/// <inheritdoc /> public XElement Decrypt(XElement encryptedElement) { GaxPreconditions.CheckNotNull(encryptedElement, nameof(encryptedElement)); XElement payloadElement = encryptedElement.Element(PayloadElement); XAttribute kmsKeyName = encryptedElement.Attribute(KmsKeyNameAttribute); XAttribute localKeyDataAttribute = encryptedElement.Attribute(LocalKeyDataAttribute); GaxPreconditions.CheckArgument(payloadElement != null, nameof(encryptedElement), "Expected '{0}' element", PayloadElement); GaxPreconditions.CheckArgument(kmsKeyName != null, nameof(encryptedElement), "Expected '{0}' attribute", KmsKeyNameAttribute); GaxPreconditions.CheckArgument(localKeyDataAttribute != null, nameof(encryptedElement), "Expected '{0}' attribute", LocalKeyDataAttribute); CryptoKeyName cryptoKeyName = CryptoKeyName.Parse(kmsKeyName.Value); ByteString encryptedLocalKeyData = ByteString.FromBase64(localKeyDataAttribute.Value); ByteString plaintextLocalKeyData = _kmsClient.Decrypt(cryptoKeyName, encryptedLocalKeyData).Plaintext; SymmetricKey key = SymmetricKey.Parser.ParseFrom(plaintextLocalKeyData); using (var algorithm = CreateLocalKey(key)) { byte[] encryptedPayload = Convert.FromBase64String(payloadElement.Value); using (var decryptor = algorithm.CreateDecryptor()) { byte[] plaintextPayload = decryptor.TransformFinalBlock(encryptedPayload, 0, encryptedPayload.Length); using (var stream = new MemoryStream(plaintextPayload)) { return(XElement.Load(stream)); } } } }
byte[] IDataProtector.Unprotect(byte[] protectedData) { var response = _kms.Decrypt(_keyName, ByteString.CopyFrom(protectedData)); return(response.Plaintext.ToByteArray()); }
public static string Decrypt(string cipher) { KeyManagementServiceClient client = KeyManagementServiceClient.Create(); CryptoKeyName kn = CryptoKeyName.FromUnparsed(new Google.Api.Gax.UnparsedResourceName("projects/programmingforthecloudbf/locations/global/keyRings/BFKeyring/cryptoKeys/BFkey")); string realvalue = client.Decrypt(kn, ByteString.FromBase64(cipher)).Plaintext.ToStringUtf8(); return(realvalue); }
// [END kms_encrypt] // [START kms_decrypt] public static void Decrypt(string projectId, string locationId, string keyRingId, string cryptoKeyId, string ciphertextFile, string plaintextFile) { KeyManagementServiceClient client = KeyManagementServiceClient.Create(); CryptoKeyName cryptoKeyName = new CryptoKeyName(projectId, locationId, keyRingId, cryptoKeyId); byte[] ciphertext = File.ReadAllBytes(ciphertextFile); DecryptResponse result = client.Decrypt(cryptoKeyName, ByteString.CopyFrom(ciphertext)); // Output decrypted data to a file. File.WriteAllBytes(plaintextFile, result.Plaintext.ToByteArray()); Console.Write($"Decrypted file created: {plaintextFile}"); }
public void EncryptsData() { var message = "testing1234"; // Run the sample code. var result = _sample.EncryptSymmetric( projectId: _fixture.ProjectId, locationId: _fixture.LocationId, keyRingId: _fixture.KeyRingId, keyId: _fixture.SymmetricKeyId, message: message); // Attempt to decrypt to verify success. KeyManagementServiceClient client = KeyManagementServiceClient.Create(); var response = client.Decrypt(_fixture.SymmetricKeyName, ByteString.CopyFrom(result)); Assert.Equal(message, response.Plaintext.ToStringUtf8()); }
public static string Decrypt(string cipher) { KeyManagementServiceClient client = KeyManagementServiceClient.Create(); CryptoKeyName kn = CryptoKeyName.FromUnparsed( new Google.Api.Gax.UnparsedResourceName("projects/jurgen-cloud-project/locations/global/keyRings/pftckeyring/cryptoKeys/pftckeys")); byte[] cipherText = Convert.FromBase64String(cipher); DecryptResponse result = client.Decrypt(kn, ByteString.CopyFrom(cipherText)); byte[] bytes = result.Plaintext.ToByteArray(); string finalResult = Encoding.Default.GetString(bytes); return(finalResult); }
public string Decrypt(string cipher) { // Create the client. KeyManagementServiceClient client = KeyManagementServiceClient.Create(); // Build the key name. CryptoKeyName keyName = new CryptoKeyName(projectId, locationId, keyRingId, keyId); DecryptResponse result = client.Decrypt(keyName, ByteString.FromBase64(cipher)); //convert the result to byteArray byte[] plaintext = result.Plaintext.ToByteArray(); return(Encoding.UTF8.GetString(plaintext)); }
public Stream CreateReadStream() { if (!Exists) { throw new FileNotFoundException(innerFileInfo.Name); } DecryptResponse response; using (var stream = innerFileInfo.CreateReadStream()) { response = kms.Decrypt(cryptoKeyName.Value, ByteString.FromStream(stream)); } MemoryStream memStream = new MemoryStream(); response.Plaintext.WriteTo(memStream); memStream.Seek(0, SeekOrigin.Begin); return(memStream); }
public string DecryptSymmetric( string projectId = "my-project", string locationId = "us-east1", string keyRingId = "my-key-ring", string keyId = "my-key", byte[] ciphertext = null) { // Create the client. KeyManagementServiceClient client = KeyManagementServiceClient.Create(); // Build the key name. CryptoKeyName keyName = new CryptoKeyName(projectId, locationId, keyRingId, keyId); // Call the API. DecryptResponse result = client.Decrypt(keyName, ByteString.CopyFrom(ciphertext)); // Get the plaintext. Cryptographic plaintexts and ciphertexts are // always byte arrays. byte[] plaintext = result.Plaintext.ToByteArray(); // Return the result. return(Encoding.UTF8.GetString(plaintext)); }
/// <summary> /// Create a stream that decrypts the encrypted file. /// </summary> /// <returns>An unencrypted stream.</returns> Stream IFileInfo.CreateReadStream() { if (!((IFileInfo)this).Exists) { throw new FileNotFoundException(innerFileInfo.Name); } DecryptResponse response; // Read the encrypted bytes from the file. using (var stream = innerFileInfo.CreateReadStream()) { // Call kms to Decrypt them. response = kms.Decrypt(cryptoKeyName.Value, ByteString.FromStream(stream)); } // Dump the unencrypted bytes to a memory stream. MemoryStream memStream = new MemoryStream(); response.Plaintext.WriteTo(memStream); memStream.Seek(0, SeekOrigin.Begin); return(memStream); }