google-cloud-kms-v1 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +4 -0
- data/lib/google/cloud/kms/v1/iam_policy/client.rb +2 -2
- data/lib/google/cloud/kms/v1/key_management_service/client.rb +125 -27
- data/lib/google/cloud/kms/v1/resources_pb.rb +3 -0
- data/lib/google/cloud/kms/v1/service_pb.rb +16 -0
- data/lib/google/cloud/kms/v1/service_services_pb.rb +23 -23
- data/lib/google/cloud/kms/v1/version.rb +1 -1
- data/lib/google/iam/v1/iam_policy_services_pb.rb +3 -3
- data/proto_docs/google/cloud/kms/v1/resources.rb +24 -3
- data/proto_docs/google/cloud/kms/v1/service.rb +221 -0
- data/proto_docs/google/protobuf/wrappers.rb +121 -0
- metadata +6 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2eca5412f99750c9a2e2dee1d198b71113fcfb7e4d6361306dfd3375378c79b9
|
4
|
+
data.tar.gz: a72fbd0da46e1a78c6206a4ddd77222867d9769ced8bb2d40f40de871b997cef
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a788d037c30e161cdc7445d8532c55b0cfb193238618dbfb3ad07c7743bcfc86f72a13e62dff24f3456916d0094a87a266ab855007dbf2878d548633b77ed4e0
|
7
|
+
data.tar.gz: 895f78bd1f3e271d42ed7c209ae37921aa7fd0b22e9273f167287a797b2aa69d5286d66378f11f700e24cee91242908591a8092c125f0d2e3b4a65bbc2ace7ff
|
data/README.md
CHANGED
@@ -18,6 +18,7 @@ In order to use this library, you first need to go through the following steps:
|
|
18
18
|
|
19
19
|
1. [Select or create a Cloud Platform project.](https://console.cloud.google.com/project)
|
20
20
|
1. [Enable billing for your project.](https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project)
|
21
|
+
1. [Enable the API.](https://console.cloud.google.com/apis/library/cloudkms.googleapis.com)
|
21
22
|
1. {file:AUTHENTICATION.md Set up authentication.}
|
22
23
|
|
23
24
|
## Quick Start
|
@@ -33,6 +34,9 @@ response = client.list_key_rings request
|
|
33
34
|
View the [Client Library Documentation](https://googleapis.dev/ruby/google-cloud-kms-v1/latest)
|
34
35
|
for class and method documentation.
|
35
36
|
|
37
|
+
See also the [Product Documentation](https://cloud.google.com/kms)
|
38
|
+
for general usage information.
|
39
|
+
|
36
40
|
## Enabling Logging
|
37
41
|
|
38
42
|
To enable logging for this library, set the logger for the underlying [gRPC](https://github.com/grpc/grpc/tree/master/src/ruby) library.
|
@@ -474,7 +474,7 @@ module Google
|
|
474
474
|
|
475
475
|
config_attr :endpoint, "cloudkms.googleapis.com", ::String
|
476
476
|
config_attr :credentials, nil do |value|
|
477
|
-
allowed = [::String, ::Hash, ::Proc, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
477
|
+
allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
478
478
|
allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC
|
479
479
|
allowed.any? { |klass| klass === value }
|
480
480
|
end
|
@@ -502,7 +502,7 @@ module Google
|
|
502
502
|
def rpcs
|
503
503
|
@rpcs ||= begin
|
504
504
|
parent_rpcs = nil
|
505
|
-
parent_rpcs = @parent_config.rpcs if @parent_config&.respond_to?
|
505
|
+
parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config&.respond_to?(:rpcs)
|
506
506
|
Rpcs.new parent_rpcs
|
507
507
|
end
|
508
508
|
end
|
@@ -81,7 +81,7 @@ module Google
|
|
81
81
|
initial_delay: 0.1,
|
82
82
|
max_delay: 60.0,
|
83
83
|
multiplier: 1.3,
|
84
|
-
retry_codes: [
|
84
|
+
retry_codes: [13, 14, 4]
|
85
85
|
}
|
86
86
|
|
87
87
|
default_config.rpcs.list_crypto_keys.timeout = 60.0
|
@@ -89,7 +89,7 @@ module Google
|
|
89
89
|
initial_delay: 0.1,
|
90
90
|
max_delay: 60.0,
|
91
91
|
multiplier: 1.3,
|
92
|
-
retry_codes: [
|
92
|
+
retry_codes: [13, 14, 4]
|
93
93
|
}
|
94
94
|
|
95
95
|
default_config.rpcs.list_crypto_key_versions.timeout = 60.0
|
@@ -97,7 +97,7 @@ module Google
|
|
97
97
|
initial_delay: 0.1,
|
98
98
|
max_delay: 60.0,
|
99
99
|
multiplier: 1.3,
|
100
|
-
retry_codes: [
|
100
|
+
retry_codes: [13, 14, 4]
|
101
101
|
}
|
102
102
|
|
103
103
|
default_config.rpcs.list_import_jobs.timeout = 60.0
|
@@ -105,7 +105,7 @@ module Google
|
|
105
105
|
initial_delay: 0.1,
|
106
106
|
max_delay: 60.0,
|
107
107
|
multiplier: 1.3,
|
108
|
-
retry_codes: [
|
108
|
+
retry_codes: [13, 14, 4]
|
109
109
|
}
|
110
110
|
|
111
111
|
default_config.rpcs.get_key_ring.timeout = 60.0
|
@@ -113,7 +113,7 @@ module Google
|
|
113
113
|
initial_delay: 0.1,
|
114
114
|
max_delay: 60.0,
|
115
115
|
multiplier: 1.3,
|
116
|
-
retry_codes: [
|
116
|
+
retry_codes: [13, 14, 4]
|
117
117
|
}
|
118
118
|
|
119
119
|
default_config.rpcs.get_crypto_key.timeout = 60.0
|
@@ -121,7 +121,7 @@ module Google
|
|
121
121
|
initial_delay: 0.1,
|
122
122
|
max_delay: 60.0,
|
123
123
|
multiplier: 1.3,
|
124
|
-
retry_codes: [
|
124
|
+
retry_codes: [13, 14, 4]
|
125
125
|
}
|
126
126
|
|
127
127
|
default_config.rpcs.get_crypto_key_version.timeout = 60.0
|
@@ -129,7 +129,7 @@ module Google
|
|
129
129
|
initial_delay: 0.1,
|
130
130
|
max_delay: 60.0,
|
131
131
|
multiplier: 1.3,
|
132
|
-
retry_codes: [
|
132
|
+
retry_codes: [13, 14, 4]
|
133
133
|
}
|
134
134
|
|
135
135
|
default_config.rpcs.get_public_key.timeout = 60.0
|
@@ -137,7 +137,7 @@ module Google
|
|
137
137
|
initial_delay: 0.1,
|
138
138
|
max_delay: 60.0,
|
139
139
|
multiplier: 1.3,
|
140
|
-
retry_codes: [
|
140
|
+
retry_codes: [13, 14, 4]
|
141
141
|
}
|
142
142
|
|
143
143
|
default_config.rpcs.get_import_job.timeout = 60.0
|
@@ -145,7 +145,7 @@ module Google
|
|
145
145
|
initial_delay: 0.1,
|
146
146
|
max_delay: 60.0,
|
147
147
|
multiplier: 1.3,
|
148
|
-
retry_codes: [
|
148
|
+
retry_codes: [13, 14, 4]
|
149
149
|
}
|
150
150
|
|
151
151
|
default_config.rpcs.create_key_ring.timeout = 60.0
|
@@ -153,7 +153,7 @@ module Google
|
|
153
153
|
initial_delay: 0.1,
|
154
154
|
max_delay: 60.0,
|
155
155
|
multiplier: 1.3,
|
156
|
-
retry_codes: [
|
156
|
+
retry_codes: [13, 14, 4]
|
157
157
|
}
|
158
158
|
|
159
159
|
default_config.rpcs.create_crypto_key.timeout = 60.0
|
@@ -161,7 +161,7 @@ module Google
|
|
161
161
|
initial_delay: 0.1,
|
162
162
|
max_delay: 60.0,
|
163
163
|
multiplier: 1.3,
|
164
|
-
retry_codes: [
|
164
|
+
retry_codes: [13, 14, 4]
|
165
165
|
}
|
166
166
|
|
167
167
|
default_config.rpcs.create_crypto_key_version.timeout = 60.0
|
@@ -173,7 +173,7 @@ module Google
|
|
173
173
|
initial_delay: 0.1,
|
174
174
|
max_delay: 60.0,
|
175
175
|
multiplier: 1.3,
|
176
|
-
retry_codes: [
|
176
|
+
retry_codes: [13, 14, 4]
|
177
177
|
}
|
178
178
|
|
179
179
|
default_config.rpcs.update_crypto_key.timeout = 60.0
|
@@ -181,7 +181,7 @@ module Google
|
|
181
181
|
initial_delay: 0.1,
|
182
182
|
max_delay: 60.0,
|
183
183
|
multiplier: 1.3,
|
184
|
-
retry_codes: [
|
184
|
+
retry_codes: [13, 14, 4]
|
185
185
|
}
|
186
186
|
|
187
187
|
default_config.rpcs.update_crypto_key_version.timeout = 60.0
|
@@ -189,7 +189,7 @@ module Google
|
|
189
189
|
initial_delay: 0.1,
|
190
190
|
max_delay: 60.0,
|
191
191
|
multiplier: 1.3,
|
192
|
-
retry_codes: [
|
192
|
+
retry_codes: [13, 14, 4]
|
193
193
|
}
|
194
194
|
|
195
195
|
default_config.rpcs.encrypt.timeout = 60.0
|
@@ -197,7 +197,7 @@ module Google
|
|
197
197
|
initial_delay: 0.1,
|
198
198
|
max_delay: 60.0,
|
199
199
|
multiplier: 1.3,
|
200
|
-
retry_codes: [
|
200
|
+
retry_codes: [13, 14, 4]
|
201
201
|
}
|
202
202
|
|
203
203
|
default_config.rpcs.decrypt.timeout = 60.0
|
@@ -205,7 +205,7 @@ module Google
|
|
205
205
|
initial_delay: 0.1,
|
206
206
|
max_delay: 60.0,
|
207
207
|
multiplier: 1.3,
|
208
|
-
retry_codes: [
|
208
|
+
retry_codes: [13, 14, 4]
|
209
209
|
}
|
210
210
|
|
211
211
|
default_config.rpcs.asymmetric_sign.timeout = 60.0
|
@@ -213,7 +213,7 @@ module Google
|
|
213
213
|
initial_delay: 0.1,
|
214
214
|
max_delay: 60.0,
|
215
215
|
multiplier: 1.3,
|
216
|
-
retry_codes: [
|
216
|
+
retry_codes: [13, 14, 4]
|
217
217
|
}
|
218
218
|
|
219
219
|
default_config.rpcs.asymmetric_decrypt.timeout = 60.0
|
@@ -221,7 +221,7 @@ module Google
|
|
221
221
|
initial_delay: 0.1,
|
222
222
|
max_delay: 60.0,
|
223
223
|
multiplier: 1.3,
|
224
|
-
retry_codes: [
|
224
|
+
retry_codes: [13, 14, 4]
|
225
225
|
}
|
226
226
|
|
227
227
|
default_config.rpcs.update_crypto_key_primary_version.timeout = 60.0
|
@@ -229,7 +229,7 @@ module Google
|
|
229
229
|
initial_delay: 0.1,
|
230
230
|
max_delay: 60.0,
|
231
231
|
multiplier: 1.3,
|
232
|
-
retry_codes: [
|
232
|
+
retry_codes: [13, 14, 4]
|
233
233
|
}
|
234
234
|
|
235
235
|
default_config.rpcs.destroy_crypto_key_version.timeout = 60.0
|
@@ -237,7 +237,7 @@ module Google
|
|
237
237
|
initial_delay: 0.1,
|
238
238
|
max_delay: 60.0,
|
239
239
|
multiplier: 1.3,
|
240
|
-
retry_codes: [
|
240
|
+
retry_codes: [13, 14, 4]
|
241
241
|
}
|
242
242
|
|
243
243
|
default_config.rpcs.restore_crypto_key_version.timeout = 60.0
|
@@ -245,7 +245,7 @@ module Google
|
|
245
245
|
initial_delay: 0.1,
|
246
246
|
max_delay: 60.0,
|
247
247
|
multiplier: 1.3,
|
248
|
-
retry_codes: [
|
248
|
+
retry_codes: [13, 14, 4]
|
249
249
|
}
|
250
250
|
|
251
251
|
default_config
|
@@ -1572,7 +1572,7 @@ module Google
|
|
1572
1572
|
# @param options [::Gapic::CallOptions, ::Hash]
|
1573
1573
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1574
1574
|
#
|
1575
|
-
# @overload encrypt(name: nil, plaintext: nil, additional_authenticated_data: nil)
|
1575
|
+
# @overload encrypt(name: nil, plaintext: nil, additional_authenticated_data: nil, plaintext_crc32c: nil, additional_authenticated_data_crc32c: nil)
|
1576
1576
|
# Pass arguments to `encrypt` via keyword arguments. Note that at
|
1577
1577
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
1578
1578
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -1602,6 +1602,39 @@ module Google
|
|
1602
1602
|
# 64KiB. For {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of the
|
1603
1603
|
# plaintext and additional_authenticated_data fields must be no larger than
|
1604
1604
|
# 8KiB.
|
1605
|
+
# @param plaintext_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1606
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}. If
|
1607
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
1608
|
+
# received {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext} using this checksum.
|
1609
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
1610
|
+
# fails. If you receive a checksum error, your client should verify that
|
1611
|
+
# CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}) is equal to
|
1612
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}, and if so, perform a limited number of
|
1613
|
+
# retries. A persistent mismatch may indicate an issue in your computation of
|
1614
|
+
# the CRC32C checksum.
|
1615
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1616
|
+
# different languages. However, it is a non-negative integer, which will
|
1617
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1618
|
+
# that support this type.
|
1619
|
+
#
|
1620
|
+
# NOTE: This field is in Beta.
|
1621
|
+
# @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1622
|
+
# Optional. An optional CRC32C checksum of the
|
1623
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}. If specified,
|
1624
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received
|
1625
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data} using this checksum.
|
1626
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
1627
|
+
# fails. If you receive a checksum error, your client should verify that
|
1628
|
+
# CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}) is equal to
|
1629
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}, and if so, perform
|
1630
|
+
# a limited number of retries. A persistent mismatch may indicate an issue in
|
1631
|
+
# your computation of the CRC32C checksum.
|
1632
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1633
|
+
# different languages. However, it is a non-negative integer, which will
|
1634
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1635
|
+
# that support this type.
|
1636
|
+
#
|
1637
|
+
# NOTE: This field is in Beta.
|
1605
1638
|
#
|
1606
1639
|
# @yield [response, operation] Access the result along with the RPC operation
|
1607
1640
|
# @yieldparam response [::Google::Cloud::Kms::V1::EncryptResponse]
|
@@ -1662,7 +1695,7 @@ module Google
|
|
1662
1695
|
# @param options [::Gapic::CallOptions, ::Hash]
|
1663
1696
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1664
1697
|
#
|
1665
|
-
# @overload decrypt(name: nil, ciphertext: nil, additional_authenticated_data: nil)
|
1698
|
+
# @overload decrypt(name: nil, ciphertext: nil, additional_authenticated_data: nil, ciphertext_crc32c: nil, additional_authenticated_data_crc32c: nil)
|
1666
1699
|
# Pass arguments to `decrypt` via keyword arguments. Note that at
|
1667
1700
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
1668
1701
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -1676,6 +1709,39 @@ module Google
|
|
1676
1709
|
# @param additional_authenticated_data [::String]
|
1677
1710
|
# Optional. Optional data that must match the data originally supplied in
|
1678
1711
|
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
|
1712
|
+
# @param ciphertext_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1713
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}. If
|
1714
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
1715
|
+
# received {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext} using this checksum.
|
1716
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
1717
|
+
# fails. If you receive a checksum error, your client should verify that
|
1718
|
+
# CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}) is equal to
|
1719
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext_crc32c DecryptRequest.ciphertext_crc32c}, and if so, perform a limited number
|
1720
|
+
# of retries. A persistent mismatch may indicate an issue in your computation
|
1721
|
+
# of the CRC32C checksum.
|
1722
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1723
|
+
# different languages. However, it is a non-negative integer, which will
|
1724
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1725
|
+
# that support this type.
|
1726
|
+
#
|
1727
|
+
# NOTE: This field is in Beta.
|
1728
|
+
# @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1729
|
+
# Optional. An optional CRC32C checksum of the
|
1730
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}. If specified,
|
1731
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received
|
1732
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data} using this checksum.
|
1733
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
1734
|
+
# fails. If you receive a checksum error, your client should verify that
|
1735
|
+
# CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}) is equal to
|
1736
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data_crc32c DecryptRequest.additional_authenticated_data_crc32c}, and if so, perform
|
1737
|
+
# a limited number of retries. A persistent mismatch may indicate an issue in
|
1738
|
+
# your computation of the CRC32C checksum.
|
1739
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1740
|
+
# different languages. However, it is a non-negative integer, which will
|
1741
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1742
|
+
# that support this type.
|
1743
|
+
#
|
1744
|
+
# NOTE: This field is in Beta.
|
1679
1745
|
#
|
1680
1746
|
# @yield [response, operation] Access the result along with the RPC operation
|
1681
1747
|
# @yieldparam response [::Google::Cloud::Kms::V1::DecryptResponse]
|
@@ -1737,7 +1803,7 @@ module Google
|
|
1737
1803
|
# @param options [::Gapic::CallOptions, ::Hash]
|
1738
1804
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1739
1805
|
#
|
1740
|
-
# @overload asymmetric_sign(name: nil, digest: nil)
|
1806
|
+
# @overload asymmetric_sign(name: nil, digest: nil, digest_crc32c: nil)
|
1741
1807
|
# Pass arguments to `asymmetric_sign` via keyword arguments. Note that at
|
1742
1808
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
1743
1809
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -1748,6 +1814,22 @@ module Google
|
|
1748
1814
|
# Required. The digest of the data to sign. The digest must be produced with
|
1749
1815
|
# the same digest algorithm as specified by the key version's
|
1750
1816
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersion#algorithm algorithm}.
|
1817
|
+
# @param digest_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1818
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}. If
|
1819
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
1820
|
+
# received {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest} using this checksum.
|
1821
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
1822
|
+
# fails. If you receive a checksum error, your client should verify that
|
1823
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}) is equal to
|
1824
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}, and if so, perform a limited
|
1825
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
1826
|
+
# computation of the CRC32C checksum.
|
1827
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1828
|
+
# different languages. However, it is a non-negative integer, which will
|
1829
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1830
|
+
# that support this type.
|
1831
|
+
#
|
1832
|
+
# NOTE: This field is in Beta.
|
1751
1833
|
#
|
1752
1834
|
# @yield [response, operation] Access the result along with the RPC operation
|
1753
1835
|
# @yieldparam response [::Google::Cloud::Kms::V1::AsymmetricSignResponse]
|
@@ -1809,7 +1891,7 @@ module Google
|
|
1809
1891
|
# @param options [::Gapic::CallOptions, ::Hash]
|
1810
1892
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1811
1893
|
#
|
1812
|
-
# @overload asymmetric_decrypt(name: nil, ciphertext: nil)
|
1894
|
+
# @overload asymmetric_decrypt(name: nil, ciphertext: nil, ciphertext_crc32c: nil)
|
1813
1895
|
# Pass arguments to `asymmetric_decrypt` via keyword arguments. Note that at
|
1814
1896
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
1815
1897
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -1820,6 +1902,22 @@ module Google
|
|
1820
1902
|
# @param ciphertext [::String]
|
1821
1903
|
# Required. The data encrypted with the named {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s public
|
1822
1904
|
# key using OAEP.
|
1905
|
+
# @param ciphertext_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1906
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}.
|
1907
|
+
# If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
1908
|
+
# received {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext} using this checksum.
|
1909
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
1910
|
+
# fails. If you receive a checksum error, your client should verify that
|
1911
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}) is equal to
|
1912
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}, and if so, perform a
|
1913
|
+
# limited number of retries. A persistent mismatch may indicate an issue in
|
1914
|
+
# your computation of the CRC32C checksum.
|
1915
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1916
|
+
# different languages. However, it is a non-negative integer, which will
|
1917
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1918
|
+
# that support this type.
|
1919
|
+
#
|
1920
|
+
# NOTE: This field is in Beta.
|
1823
1921
|
#
|
1824
1922
|
# @yield [response, operation] Access the result along with the RPC operation
|
1825
1923
|
# @yieldparam response [::Google::Cloud::Kms::V1::AsymmetricDecryptResponse]
|
@@ -2170,7 +2268,7 @@ module Google
|
|
2170
2268
|
|
2171
2269
|
config_attr :endpoint, "cloudkms.googleapis.com", ::String
|
2172
2270
|
config_attr :credentials, nil do |value|
|
2173
|
-
allowed = [::String, ::Hash, ::Proc, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
2271
|
+
allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
2174
2272
|
allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC
|
2175
2273
|
allowed.any? { |klass| klass === value }
|
2176
2274
|
end
|
@@ -2198,7 +2296,7 @@ module Google
|
|
2198
2296
|
def rpcs
|
2199
2297
|
@rpcs ||= begin
|
2200
2298
|
parent_rpcs = nil
|
2201
|
-
parent_rpcs = @parent_config.rpcs if @parent_config&.respond_to?
|
2299
|
+
parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config&.respond_to?(:rpcs)
|
2202
2300
|
Rpcs.new parent_rpcs
|
2203
2301
|
end
|
2204
2302
|
end
|
@@ -7,6 +7,7 @@ require 'google/api/field_behavior_pb'
|
|
7
7
|
require 'google/api/resource_pb'
|
8
8
|
require 'google/protobuf/duration_pb'
|
9
9
|
require 'google/protobuf/timestamp_pb'
|
10
|
+
require 'google/protobuf/wrappers_pb'
|
10
11
|
require 'google/api/annotations_pb'
|
11
12
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
12
13
|
add_file("google/cloud/kms/v1/resources.proto", :syntax => :proto3) do
|
@@ -96,6 +97,8 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
96
97
|
add_message "google.cloud.kms.v1.PublicKey" do
|
97
98
|
optional :pem, :string, 1
|
98
99
|
optional :algorithm, :enum, 2, "google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm"
|
100
|
+
optional :pem_crc32c, :message, 3, "google.protobuf.Int64Value"
|
101
|
+
optional :name, :string, 4
|
99
102
|
end
|
100
103
|
add_message "google.cloud.kms.v1.ImportJob" do
|
101
104
|
optional :name, :string, 1
|
@@ -9,6 +9,7 @@ require 'google/api/field_behavior_pb'
|
|
9
9
|
require 'google/api/resource_pb'
|
10
10
|
require 'google/cloud/kms/v1/resources_pb'
|
11
11
|
require 'google/protobuf/field_mask_pb'
|
12
|
+
require 'google/protobuf/wrappers_pb'
|
12
13
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
13
14
|
add_file("google/cloud/kms/v1/service.proto", :syntax => :proto3) do
|
14
15
|
add_message "google.cloud.kms.v1.ListKeyRingsRequest" do
|
@@ -116,32 +117,47 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
116
117
|
optional :name, :string, 1
|
117
118
|
optional :plaintext, :bytes, 2
|
118
119
|
optional :additional_authenticated_data, :bytes, 3
|
120
|
+
optional :plaintext_crc32c, :message, 7, "google.protobuf.Int64Value"
|
121
|
+
optional :additional_authenticated_data_crc32c, :message, 8, "google.protobuf.Int64Value"
|
119
122
|
end
|
120
123
|
add_message "google.cloud.kms.v1.DecryptRequest" do
|
121
124
|
optional :name, :string, 1
|
122
125
|
optional :ciphertext, :bytes, 2
|
123
126
|
optional :additional_authenticated_data, :bytes, 3
|
127
|
+
optional :ciphertext_crc32c, :message, 5, "google.protobuf.Int64Value"
|
128
|
+
optional :additional_authenticated_data_crc32c, :message, 6, "google.protobuf.Int64Value"
|
124
129
|
end
|
125
130
|
add_message "google.cloud.kms.v1.AsymmetricSignRequest" do
|
126
131
|
optional :name, :string, 1
|
127
132
|
optional :digest, :message, 3, "google.cloud.kms.v1.Digest"
|
133
|
+
optional :digest_crc32c, :message, 4, "google.protobuf.Int64Value"
|
128
134
|
end
|
129
135
|
add_message "google.cloud.kms.v1.AsymmetricDecryptRequest" do
|
130
136
|
optional :name, :string, 1
|
131
137
|
optional :ciphertext, :bytes, 3
|
138
|
+
optional :ciphertext_crc32c, :message, 4, "google.protobuf.Int64Value"
|
132
139
|
end
|
133
140
|
add_message "google.cloud.kms.v1.DecryptResponse" do
|
134
141
|
optional :plaintext, :bytes, 1
|
142
|
+
optional :plaintext_crc32c, :message, 2, "google.protobuf.Int64Value"
|
135
143
|
end
|
136
144
|
add_message "google.cloud.kms.v1.EncryptResponse" do
|
137
145
|
optional :name, :string, 1
|
138
146
|
optional :ciphertext, :bytes, 2
|
147
|
+
optional :ciphertext_crc32c, :message, 4, "google.protobuf.Int64Value"
|
148
|
+
optional :verified_plaintext_crc32c, :bool, 5
|
149
|
+
optional :verified_additional_authenticated_data_crc32c, :bool, 6
|
139
150
|
end
|
140
151
|
add_message "google.cloud.kms.v1.AsymmetricSignResponse" do
|
141
152
|
optional :signature, :bytes, 1
|
153
|
+
optional :signature_crc32c, :message, 2, "google.protobuf.Int64Value"
|
154
|
+
optional :verified_digest_crc32c, :bool, 3
|
155
|
+
optional :name, :string, 4
|
142
156
|
end
|
143
157
|
add_message "google.cloud.kms.v1.AsymmetricDecryptResponse" do
|
144
158
|
optional :plaintext, :bytes, 1
|
159
|
+
optional :plaintext_crc32c, :message, 2, "google.protobuf.Int64Value"
|
160
|
+
optional :verified_ciphertext_crc32c, :bool, 3
|
145
161
|
end
|
146
162
|
add_message "google.cloud.kms.v1.UpdateCryptoKeyPrimaryVersionRequest" do
|
147
163
|
optional :name, :string, 1
|
@@ -45,53 +45,53 @@ module Google
|
|
45
45
|
self.service_name = 'google.cloud.kms.v1.KeyManagementService'
|
46
46
|
|
47
47
|
# Lists [KeyRings][google.cloud.kms.v1.KeyRing].
|
48
|
-
rpc :ListKeyRings, ListKeyRingsRequest, ListKeyRingsResponse
|
48
|
+
rpc :ListKeyRings, Google::Cloud::Kms::V1::ListKeyRingsRequest, Google::Cloud::Kms::V1::ListKeyRingsResponse
|
49
49
|
# Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
|
50
|
-
rpc :ListCryptoKeys, ListCryptoKeysRequest, ListCryptoKeysResponse
|
50
|
+
rpc :ListCryptoKeys, Google::Cloud::Kms::V1::ListCryptoKeysRequest, Google::Cloud::Kms::V1::ListCryptoKeysResponse
|
51
51
|
# Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
|
52
|
-
rpc :ListCryptoKeyVersions, ListCryptoKeyVersionsRequest, ListCryptoKeyVersionsResponse
|
52
|
+
rpc :ListCryptoKeyVersions, Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest, Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse
|
53
53
|
# Lists [ImportJobs][google.cloud.kms.v1.ImportJob].
|
54
|
-
rpc :ListImportJobs, ListImportJobsRequest, ListImportJobsResponse
|
54
|
+
rpc :ListImportJobs, Google::Cloud::Kms::V1::ListImportJobsRequest, Google::Cloud::Kms::V1::ListImportJobsResponse
|
55
55
|
# Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
|
56
|
-
rpc :GetKeyRing, GetKeyRingRequest, KeyRing
|
56
|
+
rpc :GetKeyRing, Google::Cloud::Kms::V1::GetKeyRingRequest, Google::Cloud::Kms::V1::KeyRing
|
57
57
|
# Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its
|
58
58
|
# [primary][google.cloud.kms.v1.CryptoKey.primary] [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
59
|
-
rpc :GetCryptoKey, GetCryptoKeyRequest, CryptoKey
|
59
|
+
rpc :GetCryptoKey, Google::Cloud::Kms::V1::GetCryptoKeyRequest, Google::Cloud::Kms::V1::CryptoKey
|
60
60
|
# Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
61
|
-
rpc :GetCryptoKeyVersion, GetCryptoKeyVersionRequest, CryptoKeyVersion
|
61
|
+
rpc :GetCryptoKeyVersion, Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest, Google::Cloud::Kms::V1::CryptoKeyVersion
|
62
62
|
# Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The
|
63
63
|
# [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
|
64
64
|
# [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN] or
|
65
65
|
# [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].
|
66
|
-
rpc :GetPublicKey, GetPublicKeyRequest, PublicKey
|
66
|
+
rpc :GetPublicKey, Google::Cloud::Kms::V1::GetPublicKeyRequest, Google::Cloud::Kms::V1::PublicKey
|
67
67
|
# Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].
|
68
|
-
rpc :GetImportJob, GetImportJobRequest, ImportJob
|
68
|
+
rpc :GetImportJob, Google::Cloud::Kms::V1::GetImportJobRequest, Google::Cloud::Kms::V1::ImportJob
|
69
69
|
# Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location.
|
70
|
-
rpc :CreateKeyRing, CreateKeyRingRequest, KeyRing
|
70
|
+
rpc :CreateKeyRing, Google::Cloud::Kms::V1::CreateKeyRingRequest, Google::Cloud::Kms::V1::KeyRing
|
71
71
|
# Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a [KeyRing][google.cloud.kms.v1.KeyRing].
|
72
72
|
#
|
73
73
|
# [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and
|
74
74
|
# [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm]
|
75
75
|
# are required.
|
76
|
-
rpc :CreateCryptoKey, CreateCryptoKeyRequest, CryptoKey
|
76
|
+
rpc :CreateCryptoKey, Google::Cloud::Kms::V1::CreateCryptoKeyRequest, Google::Cloud::Kms::V1::CryptoKey
|
77
77
|
# Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a [CryptoKey][google.cloud.kms.v1.CryptoKey].
|
78
78
|
#
|
79
79
|
# The server will assign the next sequential id. If unset,
|
80
80
|
# [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
|
81
81
|
# [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
|
82
|
-
rpc :CreateCryptoKeyVersion, CreateCryptoKeyVersionRequest, CryptoKeyVersion
|
82
|
+
rpc :CreateCryptoKeyVersion, Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest, Google::Cloud::Kms::V1::CryptoKeyVersion
|
83
83
|
# Imports a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] into an existing [CryptoKey][google.cloud.kms.v1.CryptoKey] using the
|
84
84
|
# wrapped key material provided in the request.
|
85
85
|
#
|
86
86
|
# The version ID will be assigned the next sequential id within the
|
87
87
|
# [CryptoKey][google.cloud.kms.v1.CryptoKey].
|
88
|
-
rpc :ImportCryptoKeyVersion, ImportCryptoKeyVersionRequest, CryptoKeyVersion
|
88
|
+
rpc :ImportCryptoKeyVersion, Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest, Google::Cloud::Kms::V1::CryptoKeyVersion
|
89
89
|
# Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a [KeyRing][google.cloud.kms.v1.KeyRing].
|
90
90
|
#
|
91
91
|
# [ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is required.
|
92
|
-
rpc :CreateImportJob, CreateImportJobRequest, ImportJob
|
92
|
+
rpc :CreateImportJob, Google::Cloud::Kms::V1::CreateImportJobRequest, Google::Cloud::Kms::V1::ImportJob
|
93
93
|
# Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
|
94
|
-
rpc :UpdateCryptoKey, UpdateCryptoKeyRequest, CryptoKey
|
94
|
+
rpc :UpdateCryptoKey, Google::Cloud::Kms::V1::UpdateCryptoKeyRequest, Google::Cloud::Kms::V1::CryptoKey
|
95
95
|
# Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s metadata.
|
96
96
|
#
|
97
97
|
# [state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between
|
@@ -99,26 +99,26 @@ module Google
|
|
99
99
|
# [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this
|
100
100
|
# method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to
|
101
101
|
# move between other states.
|
102
|
-
rpc :UpdateCryptoKeyVersion, UpdateCryptoKeyVersionRequest, CryptoKeyVersion
|
102
|
+
rpc :UpdateCryptoKeyVersion, Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest, Google::Cloud::Kms::V1::CryptoKeyVersion
|
103
103
|
# Encrypts data, so that it can only be recovered by a call to [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
|
104
104
|
# The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
|
105
105
|
# [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
|
106
|
-
rpc :Encrypt, EncryptRequest, EncryptResponse
|
106
|
+
rpc :Encrypt, Google::Cloud::Kms::V1::EncryptRequest, Google::Cloud::Kms::V1::EncryptResponse
|
107
107
|
# Decrypts data that was protected by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
|
108
108
|
# must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
|
109
|
-
rpc :Decrypt, DecryptRequest, DecryptResponse
|
109
|
+
rpc :Decrypt, Google::Cloud::Kms::V1::DecryptRequest, Google::Cloud::Kms::V1::DecryptResponse
|
110
110
|
# Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
|
111
111
|
# ASYMMETRIC_SIGN, producing a signature that can be verified with the public
|
112
112
|
# key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
|
113
|
-
rpc :AsymmetricSign, AsymmetricSignRequest, AsymmetricSignResponse
|
113
|
+
rpc :AsymmetricSign, Google::Cloud::Kms::V1::AsymmetricSignRequest, Google::Cloud::Kms::V1::AsymmetricSignResponse
|
114
114
|
# Decrypts data that was encrypted with a public key retrieved from
|
115
115
|
# [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
|
116
116
|
# [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT.
|
117
|
-
rpc :AsymmetricDecrypt, AsymmetricDecryptRequest, AsymmetricDecryptResponse
|
117
|
+
rpc :AsymmetricDecrypt, Google::Cloud::Kms::V1::AsymmetricDecryptRequest, Google::Cloud::Kms::V1::AsymmetricDecryptResponse
|
118
118
|
# Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
|
119
119
|
#
|
120
120
|
# Returns an error if called on an asymmetric key.
|
121
|
-
rpc :UpdateCryptoKeyPrimaryVersion, UpdateCryptoKeyPrimaryVersionRequest, CryptoKey
|
121
|
+
rpc :UpdateCryptoKeyPrimaryVersion, Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest, Google::Cloud::Kms::V1::CryptoKey
|
122
122
|
# Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction.
|
123
123
|
#
|
124
124
|
# Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
|
@@ -131,7 +131,7 @@ module Google
|
|
131
131
|
#
|
132
132
|
# Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached,
|
133
133
|
# [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process.
|
134
|
-
rpc :DestroyCryptoKeyVersion, DestroyCryptoKeyVersionRequest, CryptoKeyVersion
|
134
|
+
rpc :DestroyCryptoKeyVersion, Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest, Google::Cloud::Kms::V1::CryptoKeyVersion
|
135
135
|
# Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
|
136
136
|
# [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
|
137
137
|
# state.
|
@@ -139,7 +139,7 @@ module Google
|
|
139
139
|
# Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state]
|
140
140
|
# will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED],
|
141
141
|
# and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared.
|
142
|
-
rpc :RestoreCryptoKeyVersion, RestoreCryptoKeyVersionRequest, CryptoKeyVersion
|
142
|
+
rpc :RestoreCryptoKeyVersion, Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest, Google::Cloud::Kms::V1::CryptoKeyVersion
|
143
143
|
end
|
144
144
|
|
145
145
|
Stub = Service.rpc_stub_class
|
@@ -59,11 +59,11 @@ module Google
|
|
59
59
|
|
60
60
|
# Sets the access control policy on the specified resource. Replaces any
|
61
61
|
# existing policy.
|
62
|
-
rpc :SetIamPolicy, SetIamPolicyRequest, Policy
|
62
|
+
rpc :SetIamPolicy, Google::Iam::V1::SetIamPolicyRequest, Google::Iam::V1::Policy
|
63
63
|
# Gets the access control policy for a resource.
|
64
64
|
# Returns an empty policy if the resource exists and does not have a policy
|
65
65
|
# set.
|
66
|
-
rpc :GetIamPolicy, GetIamPolicyRequest, Policy
|
66
|
+
rpc :GetIamPolicy, Google::Iam::V1::GetIamPolicyRequest, Google::Iam::V1::Policy
|
67
67
|
# Returns permissions that a caller has on the specified resource.
|
68
68
|
# If the resource does not exist, this will return an empty set of
|
69
69
|
# permissions, not a NOT_FOUND error.
|
@@ -71,7 +71,7 @@ module Google
|
|
71
71
|
# Note: This operation is designed to be used for building permission-aware
|
72
72
|
# UIs and command-line tools, not for authorization checking. This operation
|
73
73
|
# may "fail open" without warning.
|
74
|
-
rpc :TestIamPermissions, TestIamPermissionsRequest, TestIamPermissionsResponse
|
74
|
+
rpc :TestIamPermissions, Google::Iam::V1::TestIamPermissionsRequest, Google::Iam::V1::TestIamPermissionsResponse
|
75
75
|
end
|
76
76
|
|
77
77
|
Stub = Service.rpc_stub_class
|
@@ -37,8 +37,8 @@ module Google
|
|
37
37
|
# A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} represents a logical key that can be used for cryptographic
|
38
38
|
# operations.
|
39
39
|
#
|
40
|
-
# A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} is made up of
|
41
|
-
# represent the actual key material used in cryptographic operations.
|
40
|
+
# A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} is made up of zero or more {::Google::Cloud::Kms::V1::CryptoKeyVersion versions},
|
41
|
+
# which represent the actual key material used in cryptographic operations.
|
42
42
|
# @!attribute [r] name
|
43
43
|
# @return [::String]
|
44
44
|
# Output only. The resource name for this {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} in the format
|
@@ -96,7 +96,7 @@ module Google
|
|
96
96
|
# @!attribute [rw] labels
|
97
97
|
# @return [::Google::Protobuf::Map{::String => ::String}]
|
98
98
|
# Labels with user-defined metadata. For more information, see
|
99
|
-
# [Labeling Keys](/kms/docs/labeling-keys).
|
99
|
+
# [Labeling Keys](https://cloud.google.com/kms/docs/labeling-keys).
|
100
100
|
class CryptoKey
|
101
101
|
include ::Google::Protobuf::MessageExts
|
102
102
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -410,6 +410,27 @@ module Google
|
|
410
410
|
# @return [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm]
|
411
411
|
# The {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm Algorithm} associated
|
412
412
|
# with this key.
|
413
|
+
# @!attribute [rw] pem_crc32c
|
414
|
+
# @return [::Google::Protobuf::Int64Value]
|
415
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
416
|
+
# {::Google::Cloud::Kms::V1::PublicKey#pem PublicKey.pem}. An integrity check of {::Google::Cloud::Kms::V1::PublicKey#pem PublicKey.pem} can be performed
|
417
|
+
# by computing the CRC32C checksum of {::Google::Cloud::Kms::V1::PublicKey#pem PublicKey.pem} and
|
418
|
+
# comparing your results to this field. Discard the response in case of
|
419
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
420
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
421
|
+
# checksum.
|
422
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
423
|
+
# different languages. However, it is a non-negative integer, which will
|
424
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
425
|
+
# that support this type.
|
426
|
+
#
|
427
|
+
# NOTE: This field is in Beta.
|
428
|
+
# @!attribute [rw] name
|
429
|
+
# @return [::String]
|
430
|
+
# The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} public key.
|
431
|
+
# Provided here for verification.
|
432
|
+
#
|
433
|
+
# NOTE: This field is in Beta.
|
413
434
|
class PublicKey
|
414
435
|
include ::Google::Protobuf::MessageExts
|
415
436
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -437,6 +437,41 @@ module Google
|
|
437
437
|
# 64KiB. For {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of the
|
438
438
|
# plaintext and additional_authenticated_data fields must be no larger than
|
439
439
|
# 8KiB.
|
440
|
+
# @!attribute [rw] plaintext_crc32c
|
441
|
+
# @return [::Google::Protobuf::Int64Value]
|
442
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}. If
|
443
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
444
|
+
# received {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext} using this checksum.
|
445
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
446
|
+
# fails. If you receive a checksum error, your client should verify that
|
447
|
+
# CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}) is equal to
|
448
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}, and if so, perform a limited number of
|
449
|
+
# retries. A persistent mismatch may indicate an issue in your computation of
|
450
|
+
# the CRC32C checksum.
|
451
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
452
|
+
# different languages. However, it is a non-negative integer, which will
|
453
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
454
|
+
# that support this type.
|
455
|
+
#
|
456
|
+
# NOTE: This field is in Beta.
|
457
|
+
# @!attribute [rw] additional_authenticated_data_crc32c
|
458
|
+
# @return [::Google::Protobuf::Int64Value]
|
459
|
+
# Optional. An optional CRC32C checksum of the
|
460
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}. If specified,
|
461
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received
|
462
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data} using this checksum.
|
463
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
464
|
+
# fails. If you receive a checksum error, your client should verify that
|
465
|
+
# CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}) is equal to
|
466
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}, and if so, perform
|
467
|
+
# a limited number of retries. A persistent mismatch may indicate an issue in
|
468
|
+
# your computation of the CRC32C checksum.
|
469
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
470
|
+
# different languages. However, it is a non-negative integer, which will
|
471
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
472
|
+
# that support this type.
|
473
|
+
#
|
474
|
+
# NOTE: This field is in Beta.
|
440
475
|
class EncryptRequest
|
441
476
|
include ::Google::Protobuf::MessageExts
|
442
477
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -455,6 +490,41 @@ module Google
|
|
455
490
|
# @return [::String]
|
456
491
|
# Optional. Optional data that must match the data originally supplied in
|
457
492
|
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
|
493
|
+
# @!attribute [rw] ciphertext_crc32c
|
494
|
+
# @return [::Google::Protobuf::Int64Value]
|
495
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}. If
|
496
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
497
|
+
# received {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext} using this checksum.
|
498
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
499
|
+
# fails. If you receive a checksum error, your client should verify that
|
500
|
+
# CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}) is equal to
|
501
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext_crc32c DecryptRequest.ciphertext_crc32c}, and if so, perform a limited number
|
502
|
+
# of retries. A persistent mismatch may indicate an issue in your computation
|
503
|
+
# of the CRC32C checksum.
|
504
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
505
|
+
# different languages. However, it is a non-negative integer, which will
|
506
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
507
|
+
# that support this type.
|
508
|
+
#
|
509
|
+
# NOTE: This field is in Beta.
|
510
|
+
# @!attribute [rw] additional_authenticated_data_crc32c
|
511
|
+
# @return [::Google::Protobuf::Int64Value]
|
512
|
+
# Optional. An optional CRC32C checksum of the
|
513
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}. If specified,
|
514
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received
|
515
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data} using this checksum.
|
516
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
517
|
+
# fails. If you receive a checksum error, your client should verify that
|
518
|
+
# CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}) is equal to
|
519
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data_crc32c DecryptRequest.additional_authenticated_data_crc32c}, and if so, perform
|
520
|
+
# a limited number of retries. A persistent mismatch may indicate an issue in
|
521
|
+
# your computation of the CRC32C checksum.
|
522
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
523
|
+
# different languages. However, it is a non-negative integer, which will
|
524
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
525
|
+
# that support this type.
|
526
|
+
#
|
527
|
+
# NOTE: This field is in Beta.
|
458
528
|
class DecryptRequest
|
459
529
|
include ::Google::Protobuf::MessageExts
|
460
530
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -469,6 +539,23 @@ module Google
|
|
469
539
|
# Required. The digest of the data to sign. The digest must be produced with
|
470
540
|
# the same digest algorithm as specified by the key version's
|
471
541
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersion#algorithm algorithm}.
|
542
|
+
# @!attribute [rw] digest_crc32c
|
543
|
+
# @return [::Google::Protobuf::Int64Value]
|
544
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}. If
|
545
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
546
|
+
# received {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest} using this checksum.
|
547
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
548
|
+
# fails. If you receive a checksum error, your client should verify that
|
549
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}) is equal to
|
550
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}, and if so, perform a limited
|
551
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
552
|
+
# computation of the CRC32C checksum.
|
553
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
554
|
+
# different languages. However, it is a non-negative integer, which will
|
555
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
556
|
+
# that support this type.
|
557
|
+
#
|
558
|
+
# NOTE: This field is in Beta.
|
472
559
|
class AsymmetricSignRequest
|
473
560
|
include ::Google::Protobuf::MessageExts
|
474
561
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -483,6 +570,23 @@ module Google
|
|
483
570
|
# @return [::String]
|
484
571
|
# Required. The data encrypted with the named {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s public
|
485
572
|
# key using OAEP.
|
573
|
+
# @!attribute [rw] ciphertext_crc32c
|
574
|
+
# @return [::Google::Protobuf::Int64Value]
|
575
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}.
|
576
|
+
# If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
577
|
+
# received {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext} using this checksum.
|
578
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
579
|
+
# fails. If you receive a checksum error, your client should verify that
|
580
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}) is equal to
|
581
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}, and if so, perform a
|
582
|
+
# limited number of retries. A persistent mismatch may indicate an issue in
|
583
|
+
# your computation of the CRC32C checksum.
|
584
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
585
|
+
# different languages. However, it is a non-negative integer, which will
|
586
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
587
|
+
# that support this type.
|
588
|
+
#
|
589
|
+
# NOTE: This field is in Beta.
|
486
590
|
class AsymmetricDecryptRequest
|
487
591
|
include ::Google::Protobuf::MessageExts
|
488
592
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -492,6 +596,23 @@ module Google
|
|
492
596
|
# @!attribute [rw] plaintext
|
493
597
|
# @return [::String]
|
494
598
|
# The decrypted data originally supplied in {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
|
599
|
+
# @!attribute [rw] plaintext_crc32c
|
600
|
+
# @return [::Google::Protobuf::Int64Value]
|
601
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
602
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}. An integrity check of
|
603
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} can be performed by computing the CRC32C
|
604
|
+
# checksum of {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} and comparing your results to
|
605
|
+
# this field. Discard the response in case of non-matching checksum values,
|
606
|
+
# and perform a limited number of retries. A persistent mismatch may indicate
|
607
|
+
# an issue in your computation of the CRC32C checksum. Note: receiving this
|
608
|
+
# response message indicates that {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} is able to
|
609
|
+
# successfully decrypt the {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext ciphertext}.
|
610
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
611
|
+
# different languages. However, it is a non-negative integer, which will
|
612
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
613
|
+
# that support this type.
|
614
|
+
#
|
615
|
+
# NOTE: This field is in Beta.
|
495
616
|
class DecryptResponse
|
496
617
|
include ::Google::Protobuf::MessageExts
|
497
618
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -505,6 +626,46 @@ module Google
|
|
505
626
|
# @!attribute [rw] ciphertext
|
506
627
|
# @return [::String]
|
507
628
|
# The encrypted data.
|
629
|
+
# @!attribute [rw] ciphertext_crc32c
|
630
|
+
# @return [::Google::Protobuf::Int64Value]
|
631
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
632
|
+
# {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}. An integrity check of
|
633
|
+
# {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext} can be performed by computing the CRC32C
|
634
|
+
# checksum of {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext} and comparing your results to
|
635
|
+
# this field. Discard the response in case of non-matching checksum values,
|
636
|
+
# and perform a limited number of retries. A persistent mismatch may indicate
|
637
|
+
# an issue in your computation of the CRC32C checksum.
|
638
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
639
|
+
# different languages. However, it is a non-negative integer, which will
|
640
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
641
|
+
# that support this type.
|
642
|
+
#
|
643
|
+
# NOTE: This field is in Beta.
|
644
|
+
# @!attribute [rw] verified_plaintext_crc32c
|
645
|
+
# @return [::Boolean]
|
646
|
+
# Integrity verification field. A flag indicating whether
|
647
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c} was received by
|
648
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
649
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext plaintext}. A false value of this field
|
650
|
+
# indicates either that {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c} was left unset or
|
651
|
+
# that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've set
|
652
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c} but this field is still false, discard
|
653
|
+
# the response and perform a limited number of retries.
|
654
|
+
#
|
655
|
+
# NOTE: This field is in Beta.
|
656
|
+
# @!attribute [rw] verified_additional_authenticated_data_crc32c
|
657
|
+
# @return [::Boolean]
|
658
|
+
# Integrity verification field. A flag indicating whether
|
659
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c} was received by
|
660
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
661
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data AAD}. A false value of this
|
662
|
+
# field indicates either that
|
663
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c} was left unset or
|
664
|
+
# that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've set
|
665
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c} but this field is
|
666
|
+
# still false, discard the response and perform a limited number of retries.
|
667
|
+
#
|
668
|
+
# NOTE: This field is in Beta.
|
508
669
|
class EncryptResponse
|
509
670
|
include ::Google::Protobuf::MessageExts
|
510
671
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -514,6 +675,39 @@ module Google
|
|
514
675
|
# @!attribute [rw] signature
|
515
676
|
# @return [::String]
|
516
677
|
# The created signature.
|
678
|
+
# @!attribute [rw] signature_crc32c
|
679
|
+
# @return [::Google::Protobuf::Int64Value]
|
680
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
681
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}. An integrity check of
|
682
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature} can be performed by computing the
|
683
|
+
# CRC32C checksum of {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature} and comparing your
|
684
|
+
# results to this field. Discard the response in case of non-matching
|
685
|
+
# checksum values, and perform a limited number of retries. A persistent
|
686
|
+
# mismatch may indicate an issue in your computation of the CRC32C checksum.
|
687
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
688
|
+
# different languages. However, it is a non-negative integer, which will
|
689
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
690
|
+
# that support this type.
|
691
|
+
#
|
692
|
+
# NOTE: This field is in Beta.
|
693
|
+
# @!attribute [rw] verified_digest_crc32c
|
694
|
+
# @return [::Boolean]
|
695
|
+
# Integrity verification field. A flag indicating whether
|
696
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c} was received by
|
697
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
698
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest digest}. A false value of this field
|
699
|
+
# indicates either that {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c} was left
|
700
|
+
# unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
701
|
+
# set {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c} but this field is still false,
|
702
|
+
# discard the response and perform a limited number of retries.
|
703
|
+
#
|
704
|
+
# NOTE: This field is in Beta.
|
705
|
+
# @!attribute [rw] name
|
706
|
+
# @return [::String]
|
707
|
+
# The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing. Check
|
708
|
+
# this field to verify that the intended resource was used for signing.
|
709
|
+
#
|
710
|
+
# NOTE: This field is in Beta.
|
517
711
|
class AsymmetricSignResponse
|
518
712
|
include ::Google::Protobuf::MessageExts
|
519
713
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -523,6 +717,33 @@ module Google
|
|
523
717
|
# @!attribute [rw] plaintext
|
524
718
|
# @return [::String]
|
525
719
|
# The decrypted data originally encrypted with the matching public key.
|
720
|
+
# @!attribute [rw] plaintext_crc32c
|
721
|
+
# @return [::Google::Protobuf::Int64Value]
|
722
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
723
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}. An integrity check of
|
724
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext} can be performed by computing the
|
725
|
+
# CRC32C checksum of {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext} and comparing
|
726
|
+
# your results to this field. Discard the response in case of non-matching
|
727
|
+
# checksum values, and perform a limited number of retries. A persistent
|
728
|
+
# mismatch may indicate an issue in your computation of the CRC32C checksum.
|
729
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
730
|
+
# different languages. However, it is a non-negative integer, which will
|
731
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
732
|
+
# that support this type.
|
733
|
+
#
|
734
|
+
# NOTE: This field is in Beta.
|
735
|
+
# @!attribute [rw] verified_ciphertext_crc32c
|
736
|
+
# @return [::Boolean]
|
737
|
+
# Integrity verification field. A flag indicating whether
|
738
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c} was received by
|
739
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
740
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext ciphertext}. A false value of this
|
741
|
+
# field indicates either that {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
|
742
|
+
# was left unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If
|
743
|
+
# you've set {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c} but this field is
|
744
|
+
# still false, discard the response and perform a limited number of retries.
|
745
|
+
#
|
746
|
+
# NOTE: This field is in Beta.
|
526
747
|
class AsymmetricDecryptResponse
|
527
748
|
include ::Google::Protobuf::MessageExts
|
528
749
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -0,0 +1,121 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Protobuf
|
22
|
+
# Wrapper message for `double`.
|
23
|
+
#
|
24
|
+
# The JSON representation for `DoubleValue` is JSON number.
|
25
|
+
# @!attribute [rw] value
|
26
|
+
# @return [::Float]
|
27
|
+
# The double value.
|
28
|
+
class DoubleValue
|
29
|
+
include ::Google::Protobuf::MessageExts
|
30
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
31
|
+
end
|
32
|
+
|
33
|
+
# Wrapper message for `float`.
|
34
|
+
#
|
35
|
+
# The JSON representation for `FloatValue` is JSON number.
|
36
|
+
# @!attribute [rw] value
|
37
|
+
# @return [::Float]
|
38
|
+
# The float value.
|
39
|
+
class FloatValue
|
40
|
+
include ::Google::Protobuf::MessageExts
|
41
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
42
|
+
end
|
43
|
+
|
44
|
+
# Wrapper message for `int64`.
|
45
|
+
#
|
46
|
+
# The JSON representation for `Int64Value` is JSON string.
|
47
|
+
# @!attribute [rw] value
|
48
|
+
# @return [::Integer]
|
49
|
+
# The int64 value.
|
50
|
+
class Int64Value
|
51
|
+
include ::Google::Protobuf::MessageExts
|
52
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
53
|
+
end
|
54
|
+
|
55
|
+
# Wrapper message for `uint64`.
|
56
|
+
#
|
57
|
+
# The JSON representation for `UInt64Value` is JSON string.
|
58
|
+
# @!attribute [rw] value
|
59
|
+
# @return [::Integer]
|
60
|
+
# The uint64 value.
|
61
|
+
class UInt64Value
|
62
|
+
include ::Google::Protobuf::MessageExts
|
63
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
64
|
+
end
|
65
|
+
|
66
|
+
# Wrapper message for `int32`.
|
67
|
+
#
|
68
|
+
# The JSON representation for `Int32Value` is JSON number.
|
69
|
+
# @!attribute [rw] value
|
70
|
+
# @return [::Integer]
|
71
|
+
# The int32 value.
|
72
|
+
class Int32Value
|
73
|
+
include ::Google::Protobuf::MessageExts
|
74
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
75
|
+
end
|
76
|
+
|
77
|
+
# Wrapper message for `uint32`.
|
78
|
+
#
|
79
|
+
# The JSON representation for `UInt32Value` is JSON number.
|
80
|
+
# @!attribute [rw] value
|
81
|
+
# @return [::Integer]
|
82
|
+
# The uint32 value.
|
83
|
+
class UInt32Value
|
84
|
+
include ::Google::Protobuf::MessageExts
|
85
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
86
|
+
end
|
87
|
+
|
88
|
+
# Wrapper message for `bool`.
|
89
|
+
#
|
90
|
+
# The JSON representation for `BoolValue` is JSON `true` and `false`.
|
91
|
+
# @!attribute [rw] value
|
92
|
+
# @return [::Boolean]
|
93
|
+
# The bool value.
|
94
|
+
class BoolValue
|
95
|
+
include ::Google::Protobuf::MessageExts
|
96
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
97
|
+
end
|
98
|
+
|
99
|
+
# Wrapper message for `string`.
|
100
|
+
#
|
101
|
+
# The JSON representation for `StringValue` is JSON string.
|
102
|
+
# @!attribute [rw] value
|
103
|
+
# @return [::String]
|
104
|
+
# The string value.
|
105
|
+
class StringValue
|
106
|
+
include ::Google::Protobuf::MessageExts
|
107
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
108
|
+
end
|
109
|
+
|
110
|
+
# Wrapper message for `bytes`.
|
111
|
+
#
|
112
|
+
# The JSON representation for `BytesValue` is JSON string.
|
113
|
+
# @!attribute [rw] value
|
114
|
+
# @return [::String]
|
115
|
+
# The bytes value.
|
116
|
+
class BytesValue
|
117
|
+
include ::Google::Protobuf::MessageExts
|
118
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
119
|
+
end
|
120
|
+
end
|
121
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-kms-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-09-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '0.
|
19
|
+
version: '0.3'
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: '0.
|
26
|
+
version: '0.3'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: google-cloud-errors
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -206,6 +206,7 @@ files:
|
|
206
206
|
- proto_docs/google/protobuf/duration.rb
|
207
207
|
- proto_docs/google/protobuf/field_mask.rb
|
208
208
|
- proto_docs/google/protobuf/timestamp.rb
|
209
|
+
- proto_docs/google/protobuf/wrappers.rb
|
209
210
|
- proto_docs/google/type/expr.rb
|
210
211
|
homepage: https://github.com/googleapis/google-cloud-ruby
|
211
212
|
licenses:
|
@@ -226,7 +227,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
226
227
|
- !ruby/object:Gem::Version
|
227
228
|
version: '0'
|
228
229
|
requirements: []
|
229
|
-
rubygems_version: 3.
|
230
|
+
rubygems_version: 3.1.3
|
230
231
|
signing_key:
|
231
232
|
specification_version: 4
|
232
233
|
summary: API Client library for the Cloud Key Management Service (KMS) V1 API
|