Skip to content

Commit 804185d

Browse files
bshafferbshaffer
committed
standardizes and fixes KMS comments
1 parent 47def9a commit 804185d

File tree

1 file changed

+46
-48
lines changed

1 file changed

+46
-48
lines changed

kms/api/src/functions.php

Lines changed: 46 additions & 48 deletions
Original file line numberDiff line numberDiff line change
@@ -51,10 +51,10 @@ function add_member_to_cryptokey_policy($projectId, $ring, $key, $member, $role,
5151
$client->useApplicationDefaultCredentials();
5252
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
5353

54-
// Create the Cloud KMS client
54+
// Create the Cloud KMS client.
5555
$kms = new Google_Service_CloudKMS($client);
5656

57-
// The resource name of the cryptokey.
57+
// The resource name of the CryptoKey.
5858
$parent = sprintf('projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s',
5959
$projectId,
6060
$location,
@@ -71,7 +71,7 @@ function add_member_to_cryptokey_policy($projectId, $ring, $key, $member, $role,
7171
]);
7272
$policy->setBindings($bindings);
7373

74-
// Set the new IAM Policy
74+
// Set the new IAM Policy.
7575
$request = new Google_Service_CloudKMS_SetIamPolicyRequest(['policy' => $policy]);
7676
$kms->projects_locations_keyRings_cryptoKeys->setIamPolicy(
7777
$parent,
@@ -102,10 +102,10 @@ function add_member_to_keyring_policy($projectId, $ring, $member, $role, $locati
102102
$client->useApplicationDefaultCredentials();
103103
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
104104

105-
// Create the Cloud KMS client
105+
// Create the Cloud KMS client.
106106
$kms = new Google_Service_CloudKMS($client);
107107

108-
// The resource name of the cryptokey.
108+
// The resource name of the KeyRing.
109109
$parent = sprintf('projects/%s/locations/%s/keyRings/%s',
110110
$projectId,
111111
$location,
@@ -121,7 +121,7 @@ function add_member_to_keyring_policy($projectId, $ring, $member, $role, $locati
121121
]);
122122
$policy->setBindings($bindings);
123123

124-
// Set the new IAM Policy
124+
// Set the new IAM Policy.
125125
$request = new Google_Service_CloudKMS_SetIamPolicyRequest(['policy' => $policy]);
126126
$kms->projects_locations_keyRings->setIamPolicy(
127127
$parent,
@@ -149,13 +149,13 @@ function create_cryptokey($projectId, $ring, $key, $location = 'global')
149149
$client->useApplicationDefaultCredentials();
150150
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
151151

152-
// Create the Cloud KMS client
152+
// Create the Cloud KMS client.
153153
$kms = new Google_Service_CloudKMS($client);
154154

155155
// This will allow the API access to the key for encryption and decryption.
156156
$purpose = 'ENCRYPT_DECRYPT';
157157

158-
// The resource name of the keyring associated with the cryptokey.
158+
// The resource name of the KeyRing associated with the CryptoKey.
159159
$parent = sprintf('projects/%s/locations/%s/keyRings/%s',
160160
$projectId,
161161
$location,
@@ -165,7 +165,7 @@ function create_cryptokey($projectId, $ring, $key, $location = 'global')
165165
$cryptoKey = new Google_Service_CloudKMS_CryptoKey();
166166
$cryptoKey->setPurpose($purpose);
167167

168-
// create the key for your project
168+
// Create the CryptoKey for your project.
169169
$newKey = $kms->projects_locations_keyRings_cryptoKeys->create(
170170
$parent,
171171
$cryptoKey,
@@ -193,21 +193,21 @@ function create_cryptokey_version($projectId, $ring, $key, $location = 'global')
193193
$client->useApplicationDefaultCredentials();
194194
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
195195

196-
// Create the Cloud KMS client
196+
// Create the Cloud KMS client.
197197
$kms = new Google_Service_CloudKMS($client);
198198

199199
// This will allow the API access to the key for encryption and decryption.
200200
$purpose = 'ENCRYPT_DECRYPT';
201201

202-
// The resource name of the keyring associated with the cryptokey.
202+
// The resource name of the CryptoKey.
203203
$parent = sprintf('projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s',
204204
$projectId,
205205
$location,
206206
$ring,
207207
$key
208208
);
209209

210-
// create the key for your project
210+
// Create the CryptoKey version for your project.
211211
$cryptoKeyVersion = new Google_Service_CloudKMS_CryptoKeyVersion();
212212
$newVersion = $kms->projects_locations_keyRings_cryptoKeys_cryptoKeyVersions
213213
->create($parent, $cryptoKeyVersion);
@@ -233,16 +233,16 @@ function create_keyring($projectId, $ring, $location = 'global')
233233
$client->useApplicationDefaultCredentials();
234234
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
235235

236-
// Create the Cloud KMS client
236+
// Create the Cloud KMS client.
237237
$kms = new Google_Service_CloudKMS($client);
238238

239-
// The resource name of the location associated with the keyring.
239+
// The resource name of the location associated with the KeyRing.
240240
$parent = sprintf('projects/%s/locations/%s',
241241
$projectId,
242242
$location
243243
);
244244

245-
// create the key for your project
245+
// Create the KeyRing for your project.
246246
$keyRing = new Google_Service_CloudKMS_KeyRing();
247247
$kms->projects_locations_keyRings->create(
248248
$parent,
@@ -273,7 +273,7 @@ function encrypt($projectId, $ring, $key, $infile, $outfile, $location = 'global
273273
$client->useApplicationDefaultCredentials();
274274
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
275275

276-
// Create the Cloud KMS client
276+
// Create the Cloud KMS client.
277277
$kms = new Google_Service_CloudKMS($client);
278278

279279
// The resource name of the cryptokey.
@@ -284,16 +284,16 @@ function encrypt($projectId, $ring, $key, $infile, $outfile, $location = 'global
284284
$key
285285
);
286286

287-
// This client library requires we base64 encode binary data.
287+
// Use the KMS API to encrypt the text.
288288
$encoded = base64_encode(file_get_contents($infile));
289-
290289
$request = new Google_Service_CloudKMS_EncryptRequest();
291290
$request->setPlaintext($encoded);
292291
$response = $kms->projects_locations_keyRings_cryptoKeys->encrypt(
293292
$name,
294293
$request
295294
);
296295

296+
// Write the encrypted text to a file.
297297
file_put_contents($outfile, $response['ciphertext']);
298298
printf('Saved encrypted text to %s' . PHP_EOL, $outfile);
299299
}
@@ -318,7 +318,7 @@ function decrypt($projectId, $ring, $key, $infile, $outfile, $location = 'global
318318
$client->useApplicationDefaultCredentials();
319319
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
320320

321-
// Create the Cloud KMS client
321+
// Create the Cloud KMS client.
322322
$kms = new Google_Service_CloudKMS($client);
323323

324324
// The resource name of the cryptokey.
@@ -329,19 +329,18 @@ function decrypt($projectId, $ring, $key, $infile, $outfile, $location = 'global
329329
$key
330330
);
331331

332+
// Use the KMS API to decrypt the text.
332333
$ciphertext = file_get_contents($infile);
333-
334334
$request = new Google_Service_CloudKMS_DecryptRequest();
335335
$request->setCiphertext($ciphertext);
336336
$response = $kms->projects_locations_keyRings_cryptoKeys->decrypt(
337337
$name,
338338
$request
339339
);
340340

341-
// The plaintext response comes back base64 encoded.
341+
// Write the decrypted text to a file.
342342
$plaintext = base64_decode($response['plaintext']);
343343
file_put_contents($outfile, $plaintext);
344-
345344
printf('Saved decrypted text to %s' . PHP_EOL, $outfile);
346345
}
347346
# [END decrypt]
@@ -364,10 +363,10 @@ function destroy_cryptokey_version($projectId, $ring, $key, $version, $location
364363
$client->useApplicationDefaultCredentials();
365364
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
366365

367-
// Create the Cloud KMS client
366+
// Create the Cloud KMS client.
368367
$kms = new Google_Service_CloudKMS($client);
369368

370-
// The resource name of the cryptokey version.
369+
// The resource name of the CryptoKey version.
371370
$parent = sprintf('projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s/cryptoKeyVersions/%s',
372371
$projectId,
373372
$location,
@@ -376,7 +375,7 @@ function destroy_cryptokey_version($projectId, $ring, $key, $version, $location
376375
$version
377376
);
378377

379-
// destroy the cryptokey version
378+
// Destroy the CryptoKey version.
380379
$request = new Google_Service_CloudKMS_DestroyCryptoKeyVersionRequest();
381380
$kms->projects_locations_keyRings_cryptoKeys_cryptoKeyVersions->destroy(
382381
$parent,
@@ -405,10 +404,10 @@ function restore_cryptokey_version($projectId, $ring, $key, $version, $location
405404
$client->useApplicationDefaultCredentials();
406405
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
407406

408-
// Create the Cloud KMS client
407+
// Create the Cloud KMS client.
409408
$kms = new Google_Service_CloudKMS($client);
410409

411-
// The resource name of the cryptokey version.
410+
// The resource name of the CryptoKey version.
412411
$parent = sprintf('projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s/cryptoKeyVersions/%s',
413412
$projectId,
414413
$location,
@@ -417,7 +416,7 @@ function restore_cryptokey_version($projectId, $ring, $key, $version, $location
417416
$version
418417
);
419418

420-
// restore the cryptokey version
419+
// Restore the CryptoKey version.
421420
$request = new Google_Service_CloudKMS_RestoreCryptoKeyVersionRequest();
422421
$kms->projects_locations_keyRings_cryptoKeys_cryptoKeyVersions->restore(
423422
$parent,
@@ -446,10 +445,10 @@ function disable_cryptokey_version($projectId, $ring, $key, $version, $location
446445
$client->useApplicationDefaultCredentials();
447446
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
448447

449-
// Create the Cloud KMS client
448+
// Create the Cloud KMS client.
450449
$kms = new Google_Service_CloudKMS($client);
451450

452-
// The resource name of the keyring associated with the cryptokey.
451+
// The resource name of the KeyRing associated with the CryptoKey.
453452
$parent = sprintf('projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s/cryptoKeyVersions/%s',
454453
$projectId,
455454
$location,
@@ -458,7 +457,7 @@ function disable_cryptokey_version($projectId, $ring, $key, $version, $location
458457
$version
459458
);
460459

461-
// destroy the cryptokey version
460+
// Disable the CryptoKey version.
462461
$cryptoKeyVersion = $kms->projects_locations_keyRings_cryptoKeys_cryptoKeyVersions
463462
->get($parent);
464463
$cryptoKeyVersion->setState('DISABLED');
@@ -491,10 +490,10 @@ function enable_cryptokey_version($projectId, $ring, $key, $version, $location =
491490
$client->useApplicationDefaultCredentials();
492491
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
493492

494-
// Create the Cloud KMS client
493+
// Create the Cloud KMS client.
495494
$kms = new Google_Service_CloudKMS($client);
496495

497-
// The resource name of the keyring associated with the cryptokey.
496+
// The resource name of the KeyRing associated with the CryptoKey.
498497
$parent = sprintf('projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s/cryptoKeyVersions/%s',
499498
$projectId,
500499
$location,
@@ -503,7 +502,7 @@ function enable_cryptokey_version($projectId, $ring, $key, $version, $location =
503502
$version
504503
);
505504

506-
// destroy the cryptokey version
505+
// Enable the CryptoKey version.
507506
$cryptoKeyVersion = $kms->projects_locations_keyRings_cryptoKeys_cryptoKeyVersions
508507
->get($parent);
509508
$cryptoKeyVersion->setState('ENABLED');
@@ -535,10 +534,10 @@ function get_cryptokey_policy($projectId, $ring, $key, $location = 'global')
535534
$client->useApplicationDefaultCredentials();
536535
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
537536

538-
// Create the Cloud KMS client
537+
// Create the Cloud KMS client.
539538
$kms = new Google_Service_CloudKMS($client);
540539

541-
// The resource name of the cryptokey.
540+
// The resource name of the CryptoKey.
542541
$parent = sprintf('projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s',
543542
$projectId,
544543
$location,
@@ -573,7 +572,7 @@ function get_keyring_policy($projectId, $ring, $location = 'global')
573572
$client->useApplicationDefaultCredentials();
574573
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
575574

576-
// Create the Cloud KMS client
575+
// Create the Cloud KMS client.
577576
$kms = new Google_Service_CloudKMS($client);
578577

579578
// The resource name of the location associated with the key rings.
@@ -610,16 +609,15 @@ function get_keyring_policy($projectId, $ring, $location = 'global')
610609
*/
611610
function remove_member_from_cryptokey_policy($projectId, $ring, $key, $member, $role, $location = 'global')
612611
{
613-
// Instantiate the client, authenticate using Application Default Credentials,
614-
// and add the scopes.
612+
// Instantiate the client, authenticate, and add scopes.
615613
$client = new Google_Client();
616614
$client->useApplicationDefaultCredentials();
617615
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
618616

619-
// Create the Cloud KMS client
617+
// Create the Cloud KMS client.
620618
$kms = new Google_Service_CloudKMS($client);
621619

622-
// The resource name of the keyring associated with the cryptokey.
620+
// The resource name of the KeyRing associated with the CryptoKey.
623621
$parent = sprintf('projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s',
624622
$projectId,
625623
$location,
@@ -640,7 +638,7 @@ function remove_member_from_cryptokey_policy($projectId, $ring, $key, $member, $
640638
}
641639
}
642640

643-
// Set the new IAM Policy
641+
// Set the new IAM Policy.
644642
$request = new Google_Service_CloudKMS_SetIamPolicyRequest(['policy' => $policy]);
645643
$kms->projects_locations_keyRings_cryptoKeys->setIamPolicy(
646644
$parent,
@@ -675,10 +673,10 @@ function remove_member_from_keyring_policy($projectId, $ring, $member, $role, $l
675673
$client->useApplicationDefaultCredentials();
676674
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
677675

678-
// Create the Cloud KMS client
676+
// Create the Cloud KMS client.
679677
$kms = new Google_Service_CloudKMS($client);
680678

681-
// The resource name of the location associated with the keyring.
679+
// The resource name of the location associated with the KeyRing.
682680
$parent = sprintf('projects/%s/locations/%s/keyRings/%s',
683681
$projectId,
684682
$location,
@@ -698,7 +696,7 @@ function remove_member_from_keyring_policy($projectId, $ring, $member, $role, $l
698696
}
699697
}
700698

701-
// Set the new IAM Policy
699+
// Set the new IAM Policy.
702700
$request = new Google_Service_CloudKMS_SetIamPolicyRequest(['policy' => $policy]);
703701
$kms->projects_locations_keyRings->setIamPolicy(
704702
$parent,
@@ -729,18 +727,18 @@ function set_cryptokey_primary_version($projectId, $ring, $key, $version, $locat
729727
$client->useApplicationDefaultCredentials();
730728
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
731729

732-
// Create the Cloud KMS client
730+
// Create the Cloud KMS client.
733731
$kms = new Google_Service_CloudKMS($client);
734732

735-
// The resource name of the keyring associated with the cryptokey.
733+
// The resource name of the KeyRing associated with the CryptoKey.
736734
$parent = sprintf('projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s',
737735
$projectId,
738736
$location,
739737
$ring,
740738
$key
741739
);
742740

743-
// Update the primary version.
741+
// Update the CryptoKey primary version.
744742
$request = new Google_Service_CloudKMS_UpdateCryptoKeyPrimaryVersionRequest();
745743
$request->setCryptoKeyVersionId($version);
746744
$cryptoKey = $kms->projects_locations_keyRings_cryptoKeys->updatePrimaryVersion(

0 commit comments

Comments
 (0)