google-cloud-kms-v1 0.15.0 → 0.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/google/cloud/kms/v1/key_management_service/client.rb +42 -18
- data/lib/google/cloud/kms/v1/resources_pb.rb +4 -0
- data/lib/google/cloud/kms/v1/service_pb.rb +1 -0
- data/lib/google/cloud/kms/v1/version.rb +1 -1
- data/proto_docs/google/cloud/kms/v1/ekm_service.rb +14 -9
- data/proto_docs/google/cloud/kms/v1/resources.rb +31 -0
- data/proto_docs/google/cloud/kms/v1/service.rb +42 -17
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 88ccb6ea1616c6e3d3e167aaf3d0e81795d897a8f07922ceb7fccfe0be5c1baa
|
4
|
+
data.tar.gz: 2d635e795aef36e90ff5fa04ab772fc982e6ec30d3855a8741d358edbee26809
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ffcdda5aafc0cc3bef3e4b1dba6fea52819d282bf6af6a3d085802e2c447f5116c053d80fbc8978ee2540ed178ae5d9efbbf5316adf06f79ccfa641a30044e05
|
7
|
+
data.tar.gz: c16e58ed43dae8dbdafed46b687864cf1241dbc50ddec764406928cb9e702a30362d2862a63c6419f955f869bc28a8362fa1a1f51770acb79a6a075270927034
|
data/README.md
CHANGED
@@ -46,7 +46,7 @@ for general usage information.
|
|
46
46
|
## Enabling Logging
|
47
47
|
|
48
48
|
To enable logging for this library, set the logger for the underlying [gRPC](https://github.com/grpc/grpc/tree/master/src/ruby) library.
|
49
|
-
The logger that you set may be a Ruby stdlib [`Logger`](https://ruby-doc.org/
|
49
|
+
The logger that you set may be a Ruby stdlib [`Logger`](https://ruby-doc.org/current/stdlibs/logger/Logger.html) as shown below,
|
50
50
|
or a [`Google::Cloud::Logging::Logger`](https://googleapis.dev/ruby/google-cloud-logging/latest)
|
51
51
|
that will write logs to [Cloud Logging](https://cloud.google.com/logging/). See [grpc/logconfig.rb](https://github.com/grpc/grpc/blob/master/src/ruby/lib/grpc/logconfig.rb)
|
52
52
|
and the gRPC [spec_helper.rb](https://github.com/grpc/grpc/blob/master/src/ruby/spec/spec_helper.rb) for additional information.
|
@@ -1522,7 +1522,7 @@ module Google
|
|
1522
1522
|
# @param options [::Gapic::CallOptions, ::Hash]
|
1523
1523
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1524
1524
|
#
|
1525
|
-
# @overload import_crypto_key_version(parent: nil, crypto_key_version: nil, algorithm: nil, import_job: nil, rsa_aes_wrapped_key: nil)
|
1525
|
+
# @overload import_crypto_key_version(parent: nil, crypto_key_version: nil, algorithm: nil, import_job: nil, wrapped_key: nil, rsa_aes_wrapped_key: nil)
|
1526
1526
|
# Pass arguments to `import_crypto_key_version` via keyword arguments. Note that at
|
1527
1527
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
1528
1528
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -1564,32 +1564,52 @@ module Google
|
|
1564
1564
|
# Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
|
1565
1565
|
# {::Google::Cloud::Kms::V1::ImportJob ImportJob} that was used to wrap this key
|
1566
1566
|
# material.
|
1567
|
-
# @param
|
1568
|
-
#
|
1569
|
-
#
|
1567
|
+
# @param wrapped_key [::String]
|
1568
|
+
# Optional. The wrapped key material to import.
|
1569
|
+
#
|
1570
|
+
# Before wrapping, key material must be formatted. If importing symmetric key
|
1571
|
+
# material, the expected key material format is plain bytes. If importing
|
1572
|
+
# asymmetric key material, the expected key material format is PKCS#8-encoded
|
1573
|
+
# DER (the PrivateKeyInfo structure from RFC 5208).
|
1574
|
+
#
|
1575
|
+
# When wrapping with import methods
|
1576
|
+
# ({::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA1_AES_256 RSA_OAEP_3072_SHA1_AES_256}
|
1577
|
+
# or
|
1578
|
+
# {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA1_AES_256 RSA_OAEP_4096_SHA1_AES_256}
|
1579
|
+
# or
|
1580
|
+
# {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA256_AES_256 RSA_OAEP_3072_SHA256_AES_256}
|
1570
1581
|
# or
|
1571
|
-
# {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::
|
1582
|
+
# {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA256_AES_256 RSA_OAEP_4096_SHA256_AES_256}),
|
1572
1583
|
#
|
1573
|
-
#
|
1584
|
+
# this field must contain the concatenation of:
|
1574
1585
|
# <ol>
|
1575
1586
|
# <li>An ephemeral AES-256 wrapping key wrapped with the
|
1576
1587
|
# {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using
|
1577
|
-
# RSAES-OAEP with SHA-1/SHA-256, MGF1 with SHA-1/SHA-256, and an
|
1578
|
-
#
|
1588
|
+
# RSAES-OAEP with SHA-1/SHA-256, MGF1 with SHA-1/SHA-256, and an empty
|
1589
|
+
# label.
|
1579
1590
|
# </li>
|
1580
|
-
# <li>The key to be imported, wrapped with the ephemeral AES-256
|
1581
|
-
# using AES-KWP (RFC 5649).
|
1591
|
+
# <li>The formatted key to be imported, wrapped with the ephemeral AES-256
|
1592
|
+
# key using AES-KWP (RFC 5649).
|
1582
1593
|
# </li>
|
1583
1594
|
# </ol>
|
1584
1595
|
#
|
1585
|
-
# If importing symmetric key material, it is expected that the unwrapped
|
1586
|
-
# key contains plain bytes. If importing asymmetric key material, it is
|
1587
|
-
# expected that the unwrapped key is in PKCS#8-encoded DER format (the
|
1588
|
-
# PrivateKeyInfo structure from RFC 5208).
|
1589
|
-
#
|
1590
1596
|
# This format is the same as the format produced by PKCS#11 mechanism
|
1591
1597
|
# CKM_RSA_AES_KEY_WRAP.
|
1592
1598
|
#
|
1599
|
+
# When wrapping with import methods
|
1600
|
+
# ({::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA256 RSA_OAEP_3072_SHA256}
|
1601
|
+
# or
|
1602
|
+
# {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA256 RSA_OAEP_4096_SHA256}),
|
1603
|
+
#
|
1604
|
+
# this field must contain the formatted key to be imported, wrapped with the
|
1605
|
+
# {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using RSAES-OAEP
|
1606
|
+
# with SHA-256, MGF1 with SHA-256, and an empty label.
|
1607
|
+
# @param rsa_aes_wrapped_key [::String]
|
1608
|
+
# Optional. This field has the same meaning as
|
1609
|
+
# {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#wrapped_key wrapped_key}.
|
1610
|
+
# Prefer to use that field in new work. Either that field or this field
|
1611
|
+
# (but not both) must be specified.
|
1612
|
+
#
|
1593
1613
|
# @yield [response, operation] Access the result along with the RPC operation
|
1594
1614
|
# @yieldparam response [::Google::Cloud::Kms::V1::CryptoKeyVersion]
|
1595
1615
|
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
@@ -2265,7 +2285,9 @@ module Google
|
|
2265
2285
|
#
|
2266
2286
|
# The maximum size depends on the key version's
|
2267
2287
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
2268
|
-
# For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE}
|
2288
|
+
# For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE},
|
2289
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL}, and
|
2290
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL_VPC EXTERNAL_VPC} keys, the
|
2269
2291
|
# plaintext must be no larger than 64KiB. For
|
2270
2292
|
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
|
2271
2293
|
# the plaintext and additional_authenticated_data fields must be no larger
|
@@ -2277,8 +2299,10 @@ module Google
|
|
2277
2299
|
#
|
2278
2300
|
# The maximum size depends on the key version's
|
2279
2301
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
2280
|
-
# For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE}
|
2281
|
-
#
|
2302
|
+
# For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE},
|
2303
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL}, and
|
2304
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL_VPC EXTERNAL_VPC} keys the
|
2305
|
+
# AAD must be no larger than 64KiB. For
|
2282
2306
|
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
|
2283
2307
|
# the plaintext and additional_authenticated_data fields must be no larger
|
2284
2308
|
# than 8KiB.
|
@@ -143,6 +143,10 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
143
143
|
value :IMPORT_METHOD_UNSPECIFIED, 0
|
144
144
|
value :RSA_OAEP_3072_SHA1_AES_256, 1
|
145
145
|
value :RSA_OAEP_4096_SHA1_AES_256, 2
|
146
|
+
value :RSA_OAEP_3072_SHA256_AES_256, 3
|
147
|
+
value :RSA_OAEP_4096_SHA256_AES_256, 4
|
148
|
+
value :RSA_OAEP_3072_SHA256, 5
|
149
|
+
value :RSA_OAEP_4096_SHA256, 6
|
146
150
|
end
|
147
151
|
add_enum "google.cloud.kms.v1.ImportJob.ImportJobState" do
|
148
152
|
value :IMPORT_JOB_STATE_UNSPECIFIED, 0
|
@@ -98,6 +98,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
98
98
|
optional :crypto_key_version, :string, 6
|
99
99
|
optional :algorithm, :enum, 2, "google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm"
|
100
100
|
optional :import_job, :string, 4
|
101
|
+
optional :wrapped_key, :bytes, 8
|
101
102
|
oneof :wrapped_key_material do
|
102
103
|
optional :rsa_aes_wrapped_key, :bytes, 5
|
103
104
|
end
|
@@ -21,7 +21,8 @@ module Google
|
|
21
21
|
module Cloud
|
22
22
|
module Kms
|
23
23
|
module V1
|
24
|
-
# Request message for
|
24
|
+
# Request message for
|
25
|
+
# {::Google::Cloud::Kms::V1::EkmService::Client#list_ekm_connections EkmService.ListEkmConnections}.
|
25
26
|
# @!attribute [rw] parent
|
26
27
|
# @return [::String]
|
27
28
|
# Required. The resource name of the location associated with the
|
@@ -57,7 +58,8 @@ module Google
|
|
57
58
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
58
59
|
end
|
59
60
|
|
60
|
-
# Response message for
|
61
|
+
# Response message for
|
62
|
+
# {::Google::Cloud::Kms::V1::EkmService::Client#list_ekm_connections EkmService.ListEkmConnections}.
|
61
63
|
# @!attribute [rw] ekm_connections
|
62
64
|
# @return [::Array<::Google::Cloud::Kms::V1::EkmConnection>]
|
63
65
|
# The list of {::Google::Cloud::Kms::V1::EkmConnection EkmConnections}.
|
@@ -75,7 +77,8 @@ module Google
|
|
75
77
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
76
78
|
end
|
77
79
|
|
78
|
-
# Request message for
|
80
|
+
# Request message for
|
81
|
+
# {::Google::Cloud::Kms::V1::EkmService::Client#get_ekm_connection EkmService.GetEkmConnection}.
|
79
82
|
# @!attribute [rw] name
|
80
83
|
# @return [::String]
|
81
84
|
# Required. The {::Google::Cloud::Kms::V1::EkmConnection#name name} of the
|
@@ -85,7 +88,8 @@ module Google
|
|
85
88
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
86
89
|
end
|
87
90
|
|
88
|
-
# Request message for
|
91
|
+
# Request message for
|
92
|
+
# {::Google::Cloud::Kms::V1::EkmService::Client#create_ekm_connection EkmService.CreateEkmConnection}.
|
89
93
|
# @!attribute [rw] parent
|
90
94
|
# @return [::String]
|
91
95
|
# Required. The resource name of the location associated with the
|
@@ -104,7 +108,8 @@ module Google
|
|
104
108
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
105
109
|
end
|
106
110
|
|
107
|
-
# Request message for
|
111
|
+
# Request message for
|
112
|
+
# {::Google::Cloud::Kms::V1::EkmService::Client#update_ekm_connection EkmService.UpdateEkmConnection}.
|
108
113
|
# @!attribute [rw] ekm_connection
|
109
114
|
# @return [::Google::Cloud::Kms::V1::EkmConnection]
|
110
115
|
# Required. {::Google::Cloud::Kms::V1::EkmConnection EkmConnection} with updated
|
@@ -185,9 +190,8 @@ module Google
|
|
185
190
|
# supported.
|
186
191
|
# @!attribute [rw] etag
|
187
192
|
# @return [::String]
|
188
|
-
#
|
189
|
-
#
|
190
|
-
# value before proceeding.
|
193
|
+
# Optional. Etag of the currently stored
|
194
|
+
# {::Google::Cloud::Kms::V1::EkmConnection EkmConnection}.
|
191
195
|
class EkmConnection
|
192
196
|
include ::Google::Protobuf::MessageExts
|
193
197
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -214,7 +218,8 @@ module Google
|
|
214
218
|
# @!attribute [rw] server_certificates
|
215
219
|
# @return [::Array<::Google::Cloud::Kms::V1::Certificate>]
|
216
220
|
# Required. A list of leaf server certificates used to authenticate HTTPS
|
217
|
-
# connections to the EKM replica.
|
221
|
+
# connections to the EKM replica. Currently, a maximum of 10
|
222
|
+
# {::Google::Cloud::Kms::V1::Certificate Certificate} is supported.
|
218
223
|
class ServiceResolver
|
219
224
|
include ::Google::Protobuf::MessageExts
|
220
225
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -254,6 +254,9 @@ module Google
|
|
254
254
|
|
255
255
|
# Cavium HSM attestation compressed with gzip. Note that this format is
|
256
256
|
# defined by Cavium and subject to change at any time.
|
257
|
+
#
|
258
|
+
# See
|
259
|
+
# https://www.marvell.com/products/security-solutions/nitrox-hs-adapters/software-key-attestation.html.
|
257
260
|
CAVIUM_V1_COMPRESSED = 3
|
258
261
|
|
259
262
|
# Cavium HSM attestation V2 compressed with gzip. This is a new format
|
@@ -736,6 +739,34 @@ module Google
|
|
736
739
|
# [RSA AES key wrap
|
737
740
|
# mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908).
|
738
741
|
RSA_OAEP_4096_SHA1_AES_256 = 2
|
742
|
+
|
743
|
+
# This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping
|
744
|
+
# scheme defined in the PKCS #11 standard. In summary, this involves
|
745
|
+
# wrapping the raw key with an ephemeral AES key, and wrapping the
|
746
|
+
# ephemeral AES key with a 3072 bit RSA key. For more details, see
|
747
|
+
# [RSA AES key wrap
|
748
|
+
# mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908).
|
749
|
+
RSA_OAEP_3072_SHA256_AES_256 = 3
|
750
|
+
|
751
|
+
# This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping
|
752
|
+
# scheme defined in the PKCS #11 standard. In summary, this involves
|
753
|
+
# wrapping the raw key with an ephemeral AES key, and wrapping the
|
754
|
+
# ephemeral AES key with a 4096 bit RSA key. For more details, see
|
755
|
+
# [RSA AES key wrap
|
756
|
+
# mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908).
|
757
|
+
RSA_OAEP_4096_SHA256_AES_256 = 4
|
758
|
+
|
759
|
+
# This ImportMethod represents RSAES-OAEP with a 3072 bit RSA key. The
|
760
|
+
# key material to be imported is wrapped directly with the RSA key. Due
|
761
|
+
# to technical limitations of RSA wrapping, this method cannot be used to
|
762
|
+
# wrap RSA keys for import.
|
763
|
+
RSA_OAEP_3072_SHA256 = 5
|
764
|
+
|
765
|
+
# This ImportMethod represents RSAES-OAEP with a 4096 bit RSA key. The
|
766
|
+
# key material to be imported is wrapped directly with the RSA key. Due
|
767
|
+
# to technical limitations of RSA wrapping, this method cannot be used to
|
768
|
+
# wrap RSA keys for import.
|
769
|
+
RSA_OAEP_4096_SHA256 = 6
|
739
770
|
end
|
740
771
|
|
741
772
|
# The state of the {::Google::Cloud::Kms::V1::ImportJob ImportJob}, indicating if
|
@@ -413,32 +413,53 @@ module Google
|
|
413
413
|
# Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
|
414
414
|
# {::Google::Cloud::Kms::V1::ImportJob ImportJob} that was used to wrap this key
|
415
415
|
# material.
|
416
|
-
# @!attribute [rw]
|
416
|
+
# @!attribute [rw] wrapped_key
|
417
417
|
# @return [::String]
|
418
|
-
#
|
419
|
-
#
|
418
|
+
# Optional. The wrapped key material to import.
|
419
|
+
#
|
420
|
+
# Before wrapping, key material must be formatted. If importing symmetric key
|
421
|
+
# material, the expected key material format is plain bytes. If importing
|
422
|
+
# asymmetric key material, the expected key material format is PKCS#8-encoded
|
423
|
+
# DER (the PrivateKeyInfo structure from RFC 5208).
|
424
|
+
#
|
425
|
+
# When wrapping with import methods
|
426
|
+
# ({::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA1_AES_256 RSA_OAEP_3072_SHA1_AES_256}
|
420
427
|
# or
|
421
|
-
# {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA1_AES_256 RSA_OAEP_4096_SHA1_AES_256}
|
428
|
+
# {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA1_AES_256 RSA_OAEP_4096_SHA1_AES_256}
|
429
|
+
# or
|
430
|
+
# {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA256_AES_256 RSA_OAEP_3072_SHA256_AES_256}
|
431
|
+
# or
|
432
|
+
# {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA256_AES_256 RSA_OAEP_4096_SHA256_AES_256}),
|
422
433
|
#
|
423
|
-
#
|
434
|
+
# this field must contain the concatenation of:
|
424
435
|
# <ol>
|
425
436
|
# <li>An ephemeral AES-256 wrapping key wrapped with the
|
426
437
|
# {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using
|
427
|
-
# RSAES-OAEP with SHA-1/SHA-256, MGF1 with SHA-1/SHA-256, and an
|
428
|
-
#
|
438
|
+
# RSAES-OAEP with SHA-1/SHA-256, MGF1 with SHA-1/SHA-256, and an empty
|
439
|
+
# label.
|
429
440
|
# </li>
|
430
|
-
# <li>The key to be imported, wrapped with the ephemeral AES-256
|
431
|
-
# using AES-KWP (RFC 5649).
|
441
|
+
# <li>The formatted key to be imported, wrapped with the ephemeral AES-256
|
442
|
+
# key using AES-KWP (RFC 5649).
|
432
443
|
# </li>
|
433
444
|
# </ol>
|
434
445
|
#
|
435
|
-
# If importing symmetric key material, it is expected that the unwrapped
|
436
|
-
# key contains plain bytes. If importing asymmetric key material, it is
|
437
|
-
# expected that the unwrapped key is in PKCS#8-encoded DER format (the
|
438
|
-
# PrivateKeyInfo structure from RFC 5208).
|
439
|
-
#
|
440
446
|
# This format is the same as the format produced by PKCS#11 mechanism
|
441
447
|
# CKM_RSA_AES_KEY_WRAP.
|
448
|
+
#
|
449
|
+
# When wrapping with import methods
|
450
|
+
# ({::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA256 RSA_OAEP_3072_SHA256}
|
451
|
+
# or
|
452
|
+
# {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA256 RSA_OAEP_4096_SHA256}),
|
453
|
+
#
|
454
|
+
# this field must contain the formatted key to be imported, wrapped with the
|
455
|
+
# {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using RSAES-OAEP
|
456
|
+
# with SHA-256, MGF1 with SHA-256, and an empty label.
|
457
|
+
# @!attribute [rw] rsa_aes_wrapped_key
|
458
|
+
# @return [::String]
|
459
|
+
# Optional. This field has the same meaning as
|
460
|
+
# {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#wrapped_key wrapped_key}.
|
461
|
+
# Prefer to use that field in new work. Either that field or this field
|
462
|
+
# (but not both) must be specified.
|
442
463
|
class ImportCryptoKeyVersionRequest
|
443
464
|
include ::Google::Protobuf::MessageExts
|
444
465
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -545,7 +566,9 @@ module Google
|
|
545
566
|
#
|
546
567
|
# The maximum size depends on the key version's
|
547
568
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
548
|
-
# For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE}
|
569
|
+
# For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE},
|
570
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL}, and
|
571
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL_VPC EXTERNAL_VPC} keys, the
|
549
572
|
# plaintext must be no larger than 64KiB. For
|
550
573
|
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
|
551
574
|
# the plaintext and additional_authenticated_data fields must be no larger
|
@@ -558,8 +581,10 @@ module Google
|
|
558
581
|
#
|
559
582
|
# The maximum size depends on the key version's
|
560
583
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
561
|
-
# For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE}
|
562
|
-
#
|
584
|
+
# For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE},
|
585
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL}, and
|
586
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL_VPC EXTERNAL_VPC} keys the
|
587
|
+
# AAD must be no larger than 64KiB. For
|
563
588
|
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
|
564
589
|
# the plaintext and additional_authenticated_data fields must be no larger
|
565
590
|
# than 8KiB.
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-kms-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.16.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-12-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|