- 
                Notifications
    You must be signed in to change notification settings 
- Fork 1.8k
feat(cloudkms): Add code samples for KMS KEMs. #5391
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(cloudkms): Add code samples for KMS KEMs. #5391
Conversation
| Here is the summary of changes. You are about to add 2 region tags.
 This comment is generated by snippet-bot. 
 | 
| Summary of ChangesHello @iontzialla, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request introduces practical Go code samples demonstrating the use of Key Encapsulation Mechanisms (KEMs) with Google Cloud KMS. It provides examples for both the encapsulation of a shared secret using a public key from KMS and the subsequent decapsulation of the resulting ciphertext using a corresponding private key managed by KMS. This enhancement allows developers to integrate post-quantum cryptography features more easily, supported by an essential update to the underlying KMS client library. Highlights
 Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either  
 Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a  Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
 | 
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code Review
This pull request introduces useful code samples for Key Encapsulation Mechanisms (KEMs) in Cloud KMS. The implementation is solid, but I've identified a few areas for improvement to enhance code quality, efficiency, and correctness. My feedback includes suggestions to address code duplication and inefficiency in CRC32C calculations, clarify misleading error messages in data integrity checks, and handle cryptographic outputs more safely. These changes will make the samples more robust and maintainable.
One sample for encapsulation and one for decapsulation. Also, updating the KMS Client version to the latest one (previous ones don't have support for these new APIs).
53814c3    to
    55c2802      
    Compare
  
    
One sample for encapsulation and one for decapsulation. Also, updating the KMS Client version to the latest one (previous ones don't have support for these new APIs).
Description
Fixes #
Note: Before submitting a pull request, please open an issue for discussion if you are not associated with Google.
Checklist
go test -v ./..(see Testing)gofmt(see Formatting)go vet(see Formatting)