DazWilkin · May 31, 2019 21:07
diff --git a/main.go b/main.go
 package main

 import (
 	"encoding/base64"
 	"flag"
 	"fmt"
 	"log"

 	"github.com/google/tink/go/aead"
 	"github.com/google/tink/go/core/registry"
 	"github.com/google/tink/go/integration/gcpkms"
 	"github.com/google/tink/go/keyset"
 )

 var (
 	project  = flag.String("project", "", "Project ID")
 	location = flag.String("location", "", Keyring Location")
 	keyring  = flag.String("keyring", "", "Keyring ID")
 	key      = flag.String("key", "", "Key ID")
 )

 func main() {
 	flag.Parse()
 	keyURI := fmt.Sprintf(
 		"gcp-kms://projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s",
 		*project,
 		*location,
 		*keyring,
 		*key)

 	gcpclient, err := gcpkms.NewGCPClient(keyURI)
 	if err != nil {
 		log.Fatal(err)
 	}

 	//_, err = gcpclient.LoadCredentials(*credentialsFile)
 	_, err = gcpclient.LoadDefaultCredentials()
 	if err != nil {
 		log.Fatal(err)
 	}

 	registry.RegisterKMSClient(gcpclient)

 	dek := aead.AES128CTRHMACSHA256KeyTemplate()
 	kh, err := keyset.NewHandle(aead.KMSEnvelopeAEADKeyTemplate(keyURI, dek))
 	if err != nil {
 		log.Fatal(err)
 	}

 	a, err := aead.New(kh)
 	if err != nil {
 		log.Fatal(err)
 	}

 	ct, err := a.Encrypt([]byte("manifest"), []byte("associated data"))
 	if err != nil {
 		log.Fatal(err)
 	}

 	pt, err := a.Decrypt(ct, []byte("associated data"))
 	if err != nil {
 		log.Fatal(err)
 	}

 	fmt.Printf("Cipher text: \n%s\n\n", base64.StdEncoding.EncodeToString(ct))
 	fmt.Printf("Plain text: %s\n", pt)

 }
	package main

	import (
	"encoding/base64"
	"flag"
	"fmt"
	"log"

	"github.com/google/tink/go/aead"
	"github.com/google/tink/go/core/registry"
	"github.com/google/tink/go/integration/gcpkms"
	"github.com/google/tink/go/keyset"
	)

	var (
	project = flag.String("project", "", "Project ID")
	location = flag.String("location", "", Keyring Location")
	keyring = flag.String("keyring", "", "Keyring ID")
	key = flag.String("key", "", "Key ID")
	)

	func main() {
	flag.Parse()
	keyURI := fmt.Sprintf(
	"gcp-kms://projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s",
	*project,
	*location,
	*keyring,
	*key)

	gcpclient, err := gcpkms.NewGCPClient(keyURI)
	if err != nil {
	log.Fatal(err)
	}

	//_, err = gcpclient.LoadCredentials(*credentialsFile)
	_, err = gcpclient.LoadDefaultCredentials()
	if err != nil {
	log.Fatal(err)
	}

	registry.RegisterKMSClient(gcpclient)

	dek := aead.AES128CTRHMACSHA256KeyTemplate()
	kh, err := keyset.NewHandle(aead.KMSEnvelopeAEADKeyTemplate(keyURI, dek))
	if err != nil {
	log.Fatal(err)
	}

	a, err := aead.New(kh)
	if err != nil {
	log.Fatal(err)
	}

	ct, err := a.Encrypt([]byte("manifest"), []byte("associated data"))
	if err != nil {
	log.Fatal(err)
	}

	pt, err := a.Decrypt(ct, []byte("associated data"))
	if err != nil {
	log.Fatal(err)
	}

	fmt.Printf("Cipher text: \n%s\n\n", base64.StdEncoding.EncodeToString(ct))
	fmt.Printf("Plain text: %s\n", pt)

	}