-build / github-status-notifications / index.js View on Github external
url='https://console.cloud.google.com/cloud-build/builds/'+buildId+'?project='+gcloudProject

  githubStatus = {
      state: states.get(status),
      context: context,
      description: context,
      sha: commitSha,
      token: "",
      repo: githubRepo,
      owner: githubUser,
      url: url
  };
  
  const kms = require('@google-cloud/kms');
  const client = new kms.KeyManagementServiceClient();
  const locationId = 'global';
  const name = client.cryptoKeyPath(
    gcloudProject,
    locationId,
    keyRingName,
    keyName
  );

  const ciphertext = githubToken;//Buffer.from(githubToken, 'base64').toString();
  client.decrypt({name, ciphertext})
      .then(responses => {
        const response = responses[0];
        const commitStatus = require('commit-status');
      	console.log("Send status");
      	console.log(githubStatus);
        githubStatus.token=response.plaintext;

@google-cloud/kms

Google Cloud Key Management Service (KMS) API client for Node.js

Apache-2.0
Latest version published 5 months ago

Package Health Score

91 / 100
Full package analysis