salrashid123

## main.py
# 1. Create KEK in KMS
# 2. Use TinkKey to generate DEK and wrap that with KEK (i.,e encryptedKeyset)
# 3. use python tink to encrypt some data with wrappeed DEK keyset
# 4. Use BQ functions to decrypt data using ciphertext in 3 and EncryptedKeyset in 2


# ref

# https://blog.salrashid.dev/articles/2022/bq_kms/
# https://github.com/salrashid123/tink_samples/

## getsamlassertion.py
#!/usr/bin/python


import base64
import datetime
import getopt

import random
import sys
import time

## gemerate.go
package main

import (
	"bytes"
	"encoding/base64"
	"flag"
	"fmt"
	"math/rand"

	"github.com/google/tink/go/aead"

## decrypt.go
package main

import (
	"bytes"
	"encoding/base64"
	"flag"
	"fmt"

	"github.com/google/tink/go/aead"

## main.py
import httplib2
import google.auth
from apiclient.discovery import build
from oauth2client.service_account import ServiceAccountCredentials
from oauth2client.client import GoogleCredentials
from google.api_core import operations_v1
from google.api_core import operation
from google.auth.transport.requests import AuthorizedSession

project_id = 'yourproject'

## hmacsha.go
package main

import (
	"crypto/hmac"
	"crypto/sha1"
	"encoding/base64"
	"flag"
	"fmt"
	"io"
	"net/http"

## main.go
package main

import (
	"encoding/json"
	"flag"
	"fmt"
	"time"

	"golang.org/x/net/context"

## main.go
package main

/*
grpc Healthcheck from scratch

https://blog.salrashid.dev/articles/2022/grpc_healthcheck_curl/


*/

## xds_client_logs.log
$ go run src/grpc_client.go --host xds:///be-srv

2022/06/04 08:04:55 INFO: [core] [Channel #1] Channel created
2022/06/04 08:04:55 INFO: [core] [Channel #1] original dial target is: "xds:///be-srv"
2022/06/04 08:04:55 INFO: [core] [Channel #1] parsed dial target is: {Scheme:xds Authority: Endpoint:be-srv URL:{Scheme:xds Opaque: User: Host: Path:/be-srv RawPath: ForceQuery:false RawQuery: Fragment: RawFragment:}}
2022/06/04 08:04:55 INFO: [core] [Channel #1] Channel authority set to "be-srv"
2022/06/04 08:04:55 INFO: [xds] [xds-resolver 0xc0003a0cc0] Creating resolver for target: {Scheme:xds Authority: Endpoint:be-srv URL:{Scheme:xds Opaque: User: Host: Path:/be-srv RawPath: ForceQuery:false RawQuery: Fragment: RawFragment:}}
2022/06/04 08:04:55 INFO: [xds] [xds-bootstrap] Bootstrap content: {
  "xds_servers": [
    {

## server_tmpl.yaml
admin:
  access_log_path: /dev/null
  address:
    socket_address:
      address: 127.0.0.1
      port_value: 9000
node:
  cluster: service_greeter
  id: test-id
static_resources:
	# 1. Create KEK in KMS
	# 2. Use TinkKey to generate DEK and wrap that with KEK (i.,e encryptedKeyset)
	# 3. use python tink to encrypt some data with wrappeed DEK keyset
	# 4. Use BQ functions to decrypt data using ciphertext in 3 and EncryptedKeyset in 2


	# ref

	# https://blog.salrashid.dev/articles/2022/bq_kms/
	# https://github.com/salrashid123/tink_samples/
	#!/usr/bin/python


	import base64
	import datetime
	import getopt

	import random
	import sys
	import time
	package main

	import (
	"bytes"
	"encoding/base64"
	"flag"
	"fmt"
	"math/rand"

	"github.com/google/tink/go/aead"
	import httplib2
	import google.auth
	from apiclient.discovery import build
	from oauth2client.service_account import ServiceAccountCredentials
	from oauth2client.client import GoogleCredentials
	from google.api_core import operations_v1
	from google.api_core import operation
	from google.auth.transport.requests import AuthorizedSession

	project_id = 'yourproject'
	package main

	import (
	"crypto/hmac"
	"crypto/sha1"
	"encoding/base64"
	"flag"
	"fmt"
	"io"
	"net/http"
	package main

	import (
	"encoding/json"
	"flag"
	"fmt"
	"time"

	"golang.org/x/net/context"
	package main

	/*
	grpc Healthcheck from scratch

	https://blog.salrashid.dev/articles/2022/grpc_healthcheck_curl/


	*/
	$ go run src/grpc_client.go --host xds:///be-srv

	2022/06/04 08:04:55 INFO: [core] [Channel #1] Channel created
	2022/06/04 08:04:55 INFO: [core] [Channel #1] original dial target is: "xds:///be-srv"
	2022/06/04 08:04:55 INFO: [core] [Channel #1] parsed dial target is: {Scheme:xds Authority: Endpoint:be-srv URL:{Scheme:xds Opaque: User: Host: Path:/be-srv RawPath: ForceQuery:false RawQuery: Fragment: RawFragment:}}
	2022/06/04 08:04:55 INFO: [core] [Channel #1] Channel authority set to "be-srv"
	2022/06/04 08:04:55 INFO: [xds] [xds-resolver 0xc0003a0cc0] Creating resolver for target: {Scheme:xds Authority: Endpoint:be-srv URL:{Scheme:xds Opaque: User: Host: Path:/be-srv RawPath: ForceQuery:false RawQuery: Fragment: RawFragment:}}
	2022/06/04 08:04:55 INFO: [xds] [xds-bootstrap] Bootstrap content: {
	"xds_servers": [
	{
	admin:
	access_log_path: /dev/null
	address:
	socket_address:
	address: 127.0.0.1
	port_value: 9000
	node:
	cluster: service_greeter
	id: test-id
	static_resources: