google-cloud-kms-v1 0.10.2 → 0.13.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -21,17 +21,22 @@ module Google
21
21
  module Cloud
22
22
  module Kms
23
23
  module V1
24
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_key_rings KeyManagementService.ListKeyRings}.
24
+ # Request message for
25
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_key_rings KeyManagementService.ListKeyRings}.
25
26
  # @!attribute [rw] parent
26
27
  # @return [::String]
27
28
  # Required. The resource name of the location associated with the
28
- # {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format `projects/*/locations/*`.
29
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
30
+ # `projects/*/locations/*`.
29
31
  # @!attribute [rw] page_size
30
32
  # @return [::Integer]
31
- # Optional. Optional limit on the number of {::Google::Cloud::Kms::V1::KeyRing KeyRings} to include in the
32
- # response. Further {::Google::Cloud::Kms::V1::KeyRing KeyRings} can subsequently be obtained by
33
- # including the {::Google::Cloud::Kms::V1::ListKeyRingsResponse#next_page_token ListKeyRingsResponse.next_page_token} in a subsequent
34
- # request. If unspecified, the server will pick an appropriate default.
33
+ # Optional. Optional limit on the number of
34
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRings} to include in the response. Further
35
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRings} can subsequently be obtained by
36
+ # including the
37
+ # {::Google::Cloud::Kms::V1::ListKeyRingsResponse#next_page_token ListKeyRingsResponse.next_page_token}
38
+ # in a subsequent request. If unspecified, the server will pick an
39
+ # appropriate default.
35
40
  # @!attribute [rw] page_token
36
41
  # @return [::String]
37
42
  # Optional. Optional pagination token, returned earlier via
@@ -53,17 +58,21 @@ module Google
53
58
  extend ::Google::Protobuf::MessageExts::ClassMethods
54
59
  end
55
60
 
56
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_keys KeyManagementService.ListCryptoKeys}.
61
+ # Request message for
62
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_keys KeyManagementService.ListCryptoKeys}.
57
63
  # @!attribute [rw] parent
58
64
  # @return [::String]
59
- # Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing} to list, in the format
60
- # `projects/*/locations/*/keyRings/*`.
65
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
66
+ # to list, in the format `projects/*/locations/*/keyRings/*`.
61
67
  # @!attribute [rw] page_size
62
68
  # @return [::Integer]
63
- # Optional. Optional limit on the number of {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} to include in the
64
- # response. Further {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} can subsequently be obtained by
65
- # including the {::Google::Cloud::Kms::V1::ListCryptoKeysResponse#next_page_token ListCryptoKeysResponse.next_page_token} in a subsequent
66
- # request. If unspecified, the server will pick an appropriate default.
69
+ # Optional. Optional limit on the number of
70
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} to include in the response.
71
+ # Further {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} can subsequently be
72
+ # obtained by including the
73
+ # {::Google::Cloud::Kms::V1::ListCryptoKeysResponse#next_page_token ListCryptoKeysResponse.next_page_token}
74
+ # in a subsequent request. If unspecified, the server will pick an
75
+ # appropriate default.
67
76
  # @!attribute [rw] page_token
68
77
  # @return [::String]
69
78
  # Optional. Optional pagination token, returned earlier via
@@ -88,18 +97,22 @@ module Google
88
97
  extend ::Google::Protobuf::MessageExts::ClassMethods
89
98
  end
90
99
 
91
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_key_versions KeyManagementService.ListCryptoKeyVersions}.
100
+ # Request message for
101
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_key_versions KeyManagementService.ListCryptoKeyVersions}.
92
102
  # @!attribute [rw] parent
93
103
  # @return [::String]
94
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to list, in the format
104
+ # Required. The resource name of the
105
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to list, in the format
95
106
  # `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
96
107
  # @!attribute [rw] page_size
97
108
  # @return [::Integer]
98
- # Optional. Optional limit on the number of {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} to
99
- # include in the response. Further {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} can
100
- # subsequently be obtained by including the
101
- # {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse#next_page_token ListCryptoKeyVersionsResponse.next_page_token} in a subsequent request.
102
- # If unspecified, the server will pick an appropriate default.
109
+ # Optional. Optional limit on the number of
110
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} to include in the
111
+ # response. Further {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}
112
+ # can subsequently be obtained by including the
113
+ # {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse#next_page_token ListCryptoKeyVersionsResponse.next_page_token}
114
+ # in a subsequent request. If unspecified, the server will pick an
115
+ # appropriate default.
103
116
  # @!attribute [rw] page_token
104
117
  # @return [::String]
105
118
  # Optional. Optional pagination token, returned earlier via
@@ -124,17 +137,21 @@ module Google
124
137
  extend ::Google::Protobuf::MessageExts::ClassMethods
125
138
  end
126
139
 
127
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_import_jobs KeyManagementService.ListImportJobs}.
140
+ # Request message for
141
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_import_jobs KeyManagementService.ListImportJobs}.
128
142
  # @!attribute [rw] parent
129
143
  # @return [::String]
130
- # Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing} to list, in the format
131
- # `projects/*/locations/*/keyRings/*`.
144
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
145
+ # to list, in the format `projects/*/locations/*/keyRings/*`.
132
146
  # @!attribute [rw] page_size
133
147
  # @return [::Integer]
134
- # Optional. Optional limit on the number of {::Google::Cloud::Kms::V1::ImportJob ImportJobs} to include in the
135
- # response. Further {::Google::Cloud::Kms::V1::ImportJob ImportJobs} can subsequently be obtained by
136
- # including the {::Google::Cloud::Kms::V1::ListImportJobsResponse#next_page_token ListImportJobsResponse.next_page_token} in a subsequent
137
- # request. If unspecified, the server will pick an appropriate default.
148
+ # Optional. Optional limit on the number of
149
+ # {::Google::Cloud::Kms::V1::ImportJob ImportJobs} to include in the response.
150
+ # Further {::Google::Cloud::Kms::V1::ImportJob ImportJobs} can subsequently be
151
+ # obtained by including the
152
+ # {::Google::Cloud::Kms::V1::ListImportJobsResponse#next_page_token ListImportJobsResponse.next_page_token}
153
+ # in a subsequent request. If unspecified, the server will pick an
154
+ # appropriate default.
138
155
  # @!attribute [rw] page_token
139
156
  # @return [::String]
140
157
  # Optional. Optional pagination token, returned earlier via
@@ -156,152 +173,180 @@ module Google
156
173
  extend ::Google::Protobuf::MessageExts::ClassMethods
157
174
  end
158
175
 
159
- # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_key_rings KeyManagementService.ListKeyRings}.
176
+ # Response message for
177
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_key_rings KeyManagementService.ListKeyRings}.
160
178
  # @!attribute [rw] key_rings
161
179
  # @return [::Array<::Google::Cloud::Kms::V1::KeyRing>]
162
180
  # The list of {::Google::Cloud::Kms::V1::KeyRing KeyRings}.
163
181
  # @!attribute [rw] next_page_token
164
182
  # @return [::String]
165
183
  # A token to retrieve next page of results. Pass this value in
166
- # {::Google::Cloud::Kms::V1::ListKeyRingsRequest#page_token ListKeyRingsRequest.page_token} to retrieve the next page of results.
184
+ # {::Google::Cloud::Kms::V1::ListKeyRingsRequest#page_token ListKeyRingsRequest.page_token}
185
+ # to retrieve the next page of results.
167
186
  # @!attribute [rw] total_size
168
187
  # @return [::Integer]
169
- # The total number of {::Google::Cloud::Kms::V1::KeyRing KeyRings} that matched the query.
188
+ # The total number of {::Google::Cloud::Kms::V1::KeyRing KeyRings} that matched
189
+ # the query.
170
190
  class ListKeyRingsResponse
171
191
  include ::Google::Protobuf::MessageExts
172
192
  extend ::Google::Protobuf::MessageExts::ClassMethods
173
193
  end
174
194
 
175
- # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_keys KeyManagementService.ListCryptoKeys}.
195
+ # Response message for
196
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_keys KeyManagementService.ListCryptoKeys}.
176
197
  # @!attribute [rw] crypto_keys
177
198
  # @return [::Array<::Google::Cloud::Kms::V1::CryptoKey>]
178
199
  # The list of {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
179
200
  # @!attribute [rw] next_page_token
180
201
  # @return [::String]
181
202
  # A token to retrieve next page of results. Pass this value in
182
- # {::Google::Cloud::Kms::V1::ListCryptoKeysRequest#page_token ListCryptoKeysRequest.page_token} to retrieve the next page of results.
203
+ # {::Google::Cloud::Kms::V1::ListCryptoKeysRequest#page_token ListCryptoKeysRequest.page_token}
204
+ # to retrieve the next page of results.
183
205
  # @!attribute [rw] total_size
184
206
  # @return [::Integer]
185
- # The total number of {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} that matched the query.
207
+ # The total number of {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} that
208
+ # matched the query.
186
209
  class ListCryptoKeysResponse
187
210
  include ::Google::Protobuf::MessageExts
188
211
  extend ::Google::Protobuf::MessageExts::ClassMethods
189
212
  end
190
213
 
191
- # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_key_versions KeyManagementService.ListCryptoKeyVersions}.
214
+ # Response message for
215
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_key_versions KeyManagementService.ListCryptoKeyVersions}.
192
216
  # @!attribute [rw] crypto_key_versions
193
217
  # @return [::Array<::Google::Cloud::Kms::V1::CryptoKeyVersion>]
194
218
  # The list of {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
195
219
  # @!attribute [rw] next_page_token
196
220
  # @return [::String]
197
221
  # A token to retrieve next page of results. Pass this value in
198
- # {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest#page_token ListCryptoKeyVersionsRequest.page_token} to retrieve the next page of
199
- # results.
222
+ # {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest#page_token ListCryptoKeyVersionsRequest.page_token}
223
+ # to retrieve the next page of results.
200
224
  # @!attribute [rw] total_size
201
225
  # @return [::Integer]
202
- # The total number of {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} that matched the
226
+ # The total number of
227
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} that matched the
203
228
  # query.
204
229
  class ListCryptoKeyVersionsResponse
205
230
  include ::Google::Protobuf::MessageExts
206
231
  extend ::Google::Protobuf::MessageExts::ClassMethods
207
232
  end
208
233
 
209
- # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_import_jobs KeyManagementService.ListImportJobs}.
234
+ # Response message for
235
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_import_jobs KeyManagementService.ListImportJobs}.
210
236
  # @!attribute [rw] import_jobs
211
237
  # @return [::Array<::Google::Cloud::Kms::V1::ImportJob>]
212
238
  # The list of {::Google::Cloud::Kms::V1::ImportJob ImportJobs}.
213
239
  # @!attribute [rw] next_page_token
214
240
  # @return [::String]
215
241
  # A token to retrieve next page of results. Pass this value in
216
- # {::Google::Cloud::Kms::V1::ListImportJobsRequest#page_token ListImportJobsRequest.page_token} to retrieve the next page of results.
242
+ # {::Google::Cloud::Kms::V1::ListImportJobsRequest#page_token ListImportJobsRequest.page_token}
243
+ # to retrieve the next page of results.
217
244
  # @!attribute [rw] total_size
218
245
  # @return [::Integer]
219
- # The total number of {::Google::Cloud::Kms::V1::ImportJob ImportJobs} that matched the query.
246
+ # The total number of {::Google::Cloud::Kms::V1::ImportJob ImportJobs} that
247
+ # matched the query.
220
248
  class ListImportJobsResponse
221
249
  include ::Google::Protobuf::MessageExts
222
250
  extend ::Google::Protobuf::MessageExts::ClassMethods
223
251
  end
224
252
 
225
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_key_ring KeyManagementService.GetKeyRing}.
253
+ # Request message for
254
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_key_ring KeyManagementService.GetKeyRing}.
226
255
  # @!attribute [rw] name
227
256
  # @return [::String]
228
- # Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the {::Google::Cloud::Kms::V1::KeyRing KeyRing} to get.
257
+ # Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
258
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRing} to get.
229
259
  class GetKeyRingRequest
230
260
  include ::Google::Protobuf::MessageExts
231
261
  extend ::Google::Protobuf::MessageExts::ClassMethods
232
262
  end
233
263
 
234
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_crypto_key KeyManagementService.GetCryptoKey}.
264
+ # Request message for
265
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_crypto_key KeyManagementService.GetCryptoKey}.
235
266
  # @!attribute [rw] name
236
267
  # @return [::String]
237
- # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to get.
268
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
269
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to get.
238
270
  class GetCryptoKeyRequest
239
271
  include ::Google::Protobuf::MessageExts
240
272
  extend ::Google::Protobuf::MessageExts::ClassMethods
241
273
  end
242
274
 
243
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_crypto_key_version KeyManagementService.GetCryptoKeyVersion}.
275
+ # Request message for
276
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_crypto_key_version KeyManagementService.GetCryptoKeyVersion}.
244
277
  # @!attribute [rw] name
245
278
  # @return [::String]
246
- # Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to get.
279
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
280
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to get.
247
281
  class GetCryptoKeyVersionRequest
248
282
  include ::Google::Protobuf::MessageExts
249
283
  extend ::Google::Protobuf::MessageExts::ClassMethods
250
284
  end
251
285
 
252
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_public_key KeyManagementService.GetPublicKey}.
286
+ # Request message for
287
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_public_key KeyManagementService.GetPublicKey}.
253
288
  # @!attribute [rw] name
254
289
  # @return [::String]
255
- # Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} public key to
256
- # get.
290
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
291
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} public key to get.
257
292
  class GetPublicKeyRequest
258
293
  include ::Google::Protobuf::MessageExts
259
294
  extend ::Google::Protobuf::MessageExts::ClassMethods
260
295
  end
261
296
 
262
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_import_job KeyManagementService.GetImportJob}.
297
+ # Request message for
298
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_import_job KeyManagementService.GetImportJob}.
263
299
  # @!attribute [rw] name
264
300
  # @return [::String]
265
- # Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the {::Google::Cloud::Kms::V1::ImportJob ImportJob} to get.
301
+ # Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
302
+ # {::Google::Cloud::Kms::V1::ImportJob ImportJob} to get.
266
303
  class GetImportJobRequest
267
304
  include ::Google::Protobuf::MessageExts
268
305
  extend ::Google::Protobuf::MessageExts::ClassMethods
269
306
  end
270
307
 
271
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_key_ring KeyManagementService.CreateKeyRing}.
308
+ # Request message for
309
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_key_ring KeyManagementService.CreateKeyRing}.
272
310
  # @!attribute [rw] parent
273
311
  # @return [::String]
274
312
  # Required. The resource name of the location associated with the
275
- # {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format `projects/*/locations/*`.
313
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
314
+ # `projects/*/locations/*`.
276
315
  # @!attribute [rw] key_ring_id
277
316
  # @return [::String]
278
317
  # Required. It must be unique within a location and match the regular
279
318
  # expression `[a-zA-Z0-9_-]{1,63}`
280
319
  # @!attribute [rw] key_ring
281
320
  # @return [::Google::Cloud::Kms::V1::KeyRing]
282
- # Required. A {::Google::Cloud::Kms::V1::KeyRing KeyRing} with initial field values.
321
+ # Required. A {::Google::Cloud::Kms::V1::KeyRing KeyRing} with initial field
322
+ # values.
283
323
  class CreateKeyRingRequest
284
324
  include ::Google::Protobuf::MessageExts
285
325
  extend ::Google::Protobuf::MessageExts::ClassMethods
286
326
  end
287
327
 
288
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_crypto_key KeyManagementService.CreateCryptoKey}.
328
+ # Request message for
329
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_crypto_key KeyManagementService.CreateCryptoKey}.
289
330
  # @!attribute [rw] parent
290
331
  # @return [::String]
291
- # Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the KeyRing associated with the
292
- # {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
332
+ # Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the KeyRing
333
+ # associated with the {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
293
334
  # @!attribute [rw] crypto_key_id
294
335
  # @return [::String]
295
336
  # Required. It must be unique within a KeyRing and match the regular
296
337
  # expression `[a-zA-Z0-9_-]{1,63}`
297
338
  # @!attribute [rw] crypto_key
298
339
  # @return [::Google::Cloud::Kms::V1::CryptoKey]
299
- # Required. A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with initial field values.
340
+ # Required. A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with initial field
341
+ # values.
300
342
  # @!attribute [rw] skip_initial_version_creation
301
343
  # @return [::Boolean]
302
- # If set to true, the request will create a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} without any
303
- # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}. You must manually call
304
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_crypto_key_version CreateCryptoKeyVersion} or
344
+ # If set to true, the request will create a
345
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} without any
346
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}. You must
347
+ # manually call
348
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_crypto_key_version CreateCryptoKeyVersion}
349
+ # or
305
350
  # {::Google::Cloud::Kms::V1::KeyManagementService::Client#import_crypto_key_version ImportCryptoKeyVersion}
306
351
  # before you can use this {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
307
352
  class CreateCryptoKeyRequest
@@ -309,53 +354,65 @@ module Google
309
354
  extend ::Google::Protobuf::MessageExts::ClassMethods
310
355
  end
311
356
 
312
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_crypto_key_version KeyManagementService.CreateCryptoKeyVersion}.
357
+ # Request message for
358
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_crypto_key_version KeyManagementService.CreateCryptoKeyVersion}.
313
359
  # @!attribute [rw] parent
314
360
  # @return [::String]
315
- # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with
316
- # the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
361
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
362
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with the
363
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
317
364
  # @!attribute [rw] crypto_key_version
318
365
  # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
319
- # Required. A {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with initial field values.
366
+ # Required. A {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
367
+ # initial field values.
320
368
  class CreateCryptoKeyVersionRequest
321
369
  include ::Google::Protobuf::MessageExts
322
370
  extend ::Google::Protobuf::MessageExts::ClassMethods
323
371
  end
324
372
 
325
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#import_crypto_key_version KeyManagementService.ImportCryptoKeyVersion}.
373
+ # Request message for
374
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#import_crypto_key_version KeyManagementService.ImportCryptoKeyVersion}.
326
375
  # @!attribute [rw] parent
327
376
  # @return [::String]
328
- # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to be imported into.
377
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
378
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to be imported into.
329
379
  #
330
380
  # The create permission is only required on this key when creating a new
331
381
  # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
332
382
  # @!attribute [rw] crypto_key_version
333
383
  # @return [::String]
334
- # Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of an existing
335
- # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to target for an import operation.
336
- # If this field is not present, a new {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} containing the
384
+ # Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of
385
+ # an existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to
386
+ # target for an import operation. If this field is not present, a new
387
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} containing the
337
388
  # supplied key material is created.
338
389
  #
339
390
  # If this field is present, the supplied key material is imported into
340
- # the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To import into an existing
341
- # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}, the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} must be a child of
342
- # {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#parent ImportCryptoKeyVersionRequest.parent}, have been previously created via
343
- # [ImportCryptoKeyVersion][], and be in
344
- # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED} or
391
+ # the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To
392
+ # import into an existing
393
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}, the
394
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} must be a child of
395
+ # {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#parent ImportCryptoKeyVersionRequest.parent},
396
+ # have been previously created via [ImportCryptoKeyVersion][], and be in
397
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED}
398
+ # or
345
399
  # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::IMPORT_FAILED IMPORT_FAILED}
346
400
  # state. The key material and algorithm must match the previous
347
- # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} has ever contained
401
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the
402
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} has ever contained
348
403
  # key material.
349
404
  # @!attribute [rw] algorithm
350
405
  # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm]
351
- # Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm algorithm} of
352
- # the key being imported. This does not need to match the
353
- # {::Google::Cloud::Kms::V1::CryptoKey#version_template version_template} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} this
354
- # version imports into.
406
+ # Required. The
407
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm algorithm}
408
+ # of the key being imported. This does not need to match the
409
+ # {::Google::Cloud::Kms::V1::CryptoKey#version_template version_template} of the
410
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} this version imports into.
355
411
  # @!attribute [rw] import_job
356
412
  # @return [::String]
357
- # Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the {::Google::Cloud::Kms::V1::ImportJob ImportJob} that was used to
358
- # wrap this key material.
413
+ # Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
414
+ # {::Google::Cloud::Kms::V1::ImportJob ImportJob} that was used to wrap this key
415
+ # material.
359
416
  # @!attribute [rw] rsa_aes_wrapped_key
360
417
  # @return [::String]
361
418
  # Wrapped key material produced with
@@ -366,8 +423,9 @@ module Google
366
423
  # This field contains the concatenation of two wrapped keys:
367
424
  # <ol>
368
425
  # <li>An ephemeral AES-256 wrapping key wrapped with the
369
- # {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using RSAES-OAEP with SHA-1,
370
- # MGF1 with SHA-1, and an empty label.
426
+ # {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using
427
+ # RSAES-OAEP with SHA-1/SHA-256, MGF1 with SHA-1/SHA-256, and an
428
+ # empty label.
371
429
  # </li>
372
430
  # <li>The key to be imported, wrapped with the ephemeral AES-256 key
373
431
  # using AES-KWP (RFC 5649).
@@ -386,10 +444,12 @@ module Google
386
444
  extend ::Google::Protobuf::MessageExts::ClassMethods
387
445
  end
388
446
 
389
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_import_job KeyManagementService.CreateImportJob}.
447
+ # Request message for
448
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_import_job KeyManagementService.CreateImportJob}.
390
449
  # @!attribute [rw] parent
391
450
  # @return [::String]
392
- # Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the {::Google::Cloud::Kms::V1::KeyRing KeyRing} associated with the
451
+ # Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
452
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRing} associated with the
393
453
  # {::Google::Cloud::Kms::V1::ImportJob ImportJobs}.
394
454
  # @!attribute [rw] import_job_id
395
455
  # @return [::String]
@@ -397,13 +457,15 @@ module Google
397
457
  # expression `[a-zA-Z0-9_-]{1,63}`
398
458
  # @!attribute [rw] import_job
399
459
  # @return [::Google::Cloud::Kms::V1::ImportJob]
400
- # Required. An {::Google::Cloud::Kms::V1::ImportJob ImportJob} with initial field values.
460
+ # Required. An {::Google::Cloud::Kms::V1::ImportJob ImportJob} with initial field
461
+ # values.
401
462
  class CreateImportJobRequest
402
463
  include ::Google::Protobuf::MessageExts
403
464
  extend ::Google::Protobuf::MessageExts::ClassMethods
404
465
  end
405
466
 
406
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key KeyManagementService.UpdateCryptoKey}.
467
+ # Request message for
468
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key KeyManagementService.UpdateCryptoKey}.
407
469
  # @!attribute [rw] crypto_key
408
470
  # @return [::Google::Cloud::Kms::V1::CryptoKey]
409
471
  # Required. {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with updated values.
@@ -415,10 +477,12 @@ module Google
415
477
  extend ::Google::Protobuf::MessageExts::ClassMethods
416
478
  end
417
479
 
418
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key_version KeyManagementService.UpdateCryptoKeyVersion}.
480
+ # Request message for
481
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key_version KeyManagementService.UpdateCryptoKeyVersion}.
419
482
  # @!attribute [rw] crypto_key_version
420
483
  # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
421
- # Required. {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with updated values.
484
+ # Required. {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
485
+ # updated values.
422
486
  # @!attribute [rw] update_mask
423
487
  # @return [::Google::Protobuf::FieldMask]
424
488
  # Required. List of fields to be updated in this request.
@@ -427,106 +491,132 @@ module Google
427
491
  extend ::Google::Protobuf::MessageExts::ClassMethods
428
492
  end
429
493
 
430
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key_primary_version KeyManagementService.UpdateCryptoKeyPrimaryVersion}.
494
+ # Request message for
495
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key_primary_version KeyManagementService.UpdateCryptoKeyPrimaryVersion}.
431
496
  # @!attribute [rw] name
432
497
  # @return [::String]
433
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
498
+ # Required. The resource name of the
499
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
434
500
  # @!attribute [rw] crypto_key_version_id
435
501
  # @return [::String]
436
- # Required. The id of the child {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
502
+ # Required. The id of the child
503
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
437
504
  class UpdateCryptoKeyPrimaryVersionRequest
438
505
  include ::Google::Protobuf::MessageExts
439
506
  extend ::Google::Protobuf::MessageExts::ClassMethods
440
507
  end
441
508
 
442
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#destroy_crypto_key_version KeyManagementService.DestroyCryptoKeyVersion}.
509
+ # Request message for
510
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#destroy_crypto_key_version KeyManagementService.DestroyCryptoKeyVersion}.
443
511
  # @!attribute [rw] name
444
512
  # @return [::String]
445
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
513
+ # Required. The resource name of the
514
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
446
515
  class DestroyCryptoKeyVersionRequest
447
516
  include ::Google::Protobuf::MessageExts
448
517
  extend ::Google::Protobuf::MessageExts::ClassMethods
449
518
  end
450
519
 
451
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#restore_crypto_key_version KeyManagementService.RestoreCryptoKeyVersion}.
520
+ # Request message for
521
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#restore_crypto_key_version KeyManagementService.RestoreCryptoKeyVersion}.
452
522
  # @!attribute [rw] name
453
523
  # @return [::String]
454
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
524
+ # Required. The resource name of the
525
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
455
526
  class RestoreCryptoKeyVersionRequest
456
527
  include ::Google::Protobuf::MessageExts
457
528
  extend ::Google::Protobuf::MessageExts::ClassMethods
458
529
  end
459
530
 
460
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt KeyManagementService.Encrypt}.
531
+ # Request message for
532
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt KeyManagementService.Encrypt}.
461
533
  # @!attribute [rw] name
462
534
  # @return [::String]
463
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} or {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
464
- # to use for encryption.
535
+ # Required. The resource name of the
536
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} or
537
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
538
+ # encryption.
465
539
  #
466
- # If a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} is specified, the server will use its
467
- # {::Google::Cloud::Kms::V1::CryptoKey#primary primary version}.
540
+ # If a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} is specified, the server
541
+ # will use its {::Google::Cloud::Kms::V1::CryptoKey#primary primary version}.
468
542
  # @!attribute [rw] plaintext
469
543
  # @return [::String]
470
544
  # Required. The data to encrypt. Must be no larger than 64KiB.
471
545
  #
472
546
  # The maximum size depends on the key version's
473
- # {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}. For
474
- # {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the plaintext must be no larger
475
- # than 64KiB. For {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of the
476
- # plaintext and additional_authenticated_data fields must be no larger than
477
- # 8KiB.
547
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
548
+ # For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the
549
+ # plaintext must be no larger than 64KiB. For
550
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
551
+ # the plaintext and additional_authenticated_data fields must be no larger
552
+ # than 8KiB.
478
553
  # @!attribute [rw] additional_authenticated_data
479
554
  # @return [::String]
480
- # Optional. Optional data that, if specified, must also be provided during decryption
481
- # through {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}.
555
+ # Optional. Optional data that, if specified, must also be provided during
556
+ # decryption through
557
+ # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}.
482
558
  #
483
559
  # The maximum size depends on the key version's
484
- # {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}. For
485
- # {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the AAD must be no larger than
486
- # 64KiB. For {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of the
487
- # plaintext and additional_authenticated_data fields must be no larger than
488
- # 8KiB.
560
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
561
+ # For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the AAD
562
+ # must be no larger than 64KiB. For
563
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
564
+ # the plaintext and additional_authenticated_data fields must be no larger
565
+ # than 8KiB.
489
566
  # @!attribute [rw] plaintext_crc32c
490
567
  # @return [::Google::Protobuf::Int64Value]
491
- # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}. If
492
- # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
493
- # received {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext} using this checksum.
494
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
495
- # fails. If you receive a checksum error, your client should verify that
496
- # CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}) is equal to
497
- # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}, and if so, perform a limited number of
498
- # retries. A persistent mismatch may indicate an issue in your computation of
499
- # the CRC32C checksum.
500
- # Note: This field is defined as int64 for reasons of compatibility across
501
- # different languages. However, it is a non-negative integer, which will
502
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
503
- # that support this type.
568
+ # Optional. An optional CRC32C checksum of the
569
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
570
+ # If specified,
571
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
572
+ # verify the integrity of the received
573
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}
574
+ # using this checksum.
575
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
576
+ # report an error if the checksum verification fails. If you receive a
577
+ # checksum error, your client should verify that
578
+ # CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext})
579
+ # is equal to
580
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c},
581
+ # and if so, perform a limited number of retries. A persistent mismatch may
582
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
583
+ # field is defined as int64 for reasons of compatibility across different
584
+ # languages. However, it is a non-negative integer, which will never exceed
585
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
586
+ # this type.
504
587
  # @!attribute [rw] additional_authenticated_data_crc32c
505
588
  # @return [::Google::Protobuf::Int64Value]
506
589
  # Optional. An optional CRC32C checksum of the
507
- # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}. If specified,
508
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received
509
- # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data} using this checksum.
510
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
511
- # fails. If you receive a checksum error, your client should verify that
512
- # CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}) is equal to
513
- # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}, and if so, perform
514
- # a limited number of retries. A persistent mismatch may indicate an issue in
515
- # your computation of the CRC32C checksum.
516
- # Note: This field is defined as int64 for reasons of compatibility across
517
- # different languages. However, it is a non-negative integer, which will
518
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
519
- # that support this type.
590
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
591
+ # If specified,
592
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
593
+ # verify the integrity of the received
594
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}
595
+ # using this checksum.
596
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
597
+ # report an error if the checksum verification fails. If you receive a
598
+ # checksum error, your client should verify that
599
+ # CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data})
600
+ # is equal to
601
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c},
602
+ # and if so, perform a limited number of retries. A persistent mismatch may
603
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
604
+ # field is defined as int64 for reasons of compatibility across different
605
+ # languages. However, it is a non-negative integer, which will never exceed
606
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
607
+ # this type.
520
608
  class EncryptRequest
521
609
  include ::Google::Protobuf::MessageExts
522
610
  extend ::Google::Protobuf::MessageExts::ClassMethods
523
611
  end
524
612
 
525
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt KeyManagementService.Decrypt}.
613
+ # Request message for
614
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt KeyManagementService.Decrypt}.
526
615
  # @!attribute [rw] name
527
616
  # @return [::String]
528
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to use for decryption.
529
- # The server will choose the appropriate version.
617
+ # Required. The resource name of the
618
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to use for decryption. The
619
+ # server will choose the appropriate version.
530
620
  # @!attribute [rw] ciphertext
531
621
  # @return [::String]
532
622
  # Required. The encrypted data originally returned in
@@ -537,193 +627,253 @@ module Google
537
627
  # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
538
628
  # @!attribute [rw] ciphertext_crc32c
539
629
  # @return [::Google::Protobuf::Int64Value]
540
- # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}. If
541
- # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
542
- # received {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext} using this checksum.
543
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
544
- # fails. If you receive a checksum error, your client should verify that
545
- # CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}) is equal to
546
- # {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext_crc32c DecryptRequest.ciphertext_crc32c}, and if so, perform a limited number
547
- # of retries. A persistent mismatch may indicate an issue in your computation
548
- # of the CRC32C checksum.
549
- # Note: This field is defined as int64 for reasons of compatibility across
550
- # different languages. However, it is a non-negative integer, which will
551
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
552
- # that support this type.
630
+ # Optional. An optional CRC32C checksum of the
631
+ # {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}.
632
+ # If specified,
633
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
634
+ # verify the integrity of the received
635
+ # {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}
636
+ # using this checksum.
637
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
638
+ # report an error if the checksum verification fails. If you receive a
639
+ # checksum error, your client should verify that
640
+ # CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext})
641
+ # is equal to
642
+ # {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext_crc32c DecryptRequest.ciphertext_crc32c},
643
+ # and if so, perform a limited number of retries. A persistent mismatch may
644
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
645
+ # field is defined as int64 for reasons of compatibility across different
646
+ # languages. However, it is a non-negative integer, which will never exceed
647
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
648
+ # this type.
553
649
  # @!attribute [rw] additional_authenticated_data_crc32c
554
650
  # @return [::Google::Protobuf::Int64Value]
555
651
  # Optional. An optional CRC32C checksum of the
556
- # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}. If specified,
557
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received
558
- # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data} using this checksum.
559
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
560
- # fails. If you receive a checksum error, your client should verify that
561
- # CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}) is equal to
562
- # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data_crc32c DecryptRequest.additional_authenticated_data_crc32c}, and if so, perform
563
- # a limited number of retries. A persistent mismatch may indicate an issue in
564
- # your computation of the CRC32C checksum.
565
- # Note: This field is defined as int64 for reasons of compatibility across
566
- # different languages. However, it is a non-negative integer, which will
567
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
568
- # that support this type.
652
+ # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}.
653
+ # If specified,
654
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
655
+ # verify the integrity of the received
656
+ # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}
657
+ # using this checksum.
658
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
659
+ # report an error if the checksum verification fails. If you receive a
660
+ # checksum error, your client should verify that
661
+ # CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data})
662
+ # is equal to
663
+ # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data_crc32c DecryptRequest.additional_authenticated_data_crc32c},
664
+ # and if so, perform a limited number of retries. A persistent mismatch may
665
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
666
+ # field is defined as int64 for reasons of compatibility across different
667
+ # languages. However, it is a non-negative integer, which will never exceed
668
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
669
+ # this type.
569
670
  class DecryptRequest
570
671
  include ::Google::Protobuf::MessageExts
571
672
  extend ::Google::Protobuf::MessageExts::ClassMethods
572
673
  end
573
674
 
574
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_sign KeyManagementService.AsymmetricSign}.
675
+ # Request message for
676
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_sign KeyManagementService.AsymmetricSign}.
575
677
  # @!attribute [rw] name
576
678
  # @return [::String]
577
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for signing.
679
+ # Required. The resource name of the
680
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
681
+ # signing.
578
682
  # @!attribute [rw] digest
579
683
  # @return [::Google::Cloud::Kms::V1::Digest]
580
684
  # Optional. The digest of the data to sign. The digest must be produced with
581
685
  # the same digest algorithm as specified by the key version's
582
686
  # {::Google::Cloud::Kms::V1::CryptoKeyVersion#algorithm algorithm}.
687
+ #
688
+ # This field may not be supplied if
689
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}
690
+ # is supplied.
583
691
  # @!attribute [rw] digest_crc32c
584
692
  # @return [::Google::Protobuf::Int64Value]
585
- # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}. If
586
- # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
587
- # received {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest} using this checksum.
588
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
589
- # fails. If you receive a checksum error, your client should verify that
590
- # CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}) is equal to
591
- # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}, and if so, perform a limited
592
- # number of retries. A persistent mismatch may indicate an issue in your
593
- # computation of the CRC32C checksum.
594
- # Note: This field is defined as int64 for reasons of compatibility across
595
- # different languages. However, it is a non-negative integer, which will
596
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
597
- # that support this type.
693
+ # Optional. An optional CRC32C checksum of the
694
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}.
695
+ # If specified,
696
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
697
+ # verify the integrity of the received
698
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}
699
+ # using this checksum.
700
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
701
+ # report an error if the checksum verification fails. If you receive a
702
+ # checksum error, your client should verify that
703
+ # CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest})
704
+ # is equal to
705
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c},
706
+ # and if so, perform a limited number of retries. A persistent mismatch may
707
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
708
+ # field is defined as int64 for reasons of compatibility across different
709
+ # languages. However, it is a non-negative integer, which will never exceed
710
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
711
+ # this type.
598
712
  # @!attribute [rw] data
599
713
  # @return [::String]
600
- # Optional. This field will only be honored for RAW_PKCS1 keys.
601
- # The data to sign. A digest is computed over the data that will be signed,
602
- # PKCS #1 padding is applied to the digest directly and then encrypted.
714
+ # Optional. The data to sign.
715
+ # It can't be supplied if
716
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}
717
+ # is supplied.
603
718
  # @!attribute [rw] data_crc32c
604
719
  # @return [::Google::Protobuf::Int64Value]
605
- # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}. If
606
- # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
607
- # received {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data} using this checksum.
608
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
609
- # fails. If you receive a checksum error, your client should verify that
610
- # CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}) is equal to
611
- # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c}, and if so, perform a limited
612
- # number of retries. A persistent mismatch may indicate an issue in your
613
- # computation of the CRC32C checksum.
614
- # Note: This field is defined as int64 for reasons of compatibility across
615
- # different languages. However, it is a non-negative integer, which will
616
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
617
- # that support this type.
720
+ # Optional. An optional CRC32C checksum of the
721
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}.
722
+ # If specified,
723
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
724
+ # verify the integrity of the received
725
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}
726
+ # using this checksum.
727
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
728
+ # report an error if the checksum verification fails. If you receive a
729
+ # checksum error, your client should verify that
730
+ # CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data})
731
+ # is equal to
732
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c},
733
+ # and if so, perform a limited number of retries. A persistent mismatch may
734
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
735
+ # field is defined as int64 for reasons of compatibility across different
736
+ # languages. However, it is a non-negative integer, which will never exceed
737
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
738
+ # this type.
618
739
  class AsymmetricSignRequest
619
740
  include ::Google::Protobuf::MessageExts
620
741
  extend ::Google::Protobuf::MessageExts::ClassMethods
621
742
  end
622
743
 
623
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_decrypt KeyManagementService.AsymmetricDecrypt}.
744
+ # Request message for
745
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_decrypt KeyManagementService.AsymmetricDecrypt}.
624
746
  # @!attribute [rw] name
625
747
  # @return [::String]
626
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
748
+ # Required. The resource name of the
749
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
627
750
  # decryption.
628
751
  # @!attribute [rw] ciphertext
629
752
  # @return [::String]
630
- # Required. The data encrypted with the named {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s public
631
- # key using OAEP.
753
+ # Required. The data encrypted with the named
754
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s public key using
755
+ # OAEP.
632
756
  # @!attribute [rw] ciphertext_crc32c
633
757
  # @return [::Google::Protobuf::Int64Value]
634
- # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}.
635
- # If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
636
- # received {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext} using this checksum.
637
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
638
- # fails. If you receive a checksum error, your client should verify that
639
- # CRC32C({::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}) is equal to
640
- # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}, and if so, perform a
641
- # limited number of retries. A persistent mismatch may indicate an issue in
642
- # your computation of the CRC32C checksum.
643
- # Note: This field is defined as int64 for reasons of compatibility across
644
- # different languages. However, it is a non-negative integer, which will
645
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
646
- # that support this type.
758
+ # Optional. An optional CRC32C checksum of the
759
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}.
760
+ # If specified,
761
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
762
+ # verify the integrity of the received
763
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}
764
+ # using this checksum.
765
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
766
+ # report an error if the checksum verification fails. If you receive a
767
+ # checksum error, your client should verify that
768
+ # CRC32C({::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext})
769
+ # is equal to
770
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c},
771
+ # and if so, perform a limited number of retries. A persistent mismatch may
772
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
773
+ # field is defined as int64 for reasons of compatibility across different
774
+ # languages. However, it is a non-negative integer, which will never exceed
775
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
776
+ # this type.
647
777
  class AsymmetricDecryptRequest
648
778
  include ::Google::Protobuf::MessageExts
649
779
  extend ::Google::Protobuf::MessageExts::ClassMethods
650
780
  end
651
781
 
652
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
782
+ # Request message for
783
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
653
784
  # @!attribute [rw] name
654
785
  # @return [::String]
655
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for signing.
786
+ # Required. The resource name of the
787
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
788
+ # signing.
656
789
  # @!attribute [rw] data
657
790
  # @return [::String]
658
- # Required. The data to sign. The MAC tag is computed over this data field based on
659
- # the specific algorithm.
791
+ # Required. The data to sign. The MAC tag is computed over this data field
792
+ # based on the specific algorithm.
660
793
  # @!attribute [rw] data_crc32c
661
794
  # @return [::Google::Protobuf::Int64Value]
662
- # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}. If
663
- # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
664
- # received {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} using this checksum.
665
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
666
- # fails. If you receive a checksum error, your client should verify that
667
- # CRC32C({::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}) is equal to
668
- # {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}, and if so, perform a limited
669
- # number of retries. A persistent mismatch may indicate an issue in your
670
- # computation of the CRC32C checksum.
671
- # Note: This field is defined as int64 for reasons of compatibility across
672
- # different languages. However, it is a non-negative integer, which will
673
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
674
- # that support this type.
795
+ # Optional. An optional CRC32C checksum of the
796
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}. If
797
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
798
+ # will verify the integrity of the received
799
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} using this
800
+ # checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
801
+ # will report an error if the checksum verification fails. If you receive a
802
+ # checksum error, your client should verify that
803
+ # CRC32C({::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}) is
804
+ # equal to
805
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c},
806
+ # and if so, perform a limited number of retries. A persistent mismatch may
807
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
808
+ # field is defined as int64 for reasons of compatibility across different
809
+ # languages. However, it is a non-negative integer, which will never exceed
810
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
811
+ # this type.
675
812
  class MacSignRequest
676
813
  include ::Google::Protobuf::MessageExts
677
814
  extend ::Google::Protobuf::MessageExts::ClassMethods
678
815
  end
679
816
 
680
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
817
+ # Request message for
818
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
681
819
  # @!attribute [rw] name
682
820
  # @return [::String]
683
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for verification.
821
+ # Required. The resource name of the
822
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
823
+ # verification.
684
824
  # @!attribute [rw] data
685
825
  # @return [::String]
686
- # Required. The data used previously as a {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} to generate the MAC
687
- # tag.
826
+ # Required. The data used previously as a
827
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} to generate
828
+ # the MAC tag.
688
829
  # @!attribute [rw] data_crc32c
689
830
  # @return [::Google::Protobuf::Int64Value]
690
- # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}. If
691
- # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
692
- # received {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} using this checksum.
693
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
694
- # fails. If you receive a checksum error, your client should verify that
695
- # CRC32C({::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}) is equal to
696
- # {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}, and if so, perform a limited
697
- # number of retries. A persistent mismatch may indicate an issue in your
698
- # computation of the CRC32C checksum.
699
- # Note: This field is defined as int64 for reasons of compatibility across
700
- # different languages. However, it is a non-negative integer, which will
701
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
702
- # that support this type.
831
+ # Optional. An optional CRC32C checksum of the
832
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}. If
833
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
834
+ # will verify the integrity of the received
835
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} using
836
+ # this checksum.
837
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
838
+ # report an error if the checksum verification fails. If you receive a
839
+ # checksum error, your client should verify that
840
+ # CRC32C({::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data})
841
+ # is equal to
842
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c},
843
+ # and if so, perform a limited number of retries. A persistent mismatch may
844
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
845
+ # field is defined as int64 for reasons of compatibility across different
846
+ # languages. However, it is a non-negative integer, which will never exceed
847
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
848
+ # this type.
703
849
  # @!attribute [rw] mac
704
850
  # @return [::String]
705
851
  # Required. The signature to verify.
706
852
  # @!attribute [rw] mac_crc32c
707
853
  # @return [::Google::Protobuf::Int64Value]
708
- # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac}. If
709
- # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
710
- # received {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} using this checksum.
711
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
712
- # fails. If you receive a checksum error, your client should verify that
854
+ # Optional. An optional CRC32C checksum of the
855
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac}. If
856
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
857
+ # will verify the integrity of the received
858
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} using this
859
+ # checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
860
+ # will report an error if the checksum verification fails. If you receive a
861
+ # checksum error, your client should verify that
713
862
  # CRC32C([MacVerifyRequest.tag][]) is equal to
714
- # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}, and if so, perform a limited
715
- # number of retries. A persistent mismatch may indicate an issue in your
716
- # computation of the CRC32C checksum.
717
- # Note: This field is defined as int64 for reasons of compatibility across
718
- # different languages. However, it is a non-negative integer, which will
719
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
720
- # that support this type.
863
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c},
864
+ # and if so, perform a limited number of retries. A persistent mismatch may
865
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
866
+ # field is defined as int64 for reasons of compatibility across different
867
+ # languages. However, it is a non-negative integer, which will never exceed
868
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
869
+ # this type.
721
870
  class MacVerifyRequest
722
871
  include ::Google::Protobuf::MessageExts
723
872
  extend ::Google::Protobuf::MessageExts::ClassMethods
724
873
  end
725
874
 
726
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
875
+ # Request message for
876
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
727
877
  # @!attribute [rw] location
728
878
  # @return [::String]
729
879
  # The project-specific location in which to generate random bytes.
@@ -734,246 +884,329 @@ module Google
734
884
  # bytes, maximum 1024 bytes.
735
885
  # @!attribute [rw] protection_level
736
886
  # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
737
- # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when generating the random data. Defaults to
738
- # {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE}.
887
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when
888
+ # generating the random data. Currently, only
889
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} protection level is
890
+ # supported.
739
891
  class GenerateRandomBytesRequest
740
892
  include ::Google::Protobuf::MessageExts
741
893
  extend ::Google::Protobuf::MessageExts::ClassMethods
742
894
  end
743
895
 
744
- # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt KeyManagementService.Encrypt}.
896
+ # Response message for
897
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt KeyManagementService.Encrypt}.
745
898
  # @!attribute [rw] name
746
899
  # @return [::String]
747
- # The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in encryption. Check
748
- # this field to verify that the intended resource was used for encryption.
900
+ # The resource name of the
901
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in
902
+ # encryption. Check this field to verify that the intended resource was used
903
+ # for encryption.
749
904
  # @!attribute [rw] ciphertext
750
905
  # @return [::String]
751
906
  # The encrypted data.
752
907
  # @!attribute [rw] ciphertext_crc32c
753
908
  # @return [::Google::Protobuf::Int64Value]
754
909
  # Integrity verification field. A CRC32C checksum of the returned
755
- # {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}. An integrity check of
756
- # {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext} can be performed by computing the CRC32C
757
- # checksum of {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext} and comparing your results to
758
- # this field. Discard the response in case of non-matching checksum values,
759
- # and perform a limited number of retries. A persistent mismatch may indicate
760
- # an issue in your computation of the CRC32C checksum.
761
- # Note: This field is defined as int64 for reasons of compatibility across
762
- # different languages. However, it is a non-negative integer, which will
763
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
764
- # that support this type.
910
+ # {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}.
911
+ # An integrity check of
912
+ # {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}
913
+ # can be performed by computing the CRC32C checksum of
914
+ # {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}
915
+ # and comparing your results to this field. Discard the response in case of
916
+ # non-matching checksum values, and perform a limited number of retries. A
917
+ # persistent mismatch may indicate an issue in your computation of the CRC32C
918
+ # checksum. Note: This field is defined as int64 for reasons of compatibility
919
+ # across different languages. However, it is a non-negative integer, which
920
+ # will never exceed 2^32-1, and can be safely downconverted to uint32 in
921
+ # languages that support this type.
765
922
  # @!attribute [rw] verified_plaintext_crc32c
766
923
  # @return [::Boolean]
767
924
  # Integrity verification field. A flag indicating whether
768
- # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c} was received by
769
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
770
- # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext plaintext}. A false value of this field
771
- # indicates either that {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c} was left unset or
772
- # that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've set
773
- # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c} but this field is still false, discard
774
- # the response and perform a limited number of retries.
925
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}
926
+ # was received by
927
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
928
+ # for the integrity verification of the
929
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext plaintext}. A false value of
930
+ # this field indicates either that
931
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}
932
+ # was left unset or that it was not delivered to
933
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
934
+ # set
935
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}
936
+ # but this field is still false, discard the response and perform a limited
937
+ # number of retries.
775
938
  # @!attribute [rw] verified_additional_authenticated_data_crc32c
776
939
  # @return [::Boolean]
777
940
  # Integrity verification field. A flag indicating whether
778
- # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c} was received by
779
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
780
- # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data AAD}. A false value of this
781
- # field indicates either that
782
- # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c} was left unset or
783
- # that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've set
784
- # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c} but this field is
785
- # still false, discard the response and perform a limited number of retries.
941
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}
942
+ # was received by
943
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
944
+ # for the integrity verification of the
945
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data AAD}. A
946
+ # false value of this field indicates either that
947
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}
948
+ # was left unset or that it was not delivered to
949
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
950
+ # set
951
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}
952
+ # but this field is still false, discard the response and perform a limited
953
+ # number of retries.
786
954
  # @!attribute [rw] protection_level
787
955
  # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
788
- # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in encryption.
956
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
957
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in
958
+ # encryption.
789
959
  class EncryptResponse
790
960
  include ::Google::Protobuf::MessageExts
791
961
  extend ::Google::Protobuf::MessageExts::ClassMethods
792
962
  end
793
963
 
794
- # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt KeyManagementService.Decrypt}.
964
+ # Response message for
965
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt KeyManagementService.Decrypt}.
795
966
  # @!attribute [rw] plaintext
796
967
  # @return [::String]
797
- # The decrypted data originally supplied in {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
968
+ # The decrypted data originally supplied in
969
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
798
970
  # @!attribute [rw] plaintext_crc32c
799
971
  # @return [::Google::Protobuf::Int64Value]
800
972
  # Integrity verification field. A CRC32C checksum of the returned
801
- # {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}. An integrity check of
802
- # {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} can be performed by computing the CRC32C
803
- # checksum of {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} and comparing your results to
804
- # this field. Discard the response in case of non-matching checksum values,
805
- # and perform a limited number of retries. A persistent mismatch may indicate
806
- # an issue in your computation of the CRC32C checksum. Note: receiving this
807
- # response message indicates that {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} is able to
808
- # successfully decrypt the {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext ciphertext}.
809
- # Note: This field is defined as int64 for reasons of compatibility across
810
- # different languages. However, it is a non-negative integer, which will
811
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
812
- # that support this type.
973
+ # {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}.
974
+ # An integrity check of
975
+ # {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}
976
+ # can be performed by computing the CRC32C checksum of
977
+ # {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}
978
+ # and comparing your results to this field. Discard the response in case of
979
+ # non-matching checksum values, and perform a limited number of retries. A
980
+ # persistent mismatch may indicate an issue in your computation of the CRC32C
981
+ # checksum. Note: receiving this response message indicates that
982
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} is able to
983
+ # successfully decrypt the
984
+ # {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext ciphertext}. Note: This
985
+ # field is defined as int64 for reasons of compatibility across different
986
+ # languages. However, it is a non-negative integer, which will never exceed
987
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
988
+ # this type.
813
989
  # @!attribute [rw] used_primary
814
990
  # @return [::Boolean]
815
991
  # Whether the Decryption was performed using the primary key version.
816
992
  # @!attribute [rw] protection_level
817
993
  # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
818
- # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in decryption.
994
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
995
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in
996
+ # decryption.
819
997
  class DecryptResponse
820
998
  include ::Google::Protobuf::MessageExts
821
999
  extend ::Google::Protobuf::MessageExts::ClassMethods
822
1000
  end
823
1001
 
824
- # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_sign KeyManagementService.AsymmetricSign}.
1002
+ # Response message for
1003
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_sign KeyManagementService.AsymmetricSign}.
825
1004
  # @!attribute [rw] signature
826
1005
  # @return [::String]
827
1006
  # The created signature.
828
1007
  # @!attribute [rw] signature_crc32c
829
1008
  # @return [::Google::Protobuf::Int64Value]
830
1009
  # Integrity verification field. A CRC32C checksum of the returned
831
- # {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}. An integrity check of
832
- # {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature} can be performed by computing the
833
- # CRC32C checksum of {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature} and comparing your
834
- # results to this field. Discard the response in case of non-matching
835
- # checksum values, and perform a limited number of retries. A persistent
836
- # mismatch may indicate an issue in your computation of the CRC32C checksum.
837
- # Note: This field is defined as int64 for reasons of compatibility across
838
- # different languages. However, it is a non-negative integer, which will
839
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
840
- # that support this type.
1010
+ # {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}.
1011
+ # An integrity check of
1012
+ # {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}
1013
+ # can be performed by computing the CRC32C checksum of
1014
+ # {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}
1015
+ # and comparing your results to this field. Discard the response in case of
1016
+ # non-matching checksum values, and perform a limited number of retries. A
1017
+ # persistent mismatch may indicate an issue in your computation of the CRC32C
1018
+ # checksum. Note: This field is defined as int64 for reasons of compatibility
1019
+ # across different languages. However, it is a non-negative integer, which
1020
+ # will never exceed 2^32-1, and can be safely downconverted to uint32 in
1021
+ # languages that support this type.
841
1022
  # @!attribute [rw] verified_digest_crc32c
842
1023
  # @return [::Boolean]
843
1024
  # Integrity verification field. A flag indicating whether
844
- # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c} was received by
845
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
846
- # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest digest}. A false value of this field
847
- # indicates either that {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c} was left
848
- # unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
849
- # set {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c} but this field is still false,
850
- # discard the response and perform a limited number of retries.
1025
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}
1026
+ # was received by
1027
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
1028
+ # for the integrity verification of the
1029
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest digest}. A false value
1030
+ # of this field indicates either that
1031
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}
1032
+ # was left unset or that it was not delivered to
1033
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
1034
+ # set
1035
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}
1036
+ # but this field is still false, discard the response and perform a limited
1037
+ # number of retries.
851
1038
  # @!attribute [rw] name
852
1039
  # @return [::String]
853
- # The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing. Check
854
- # this field to verify that the intended resource was used for signing.
1040
+ # The resource name of the
1041
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
1042
+ # Check this field to verify that the intended resource was used for signing.
855
1043
  # @!attribute [rw] verified_data_crc32c
856
1044
  # @return [::Boolean]
857
1045
  # Integrity verification field. A flag indicating whether
858
- # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c} was received by
859
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
860
- # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data data}. A false value of this field
861
- # indicates either that {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c} was left
862
- # unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
863
- # set {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c} but this field is still false,
864
- # discard the response and perform a limited number of retries.
1046
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c}
1047
+ # was received by
1048
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
1049
+ # for the integrity verification of the
1050
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data data}. A false value of
1051
+ # this field indicates either that
1052
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c}
1053
+ # was left unset or that it was not delivered to
1054
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
1055
+ # set
1056
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c}
1057
+ # but this field is still false, discard the response and perform a limited
1058
+ # number of retries.
865
1059
  # @!attribute [rw] protection_level
866
1060
  # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
867
- # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
1061
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
1062
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
868
1063
  class AsymmetricSignResponse
869
1064
  include ::Google::Protobuf::MessageExts
870
1065
  extend ::Google::Protobuf::MessageExts::ClassMethods
871
1066
  end
872
1067
 
873
- # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_decrypt KeyManagementService.AsymmetricDecrypt}.
1068
+ # Response message for
1069
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_decrypt KeyManagementService.AsymmetricDecrypt}.
874
1070
  # @!attribute [rw] plaintext
875
1071
  # @return [::String]
876
1072
  # The decrypted data originally encrypted with the matching public key.
877
1073
  # @!attribute [rw] plaintext_crc32c
878
1074
  # @return [::Google::Protobuf::Int64Value]
879
1075
  # Integrity verification field. A CRC32C checksum of the returned
880
- # {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}. An integrity check of
881
- # {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext} can be performed by computing the
882
- # CRC32C checksum of {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext} and comparing
883
- # your results to this field. Discard the response in case of non-matching
884
- # checksum values, and perform a limited number of retries. A persistent
885
- # mismatch may indicate an issue in your computation of the CRC32C checksum.
886
- # Note: This field is defined as int64 for reasons of compatibility across
887
- # different languages. However, it is a non-negative integer, which will
888
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
889
- # that support this type.
1076
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}.
1077
+ # An integrity check of
1078
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}
1079
+ # can be performed by computing the CRC32C checksum of
1080
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}
1081
+ # and comparing your results to this field. Discard the response in case of
1082
+ # non-matching checksum values, and perform a limited number of retries. A
1083
+ # persistent mismatch may indicate an issue in your computation of the CRC32C
1084
+ # checksum. Note: This field is defined as int64 for reasons of compatibility
1085
+ # across different languages. However, it is a non-negative integer, which
1086
+ # will never exceed 2^32-1, and can be safely downconverted to uint32 in
1087
+ # languages that support this type.
890
1088
  # @!attribute [rw] verified_ciphertext_crc32c
891
1089
  # @return [::Boolean]
892
1090
  # Integrity verification field. A flag indicating whether
893
- # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c} was received by
894
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
895
- # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext ciphertext}. A false value of this
896
- # field indicates either that {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
897
- # was left unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If
898
- # you've set {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c} but this field is
899
- # still false, discard the response and perform a limited number of retries.
1091
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
1092
+ # was received by
1093
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
1094
+ # for the integrity verification of the
1095
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext ciphertext}. A
1096
+ # false value of this field indicates either that
1097
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
1098
+ # was left unset or that it was not delivered to
1099
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
1100
+ # set
1101
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
1102
+ # but this field is still false, discard the response and perform a limited
1103
+ # number of retries.
900
1104
  # @!attribute [rw] protection_level
901
1105
  # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
902
- # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in decryption.
1106
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
1107
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in
1108
+ # decryption.
903
1109
  class AsymmetricDecryptResponse
904
1110
  include ::Google::Protobuf::MessageExts
905
1111
  extend ::Google::Protobuf::MessageExts::ClassMethods
906
1112
  end
907
1113
 
908
- # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
1114
+ # Response message for
1115
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
909
1116
  # @!attribute [rw] name
910
1117
  # @return [::String]
911
- # The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing. Check
912
- # this field to verify that the intended resource was used for signing.
1118
+ # The resource name of the
1119
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
1120
+ # Check this field to verify that the intended resource was used for signing.
913
1121
  # @!attribute [rw] mac
914
1122
  # @return [::String]
915
1123
  # The created signature.
916
1124
  # @!attribute [rw] mac_crc32c
917
1125
  # @return [::Google::Protobuf::Int64Value]
918
1126
  # Integrity verification field. A CRC32C checksum of the returned
919
- # {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac}. An integrity check of
920
- # {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} can be performed by computing the
921
- # CRC32C checksum of {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} and comparing your
922
- # results to this field. Discard the response in case of non-matching
923
- # checksum values, and perform a limited number of retries. A persistent
924
- # mismatch may indicate an issue in your computation of the CRC32C checksum.
925
- # Note: This field is defined as int64 for reasons of compatibility across
926
- # different languages. However, it is a non-negative integer, which will
927
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
928
- # that support this type.
1127
+ # {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac}. An
1128
+ # integrity check of
1129
+ # {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} can be
1130
+ # performed by computing the CRC32C checksum of
1131
+ # {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} and
1132
+ # comparing your results to this field. Discard the response in case of
1133
+ # non-matching checksum values, and perform a limited number of retries. A
1134
+ # persistent mismatch may indicate an issue in your computation of the CRC32C
1135
+ # checksum. Note: This field is defined as int64 for reasons of compatibility
1136
+ # across different languages. However, it is a non-negative integer, which
1137
+ # will never exceed 2^32-1, and can be safely downconverted to uint32 in
1138
+ # languages that support this type.
929
1139
  # @!attribute [rw] verified_data_crc32c
930
1140
  # @return [::Boolean]
931
1141
  # Integrity verification field. A flag indicating whether
932
- # {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c} was received by
933
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
934
- # {::Google::Cloud::Kms::V1::MacSignRequest#data data}. A false value of this field
935
- # indicates either that {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c} was left
936
- # unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
937
- # set {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c} but this field is still false,
938
- # discard the response and perform a limited number of retries.
1142
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}
1143
+ # was received by
1144
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
1145
+ # for the integrity verification of the
1146
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data data}. A false value of this
1147
+ # field indicates either that
1148
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}
1149
+ # was left unset or that it was not delivered to
1150
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
1151
+ # set
1152
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}
1153
+ # but this field is still false, discard the response and perform a limited
1154
+ # number of retries.
939
1155
  # @!attribute [rw] protection_level
940
1156
  # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
941
- # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
1157
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
1158
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
942
1159
  class MacSignResponse
943
1160
  include ::Google::Protobuf::MessageExts
944
1161
  extend ::Google::Protobuf::MessageExts::ClassMethods
945
1162
  end
946
1163
 
947
- # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
1164
+ # Response message for
1165
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
948
1166
  # @!attribute [rw] name
949
1167
  # @return [::String]
950
- # The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for verification.
951
- # Check this field to verify that the intended resource was used for
952
- # verification.
1168
+ # The resource name of the
1169
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for
1170
+ # verification. Check this field to verify that the intended resource was
1171
+ # used for verification.
953
1172
  # @!attribute [rw] success
954
1173
  # @return [::Boolean]
955
1174
  # This field indicates whether or not the verification operation for
956
- # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} over {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} was successful.
1175
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} over
1176
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} was
1177
+ # successful.
957
1178
  # @!attribute [rw] verified_data_crc32c
958
1179
  # @return [::Boolean]
959
1180
  # Integrity verification field. A flag indicating whether
960
- # {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c} was received by
961
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
962
- # {::Google::Cloud::Kms::V1::MacVerifyRequest#data data}. A false value of this field
963
- # indicates either that {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c} was left
964
- # unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
965
- # set {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c} but this field is still false,
966
- # discard the response and perform a limited number of retries.
1181
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}
1182
+ # was received by
1183
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
1184
+ # for the integrity verification of the
1185
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data data}. A false value of this
1186
+ # field indicates either that
1187
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}
1188
+ # was left unset or that it was not delivered to
1189
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
1190
+ # set
1191
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}
1192
+ # but this field is still false, discard the response and perform a limited
1193
+ # number of retries.
967
1194
  # @!attribute [rw] verified_mac_crc32c
968
1195
  # @return [::Boolean]
969
1196
  # Integrity verification field. A flag indicating whether
970
- # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c} was received by
971
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
972
- # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac data}. A false value of this field
973
- # indicates either that {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c} was left
974
- # unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
975
- # set {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c} but this field is still false,
976
- # discard the response and perform a limited number of retries.
1197
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}
1198
+ # was received by
1199
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
1200
+ # for the integrity verification of the
1201
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac data}. A false value of this
1202
+ # field indicates either that
1203
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}
1204
+ # was left unset or that it was not delivered to
1205
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
1206
+ # set
1207
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}
1208
+ # but this field is still false, discard the response and perform a limited
1209
+ # number of retries.
977
1210
  # @!attribute [rw] verified_success_integrity
978
1211
  # @return [::Boolean]
979
1212
  # Integrity verification field. This value is used for the integrity
@@ -982,29 +1215,34 @@ module Google
982
1215
  # and perform a limited number of retries.
983
1216
  # @!attribute [rw] protection_level
984
1217
  # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
985
- # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for verification.
1218
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
1219
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for
1220
+ # verification.
986
1221
  class MacVerifyResponse
987
1222
  include ::Google::Protobuf::MessageExts
988
1223
  extend ::Google::Protobuf::MessageExts::ClassMethods
989
1224
  end
990
1225
 
991
- # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
1226
+ # Response message for
1227
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
992
1228
  # @!attribute [rw] data
993
1229
  # @return [::String]
994
1230
  # The generated data.
995
1231
  # @!attribute [rw] data_crc32c
996
1232
  # @return [::Google::Protobuf::Int64Value]
997
1233
  # Integrity verification field. A CRC32C checksum of the returned
998
- # {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}. An integrity check of
999
- # {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data} can be performed by computing the
1000
- # CRC32C checksum of {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data} and comparing your
1001
- # results to this field. Discard the response in case of non-matching
1002
- # checksum values, and perform a limited number of retries. A persistent
1003
- # mismatch may indicate an issue in your computation of the CRC32C checksum.
1004
- # Note: This field is defined as int64 for reasons of compatibility across
1005
- # different languages. However, it is a non-negative integer, which will
1006
- # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
1007
- # that support this type.
1234
+ # {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}.
1235
+ # An integrity check of
1236
+ # {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}
1237
+ # can be performed by computing the CRC32C checksum of
1238
+ # {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}
1239
+ # and comparing your results to this field. Discard the response in case of
1240
+ # non-matching checksum values, and perform a limited number of retries. A
1241
+ # persistent mismatch may indicate an issue in your computation of the CRC32C
1242
+ # checksum. Note: This field is defined as int64 for reasons of compatibility
1243
+ # across different languages. However, it is a non-negative integer, which
1244
+ # will never exceed 2^32-1, and can be safely downconverted to uint32 in
1245
+ # languages that support this type.
1008
1246
  class GenerateRandomBytesResponse
1009
1247
  include ::Google::Protobuf::MessageExts
1010
1248
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1025,17 +1263,20 @@ module Google
1025
1263
  extend ::Google::Protobuf::MessageExts::ClassMethods
1026
1264
  end
1027
1265
 
1028
- # Cloud KMS metadata for the given [google.cloud.location.Location][google.cloud.location.Location].
1266
+ # Cloud KMS metadata for the given
1267
+ # [google.cloud.location.Location][google.cloud.location.Location].
1029
1268
  # @!attribute [rw] hsm_available
1030
1269
  # @return [::Boolean]
1031
1270
  # Indicates whether {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with
1032
1271
  # {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}
1033
- # {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} can be created in this location.
1272
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} can be created in this
1273
+ # location.
1034
1274
  # @!attribute [rw] ekm_available
1035
1275
  # @return [::Boolean]
1036
1276
  # Indicates whether {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with
1037
1277
  # {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}
1038
- # {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL} can be created in this location.
1278
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL} can be created in
1279
+ # this location.
1039
1280
  class LocationMetadata
1040
1281
  include ::Google::Protobuf::MessageExts
1041
1282
  extend ::Google::Protobuf::MessageExts::ClassMethods