public CryptoKeyVersion CreateKeyVersion(string keyId)
{
KeyManagementServiceClient client = KeyManagementServiceClient.Create();
var result = client.CreateCryptoKeyVersion(new CreateCryptoKeyVersionRequest
{
ParentAsCryptoKeyName = new CryptoKeyName(ProjectId, LocationId, KeyRingId, keyId),
});
for (var i = 1; i <= 5; i++)
{
var version = client.GetCryptoKeyVersion(new GetCryptoKeyVersionRequest
{
CryptoKeyVersionName = result.CryptoKeyVersionName,
});
if (version.State == CryptoKeyVersion.Types.CryptoKeyVersionState.Enabled)
{
return(version);
}
Thread.Sleep(500 * i);
}
throw new TimeoutException($"{result.Name} not enabled within time");
}
public void CreatesKeyVersion()
{
// Run the sample code.
var result = _sample.CreateKeyVersion(
projectId: _fixture.ProjectId, locationId: _fixture.LocationId, keyRingId: _fixture.KeyRingId, keyId: _fixture.SymmetricKeyId);
// Get the key version.
KeyManagementServiceClient client = KeyManagementServiceClient.Create();
var response = client.GetCryptoKeyVersion(result.CryptoKeyVersionName);
Assert.NotNull(response.CryptoKeyVersionName.CryptoKeyVersionId);
}
// [END kms_enable_cryptokey_version]
// [START kms_get_cryptokey_version]
public static void GetCryptoKeyVersion(string projectId, string locationId, string keyRingId, string cryptoKeyId, string versionId)
{
KeyManagementServiceClient client = KeyManagementServiceClient.Create();
// The CryptoKeyVersion to enable.
CryptoKeyVersionName versionName =
new CryptoKeyVersionName(projectId, locationId, keyRingId, cryptoKeyId, versionId);
CryptoKeyVersion result = client.GetCryptoKeyVersion(versionName);
Console.WriteLine($"Name: {result.Name}");
Console.WriteLine($"Created: {result.CreateTime}");
Console.WriteLine($"State: {result.State}");
}
// [END kms_disable_cryptokey_version]
// [START kms_enable_cryptokey_version]
public static void EnableCryptoKeyVersion(string projectId, string locationId, string keyRingId, string cryptoKeyId, string versionId)
{
KeyManagementServiceClient client = KeyManagementServiceClient.Create();
// The CryptoKeyVersion to enable.
CryptoKeyVersionName versionName =
new CryptoKeyVersionName(projectId, locationId, keyRingId, cryptoKeyId, versionId);
CryptoKeyVersion version = client.GetCryptoKeyVersion(versionName);
version.State = CryptoKeyVersion.Types.CryptoKeyVersionState.Enabled;
FieldMask fieldMask = new FieldMask();
fieldMask.Paths.Add("state");
CryptoKeyVersion patchResult = client.UpdateCryptoKeyVersion(version, fieldMask);
Console.Write($"Enabled Crypto Key Version: {patchResult.Name}");
}
public byte[] GetKeyVersionAttestation(
string projectId = "my-project", string locationId = "us-east1", string keyRingId = "my-key-ring", string keyId = "my-key", string keyVersionId = "123")
{
// Create the client.
KeyManagementServiceClient client = KeyManagementServiceClient.Create();
// Build the key name.
CryptoKeyVersionName keyVersionName = new CryptoKeyVersionName(projectId, locationId, keyRingId, keyId, keyVersionId);
// Call the API.
CryptoKeyVersion result = client.GetCryptoKeyVersion(keyVersionName);
// Only HSM keys have an attestation. For other key types, the attestion
// will be nil.
KeyOperationAttestation attestation = result.Attestation;
if (attestation == null)
{
throw new InvalidOperationException("no attestation");
}
// Return the attestation.
return(attestation.Content.ToByteArray());
}
