我正试图从KMS中获取加密密钥,以便从数据库中加密或解密数据。这个错误表明,关键目的是错误的。我的用例的实际关键目的应该是什么?
FAILED_PRECONDITION: Operation requested for Key projects/myproject67567/locations/global/keyRings/test/cryptoKeys/test/cryptoKeyVersions/1 has incorrect key purpose: ENCRYPT_DECRYPT
请帮
public PublicKey fetchKey() {
try {
KeyManagementServiceSettings keyManagementServiceSettings =
KeyManagementServiceSettings.newBuilder()
.setCredentialsProvider(FixedCredentialsProvider.create(GoogleCredentials.getApplicationDefault()
.createScoped(Collections.singleton("https://www.googleapis.com/auth/cloudkms"))))
.build();
KeyManagementServiceClient client =
KeyManagementServiceClient.create(keyManagementServiceSettings);
CryptoKeyVersionName keyVersionName =
CryptoKeyVersionName.of("myproject67567", "global", "test",
"test", "1");
// Get the public key.
PublicKey publicKey = client.getPublicKey(keyVersionName);
return publicKey;
}catch (Exception e){
throw new Exception(e);
}
}
对称密钥是KMS内部的,不能导出。您看到此错误的原因是您正在尝试从对称密钥导出公钥(非对称)(目的是ENCRYPT_DECRYPT)。