google-apis-cloudkms_v1 0.10.0 → 0.11.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 71bd3c9051458ac7d43a79d7f4c0cbff5f7e126c6f2373168cd5b87f7d40fb1e
-  data.tar.gz: 3d3b22fdf88d317dce20ddd2cae02dcb834e7cd6c9123c4bf15e86a2195a60dc
+  metadata.gz: d24d53627d68110c7007a55be5249020e3860c727d9305a44f1c24fa286d5261
+  data.tar.gz: 1c5b6e275b1f6ed9ed9b2882029dccacc30d710b1e1b070590a32cea5f8a050b
 SHA512:
-  metadata.gz: ec32db7fd473d81f587816b22e25d29f9653e05b57b47817fe3144e72b08d9c45bce6d88f779b2f5c5f7b9dc3f6e29052099ef8856b59109d3118a3deaea8f8d
-  data.tar.gz: bc040e617bf338288fd11dfb3ed3da321636e8a30a013360367a8a14198fa54d12423bbb675de8f25fbf2f27449e0fd6f010d42550746c1274909a095b1fc757
+  metadata.gz: 719138759639eb2e6d250c68df91e25c16e0fdcbc18035f985e887132c0ff54c4b0a3c59eb9d2ec45d74c1a5da4c1889967e37059181773cdf18ca998f9dba0c
+  data.tar.gz: fd86a96235dcef634dfb5b3946074c6d8819b73bf34872f8999052531fdbdb9c6554c923b2b16392328af0eb5100207f49793ed21178f294ead106e638742a65

data/CHANGELOG.md

@@ -1,5 +1,9 @@
 # Release history for google-apis-cloudkms_v1
 
+### v0.11.0 (2021-07-31)
+
+* Regenerated from discovery document revision 20210723
+
 ### v0.10.0 (2021-07-14)
 
 * Regenerated from discovery document revision 20210702

data/lib/google/apis/cloudkms_v1/classes.rb

@@ -1409,6 +1409,232 @@ module Google
         end
       end
       
+      # Request message for KeyManagementService.MacSign.
+      class MacSignRequest
+        include Google::Apis::Core::Hashable
+      
+        # Required. The data to sign. The MAC tag is computed over this data field based
+        # on the specific algorithm.
+        # Corresponds to the JSON property `data`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :data
+      
+        # Optional. An optional CRC32C checksum of the MacSignRequest.data. If specified,
+        # KeyManagementService will verify the integrity of the received MacSignRequest.
+        # data using this checksum. KeyManagementService will report an error if the
+        # checksum verification fails. If you receive a checksum error, your client
+        # should verify that CRC32C(MacSignRequest.data) is equal to MacSignRequest.
+        # data_crc32c, and if so, perform a limited number of retries. A persistent
+        # mismatch may indicate an issue in your computation of the CRC32C checksum.
+        # Note: This field is defined as int64 for reasons of compatibility across
+        # different languages. However, it is a non-negative integer, which will never
+        # exceed 2^32-1, and can be safely downconverted to uint32 in languages that
+        # support this type.
+        # Corresponds to the JSON property `dataCrc32c`
+        # @return [Fixnum]
+        attr_accessor :data_crc32c
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @data = args[:data] if args.key?(:data)
+          @data_crc32c = args[:data_crc32c] if args.key?(:data_crc32c)
+        end
+      end
+      
+      # Response message for KeyManagementService.MacSign.
+      class MacSignResponse
+        include Google::Apis::Core::Hashable
+      
+        # The created signature.
+        # Corresponds to the JSON property `mac`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :mac
+      
+        # Integrity verification field. A CRC32C checksum of the returned
+        # MacSignResponse.mac. An integrity check of MacSignResponse.mac can be
+        # performed by computing the CRC32C checksum of MacSignResponse.mac and
+        # comparing your results to this field. Discard the response in case of non-
+        # matching checksum values, and perform a limited number of retries. A
+        # persistent mismatch may indicate an issue in your computation of the CRC32C
+        # checksum. Note: This field is defined as int64 for reasons of compatibility
+        # across different languages. However, it is a non-negative integer, which will
+        # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
+        # that support this type.
+        # Corresponds to the JSON property `macCrc32c`
+        # @return [Fixnum]
+        attr_accessor :mac_crc32c
+      
+        # The resource name of the CryptoKeyVersion used for signing. Check this field
+        # to verify that the intended resource was used for signing.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # The ProtectionLevel of the CryptoKeyVersion used for signing.
+        # Corresponds to the JSON property `protectionLevel`
+        # @return [String]
+        attr_accessor :protection_level
+      
+        # Integrity verification field. A flag indicating whether MacSignRequest.
+        # data_crc32c was received by KeyManagementService and used for the integrity
+        # verification of the data. A false value of this field indicates either that
+        # MacSignRequest.data_crc32c was left unset or that it was not delivered to
+        # KeyManagementService. If you've set MacSignRequest.data_crc32c but this field
+        # is still false, discard the response and perform a limited number of retries.
+        # Corresponds to the JSON property `verifiedDataCrc32c`
+        # @return [Boolean]
+        attr_accessor :verified_data_crc32c
+        alias_method :verified_data_crc32c?, :verified_data_crc32c
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @mac = args[:mac] if args.key?(:mac)
+          @mac_crc32c = args[:mac_crc32c] if args.key?(:mac_crc32c)
+          @name = args[:name] if args.key?(:name)
+          @protection_level = args[:protection_level] if args.key?(:protection_level)
+          @verified_data_crc32c = args[:verified_data_crc32c] if args.key?(:verified_data_crc32c)
+        end
+      end
+      
+      # Request message for KeyManagementService.MacVerify.
+      class MacVerifyRequest
+        include Google::Apis::Core::Hashable
+      
+        # Required. The data used previously as a MacSignRequest.data to generate the
+        # MAC tag.
+        # Corresponds to the JSON property `data`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :data
+      
+        # Optional. An optional CRC32C checksum of the MacVerifyRequest.data. If
+        # specified, KeyManagementService will verify the integrity of the received
+        # MacVerifyRequest.data using this checksum. KeyManagementService will report an
+        # error if the checksum verification fails. If you receive a checksum error,
+        # your client should verify that CRC32C(MacVerifyRequest.data) is equal to
+        # MacVerifyRequest.data_crc32c, and if so, perform a limited number of retries.
+        # A persistent mismatch may indicate an issue in your computation of the CRC32C
+        # checksum. Note: This field is defined as int64 for reasons of compatibility
+        # across different languages. However, it is a non-negative integer, which will
+        # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
+        # that support this type.
+        # Corresponds to the JSON property `dataCrc32c`
+        # @return [Fixnum]
+        attr_accessor :data_crc32c
+      
+        # Required. The signature to verify.
+        # Corresponds to the JSON property `mac`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :mac
+      
+        # Optional. An optional CRC32C checksum of the MacVerifyRequest.mac. If
+        # specified, KeyManagementService will verify the integrity of the received
+        # MacVerifyRequest.mac using this checksum. KeyManagementService will report an
+        # error if the checksum verification fails. If you receive a checksum error,
+        # your client should verify that CRC32C(MacVerifyRequest.tag) is equal to
+        # MacVerifyRequest.mac_crc32c, and if so, perform a limited number of retries. A
+        # persistent mismatch may indicate an issue in your computation of the CRC32C
+        # checksum. Note: This field is defined as int64 for reasons of compatibility
+        # across different languages. However, it is a non-negative integer, which will
+        # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
+        # that support this type.
+        # Corresponds to the JSON property `macCrc32c`
+        # @return [Fixnum]
+        attr_accessor :mac_crc32c
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @data = args[:data] if args.key?(:data)
+          @data_crc32c = args[:data_crc32c] if args.key?(:data_crc32c)
+          @mac = args[:mac] if args.key?(:mac)
+          @mac_crc32c = args[:mac_crc32c] if args.key?(:mac_crc32c)
+        end
+      end
+      
+      # Response message for KeyManagementService.MacVerify.
+      class MacVerifyResponse
+        include Google::Apis::Core::Hashable
+      
+        # The resource name of the CryptoKeyVersion used for verification. Check this
+        # field to verify that the intended resource was used for verification.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # The ProtectionLevel of the CryptoKeyVersion used for verification.
+        # Corresponds to the JSON property `protectionLevel`
+        # @return [String]
+        attr_accessor :protection_level
+      
+        # This field indicates whether or not the verification operation for
+        # MacVerifyRequest.mac over MacVerifyRequest.data was successful.
+        # Corresponds to the JSON property `success`
+        # @return [Boolean]
+        attr_accessor :success
+        alias_method :success?, :success
+      
+        # Integrity verification field. A flag indicating whether MacVerifyRequest.
+        # data_crc32c was received by KeyManagementService and used for the integrity
+        # verification of the data. A false value of this field indicates either that
+        # MacVerifyRequest.data_crc32c was left unset or that it was not delivered to
+        # KeyManagementService. If you've set MacVerifyRequest.data_crc32c but this
+        # field is still false, discard the response and perform a limited number of
+        # retries.
+        # Corresponds to the JSON property `verifiedDataCrc32c`
+        # @return [Boolean]
+        attr_accessor :verified_data_crc32c
+        alias_method :verified_data_crc32c?, :verified_data_crc32c
+      
+        # Integrity verification field. A flag indicating whether MacVerifyRequest.
+        # mac_crc32c was received by KeyManagementService and used for the integrity
+        # verification of the data. A false value of this field indicates either that
+        # MacVerifyRequest.mac_crc32c was left unset or that it was not delivered to
+        # KeyManagementService. If you've set MacVerifyRequest.mac_crc32c but this field
+        # is still false, discard the response and perform a limited number of retries.
+        # Corresponds to the JSON property `verifiedMacCrc32c`
+        # @return [Boolean]
+        attr_accessor :verified_mac_crc32c
+        alias_method :verified_mac_crc32c?, :verified_mac_crc32c
+      
+        # Integrity verification field. This value is used for the integrity
+        # verification of [MacVerifyResponse.success]. If the value of this field
+        # contradicts the value of [MacVerifyResponse.success], discard the response and
+        # perform a limited number of retries.
+        # Corresponds to the JSON property `verifiedSuccessIntegrity`
+        # @return [Boolean]
+        attr_accessor :verified_success_integrity
+        alias_method :verified_success_integrity?, :verified_success_integrity
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+          @protection_level = args[:protection_level] if args.key?(:protection_level)
+          @success = args[:success] if args.key?(:success)
+          @verified_data_crc32c = args[:verified_data_crc32c] if args.key?(:verified_data_crc32c)
+          @verified_mac_crc32c = args[:verified_mac_crc32c] if args.key?(:verified_mac_crc32c)
+          @verified_success_integrity = args[:verified_success_integrity] if args.key?(:verified_success_integrity)
+        end
+      end
+      
       # An Identity and Access Management (IAM) policy, which specifies access
       # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
       # A `binding` binds one or more `members` to a single `role`. Members can be

data/lib/google/apis/cloudkms_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module CloudkmsV1
       # Version of the google-apis-cloudkms_v1 gem
-      GEM_VERSION = "0.10.0"
+      GEM_VERSION = "0.11.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.4.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20210702"
+      REVISION = "20210723"
     end
   end
 end

data/lib/google/apis/cloudkms_v1/representations.rb

@@ -202,6 +202,30 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class MacSignRequest
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class MacSignResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class MacVerifyRequest
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class MacVerifyResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class Policy
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -556,6 +580,47 @@ module Google
         end
       end
       
+      class MacSignRequest
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :data, :base64 => true, as: 'data'
+          property :data_crc32c, :numeric_string => true, as: 'dataCrc32c'
+        end
+      end
+      
+      class MacSignResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :mac, :base64 => true, as: 'mac'
+          property :mac_crc32c, :numeric_string => true, as: 'macCrc32c'
+          property :name, as: 'name'
+          property :protection_level, as: 'protectionLevel'
+          property :verified_data_crc32c, as: 'verifiedDataCrc32c'
+        end
+      end
+      
+      class MacVerifyRequest
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :data, :base64 => true, as: 'data'
+          property :data_crc32c, :numeric_string => true, as: 'dataCrc32c'
+          property :mac, :base64 => true, as: 'mac'
+          property :mac_crc32c, :numeric_string => true, as: 'macCrc32c'
+        end
+      end
+      
+      class MacVerifyResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :name, as: 'name'
+          property :protection_level, as: 'protectionLevel'
+          property :success, as: 'success'
+          property :verified_data_crc32c, as: 'verifiedDataCrc32c'
+          property :verified_mac_crc32c, as: 'verifiedMacCrc32c'
+          property :verified_success_integrity, as: 'verifiedSuccessIntegrity'
+        end
+      end
+      
       class Policy
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation

data/lib/google/apis/cloudkms_v1/service.rb

@@ -1036,6 +1036,75 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
+        # Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a
+        # tag that can be verified by another source with the same key.
+        # @param [String] name
+        #   Required. The resource name of the CryptoKeyVersion to use for signing.
+        # @param [Google::Apis::CloudkmsV1::MacSignRequest] mac_sign_request_object
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::CloudkmsV1::MacSignResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::CloudkmsV1::MacSignResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def mac_crypto_key_version_sign(name, mac_sign_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/{+name}:macSign', options)
+          command.request_representation = Google::Apis::CloudkmsV1::MacSignRequest::Representation
+          command.request_object = mac_sign_request_object
+          command.response_representation = Google::Apis::CloudkmsV1::MacSignResponse::Representation
+          command.response_class = Google::Apis::CloudkmsV1::MacSignResponse
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and
+        # returns a response that indicates whether or not the verification was
+        # successful.
+        # @param [String] name
+        #   Required. The resource name of the CryptoKeyVersion to use for verification.
+        # @param [Google::Apis::CloudkmsV1::MacVerifyRequest] mac_verify_request_object
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::CloudkmsV1::MacVerifyResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::CloudkmsV1::MacVerifyResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def mac_crypto_key_version_verify(name, mac_verify_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/{+name}:macVerify', options)
+          command.request_representation = Google::Apis::CloudkmsV1::MacVerifyRequest::Representation
+          command.request_object = mac_verify_request_object
+          command.response_representation = Google::Apis::CloudkmsV1::MacVerifyResponse::Representation
+          command.response_class = Google::Apis::CloudkmsV1::MacVerifyResponse
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
         # Update a CryptoKeyVersion's metadata. state may be changed between ENABLED and
         # DISABLED using this method. See DestroyCryptoKeyVersion and
         # RestoreCryptoKeyVersion to move between other states.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-cloudkms_v1
 version: !ruby/object:Gem::Version
-  version: 0.10.0
+  version: 0.11.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-07-26 00:00:00.000000000 Z
+date: 2021-08-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -58,7 +58,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-cloudkms_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-cloudkms_v1/v0.10.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-cloudkms_v1/v0.11.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-cloudkms_v1
 post_install_message: 
 rdoc_options: []