/// <inheritdoc />
public XElement Decrypt(XElement encryptedElement)
{
GaxPreconditions.CheckNotNull(encryptedElement, nameof(encryptedElement));
XElement payloadElement = encryptedElement.Element(PayloadElement);
XAttribute kmsKeyName = encryptedElement.Attribute(KmsKeyNameAttribute);
XAttribute localKeyDataAttribute = encryptedElement.Attribute(LocalKeyDataAttribute);
GaxPreconditions.CheckArgument(payloadElement != null, nameof(encryptedElement), "Expected '{0}' element", PayloadElement);
GaxPreconditions.CheckArgument(kmsKeyName != null, nameof(encryptedElement), "Expected '{0}' attribute", KmsKeyNameAttribute);
GaxPreconditions.CheckArgument(localKeyDataAttribute != null, nameof(encryptedElement), "Expected '{0}' attribute", LocalKeyDataAttribute);
CryptoKeyName cryptoKeyName = CryptoKeyName.Parse(kmsKeyName.Value);
ByteString encryptedLocalKeyData = ByteString.FromBase64(localKeyDataAttribute.Value);
ByteString plaintextLocalKeyData = _kmsClient.Decrypt(cryptoKeyName, encryptedLocalKeyData).Plaintext;
SymmetricKey key = SymmetricKey.Parser.ParseFrom(plaintextLocalKeyData);
using (var algorithm = CreateLocalKey(key))
{
byte[] encryptedPayload = Convert.FromBase64String(payloadElement.Value);
using (var decryptor = algorithm.CreateDecryptor())
{
byte[] plaintextPayload = decryptor.TransformFinalBlock(encryptedPayload, 0, encryptedPayload.Length);
using (var stream = new MemoryStream(plaintextPayload))
{
return(XElement.Load(stream));
}
}
}
}
byte[] IDataProtector.Unprotect(byte[] protectedData)
{
var response =
_kms.Decrypt(_keyName, ByteString.CopyFrom(protectedData));
return(response.Plaintext.ToByteArray());
}
public static string Decrypt(string cipher)
{
KeyManagementServiceClient client = KeyManagementServiceClient.Create();
CryptoKeyName kn = CryptoKeyName.FromUnparsed(new Google.Api.Gax.UnparsedResourceName("projects/programmingforthecloudbf/locations/global/keyRings/BFKeyring/cryptoKeys/BFkey"));
string realvalue = client.Decrypt(kn, ByteString.FromBase64(cipher)).Plaintext.ToStringUtf8();
return(realvalue);
}
// [END kms_encrypt]
// [START kms_decrypt]
public static void Decrypt(string projectId, string locationId, string keyRingId, string cryptoKeyId,
string ciphertextFile, string plaintextFile)
{
KeyManagementServiceClient client = KeyManagementServiceClient.Create();
CryptoKeyName cryptoKeyName =
new CryptoKeyName(projectId, locationId, keyRingId, cryptoKeyId);
byte[] ciphertext = File.ReadAllBytes(ciphertextFile);
DecryptResponse result = client.Decrypt(cryptoKeyName, ByteString.CopyFrom(ciphertext));
// Output decrypted data to a file.
File.WriteAllBytes(plaintextFile, result.Plaintext.ToByteArray());
Console.Write($"Decrypted file created: {plaintextFile}");
}
public void EncryptsData()
{
var message = "testing1234";
// Run the sample code.
var result = _sample.EncryptSymmetric(
projectId: _fixture.ProjectId, locationId: _fixture.LocationId, keyRingId: _fixture.KeyRingId, keyId: _fixture.SymmetricKeyId,
message: message);
// Attempt to decrypt to verify success.
KeyManagementServiceClient client = KeyManagementServiceClient.Create();
var response = client.Decrypt(_fixture.SymmetricKeyName, ByteString.CopyFrom(result));
Assert.Equal(message, response.Plaintext.ToStringUtf8());
}
public static string Decrypt(string cipher)
{
KeyManagementServiceClient client = KeyManagementServiceClient.Create();
CryptoKeyName kn = CryptoKeyName.FromUnparsed(
new Google.Api.Gax.UnparsedResourceName("projects/jurgen-cloud-project/locations/global/keyRings/pftckeyring/cryptoKeys/pftckeys"));
byte[] cipherText = Convert.FromBase64String(cipher);
DecryptResponse result = client.Decrypt(kn, ByteString.CopyFrom(cipherText));
byte[] bytes = result.Plaintext.ToByteArray();
string finalResult = Encoding.Default.GetString(bytes);
return(finalResult);
}
public string Decrypt(string cipher)
{
// Create the client.
KeyManagementServiceClient client = KeyManagementServiceClient.Create();
// Build the key name.
CryptoKeyName keyName = new CryptoKeyName(projectId, locationId, keyRingId, keyId);
DecryptResponse result = client.Decrypt(keyName, ByteString.FromBase64(cipher));
//convert the result to byteArray
byte[] plaintext = result.Plaintext.ToByteArray();
return(Encoding.UTF8.GetString(plaintext));
}
public Stream CreateReadStream()
{
if (!Exists)
{
throw new FileNotFoundException(innerFileInfo.Name);
}
DecryptResponse response;
using (var stream = innerFileInfo.CreateReadStream())
{
response = kms.Decrypt(cryptoKeyName.Value,
ByteString.FromStream(stream));
}
MemoryStream memStream = new MemoryStream();
response.Plaintext.WriteTo(memStream);
memStream.Seek(0, SeekOrigin.Begin);
return(memStream);
}
public string DecryptSymmetric(
string projectId = "my-project", string locationId = "us-east1", string keyRingId = "my-key-ring", string keyId = "my-key",
byte[] ciphertext = null)
{
// Create the client.
KeyManagementServiceClient client = KeyManagementServiceClient.Create();
// Build the key name.
CryptoKeyName keyName = new CryptoKeyName(projectId, locationId, keyRingId, keyId);
// Call the API.
DecryptResponse result = client.Decrypt(keyName, ByteString.CopyFrom(ciphertext));
// Get the plaintext. Cryptographic plaintexts and ciphertexts are
// always byte arrays.
byte[] plaintext = result.Plaintext.ToByteArray();
// Return the result.
return(Encoding.UTF8.GetString(plaintext));
}
/// <summary>
/// Create a stream that decrypts the encrypted file.
/// </summary>
/// <returns>An unencrypted stream.</returns>
Stream IFileInfo.CreateReadStream()
{
if (!((IFileInfo)this).Exists)
{
throw new FileNotFoundException(innerFileInfo.Name);
}
DecryptResponse response;
// Read the encrypted bytes from the file.
using (var stream = innerFileInfo.CreateReadStream())
{
// Call kms to Decrypt them.
response = kms.Decrypt(cryptoKeyName.Value,
ByteString.FromStream(stream));
}
// Dump the unencrypted bytes to a memory stream.
MemoryStream memStream = new MemoryStream();
response.Plaintext.WriteTo(memStream);
memStream.Seek(0, SeekOrigin.Begin);
return(memStream);
}
