Wrappers around Google Cloud KMS that implement Go's crypto.Signer and crypto.Verifier interfaces.
APACHE-2.0 License
This package wraps the Google Cloud KMS Go library to implement Go's crypto.Decrypter and crypto.Signer interfaces. It only works with Google Cloud KMS asymmetric keys.
package main
import (
kms "cloud.google.com/go/kms/apiv1"
"github.com/sethvargo/go-gcpkms/pkg/gcpkms"
)
func main() {
ctx := context.Background()
kmsClient, err := kms.NewKeyManagementClient(ctx)
if err != nil {
log.Fatal(err)
}
keyID := "projects/p/locations/l/keyRings/r/cryptoKeys/k/cryptoKeyVersions/1"
signer, err := gcpkms.NewSigner(ctx, kmsClient, keyID)
if err != nil {
log.Fatal(err)
}
sig, err := signer.Sign(nil, digest, nil)
if err != nil {
log.Fatal(err)
}
}
For more examples, please see the package godoc.