google-cloud-kms-v1 0.10.2 → 0.13.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +6 -6
- data/README.md +14 -9
- data/lib/google/cloud/kms/v1/ekm_service/client.rb +731 -0
- data/lib/google/cloud/kms/v1/ekm_service/credentials.rb +52 -0
- data/lib/google/cloud/kms/v1/ekm_service/paths.rb +90 -0
- data/lib/google/cloud/kms/v1/ekm_service.rb +53 -0
- data/lib/google/cloud/kms/v1/ekm_service_pb.rb +80 -0
- data/lib/google/cloud/kms/v1/ekm_service_services_pb.rb +57 -0
- data/lib/google/cloud/kms/v1/iam_policy/client.rb +13 -4
- data/lib/google/cloud/kms/v1/iam_policy.rb +2 -1
- data/lib/google/cloud/kms/v1/key_management_service/client.rb +427 -276
- data/lib/google/cloud/kms/v1/resources_pb.rb +12 -2
- data/lib/google/cloud/kms/v1/service_pb.rb +2 -1
- data/lib/google/cloud/kms/v1/service_services_pb.rb +84 -48
- data/lib/google/cloud/kms/v1/version.rb +1 -1
- data/lib/google/cloud/kms/v1.rb +4 -1
- data/proto_docs/google/cloud/kms/v1/ekm_service.rb +226 -0
- data/proto_docs/google/cloud/kms/v1/resources.rb +299 -160
- data/proto_docs/google/cloud/kms/v1/service.rb +653 -412
- data/proto_docs/google/iam/v1/iam_policy.rb +8 -1
- data/proto_docs/google/iam/v1/options.rb +14 -4
- data/proto_docs/google/iam/v1/policy.rb +208 -38
- metadata +23 -22
@@ -21,17 +21,22 @@ module Google
|
|
21
21
|
module Cloud
|
22
22
|
module Kms
|
23
23
|
module V1
|
24
|
-
# Request message for
|
24
|
+
# Request message for
|
25
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_key_rings KeyManagementService.ListKeyRings}.
|
25
26
|
# @!attribute [rw] parent
|
26
27
|
# @return [::String]
|
27
28
|
# Required. The resource name of the location associated with the
|
28
|
-
# {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
|
29
|
+
# {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
|
30
|
+
# `projects/*/locations/*`.
|
29
31
|
# @!attribute [rw] page_size
|
30
32
|
# @return [::Integer]
|
31
|
-
# Optional. Optional limit on the number of
|
32
|
-
#
|
33
|
-
#
|
34
|
-
#
|
33
|
+
# Optional. Optional limit on the number of
|
34
|
+
# {::Google::Cloud::Kms::V1::KeyRing KeyRings} to include in the response. Further
|
35
|
+
# {::Google::Cloud::Kms::V1::KeyRing KeyRings} can subsequently be obtained by
|
36
|
+
# including the
|
37
|
+
# {::Google::Cloud::Kms::V1::ListKeyRingsResponse#next_page_token ListKeyRingsResponse.next_page_token}
|
38
|
+
# in a subsequent request. If unspecified, the server will pick an
|
39
|
+
# appropriate default.
|
35
40
|
# @!attribute [rw] page_token
|
36
41
|
# @return [::String]
|
37
42
|
# Optional. Optional pagination token, returned earlier via
|
@@ -53,17 +58,21 @@ module Google
|
|
53
58
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
54
59
|
end
|
55
60
|
|
56
|
-
# Request message for
|
61
|
+
# Request message for
|
62
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_keys KeyManagementService.ListCryptoKeys}.
|
57
63
|
# @!attribute [rw] parent
|
58
64
|
# @return [::String]
|
59
|
-
# Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
|
60
|
-
# `projects/*/locations/*/keyRings/*`.
|
65
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
|
66
|
+
# to list, in the format `projects/*/locations/*/keyRings/*`.
|
61
67
|
# @!attribute [rw] page_size
|
62
68
|
# @return [::Integer]
|
63
|
-
# Optional. Optional limit on the number of
|
64
|
-
#
|
65
|
-
#
|
66
|
-
#
|
69
|
+
# Optional. Optional limit on the number of
|
70
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} to include in the response.
|
71
|
+
# Further {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} can subsequently be
|
72
|
+
# obtained by including the
|
73
|
+
# {::Google::Cloud::Kms::V1::ListCryptoKeysResponse#next_page_token ListCryptoKeysResponse.next_page_token}
|
74
|
+
# in a subsequent request. If unspecified, the server will pick an
|
75
|
+
# appropriate default.
|
67
76
|
# @!attribute [rw] page_token
|
68
77
|
# @return [::String]
|
69
78
|
# Optional. Optional pagination token, returned earlier via
|
@@ -88,18 +97,22 @@ module Google
|
|
88
97
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
89
98
|
end
|
90
99
|
|
91
|
-
# Request message for
|
100
|
+
# Request message for
|
101
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_key_versions KeyManagementService.ListCryptoKeyVersions}.
|
92
102
|
# @!attribute [rw] parent
|
93
103
|
# @return [::String]
|
94
|
-
# Required. The resource name of the
|
104
|
+
# Required. The resource name of the
|
105
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to list, in the format
|
95
106
|
# `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
|
96
107
|
# @!attribute [rw] page_size
|
97
108
|
# @return [::Integer]
|
98
|
-
# Optional. Optional limit on the number of
|
99
|
-
#
|
100
|
-
#
|
101
|
-
#
|
102
|
-
#
|
109
|
+
# Optional. Optional limit on the number of
|
110
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} to include in the
|
111
|
+
# response. Further {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}
|
112
|
+
# can subsequently be obtained by including the
|
113
|
+
# {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse#next_page_token ListCryptoKeyVersionsResponse.next_page_token}
|
114
|
+
# in a subsequent request. If unspecified, the server will pick an
|
115
|
+
# appropriate default.
|
103
116
|
# @!attribute [rw] page_token
|
104
117
|
# @return [::String]
|
105
118
|
# Optional. Optional pagination token, returned earlier via
|
@@ -124,17 +137,21 @@ module Google
|
|
124
137
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
125
138
|
end
|
126
139
|
|
127
|
-
# Request message for
|
140
|
+
# Request message for
|
141
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_import_jobs KeyManagementService.ListImportJobs}.
|
128
142
|
# @!attribute [rw] parent
|
129
143
|
# @return [::String]
|
130
|
-
# Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
|
131
|
-
# `projects/*/locations/*/keyRings/*`.
|
144
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
|
145
|
+
# to list, in the format `projects/*/locations/*/keyRings/*`.
|
132
146
|
# @!attribute [rw] page_size
|
133
147
|
# @return [::Integer]
|
134
|
-
# Optional. Optional limit on the number of
|
135
|
-
#
|
136
|
-
#
|
137
|
-
#
|
148
|
+
# Optional. Optional limit on the number of
|
149
|
+
# {::Google::Cloud::Kms::V1::ImportJob ImportJobs} to include in the response.
|
150
|
+
# Further {::Google::Cloud::Kms::V1::ImportJob ImportJobs} can subsequently be
|
151
|
+
# obtained by including the
|
152
|
+
# {::Google::Cloud::Kms::V1::ListImportJobsResponse#next_page_token ListImportJobsResponse.next_page_token}
|
153
|
+
# in a subsequent request. If unspecified, the server will pick an
|
154
|
+
# appropriate default.
|
138
155
|
# @!attribute [rw] page_token
|
139
156
|
# @return [::String]
|
140
157
|
# Optional. Optional pagination token, returned earlier via
|
@@ -156,152 +173,180 @@ module Google
|
|
156
173
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
157
174
|
end
|
158
175
|
|
159
|
-
# Response message for
|
176
|
+
# Response message for
|
177
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_key_rings KeyManagementService.ListKeyRings}.
|
160
178
|
# @!attribute [rw] key_rings
|
161
179
|
# @return [::Array<::Google::Cloud::Kms::V1::KeyRing>]
|
162
180
|
# The list of {::Google::Cloud::Kms::V1::KeyRing KeyRings}.
|
163
181
|
# @!attribute [rw] next_page_token
|
164
182
|
# @return [::String]
|
165
183
|
# A token to retrieve next page of results. Pass this value in
|
166
|
-
# {::Google::Cloud::Kms::V1::ListKeyRingsRequest#page_token ListKeyRingsRequest.page_token}
|
184
|
+
# {::Google::Cloud::Kms::V1::ListKeyRingsRequest#page_token ListKeyRingsRequest.page_token}
|
185
|
+
# to retrieve the next page of results.
|
167
186
|
# @!attribute [rw] total_size
|
168
187
|
# @return [::Integer]
|
169
|
-
# The total number of {::Google::Cloud::Kms::V1::KeyRing KeyRings} that matched
|
188
|
+
# The total number of {::Google::Cloud::Kms::V1::KeyRing KeyRings} that matched
|
189
|
+
# the query.
|
170
190
|
class ListKeyRingsResponse
|
171
191
|
include ::Google::Protobuf::MessageExts
|
172
192
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
173
193
|
end
|
174
194
|
|
175
|
-
# Response message for
|
195
|
+
# Response message for
|
196
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_keys KeyManagementService.ListCryptoKeys}.
|
176
197
|
# @!attribute [rw] crypto_keys
|
177
198
|
# @return [::Array<::Google::Cloud::Kms::V1::CryptoKey>]
|
178
199
|
# The list of {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
|
179
200
|
# @!attribute [rw] next_page_token
|
180
201
|
# @return [::String]
|
181
202
|
# A token to retrieve next page of results. Pass this value in
|
182
|
-
# {::Google::Cloud::Kms::V1::ListCryptoKeysRequest#page_token ListCryptoKeysRequest.page_token}
|
203
|
+
# {::Google::Cloud::Kms::V1::ListCryptoKeysRequest#page_token ListCryptoKeysRequest.page_token}
|
204
|
+
# to retrieve the next page of results.
|
183
205
|
# @!attribute [rw] total_size
|
184
206
|
# @return [::Integer]
|
185
|
-
# The total number of {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} that
|
207
|
+
# The total number of {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} that
|
208
|
+
# matched the query.
|
186
209
|
class ListCryptoKeysResponse
|
187
210
|
include ::Google::Protobuf::MessageExts
|
188
211
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
189
212
|
end
|
190
213
|
|
191
|
-
# Response message for
|
214
|
+
# Response message for
|
215
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_key_versions KeyManagementService.ListCryptoKeyVersions}.
|
192
216
|
# @!attribute [rw] crypto_key_versions
|
193
217
|
# @return [::Array<::Google::Cloud::Kms::V1::CryptoKeyVersion>]
|
194
218
|
# The list of {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
|
195
219
|
# @!attribute [rw] next_page_token
|
196
220
|
# @return [::String]
|
197
221
|
# A token to retrieve next page of results. Pass this value in
|
198
|
-
# {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest#page_token ListCryptoKeyVersionsRequest.page_token}
|
199
|
-
# results.
|
222
|
+
# {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest#page_token ListCryptoKeyVersionsRequest.page_token}
|
223
|
+
# to retrieve the next page of results.
|
200
224
|
# @!attribute [rw] total_size
|
201
225
|
# @return [::Integer]
|
202
|
-
# The total number of
|
226
|
+
# The total number of
|
227
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} that matched the
|
203
228
|
# query.
|
204
229
|
class ListCryptoKeyVersionsResponse
|
205
230
|
include ::Google::Protobuf::MessageExts
|
206
231
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
207
232
|
end
|
208
233
|
|
209
|
-
# Response message for
|
234
|
+
# Response message for
|
235
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_import_jobs KeyManagementService.ListImportJobs}.
|
210
236
|
# @!attribute [rw] import_jobs
|
211
237
|
# @return [::Array<::Google::Cloud::Kms::V1::ImportJob>]
|
212
238
|
# The list of {::Google::Cloud::Kms::V1::ImportJob ImportJobs}.
|
213
239
|
# @!attribute [rw] next_page_token
|
214
240
|
# @return [::String]
|
215
241
|
# A token to retrieve next page of results. Pass this value in
|
216
|
-
# {::Google::Cloud::Kms::V1::ListImportJobsRequest#page_token ListImportJobsRequest.page_token}
|
242
|
+
# {::Google::Cloud::Kms::V1::ListImportJobsRequest#page_token ListImportJobsRequest.page_token}
|
243
|
+
# to retrieve the next page of results.
|
217
244
|
# @!attribute [rw] total_size
|
218
245
|
# @return [::Integer]
|
219
|
-
# The total number of {::Google::Cloud::Kms::V1::ImportJob ImportJobs} that
|
246
|
+
# The total number of {::Google::Cloud::Kms::V1::ImportJob ImportJobs} that
|
247
|
+
# matched the query.
|
220
248
|
class ListImportJobsResponse
|
221
249
|
include ::Google::Protobuf::MessageExts
|
222
250
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
223
251
|
end
|
224
252
|
|
225
|
-
# Request message for
|
253
|
+
# Request message for
|
254
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_key_ring KeyManagementService.GetKeyRing}.
|
226
255
|
# @!attribute [rw] name
|
227
256
|
# @return [::String]
|
228
|
-
# Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
|
257
|
+
# Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
|
258
|
+
# {::Google::Cloud::Kms::V1::KeyRing KeyRing} to get.
|
229
259
|
class GetKeyRingRequest
|
230
260
|
include ::Google::Protobuf::MessageExts
|
231
261
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
232
262
|
end
|
233
263
|
|
234
|
-
# Request message for
|
264
|
+
# Request message for
|
265
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_crypto_key KeyManagementService.GetCryptoKey}.
|
235
266
|
# @!attribute [rw] name
|
236
267
|
# @return [::String]
|
237
|
-
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
268
|
+
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
269
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to get.
|
238
270
|
class GetCryptoKeyRequest
|
239
271
|
include ::Google::Protobuf::MessageExts
|
240
272
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
241
273
|
end
|
242
274
|
|
243
|
-
# Request message for
|
275
|
+
# Request message for
|
276
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_crypto_key_version KeyManagementService.GetCryptoKeyVersion}.
|
244
277
|
# @!attribute [rw] name
|
245
278
|
# @return [::String]
|
246
|
-
# Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
|
279
|
+
# Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
|
280
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to get.
|
247
281
|
class GetCryptoKeyVersionRequest
|
248
282
|
include ::Google::Protobuf::MessageExts
|
249
283
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
250
284
|
end
|
251
285
|
|
252
|
-
# Request message for
|
286
|
+
# Request message for
|
287
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_public_key KeyManagementService.GetPublicKey}.
|
253
288
|
# @!attribute [rw] name
|
254
289
|
# @return [::String]
|
255
|
-
# Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
|
256
|
-
# get.
|
290
|
+
# Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
|
291
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} public key to get.
|
257
292
|
class GetPublicKeyRequest
|
258
293
|
include ::Google::Protobuf::MessageExts
|
259
294
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
260
295
|
end
|
261
296
|
|
262
|
-
# Request message for
|
297
|
+
# Request message for
|
298
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_import_job KeyManagementService.GetImportJob}.
|
263
299
|
# @!attribute [rw] name
|
264
300
|
# @return [::String]
|
265
|
-
# Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
|
301
|
+
# Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
|
302
|
+
# {::Google::Cloud::Kms::V1::ImportJob ImportJob} to get.
|
266
303
|
class GetImportJobRequest
|
267
304
|
include ::Google::Protobuf::MessageExts
|
268
305
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
269
306
|
end
|
270
307
|
|
271
|
-
# Request message for
|
308
|
+
# Request message for
|
309
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_key_ring KeyManagementService.CreateKeyRing}.
|
272
310
|
# @!attribute [rw] parent
|
273
311
|
# @return [::String]
|
274
312
|
# Required. The resource name of the location associated with the
|
275
|
-
# {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
|
313
|
+
# {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
|
314
|
+
# `projects/*/locations/*`.
|
276
315
|
# @!attribute [rw] key_ring_id
|
277
316
|
# @return [::String]
|
278
317
|
# Required. It must be unique within a location and match the regular
|
279
318
|
# expression `[a-zA-Z0-9_-]{1,63}`
|
280
319
|
# @!attribute [rw] key_ring
|
281
320
|
# @return [::Google::Cloud::Kms::V1::KeyRing]
|
282
|
-
# Required. A {::Google::Cloud::Kms::V1::KeyRing KeyRing} with initial field
|
321
|
+
# Required. A {::Google::Cloud::Kms::V1::KeyRing KeyRing} with initial field
|
322
|
+
# values.
|
283
323
|
class CreateKeyRingRequest
|
284
324
|
include ::Google::Protobuf::MessageExts
|
285
325
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
286
326
|
end
|
287
327
|
|
288
|
-
# Request message for
|
328
|
+
# Request message for
|
329
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_crypto_key KeyManagementService.CreateCryptoKey}.
|
289
330
|
# @!attribute [rw] parent
|
290
331
|
# @return [::String]
|
291
|
-
# Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the KeyRing
|
292
|
-
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
|
332
|
+
# Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the KeyRing
|
333
|
+
# associated with the {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
|
293
334
|
# @!attribute [rw] crypto_key_id
|
294
335
|
# @return [::String]
|
295
336
|
# Required. It must be unique within a KeyRing and match the regular
|
296
337
|
# expression `[a-zA-Z0-9_-]{1,63}`
|
297
338
|
# @!attribute [rw] crypto_key
|
298
339
|
# @return [::Google::Cloud::Kms::V1::CryptoKey]
|
299
|
-
# Required. A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with initial field
|
340
|
+
# Required. A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with initial field
|
341
|
+
# values.
|
300
342
|
# @!attribute [rw] skip_initial_version_creation
|
301
343
|
# @return [::Boolean]
|
302
|
-
# If set to true, the request will create a
|
303
|
-
# {::Google::Cloud::Kms::V1::
|
304
|
-
# {::Google::Cloud::Kms::V1::
|
344
|
+
# If set to true, the request will create a
|
345
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} without any
|
346
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}. You must
|
347
|
+
# manually call
|
348
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_crypto_key_version CreateCryptoKeyVersion}
|
349
|
+
# or
|
305
350
|
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#import_crypto_key_version ImportCryptoKeyVersion}
|
306
351
|
# before you can use this {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
307
352
|
class CreateCryptoKeyRequest
|
@@ -309,53 +354,65 @@ module Google
|
|
309
354
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
310
355
|
end
|
311
356
|
|
312
|
-
# Request message for
|
357
|
+
# Request message for
|
358
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_crypto_key_version KeyManagementService.CreateCryptoKeyVersion}.
|
313
359
|
# @!attribute [rw] parent
|
314
360
|
# @return [::String]
|
315
|
-
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
316
|
-
#
|
361
|
+
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
362
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with the
|
363
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
|
317
364
|
# @!attribute [rw] crypto_key_version
|
318
365
|
# @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
|
319
|
-
# Required. A {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
|
366
|
+
# Required. A {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
|
367
|
+
# initial field values.
|
320
368
|
class CreateCryptoKeyVersionRequest
|
321
369
|
include ::Google::Protobuf::MessageExts
|
322
370
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
323
371
|
end
|
324
372
|
|
325
|
-
# Request message for
|
373
|
+
# Request message for
|
374
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#import_crypto_key_version KeyManagementService.ImportCryptoKeyVersion}.
|
326
375
|
# @!attribute [rw] parent
|
327
376
|
# @return [::String]
|
328
|
-
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
377
|
+
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
378
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to be imported into.
|
329
379
|
#
|
330
380
|
# The create permission is only required on this key when creating a new
|
331
381
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
|
332
382
|
# @!attribute [rw] crypto_key_version
|
333
383
|
# @return [::String]
|
334
|
-
# Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of
|
335
|
-
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to
|
336
|
-
# If this field is not present, a new
|
384
|
+
# Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of
|
385
|
+
# an existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to
|
386
|
+
# target for an import operation. If this field is not present, a new
|
387
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} containing the
|
337
388
|
# supplied key material is created.
|
338
389
|
#
|
339
390
|
# If this field is present, the supplied key material is imported into
|
340
|
-
# the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To
|
341
|
-
#
|
342
|
-
# {::Google::Cloud::Kms::V1::
|
343
|
-
#
|
344
|
-
# {::Google::Cloud::Kms::V1::
|
391
|
+
# the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To
|
392
|
+
# import into an existing
|
393
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}, the
|
394
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} must be a child of
|
395
|
+
# {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#parent ImportCryptoKeyVersionRequest.parent},
|
396
|
+
# have been previously created via [ImportCryptoKeyVersion][], and be in
|
397
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED}
|
398
|
+
# or
|
345
399
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::IMPORT_FAILED IMPORT_FAILED}
|
346
400
|
# state. The key material and algorithm must match the previous
|
347
|
-
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the
|
401
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the
|
402
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} has ever contained
|
348
403
|
# key material.
|
349
404
|
# @!attribute [rw] algorithm
|
350
405
|
# @return [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm]
|
351
|
-
# Required. The
|
352
|
-
#
|
353
|
-
#
|
354
|
-
#
|
406
|
+
# Required. The
|
407
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm algorithm}
|
408
|
+
# of the key being imported. This does not need to match the
|
409
|
+
# {::Google::Cloud::Kms::V1::CryptoKey#version_template version_template} of the
|
410
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} this version imports into.
|
355
411
|
# @!attribute [rw] import_job
|
356
412
|
# @return [::String]
|
357
|
-
# Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
|
358
|
-
# wrap this key
|
413
|
+
# Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
|
414
|
+
# {::Google::Cloud::Kms::V1::ImportJob ImportJob} that was used to wrap this key
|
415
|
+
# material.
|
359
416
|
# @!attribute [rw] rsa_aes_wrapped_key
|
360
417
|
# @return [::String]
|
361
418
|
# Wrapped key material produced with
|
@@ -366,8 +423,9 @@ module Google
|
|
366
423
|
# This field contains the concatenation of two wrapped keys:
|
367
424
|
# <ol>
|
368
425
|
# <li>An ephemeral AES-256 wrapping key wrapped with the
|
369
|
-
# {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using
|
370
|
-
# MGF1 with SHA-1, and an
|
426
|
+
# {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using
|
427
|
+
# RSAES-OAEP with SHA-1/SHA-256, MGF1 with SHA-1/SHA-256, and an
|
428
|
+
# empty label.
|
371
429
|
# </li>
|
372
430
|
# <li>The key to be imported, wrapped with the ephemeral AES-256 key
|
373
431
|
# using AES-KWP (RFC 5649).
|
@@ -386,10 +444,12 @@ module Google
|
|
386
444
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
387
445
|
end
|
388
446
|
|
389
|
-
# Request message for
|
447
|
+
# Request message for
|
448
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_import_job KeyManagementService.CreateImportJob}.
|
390
449
|
# @!attribute [rw] parent
|
391
450
|
# @return [::String]
|
392
|
-
# Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
|
451
|
+
# Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
|
452
|
+
# {::Google::Cloud::Kms::V1::KeyRing KeyRing} associated with the
|
393
453
|
# {::Google::Cloud::Kms::V1::ImportJob ImportJobs}.
|
394
454
|
# @!attribute [rw] import_job_id
|
395
455
|
# @return [::String]
|
@@ -397,13 +457,15 @@ module Google
|
|
397
457
|
# expression `[a-zA-Z0-9_-]{1,63}`
|
398
458
|
# @!attribute [rw] import_job
|
399
459
|
# @return [::Google::Cloud::Kms::V1::ImportJob]
|
400
|
-
# Required. An {::Google::Cloud::Kms::V1::ImportJob ImportJob} with initial field
|
460
|
+
# Required. An {::Google::Cloud::Kms::V1::ImportJob ImportJob} with initial field
|
461
|
+
# values.
|
401
462
|
class CreateImportJobRequest
|
402
463
|
include ::Google::Protobuf::MessageExts
|
403
464
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
404
465
|
end
|
405
466
|
|
406
|
-
# Request message for
|
467
|
+
# Request message for
|
468
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key KeyManagementService.UpdateCryptoKey}.
|
407
469
|
# @!attribute [rw] crypto_key
|
408
470
|
# @return [::Google::Cloud::Kms::V1::CryptoKey]
|
409
471
|
# Required. {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with updated values.
|
@@ -415,10 +477,12 @@ module Google
|
|
415
477
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
416
478
|
end
|
417
479
|
|
418
|
-
# Request message for
|
480
|
+
# Request message for
|
481
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key_version KeyManagementService.UpdateCryptoKeyVersion}.
|
419
482
|
# @!attribute [rw] crypto_key_version
|
420
483
|
# @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
|
421
|
-
# Required. {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
|
484
|
+
# Required. {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
|
485
|
+
# updated values.
|
422
486
|
# @!attribute [rw] update_mask
|
423
487
|
# @return [::Google::Protobuf::FieldMask]
|
424
488
|
# Required. List of fields to be updated in this request.
|
@@ -427,106 +491,132 @@ module Google
|
|
427
491
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
428
492
|
end
|
429
493
|
|
430
|
-
# Request message for
|
494
|
+
# Request message for
|
495
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key_primary_version KeyManagementService.UpdateCryptoKeyPrimaryVersion}.
|
431
496
|
# @!attribute [rw] name
|
432
497
|
# @return [::String]
|
433
|
-
# Required. The resource name of the
|
498
|
+
# Required. The resource name of the
|
499
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
|
434
500
|
# @!attribute [rw] crypto_key_version_id
|
435
501
|
# @return [::String]
|
436
|
-
# Required. The id of the child
|
502
|
+
# Required. The id of the child
|
503
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
|
437
504
|
class UpdateCryptoKeyPrimaryVersionRequest
|
438
505
|
include ::Google::Protobuf::MessageExts
|
439
506
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
440
507
|
end
|
441
508
|
|
442
|
-
# Request message for
|
509
|
+
# Request message for
|
510
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#destroy_crypto_key_version KeyManagementService.DestroyCryptoKeyVersion}.
|
443
511
|
# @!attribute [rw] name
|
444
512
|
# @return [::String]
|
445
|
-
# Required. The resource name of the
|
513
|
+
# Required. The resource name of the
|
514
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
|
446
515
|
class DestroyCryptoKeyVersionRequest
|
447
516
|
include ::Google::Protobuf::MessageExts
|
448
517
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
449
518
|
end
|
450
519
|
|
451
|
-
# Request message for
|
520
|
+
# Request message for
|
521
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#restore_crypto_key_version KeyManagementService.RestoreCryptoKeyVersion}.
|
452
522
|
# @!attribute [rw] name
|
453
523
|
# @return [::String]
|
454
|
-
# Required. The resource name of the
|
524
|
+
# Required. The resource name of the
|
525
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
|
455
526
|
class RestoreCryptoKeyVersionRequest
|
456
527
|
include ::Google::Protobuf::MessageExts
|
457
528
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
458
529
|
end
|
459
530
|
|
460
|
-
# Request message for
|
531
|
+
# Request message for
|
532
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt KeyManagementService.Encrypt}.
|
461
533
|
# @!attribute [rw] name
|
462
534
|
# @return [::String]
|
463
|
-
# Required. The resource name of the
|
464
|
-
#
|
535
|
+
# Required. The resource name of the
|
536
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} or
|
537
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
538
|
+
# encryption.
|
465
539
|
#
|
466
|
-
# If a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} is specified, the server
|
467
|
-
# {::Google::Cloud::Kms::V1::CryptoKey#primary primary version}.
|
540
|
+
# If a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} is specified, the server
|
541
|
+
# will use its {::Google::Cloud::Kms::V1::CryptoKey#primary primary version}.
|
468
542
|
# @!attribute [rw] plaintext
|
469
543
|
# @return [::String]
|
470
544
|
# Required. The data to encrypt. Must be no larger than 64KiB.
|
471
545
|
#
|
472
546
|
# The maximum size depends on the key version's
|
473
|
-
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
474
|
-
# {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the
|
475
|
-
#
|
476
|
-
#
|
477
|
-
#
|
547
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
548
|
+
# For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the
|
549
|
+
# plaintext must be no larger than 64KiB. For
|
550
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
|
551
|
+
# the plaintext and additional_authenticated_data fields must be no larger
|
552
|
+
# than 8KiB.
|
478
553
|
# @!attribute [rw] additional_authenticated_data
|
479
554
|
# @return [::String]
|
480
|
-
# Optional. Optional data that, if specified, must also be provided during
|
481
|
-
# through
|
555
|
+
# Optional. Optional data that, if specified, must also be provided during
|
556
|
+
# decryption through
|
557
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}.
|
482
558
|
#
|
483
559
|
# The maximum size depends on the key version's
|
484
|
-
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
485
|
-
# {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the AAD
|
486
|
-
#
|
487
|
-
#
|
488
|
-
#
|
560
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
561
|
+
# For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the AAD
|
562
|
+
# must be no larger than 64KiB. For
|
563
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
|
564
|
+
# the plaintext and additional_authenticated_data fields must be no larger
|
565
|
+
# than 8KiB.
|
489
566
|
# @!attribute [rw] plaintext_crc32c
|
490
567
|
# @return [::Google::Protobuf::Int64Value]
|
491
|
-
# Optional. An optional CRC32C checksum of the
|
492
|
-
#
|
493
|
-
#
|
494
|
-
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
495
|
-
#
|
496
|
-
#
|
497
|
-
#
|
498
|
-
#
|
499
|
-
# the
|
500
|
-
#
|
501
|
-
#
|
502
|
-
#
|
503
|
-
#
|
568
|
+
# Optional. An optional CRC32C checksum of the
|
569
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
|
570
|
+
# If specified,
|
571
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
572
|
+
# verify the integrity of the received
|
573
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}
|
574
|
+
# using this checksum.
|
575
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
576
|
+
# report an error if the checksum verification fails. If you receive a
|
577
|
+
# checksum error, your client should verify that
|
578
|
+
# CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext})
|
579
|
+
# is equal to
|
580
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c},
|
581
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
582
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
583
|
+
# field is defined as int64 for reasons of compatibility across different
|
584
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
585
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
586
|
+
# this type.
|
504
587
|
# @!attribute [rw] additional_authenticated_data_crc32c
|
505
588
|
# @return [::Google::Protobuf::Int64Value]
|
506
589
|
# Optional. An optional CRC32C checksum of the
|
507
|
-
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
|
508
|
-
#
|
509
|
-
# {::Google::Cloud::Kms::V1::
|
510
|
-
#
|
511
|
-
#
|
512
|
-
#
|
513
|
-
# {::Google::Cloud::Kms::V1::
|
514
|
-
#
|
515
|
-
# your
|
516
|
-
#
|
517
|
-
#
|
518
|
-
#
|
519
|
-
#
|
590
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
|
591
|
+
# If specified,
|
592
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
593
|
+
# verify the integrity of the received
|
594
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}
|
595
|
+
# using this checksum.
|
596
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
597
|
+
# report an error if the checksum verification fails. If you receive a
|
598
|
+
# checksum error, your client should verify that
|
599
|
+
# CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data})
|
600
|
+
# is equal to
|
601
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c},
|
602
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
603
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
604
|
+
# field is defined as int64 for reasons of compatibility across different
|
605
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
606
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
607
|
+
# this type.
|
520
608
|
class EncryptRequest
|
521
609
|
include ::Google::Protobuf::MessageExts
|
522
610
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
523
611
|
end
|
524
612
|
|
525
|
-
# Request message for
|
613
|
+
# Request message for
|
614
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt KeyManagementService.Decrypt}.
|
526
615
|
# @!attribute [rw] name
|
527
616
|
# @return [::String]
|
528
|
-
# Required. The resource name of the
|
529
|
-
#
|
617
|
+
# Required. The resource name of the
|
618
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to use for decryption. The
|
619
|
+
# server will choose the appropriate version.
|
530
620
|
# @!attribute [rw] ciphertext
|
531
621
|
# @return [::String]
|
532
622
|
# Required. The encrypted data originally returned in
|
@@ -537,193 +627,253 @@ module Google
|
|
537
627
|
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
|
538
628
|
# @!attribute [rw] ciphertext_crc32c
|
539
629
|
# @return [::Google::Protobuf::Int64Value]
|
540
|
-
# Optional. An optional CRC32C checksum of the
|
541
|
-
#
|
542
|
-
#
|
543
|
-
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
544
|
-
#
|
545
|
-
#
|
546
|
-
#
|
547
|
-
#
|
548
|
-
#
|
549
|
-
#
|
550
|
-
#
|
551
|
-
#
|
552
|
-
#
|
630
|
+
# Optional. An optional CRC32C checksum of the
|
631
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}.
|
632
|
+
# If specified,
|
633
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
634
|
+
# verify the integrity of the received
|
635
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}
|
636
|
+
# using this checksum.
|
637
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
638
|
+
# report an error if the checksum verification fails. If you receive a
|
639
|
+
# checksum error, your client should verify that
|
640
|
+
# CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext})
|
641
|
+
# is equal to
|
642
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext_crc32c DecryptRequest.ciphertext_crc32c},
|
643
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
644
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
645
|
+
# field is defined as int64 for reasons of compatibility across different
|
646
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
647
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
648
|
+
# this type.
|
553
649
|
# @!attribute [rw] additional_authenticated_data_crc32c
|
554
650
|
# @return [::Google::Protobuf::Int64Value]
|
555
651
|
# Optional. An optional CRC32C checksum of the
|
556
|
-
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}.
|
557
|
-
#
|
558
|
-
# {::Google::Cloud::Kms::V1::
|
559
|
-
#
|
560
|
-
#
|
561
|
-
#
|
562
|
-
# {::Google::Cloud::Kms::V1::
|
563
|
-
#
|
564
|
-
# your
|
565
|
-
#
|
566
|
-
#
|
567
|
-
#
|
568
|
-
#
|
652
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}.
|
653
|
+
# If specified,
|
654
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
655
|
+
# verify the integrity of the received
|
656
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}
|
657
|
+
# using this checksum.
|
658
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
659
|
+
# report an error if the checksum verification fails. If you receive a
|
660
|
+
# checksum error, your client should verify that
|
661
|
+
# CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data})
|
662
|
+
# is equal to
|
663
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data_crc32c DecryptRequest.additional_authenticated_data_crc32c},
|
664
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
665
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
666
|
+
# field is defined as int64 for reasons of compatibility across different
|
667
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
668
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
669
|
+
# this type.
|
569
670
|
class DecryptRequest
|
570
671
|
include ::Google::Protobuf::MessageExts
|
571
672
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
572
673
|
end
|
573
674
|
|
574
|
-
# Request message for
|
675
|
+
# Request message for
|
676
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_sign KeyManagementService.AsymmetricSign}.
|
575
677
|
# @!attribute [rw] name
|
576
678
|
# @return [::String]
|
577
|
-
# Required. The resource name of the
|
679
|
+
# Required. The resource name of the
|
680
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
681
|
+
# signing.
|
578
682
|
# @!attribute [rw] digest
|
579
683
|
# @return [::Google::Cloud::Kms::V1::Digest]
|
580
684
|
# Optional. The digest of the data to sign. The digest must be produced with
|
581
685
|
# the same digest algorithm as specified by the key version's
|
582
686
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersion#algorithm algorithm}.
|
687
|
+
#
|
688
|
+
# This field may not be supplied if
|
689
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}
|
690
|
+
# is supplied.
|
583
691
|
# @!attribute [rw] digest_crc32c
|
584
692
|
# @return [::Google::Protobuf::Int64Value]
|
585
|
-
# Optional. An optional CRC32C checksum of the
|
586
|
-
#
|
587
|
-
#
|
588
|
-
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
589
|
-
#
|
590
|
-
#
|
591
|
-
#
|
592
|
-
#
|
593
|
-
#
|
594
|
-
#
|
595
|
-
#
|
596
|
-
#
|
597
|
-
#
|
693
|
+
# Optional. An optional CRC32C checksum of the
|
694
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}.
|
695
|
+
# If specified,
|
696
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
697
|
+
# verify the integrity of the received
|
698
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}
|
699
|
+
# using this checksum.
|
700
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
701
|
+
# report an error if the checksum verification fails. If you receive a
|
702
|
+
# checksum error, your client should verify that
|
703
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest})
|
704
|
+
# is equal to
|
705
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c},
|
706
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
707
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
708
|
+
# field is defined as int64 for reasons of compatibility across different
|
709
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
710
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
711
|
+
# this type.
|
598
712
|
# @!attribute [rw] data
|
599
713
|
# @return [::String]
|
600
|
-
# Optional.
|
601
|
-
#
|
602
|
-
#
|
714
|
+
# Optional. The data to sign.
|
715
|
+
# It can't be supplied if
|
716
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}
|
717
|
+
# is supplied.
|
603
718
|
# @!attribute [rw] data_crc32c
|
604
719
|
# @return [::Google::Protobuf::Int64Value]
|
605
|
-
# Optional. An optional CRC32C checksum of the
|
606
|
-
#
|
607
|
-
#
|
608
|
-
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
609
|
-
#
|
610
|
-
#
|
611
|
-
#
|
612
|
-
#
|
613
|
-
#
|
614
|
-
#
|
615
|
-
#
|
616
|
-
#
|
617
|
-
#
|
720
|
+
# Optional. An optional CRC32C checksum of the
|
721
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}.
|
722
|
+
# If specified,
|
723
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
724
|
+
# verify the integrity of the received
|
725
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}
|
726
|
+
# using this checksum.
|
727
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
728
|
+
# report an error if the checksum verification fails. If you receive a
|
729
|
+
# checksum error, your client should verify that
|
730
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data})
|
731
|
+
# is equal to
|
732
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c},
|
733
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
734
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
735
|
+
# field is defined as int64 for reasons of compatibility across different
|
736
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
737
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
738
|
+
# this type.
|
618
739
|
class AsymmetricSignRequest
|
619
740
|
include ::Google::Protobuf::MessageExts
|
620
741
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
621
742
|
end
|
622
743
|
|
623
|
-
# Request message for
|
744
|
+
# Request message for
|
745
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_decrypt KeyManagementService.AsymmetricDecrypt}.
|
624
746
|
# @!attribute [rw] name
|
625
747
|
# @return [::String]
|
626
|
-
# Required. The resource name of the
|
748
|
+
# Required. The resource name of the
|
749
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
627
750
|
# decryption.
|
628
751
|
# @!attribute [rw] ciphertext
|
629
752
|
# @return [::String]
|
630
|
-
# Required. The data encrypted with the named
|
631
|
-
# key using
|
753
|
+
# Required. The data encrypted with the named
|
754
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s public key using
|
755
|
+
# OAEP.
|
632
756
|
# @!attribute [rw] ciphertext_crc32c
|
633
757
|
# @return [::Google::Protobuf::Int64Value]
|
634
|
-
# Optional. An optional CRC32C checksum of the
|
635
|
-
#
|
636
|
-
#
|
637
|
-
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
638
|
-
#
|
639
|
-
#
|
640
|
-
#
|
641
|
-
#
|
642
|
-
#
|
643
|
-
#
|
644
|
-
#
|
645
|
-
#
|
646
|
-
#
|
758
|
+
# Optional. An optional CRC32C checksum of the
|
759
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}.
|
760
|
+
# If specified,
|
761
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
762
|
+
# verify the integrity of the received
|
763
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}
|
764
|
+
# using this checksum.
|
765
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
766
|
+
# report an error if the checksum verification fails. If you receive a
|
767
|
+
# checksum error, your client should verify that
|
768
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext})
|
769
|
+
# is equal to
|
770
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c},
|
771
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
772
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
773
|
+
# field is defined as int64 for reasons of compatibility across different
|
774
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
775
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
776
|
+
# this type.
|
647
777
|
class AsymmetricDecryptRequest
|
648
778
|
include ::Google::Protobuf::MessageExts
|
649
779
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
650
780
|
end
|
651
781
|
|
652
|
-
# Request message for
|
782
|
+
# Request message for
|
783
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
|
653
784
|
# @!attribute [rw] name
|
654
785
|
# @return [::String]
|
655
|
-
# Required. The resource name of the
|
786
|
+
# Required. The resource name of the
|
787
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
788
|
+
# signing.
|
656
789
|
# @!attribute [rw] data
|
657
790
|
# @return [::String]
|
658
|
-
# Required. The data to sign. The MAC tag is computed over this data field
|
659
|
-
# the specific algorithm.
|
791
|
+
# Required. The data to sign. The MAC tag is computed over this data field
|
792
|
+
# based on the specific algorithm.
|
660
793
|
# @!attribute [rw] data_crc32c
|
661
794
|
# @return [::Google::Protobuf::Int64Value]
|
662
|
-
# Optional. An optional CRC32C checksum of the
|
663
|
-
#
|
664
|
-
#
|
665
|
-
#
|
666
|
-
#
|
667
|
-
#
|
668
|
-
#
|
669
|
-
#
|
670
|
-
#
|
671
|
-
#
|
672
|
-
#
|
673
|
-
#
|
674
|
-
#
|
795
|
+
# Optional. An optional CRC32C checksum of the
|
796
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}. If
|
797
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
|
798
|
+
# will verify the integrity of the received
|
799
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} using this
|
800
|
+
# checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
|
801
|
+
# will report an error if the checksum verification fails. If you receive a
|
802
|
+
# checksum error, your client should verify that
|
803
|
+
# CRC32C({::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}) is
|
804
|
+
# equal to
|
805
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c},
|
806
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
807
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
808
|
+
# field is defined as int64 for reasons of compatibility across different
|
809
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
810
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
811
|
+
# this type.
|
675
812
|
class MacSignRequest
|
676
813
|
include ::Google::Protobuf::MessageExts
|
677
814
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
678
815
|
end
|
679
816
|
|
680
|
-
# Request message for
|
817
|
+
# Request message for
|
818
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
|
681
819
|
# @!attribute [rw] name
|
682
820
|
# @return [::String]
|
683
|
-
# Required. The resource name of the
|
821
|
+
# Required. The resource name of the
|
822
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
823
|
+
# verification.
|
684
824
|
# @!attribute [rw] data
|
685
825
|
# @return [::String]
|
686
|
-
# Required. The data used previously as a
|
687
|
-
#
|
826
|
+
# Required. The data used previously as a
|
827
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} to generate
|
828
|
+
# the MAC tag.
|
688
829
|
# @!attribute [rw] data_crc32c
|
689
830
|
# @return [::Google::Protobuf::Int64Value]
|
690
|
-
# Optional. An optional CRC32C checksum of the
|
691
|
-
#
|
692
|
-
#
|
693
|
-
#
|
694
|
-
#
|
695
|
-
#
|
696
|
-
# {::Google::Cloud::Kms::V1::
|
697
|
-
#
|
698
|
-
#
|
699
|
-
#
|
700
|
-
#
|
701
|
-
#
|
702
|
-
#
|
831
|
+
# Optional. An optional CRC32C checksum of the
|
832
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}. If
|
833
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
|
834
|
+
# will verify the integrity of the received
|
835
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} using
|
836
|
+
# this checksum.
|
837
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
838
|
+
# report an error if the checksum verification fails. If you receive a
|
839
|
+
# checksum error, your client should verify that
|
840
|
+
# CRC32C({::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data})
|
841
|
+
# is equal to
|
842
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c},
|
843
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
844
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
845
|
+
# field is defined as int64 for reasons of compatibility across different
|
846
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
847
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
848
|
+
# this type.
|
703
849
|
# @!attribute [rw] mac
|
704
850
|
# @return [::String]
|
705
851
|
# Required. The signature to verify.
|
706
852
|
# @!attribute [rw] mac_crc32c
|
707
853
|
# @return [::Google::Protobuf::Int64Value]
|
708
|
-
# Optional. An optional CRC32C checksum of the
|
709
|
-
#
|
710
|
-
#
|
711
|
-
#
|
712
|
-
#
|
854
|
+
# Optional. An optional CRC32C checksum of the
|
855
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac}. If
|
856
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
|
857
|
+
# will verify the integrity of the received
|
858
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} using this
|
859
|
+
# checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
|
860
|
+
# will report an error if the checksum verification fails. If you receive a
|
861
|
+
# checksum error, your client should verify that
|
713
862
|
# CRC32C([MacVerifyRequest.tag][]) is equal to
|
714
|
-
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c},
|
715
|
-
# number of retries. A persistent mismatch may
|
716
|
-
# computation of the CRC32C checksum.
|
717
|
-
#
|
718
|
-
#
|
719
|
-
#
|
720
|
-
#
|
863
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c},
|
864
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
865
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
866
|
+
# field is defined as int64 for reasons of compatibility across different
|
867
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
868
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
869
|
+
# this type.
|
721
870
|
class MacVerifyRequest
|
722
871
|
include ::Google::Protobuf::MessageExts
|
723
872
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
724
873
|
end
|
725
874
|
|
726
|
-
# Request message for
|
875
|
+
# Request message for
|
876
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
|
727
877
|
# @!attribute [rw] location
|
728
878
|
# @return [::String]
|
729
879
|
# The project-specific location in which to generate random bytes.
|
@@ -734,246 +884,329 @@ module Google
|
|
734
884
|
# bytes, maximum 1024 bytes.
|
735
885
|
# @!attribute [rw] protection_level
|
736
886
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
737
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when
|
738
|
-
#
|
887
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when
|
888
|
+
# generating the random data. Currently, only
|
889
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} protection level is
|
890
|
+
# supported.
|
739
891
|
class GenerateRandomBytesRequest
|
740
892
|
include ::Google::Protobuf::MessageExts
|
741
893
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
742
894
|
end
|
743
895
|
|
744
|
-
# Response message for
|
896
|
+
# Response message for
|
897
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt KeyManagementService.Encrypt}.
|
745
898
|
# @!attribute [rw] name
|
746
899
|
# @return [::String]
|
747
|
-
# The resource name of the
|
748
|
-
#
|
900
|
+
# The resource name of the
|
901
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in
|
902
|
+
# encryption. Check this field to verify that the intended resource was used
|
903
|
+
# for encryption.
|
749
904
|
# @!attribute [rw] ciphertext
|
750
905
|
# @return [::String]
|
751
906
|
# The encrypted data.
|
752
907
|
# @!attribute [rw] ciphertext_crc32c
|
753
908
|
# @return [::Google::Protobuf::Int64Value]
|
754
909
|
# Integrity verification field. A CRC32C checksum of the returned
|
755
|
-
# {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}.
|
756
|
-
#
|
757
|
-
#
|
758
|
-
#
|
759
|
-
#
|
760
|
-
#
|
761
|
-
#
|
762
|
-
#
|
763
|
-
#
|
764
|
-
#
|
910
|
+
# {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}.
|
911
|
+
# An integrity check of
|
912
|
+
# {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}
|
913
|
+
# can be performed by computing the CRC32C checksum of
|
914
|
+
# {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}
|
915
|
+
# and comparing your results to this field. Discard the response in case of
|
916
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
917
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
918
|
+
# checksum. Note: This field is defined as int64 for reasons of compatibility
|
919
|
+
# across different languages. However, it is a non-negative integer, which
|
920
|
+
# will never exceed 2^32-1, and can be safely downconverted to uint32 in
|
921
|
+
# languages that support this type.
|
765
922
|
# @!attribute [rw] verified_plaintext_crc32c
|
766
923
|
# @return [::Boolean]
|
767
924
|
# Integrity verification field. A flag indicating whether
|
768
|
-
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}
|
769
|
-
#
|
770
|
-
# {::Google::Cloud::Kms::V1::
|
771
|
-
#
|
772
|
-
#
|
773
|
-
#
|
774
|
-
#
|
925
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}
|
926
|
+
# was received by
|
927
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
928
|
+
# for the integrity verification of the
|
929
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext plaintext}. A false value of
|
930
|
+
# this field indicates either that
|
931
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}
|
932
|
+
# was left unset or that it was not delivered to
|
933
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
934
|
+
# set
|
935
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}
|
936
|
+
# but this field is still false, discard the response and perform a limited
|
937
|
+
# number of retries.
|
775
938
|
# @!attribute [rw] verified_additional_authenticated_data_crc32c
|
776
939
|
# @return [::Boolean]
|
777
940
|
# Integrity verification field. A flag indicating whether
|
778
|
-
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}
|
779
|
-
#
|
780
|
-
# {::Google::Cloud::Kms::V1::
|
781
|
-
#
|
782
|
-
# {::Google::Cloud::Kms::V1::EncryptRequest#
|
783
|
-
#
|
784
|
-
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}
|
785
|
-
#
|
941
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}
|
942
|
+
# was received by
|
943
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
944
|
+
# for the integrity verification of the
|
945
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data AAD}. A
|
946
|
+
# false value of this field indicates either that
|
947
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}
|
948
|
+
# was left unset or that it was not delivered to
|
949
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
950
|
+
# set
|
951
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}
|
952
|
+
# but this field is still false, discard the response and perform a limited
|
953
|
+
# number of retries.
|
786
954
|
# @!attribute [rw] protection_level
|
787
955
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
788
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
956
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
957
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in
|
958
|
+
# encryption.
|
789
959
|
class EncryptResponse
|
790
960
|
include ::Google::Protobuf::MessageExts
|
791
961
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
792
962
|
end
|
793
963
|
|
794
|
-
# Response message for
|
964
|
+
# Response message for
|
965
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt KeyManagementService.Decrypt}.
|
795
966
|
# @!attribute [rw] plaintext
|
796
967
|
# @return [::String]
|
797
|
-
# The decrypted data originally supplied in
|
968
|
+
# The decrypted data originally supplied in
|
969
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
|
798
970
|
# @!attribute [rw] plaintext_crc32c
|
799
971
|
# @return [::Google::Protobuf::Int64Value]
|
800
972
|
# Integrity verification field. A CRC32C checksum of the returned
|
801
|
-
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}.
|
802
|
-
#
|
803
|
-
#
|
804
|
-
#
|
805
|
-
#
|
806
|
-
#
|
807
|
-
#
|
808
|
-
#
|
809
|
-
# Note:
|
810
|
-
#
|
811
|
-
#
|
812
|
-
#
|
973
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}.
|
974
|
+
# An integrity check of
|
975
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}
|
976
|
+
# can be performed by computing the CRC32C checksum of
|
977
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}
|
978
|
+
# and comparing your results to this field. Discard the response in case of
|
979
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
980
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
981
|
+
# checksum. Note: receiving this response message indicates that
|
982
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} is able to
|
983
|
+
# successfully decrypt the
|
984
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext ciphertext}. Note: This
|
985
|
+
# field is defined as int64 for reasons of compatibility across different
|
986
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
987
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
988
|
+
# this type.
|
813
989
|
# @!attribute [rw] used_primary
|
814
990
|
# @return [::Boolean]
|
815
991
|
# Whether the Decryption was performed using the primary key version.
|
816
992
|
# @!attribute [rw] protection_level
|
817
993
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
818
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
994
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
995
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in
|
996
|
+
# decryption.
|
819
997
|
class DecryptResponse
|
820
998
|
include ::Google::Protobuf::MessageExts
|
821
999
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
822
1000
|
end
|
823
1001
|
|
824
|
-
# Response message for
|
1002
|
+
# Response message for
|
1003
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_sign KeyManagementService.AsymmetricSign}.
|
825
1004
|
# @!attribute [rw] signature
|
826
1005
|
# @return [::String]
|
827
1006
|
# The created signature.
|
828
1007
|
# @!attribute [rw] signature_crc32c
|
829
1008
|
# @return [::Google::Protobuf::Int64Value]
|
830
1009
|
# Integrity verification field. A CRC32C checksum of the returned
|
831
|
-
# {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}.
|
832
|
-
#
|
833
|
-
#
|
834
|
-
#
|
835
|
-
#
|
836
|
-
#
|
837
|
-
#
|
838
|
-
#
|
839
|
-
#
|
840
|
-
#
|
1010
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}.
|
1011
|
+
# An integrity check of
|
1012
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}
|
1013
|
+
# can be performed by computing the CRC32C checksum of
|
1014
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}
|
1015
|
+
# and comparing your results to this field. Discard the response in case of
|
1016
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
1017
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
1018
|
+
# checksum. Note: This field is defined as int64 for reasons of compatibility
|
1019
|
+
# across different languages. However, it is a non-negative integer, which
|
1020
|
+
# will never exceed 2^32-1, and can be safely downconverted to uint32 in
|
1021
|
+
# languages that support this type.
|
841
1022
|
# @!attribute [rw] verified_digest_crc32c
|
842
1023
|
# @return [::Boolean]
|
843
1024
|
# Integrity verification field. A flag indicating whether
|
844
|
-
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}
|
845
|
-
#
|
846
|
-
# {::Google::Cloud::Kms::V1::
|
847
|
-
#
|
848
|
-
#
|
849
|
-
#
|
850
|
-
#
|
1025
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}
|
1026
|
+
# was received by
|
1027
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
1028
|
+
# for the integrity verification of the
|
1029
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest digest}. A false value
|
1030
|
+
# of this field indicates either that
|
1031
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}
|
1032
|
+
# was left unset or that it was not delivered to
|
1033
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
1034
|
+
# set
|
1035
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}
|
1036
|
+
# but this field is still false, discard the response and perform a limited
|
1037
|
+
# number of retries.
|
851
1038
|
# @!attribute [rw] name
|
852
1039
|
# @return [::String]
|
853
|
-
# The resource name of the
|
854
|
-
#
|
1040
|
+
# The resource name of the
|
1041
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
|
1042
|
+
# Check this field to verify that the intended resource was used for signing.
|
855
1043
|
# @!attribute [rw] verified_data_crc32c
|
856
1044
|
# @return [::Boolean]
|
857
1045
|
# Integrity verification field. A flag indicating whether
|
858
|
-
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c}
|
859
|
-
#
|
860
|
-
# {::Google::Cloud::Kms::V1::
|
861
|
-
#
|
862
|
-
#
|
863
|
-
#
|
864
|
-
#
|
1046
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c}
|
1047
|
+
# was received by
|
1048
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
1049
|
+
# for the integrity verification of the
|
1050
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data data}. A false value of
|
1051
|
+
# this field indicates either that
|
1052
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c}
|
1053
|
+
# was left unset or that it was not delivered to
|
1054
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
1055
|
+
# set
|
1056
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c}
|
1057
|
+
# but this field is still false, discard the response and perform a limited
|
1058
|
+
# number of retries.
|
865
1059
|
# @!attribute [rw] protection_level
|
866
1060
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
867
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
1061
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
1062
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
|
868
1063
|
class AsymmetricSignResponse
|
869
1064
|
include ::Google::Protobuf::MessageExts
|
870
1065
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
871
1066
|
end
|
872
1067
|
|
873
|
-
# Response message for
|
1068
|
+
# Response message for
|
1069
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_decrypt KeyManagementService.AsymmetricDecrypt}.
|
874
1070
|
# @!attribute [rw] plaintext
|
875
1071
|
# @return [::String]
|
876
1072
|
# The decrypted data originally encrypted with the matching public key.
|
877
1073
|
# @!attribute [rw] plaintext_crc32c
|
878
1074
|
# @return [::Google::Protobuf::Int64Value]
|
879
1075
|
# Integrity verification field. A CRC32C checksum of the returned
|
880
|
-
# {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}.
|
881
|
-
#
|
882
|
-
#
|
883
|
-
#
|
884
|
-
#
|
885
|
-
#
|
886
|
-
#
|
887
|
-
#
|
888
|
-
#
|
889
|
-
#
|
1076
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}.
|
1077
|
+
# An integrity check of
|
1078
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}
|
1079
|
+
# can be performed by computing the CRC32C checksum of
|
1080
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}
|
1081
|
+
# and comparing your results to this field. Discard the response in case of
|
1082
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
1083
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
1084
|
+
# checksum. Note: This field is defined as int64 for reasons of compatibility
|
1085
|
+
# across different languages. However, it is a non-negative integer, which
|
1086
|
+
# will never exceed 2^32-1, and can be safely downconverted to uint32 in
|
1087
|
+
# languages that support this type.
|
890
1088
|
# @!attribute [rw] verified_ciphertext_crc32c
|
891
1089
|
# @return [::Boolean]
|
892
1090
|
# Integrity verification field. A flag indicating whether
|
893
|
-
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
|
894
|
-
#
|
895
|
-
# {::Google::Cloud::Kms::V1::
|
896
|
-
#
|
897
|
-
#
|
898
|
-
#
|
899
|
-
#
|
1091
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
|
1092
|
+
# was received by
|
1093
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
1094
|
+
# for the integrity verification of the
|
1095
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext ciphertext}. A
|
1096
|
+
# false value of this field indicates either that
|
1097
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
|
1098
|
+
# was left unset or that it was not delivered to
|
1099
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
1100
|
+
# set
|
1101
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
|
1102
|
+
# but this field is still false, discard the response and perform a limited
|
1103
|
+
# number of retries.
|
900
1104
|
# @!attribute [rw] protection_level
|
901
1105
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
902
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
1106
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
1107
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in
|
1108
|
+
# decryption.
|
903
1109
|
class AsymmetricDecryptResponse
|
904
1110
|
include ::Google::Protobuf::MessageExts
|
905
1111
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
906
1112
|
end
|
907
1113
|
|
908
|
-
# Response message for
|
1114
|
+
# Response message for
|
1115
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
|
909
1116
|
# @!attribute [rw] name
|
910
1117
|
# @return [::String]
|
911
|
-
# The resource name of the
|
912
|
-
#
|
1118
|
+
# The resource name of the
|
1119
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
|
1120
|
+
# Check this field to verify that the intended resource was used for signing.
|
913
1121
|
# @!attribute [rw] mac
|
914
1122
|
# @return [::String]
|
915
1123
|
# The created signature.
|
916
1124
|
# @!attribute [rw] mac_crc32c
|
917
1125
|
# @return [::Google::Protobuf::Int64Value]
|
918
1126
|
# Integrity verification field. A CRC32C checksum of the returned
|
919
|
-
# {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac}. An
|
920
|
-
#
|
921
|
-
#
|
922
|
-
#
|
923
|
-
#
|
924
|
-
#
|
925
|
-
#
|
926
|
-
#
|
927
|
-
#
|
928
|
-
#
|
1127
|
+
# {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac}. An
|
1128
|
+
# integrity check of
|
1129
|
+
# {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} can be
|
1130
|
+
# performed by computing the CRC32C checksum of
|
1131
|
+
# {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} and
|
1132
|
+
# comparing your results to this field. Discard the response in case of
|
1133
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
1134
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
1135
|
+
# checksum. Note: This field is defined as int64 for reasons of compatibility
|
1136
|
+
# across different languages. However, it is a non-negative integer, which
|
1137
|
+
# will never exceed 2^32-1, and can be safely downconverted to uint32 in
|
1138
|
+
# languages that support this type.
|
929
1139
|
# @!attribute [rw] verified_data_crc32c
|
930
1140
|
# @return [::Boolean]
|
931
1141
|
# Integrity verification field. A flag indicating whether
|
932
|
-
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}
|
933
|
-
#
|
934
|
-
# {::Google::Cloud::Kms::V1::
|
935
|
-
#
|
936
|
-
#
|
937
|
-
#
|
938
|
-
#
|
1142
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}
|
1143
|
+
# was received by
|
1144
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
1145
|
+
# for the integrity verification of the
|
1146
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data data}. A false value of this
|
1147
|
+
# field indicates either that
|
1148
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}
|
1149
|
+
# was left unset or that it was not delivered to
|
1150
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
1151
|
+
# set
|
1152
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}
|
1153
|
+
# but this field is still false, discard the response and perform a limited
|
1154
|
+
# number of retries.
|
939
1155
|
# @!attribute [rw] protection_level
|
940
1156
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
941
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
1157
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
1158
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
|
942
1159
|
class MacSignResponse
|
943
1160
|
include ::Google::Protobuf::MessageExts
|
944
1161
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
945
1162
|
end
|
946
1163
|
|
947
|
-
# Response message for
|
1164
|
+
# Response message for
|
1165
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
|
948
1166
|
# @!attribute [rw] name
|
949
1167
|
# @return [::String]
|
950
|
-
# The resource name of the
|
951
|
-
#
|
952
|
-
# verification.
|
1168
|
+
# The resource name of the
|
1169
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for
|
1170
|
+
# verification. Check this field to verify that the intended resource was
|
1171
|
+
# used for verification.
|
953
1172
|
# @!attribute [rw] success
|
954
1173
|
# @return [::Boolean]
|
955
1174
|
# This field indicates whether or not the verification operation for
|
956
|
-
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} over
|
1175
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} over
|
1176
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} was
|
1177
|
+
# successful.
|
957
1178
|
# @!attribute [rw] verified_data_crc32c
|
958
1179
|
# @return [::Boolean]
|
959
1180
|
# Integrity verification field. A flag indicating whether
|
960
|
-
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}
|
961
|
-
#
|
962
|
-
# {::Google::Cloud::Kms::V1::
|
963
|
-
#
|
964
|
-
#
|
965
|
-
#
|
966
|
-
#
|
1181
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}
|
1182
|
+
# was received by
|
1183
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
1184
|
+
# for the integrity verification of the
|
1185
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data data}. A false value of this
|
1186
|
+
# field indicates either that
|
1187
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}
|
1188
|
+
# was left unset or that it was not delivered to
|
1189
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
1190
|
+
# set
|
1191
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}
|
1192
|
+
# but this field is still false, discard the response and perform a limited
|
1193
|
+
# number of retries.
|
967
1194
|
# @!attribute [rw] verified_mac_crc32c
|
968
1195
|
# @return [::Boolean]
|
969
1196
|
# Integrity verification field. A flag indicating whether
|
970
|
-
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}
|
971
|
-
#
|
972
|
-
# {::Google::Cloud::Kms::V1::
|
973
|
-
#
|
974
|
-
#
|
975
|
-
#
|
976
|
-
#
|
1197
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}
|
1198
|
+
# was received by
|
1199
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
1200
|
+
# for the integrity verification of the
|
1201
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac data}. A false value of this
|
1202
|
+
# field indicates either that
|
1203
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}
|
1204
|
+
# was left unset or that it was not delivered to
|
1205
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
1206
|
+
# set
|
1207
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}
|
1208
|
+
# but this field is still false, discard the response and perform a limited
|
1209
|
+
# number of retries.
|
977
1210
|
# @!attribute [rw] verified_success_integrity
|
978
1211
|
# @return [::Boolean]
|
979
1212
|
# Integrity verification field. This value is used for the integrity
|
@@ -982,29 +1215,34 @@ module Google
|
|
982
1215
|
# and perform a limited number of retries.
|
983
1216
|
# @!attribute [rw] protection_level
|
984
1217
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
985
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
1218
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
1219
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for
|
1220
|
+
# verification.
|
986
1221
|
class MacVerifyResponse
|
987
1222
|
include ::Google::Protobuf::MessageExts
|
988
1223
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
989
1224
|
end
|
990
1225
|
|
991
|
-
# Response message for
|
1226
|
+
# Response message for
|
1227
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
|
992
1228
|
# @!attribute [rw] data
|
993
1229
|
# @return [::String]
|
994
1230
|
# The generated data.
|
995
1231
|
# @!attribute [rw] data_crc32c
|
996
1232
|
# @return [::Google::Protobuf::Int64Value]
|
997
1233
|
# Integrity verification field. A CRC32C checksum of the returned
|
998
|
-
# {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}.
|
999
|
-
#
|
1000
|
-
#
|
1001
|
-
#
|
1002
|
-
#
|
1003
|
-
#
|
1004
|
-
#
|
1005
|
-
#
|
1006
|
-
#
|
1007
|
-
#
|
1234
|
+
# {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}.
|
1235
|
+
# An integrity check of
|
1236
|
+
# {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}
|
1237
|
+
# can be performed by computing the CRC32C checksum of
|
1238
|
+
# {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}
|
1239
|
+
# and comparing your results to this field. Discard the response in case of
|
1240
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
1241
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
1242
|
+
# checksum. Note: This field is defined as int64 for reasons of compatibility
|
1243
|
+
# across different languages. However, it is a non-negative integer, which
|
1244
|
+
# will never exceed 2^32-1, and can be safely downconverted to uint32 in
|
1245
|
+
# languages that support this type.
|
1008
1246
|
class GenerateRandomBytesResponse
|
1009
1247
|
include ::Google::Protobuf::MessageExts
|
1010
1248
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -1025,17 +1263,20 @@ module Google
|
|
1025
1263
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
1026
1264
|
end
|
1027
1265
|
|
1028
|
-
# Cloud KMS metadata for the given
|
1266
|
+
# Cloud KMS metadata for the given
|
1267
|
+
# [google.cloud.location.Location][google.cloud.location.Location].
|
1029
1268
|
# @!attribute [rw] hsm_available
|
1030
1269
|
# @return [::Boolean]
|
1031
1270
|
# Indicates whether {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with
|
1032
1271
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}
|
1033
|
-
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} can be created in this
|
1272
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} can be created in this
|
1273
|
+
# location.
|
1034
1274
|
# @!attribute [rw] ekm_available
|
1035
1275
|
# @return [::Boolean]
|
1036
1276
|
# Indicates whether {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with
|
1037
1277
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}
|
1038
|
-
# {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL} can be created in
|
1278
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL} can be created in
|
1279
|
+
# this location.
|
1039
1280
|
class LocationMetadata
|
1040
1281
|
include ::Google::Protobuf::MessageExts
|
1041
1282
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|