Stack Overflow
Stack Overflow

Questions tagged [google-cloud-kms]

This tag is for questions about Google Cloud KMS, a Google Cloud Platform service which allows developers to store and make use of encryption keys to secure data.

Google Cloud KMS home page

230 questions
0
votes
1 answer

Can I restore a imported HSM AES-256 key by key material?

I have imported the key material into Cloud KMS and KMS generated a (AES-256) key, then I saved the key material locally and encrypted some data files with generated key. After that if my Google account is arrears or Cloud KMS crashes and causes the…
TianXing Chu
  • 3
  • 1
0
votes
1 answer

Gooble Cloud KMS: code freezes on calling kms client

I want to encrypt and decrypt son values by using google cloud kms and I am using this code as example https://github.com/GoogleCloudPlatform/java-docs-samples/blob/master/kms/src/main/java/com/example/CryptFile.java try (KeyManagementServiceClient…
althor
  • 739
  • 2
  • 9
  • 21
0
votes
1 answer

Google Cloud KMS java.lang.NoSuchMethodError: com.google.common.base.Preconditions.checkArgument(ZLjava/lang/String;CLjava/lang/Object;)V

I am using the java client library for KMS. The KeyManagementServiceClient.create() method shown here is throwing the above exception. Guava dependencies look okay - 27.1-jre public String encrypt(String plaintext) throws IOException { …
hnk
  • 1
0
votes
1 answer

Python auth for kms

I'm new to google cloud kms product, is there a tutorial on how to authenticate ( from third party server ) kms with python? The goal is to access the public key, encrypt the data ( async ). Another server will have more permissions and will be able…
Dubs
  • 640
  • 5
  • 14
0
votes
0 answers

"UNAUTHENTICATED" when trying to encrypt text with Google Cloud KMS and API-KEY

I'm trying to encrypt/decrypt files with Google Cloud KMS. Encrypting/decrypting with the gcloud command works perfectly. But now I need to pass this to other users who don't/should not have acces to my gcloud account. They should be able to decrypt…
Sam
  • 338
  • 1
  • 4
  • 17
0
votes
0 answers

Upload to bucket with customer-managed encryption fails

Based on https://cloud.google.com/storage/docs/encryption/using-customer-managed-keys Steps to reproduce: Create key ring and key in Cloud KMS in a specific location (us-central-1 for example). Grant permission Cloud KMS CryptoKey…
yrunts
  • 153
  • 8
0
votes
2 answers

Bouncycastle AlgorithmIdentifier for EC_SIGN_P256_SHA256

I need to sign certificate by using key from googles KMS and later verify, that coming certificate was actually sign with that key. I'm using bouncycastle provider for most stuff, but having trouble finding right AlgorithmIdentifier for…
Dainius
  • 1,765
  • 1
  • 17
  • 36
0
votes
2 answers

Rotating keys and reactive reencypt data

I want to introduce key rotation to my system but for that reencryption is needed. It would be nice to do it reactively on some event, trigger etc., but I can't find anything like that at google documentation. After a rotate event, I want to…
Aleksander Orchowski
  • 108
  • 3
0
votes
4 answers

Google Cloud KMS issue with decrypt

Im new to Cloud KMS, and I started following exactly what's written here I encrypted my data file which is saved in UTF-8 format by running this command gcloud kms encrypt --location global --keyring ring --key key --plaintext-file /path_to_file…
Tamer Saleh
  • 473
  • 9
  • 21
0
votes
0 answers

Java KeyManagementServiceClient create hangs in Jruby

I have the following block in a java file (GcpEncrypt.java) that runs fine ( unit tests ). However when I jar it up and call it from within a logstash Jruby input plugin, it hangs at the client create portion. public byte[] decryptWrappedKey(String…
ShahNewazKhan
  • 1,057
  • 1
  • 12
  • 26
0
votes
1 answer

Unable to decrypt using google kms typescript/node, getting emtpy results

Any help on this would be appreciate it :). I am trying to create a firebase function to decrypt data using google kms. For some reason I am unable to decrypt data successfully, I am just getting an empty buffer as response. Here is my code…
hlagos
  • 7,690
  • 3
  • 23
  • 41
0
votes
1 answer

GCP kms encrypt env var and passing encrypted key through cloudbuild.yaml to google app engine

I'm trying to encrypt env vars for database in Cloud SQL in my RoR app deploying to Google App Engine. Following this doc https://cloud.google.com/cloud-build/docs/securing-builds/use-encrypted-secrets-credentials However, I have an error when…
Gruido
  • 71
  • 1
  • 6
0
votes
2 answers

google-cloud-kms PKCS7 Cryptographic Message Syntax

Has anyone implemented Cryptographic Message Syntax using Google's HSM and KMS service? It is difficult to tell if this functionality is built into the Tinklibrary or not. There is no Google Engine for OpenSSL or BoringSSL (would love to be…
jmwilkosz
  • 11
  • 1
  • 5
0
votes
0 answers

How to authenticate a php application hosted on a non-Google server with Google Cloud KMS

I've been trying to understand how to use the Google Cloud Key Management System and have worked through the quick start tutorials and documentation. I created my key rings and their individual keys and tested them using the SDK on my laptop and…
NumptyDumpty
  • 3
  • 2
0
votes
1 answer

Google Deployment Manager stored runtime-config variables appear corrupted

I'm having trouble with encrypted base64 encoded values I'm using in Google Deployment Manager via runtimeconfig.v1beta1.config resource declarations. After I perform the deployment, the value that I stored using Deployment Manager appear to be…
Poo Bah
  • 35
  • 6
1 2 3
15
16