googleapis · bshaffer · Jun 30, 2023 · Jun 30, 2023 · Jun 30, 2023
@@ -0,0 +1,77 @@
+<?php
+/*
+ * Copyright 2023 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * GENERATED CODE WARNING
+ * This file was automatically generated - do not edit!
+ */
+
+require_once __DIR__ . '/../../../vendor/autoload.php';
+
+// [START cloudkms_v1_generated_KeyManagementService_RawDecrypt_sync]
+use Google\ApiCore\ApiException;
+use Google\Cloud\Kms\V1\KeyManagementServiceClient;
+use Google\Cloud\Kms\V1\RawDecryptResponse;
+
+/**
+ * Decrypts data that was originally encrypted using a raw cryptographic
+ * mechanism. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
+ * must be
+ * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
+ *
+ * @param string $name                 The resource name of the
+ *                                     [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for
+ *                                     decryption.
+ * @param string $ciphertext           The encrypted data originally returned in
+ *                                     [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext].
+ * @param string $initializationVector The initialization vector (IV) used during encryption, which must
+ *                                     match the data originally provided in
+ *                                     [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector].
+ */
+function raw_decrypt_sample(string $name, string $ciphertext, string $initializationVector): void
+{
+    // Create a client.
+    $keyManagementServiceClient = new KeyManagementServiceClient();
+
+    // Call the API and handle any network failures.
+    try {
+        /** @var RawDecryptResponse $response */
+        $response = $keyManagementServiceClient->rawDecrypt($name, $ciphertext, $initializationVector);
+        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
+    } catch (ApiException $ex) {
+        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
+    }
+}
+
+/**
+ * Helper to execute the sample.
+ *
+ * This sample has been automatically generated and should be regarded as a code
+ * template only. It will require modifications to work:
+ *  - It may require correct/in-range values for request initialization.
+ *  - It may require specifying regional endpoints when creating the service client,
+ *    please see the apiEndpoint client configuration option for more details.
+ */
+function callSample(): void
+{
+    $name = '[NAME]';
+    $ciphertext = '...';
+    $initializationVector = '...';
+
+    raw_decrypt_sample($name, $ciphertext, $initializationVector);
+}
+// [END cloudkms_v1_generated_KeyManagementService_RawDecrypt_sync]
@@ -0,0 +1,82 @@
+<?php
+/*
+ * Copyright 2023 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * GENERATED CODE WARNING
+ * This file was automatically generated - do not edit!
+ */
+
+require_once __DIR__ . '/../../../vendor/autoload.php';
+
+// [START cloudkms_v1_generated_KeyManagementService_RawEncrypt_sync]
+use Google\ApiCore\ApiException;
+use Google\Cloud\Kms\V1\KeyManagementServiceClient;
+use Google\Cloud\Kms\V1\RawEncryptResponse;
+
+/**
+ * Encrypts data using portable cryptographic primitives. Most users should
+ * choose [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and
+ * [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than
+ * their raw counterparts. The
+ * [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
+ * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
+ *
+ * @param string $name      The resource name of the
+ *                          [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for
+ *                          encryption.
+ * @param string $plaintext The data to encrypt. Must be no larger than 64KiB.
+ *
+ *                          The maximum size depends on the key version's
+ *                          [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level].
+ *                          For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the
+ *                          plaintext must be no larger than 64KiB. For
+ *                          [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of
+ *                          the plaintext and additional_authenticated_data fields must be no larger
+ *                          than 8KiB.
+ */
+function raw_encrypt_sample(string $name, string $plaintext): void
+{
+    // Create a client.
+    $keyManagementServiceClient = new KeyManagementServiceClient();
+
+    // Call the API and handle any network failures.
+    try {
+        /** @var RawEncryptResponse $response */
+        $response = $keyManagementServiceClient->rawEncrypt($name, $plaintext);
+        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
+    } catch (ApiException $ex) {
+        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
+    }
+}
+
+/**
+ * Helper to execute the sample.
+ *
+ * This sample has been automatically generated and should be regarded as a code
+ * template only. It will require modifications to work:
+ *  - It may require correct/in-range values for request initialization.
+ *  - It may require specifying regional endpoints when creating the service client,
+ *    please see the apiEndpoint client configuration option for more details.
+ */
+function callSample(): void
+{
+    $name = '[NAME]';
+    $plaintext = '...';
+
+    raw_encrypt_sample($name, $plaintext);
+}
+// [END cloudkms_v1_generated_KeyManagementService_RawEncrypt_sync]
@@ -72,6 +72,10 @@
 use Google\Cloud\Kms\V1\MacVerifyRequest;
 use Google\Cloud\Kms\V1\MacVerifyResponse;
 use Google\Cloud\Kms\V1\PublicKey;
+use Google\Cloud\Kms\V1\RawDecryptRequest;
+use Google\Cloud\Kms\V1\RawDecryptResponse;
+use Google\Cloud\Kms\V1\RawEncryptRequest;
+use Google\Cloud\Kms\V1\RawEncryptResponse;
 use Google\Cloud\Kms\V1\RestoreCryptoKeyVersionRequest;
 use Google\Cloud\Kms\V1\UpdateCryptoKeyPrimaryVersionRequest;
 use Google\Cloud\Kms\V1\UpdateCryptoKeyRequest;
@@ -132,6 +136,8 @@
  * @method PromiseInterface listKeyRingsAsync(ListKeyRingsRequest $request, array $optionalArgs = [])
  * @method PromiseInterface macSignAsync(MacSignRequest $request, array $optionalArgs = [])
  * @method PromiseInterface macVerifyAsync(MacVerifyRequest $request, array $optionalArgs = [])
+ * @method PromiseInterface rawDecryptAsync(RawDecryptRequest $request, array $optionalArgs = [])
+ * @method PromiseInterface rawEncryptAsync(RawEncryptRequest $request, array $optionalArgs = [])
  * @method PromiseInterface restoreCryptoKeyVersionAsync(RestoreCryptoKeyVersionRequest $request, array $optionalArgs = [])
  * @method PromiseInterface updateCryptoKeyAsync(UpdateCryptoKeyRequest $request, array $optionalArgs = [])
  * @method PromiseInterface updateCryptoKeyPrimaryVersionAsync(UpdateCryptoKeyPrimaryVersionRequest $request, array $optionalArgs = [])
@@ -982,6 +988,62 @@ public function macVerify(MacVerifyRequest $request, array $callOptions = []): M
         return $this->startApiCall('MacVerify', $request, $callOptions)->wait();
     }
 
+    /**
+     * Decrypts data that was originally encrypted using a raw cryptographic
+     * mechanism. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
+     * must be
+     * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
+     *
+     * The async variant is {@see self::rawDecryptAsync()} .
+     *
+     * @param RawDecryptRequest $request     A request to house fields associated with the call.
+     * @param array             $callOptions {
+     *     Optional.
+     *
+     *     @type RetrySettings|array $retrySettings
+     *           Retry settings to use for this call. Can be a {@see RetrySettings} object, or an
+     *           associative array of retry settings parameters. See the documentation on
+     *           {@see RetrySettings} for example usage.
+     * }
+     *
+     * @return RawDecryptResponse
+     *
+     * @throws ApiException Thrown if the API call fails.
+     */
+    public function rawDecrypt(RawDecryptRequest $request, array $callOptions = []): RawDecryptResponse
+    {
+        return $this->startApiCall('RawDecrypt', $request, $callOptions)->wait();
+    }
+
+    /**
+     * Encrypts data using portable cryptographic primitives. Most users should
+     * choose [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and
+     * [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than
+     * their raw counterparts. The
+     * [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
+     * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
+     *
+     * The async variant is {@see self::rawEncryptAsync()} .
+     *
+     * @param RawEncryptRequest $request     A request to house fields associated with the call.
+     * @param array             $callOptions {
+     *     Optional.
+     *
+     *     @type RetrySettings|array $retrySettings
+     *           Retry settings to use for this call. Can be a {@see RetrySettings} object, or an
+     *           associative array of retry settings parameters. See the documentation on
+     *           {@see RetrySettings} for example usage.
+     * }
+     *
+     * @return RawEncryptResponse
+     *
+     * @throws ApiException Thrown if the API call fails.
+     */
+    public function rawEncrypt(RawEncryptRequest $request, array $callOptions = []): RawEncryptResponse
+    {
+        return $this->startApiCall('RawEncrypt', $request, $callOptions)->wait();
+    }
+
     /**
      * Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
      * [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]