google-cloud-kms-v1 0.2.3 → 0.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +64 -0
- data/lib/google/cloud/kms/v1.rb +3 -0
- data/lib/google/cloud/kms/v1/iam_policy/client.rb +9 -3
- data/lib/google/cloud/kms/v1/key_management_service/client.rb +132 -28
- data/lib/google/cloud/kms/v1/resources_pb.rb +3 -0
- data/lib/google/cloud/kms/v1/service_pb.rb +16 -0
- data/lib/google/cloud/kms/v1/service_services_pb.rb +23 -23
- data/lib/google/cloud/kms/v1/version.rb +1 -1
- data/lib/google/iam/v1/iam_policy_services_pb.rb +3 -3
- data/proto_docs/google/api/field_behavior.rb +6 -0
- data/proto_docs/google/api/resource.rb +50 -14
- data/proto_docs/google/cloud/kms/v1/resources.rb +23 -2
- data/proto_docs/google/cloud/kms/v1/service.rb +221 -0
- data/proto_docs/google/protobuf/timestamp.rb +10 -1
- data/proto_docs/google/protobuf/wrappers.rb +121 -0
- metadata +7 -4
@@ -7,6 +7,7 @@ require 'google/api/field_behavior_pb'
|
|
7
7
|
require 'google/api/resource_pb'
|
8
8
|
require 'google/protobuf/duration_pb'
|
9
9
|
require 'google/protobuf/timestamp_pb'
|
10
|
+
require 'google/protobuf/wrappers_pb'
|
10
11
|
require 'google/api/annotations_pb'
|
11
12
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
12
13
|
add_file("google/cloud/kms/v1/resources.proto", :syntax => :proto3) do
|
@@ -96,6 +97,8 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
96
97
|
add_message "google.cloud.kms.v1.PublicKey" do
|
97
98
|
optional :pem, :string, 1
|
98
99
|
optional :algorithm, :enum, 2, "google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm"
|
100
|
+
optional :pem_crc32c, :message, 3, "google.protobuf.Int64Value"
|
101
|
+
optional :name, :string, 4
|
99
102
|
end
|
100
103
|
add_message "google.cloud.kms.v1.ImportJob" do
|
101
104
|
optional :name, :string, 1
|
@@ -9,6 +9,7 @@ require 'google/api/field_behavior_pb'
|
|
9
9
|
require 'google/api/resource_pb'
|
10
10
|
require 'google/cloud/kms/v1/resources_pb'
|
11
11
|
require 'google/protobuf/field_mask_pb'
|
12
|
+
require 'google/protobuf/wrappers_pb'
|
12
13
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
13
14
|
add_file("google/cloud/kms/v1/service.proto", :syntax => :proto3) do
|
14
15
|
add_message "google.cloud.kms.v1.ListKeyRingsRequest" do
|
@@ -116,32 +117,47 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
116
117
|
optional :name, :string, 1
|
117
118
|
optional :plaintext, :bytes, 2
|
118
119
|
optional :additional_authenticated_data, :bytes, 3
|
120
|
+
optional :plaintext_crc32c, :message, 7, "google.protobuf.Int64Value"
|
121
|
+
optional :additional_authenticated_data_crc32c, :message, 8, "google.protobuf.Int64Value"
|
119
122
|
end
|
120
123
|
add_message "google.cloud.kms.v1.DecryptRequest" do
|
121
124
|
optional :name, :string, 1
|
122
125
|
optional :ciphertext, :bytes, 2
|
123
126
|
optional :additional_authenticated_data, :bytes, 3
|
127
|
+
optional :ciphertext_crc32c, :message, 5, "google.protobuf.Int64Value"
|
128
|
+
optional :additional_authenticated_data_crc32c, :message, 6, "google.protobuf.Int64Value"
|
124
129
|
end
|
125
130
|
add_message "google.cloud.kms.v1.AsymmetricSignRequest" do
|
126
131
|
optional :name, :string, 1
|
127
132
|
optional :digest, :message, 3, "google.cloud.kms.v1.Digest"
|
133
|
+
optional :digest_crc32c, :message, 4, "google.protobuf.Int64Value"
|
128
134
|
end
|
129
135
|
add_message "google.cloud.kms.v1.AsymmetricDecryptRequest" do
|
130
136
|
optional :name, :string, 1
|
131
137
|
optional :ciphertext, :bytes, 3
|
138
|
+
optional :ciphertext_crc32c, :message, 4, "google.protobuf.Int64Value"
|
132
139
|
end
|
133
140
|
add_message "google.cloud.kms.v1.DecryptResponse" do
|
134
141
|
optional :plaintext, :bytes, 1
|
142
|
+
optional :plaintext_crc32c, :message, 2, "google.protobuf.Int64Value"
|
135
143
|
end
|
136
144
|
add_message "google.cloud.kms.v1.EncryptResponse" do
|
137
145
|
optional :name, :string, 1
|
138
146
|
optional :ciphertext, :bytes, 2
|
147
|
+
optional :ciphertext_crc32c, :message, 4, "google.protobuf.Int64Value"
|
148
|
+
optional :verified_plaintext_crc32c, :bool, 5
|
149
|
+
optional :verified_additional_authenticated_data_crc32c, :bool, 6
|
139
150
|
end
|
140
151
|
add_message "google.cloud.kms.v1.AsymmetricSignResponse" do
|
141
152
|
optional :signature, :bytes, 1
|
153
|
+
optional :signature_crc32c, :message, 2, "google.protobuf.Int64Value"
|
154
|
+
optional :verified_digest_crc32c, :bool, 3
|
155
|
+
optional :name, :string, 4
|
142
156
|
end
|
143
157
|
add_message "google.cloud.kms.v1.AsymmetricDecryptResponse" do
|
144
158
|
optional :plaintext, :bytes, 1
|
159
|
+
optional :plaintext_crc32c, :message, 2, "google.protobuf.Int64Value"
|
160
|
+
optional :verified_ciphertext_crc32c, :bool, 3
|
145
161
|
end
|
146
162
|
add_message "google.cloud.kms.v1.UpdateCryptoKeyPrimaryVersionRequest" do
|
147
163
|
optional :name, :string, 1
|
@@ -45,53 +45,53 @@ module Google
|
|
45
45
|
self.service_name = 'google.cloud.kms.v1.KeyManagementService'
|
46
46
|
|
47
47
|
# Lists [KeyRings][google.cloud.kms.v1.KeyRing].
|
48
|
-
rpc :ListKeyRings, Google::Cloud::Kms::V1::ListKeyRingsRequest, Google::Cloud::Kms::V1::ListKeyRingsResponse
|
48
|
+
rpc :ListKeyRings, ::Google::Cloud::Kms::V1::ListKeyRingsRequest, ::Google::Cloud::Kms::V1::ListKeyRingsResponse
|
49
49
|
# Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
|
50
|
-
rpc :ListCryptoKeys, Google::Cloud::Kms::V1::ListCryptoKeysRequest, Google::Cloud::Kms::V1::ListCryptoKeysResponse
|
50
|
+
rpc :ListCryptoKeys, ::Google::Cloud::Kms::V1::ListCryptoKeysRequest, ::Google::Cloud::Kms::V1::ListCryptoKeysResponse
|
51
51
|
# Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
|
52
|
-
rpc :ListCryptoKeyVersions, Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest, Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse
|
52
|
+
rpc :ListCryptoKeyVersions, ::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest, ::Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse
|
53
53
|
# Lists [ImportJobs][google.cloud.kms.v1.ImportJob].
|
54
|
-
rpc :ListImportJobs, Google::Cloud::Kms::V1::ListImportJobsRequest, Google::Cloud::Kms::V1::ListImportJobsResponse
|
54
|
+
rpc :ListImportJobs, ::Google::Cloud::Kms::V1::ListImportJobsRequest, ::Google::Cloud::Kms::V1::ListImportJobsResponse
|
55
55
|
# Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
|
56
|
-
rpc :GetKeyRing, Google::Cloud::Kms::V1::GetKeyRingRequest, Google::Cloud::Kms::V1::KeyRing
|
56
|
+
rpc :GetKeyRing, ::Google::Cloud::Kms::V1::GetKeyRingRequest, ::Google::Cloud::Kms::V1::KeyRing
|
57
57
|
# Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its
|
58
58
|
# [primary][google.cloud.kms.v1.CryptoKey.primary] [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
59
|
-
rpc :GetCryptoKey, Google::Cloud::Kms::V1::GetCryptoKeyRequest, Google::Cloud::Kms::V1::CryptoKey
|
59
|
+
rpc :GetCryptoKey, ::Google::Cloud::Kms::V1::GetCryptoKeyRequest, ::Google::Cloud::Kms::V1::CryptoKey
|
60
60
|
# Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
61
|
-
rpc :GetCryptoKeyVersion, Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest, Google::Cloud::Kms::V1::CryptoKeyVersion
|
61
|
+
rpc :GetCryptoKeyVersion, ::Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest, ::Google::Cloud::Kms::V1::CryptoKeyVersion
|
62
62
|
# Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The
|
63
63
|
# [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
|
64
64
|
# [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN] or
|
65
65
|
# [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].
|
66
|
-
rpc :GetPublicKey, Google::Cloud::Kms::V1::GetPublicKeyRequest, Google::Cloud::Kms::V1::PublicKey
|
66
|
+
rpc :GetPublicKey, ::Google::Cloud::Kms::V1::GetPublicKeyRequest, ::Google::Cloud::Kms::V1::PublicKey
|
67
67
|
# Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].
|
68
|
-
rpc :GetImportJob, Google::Cloud::Kms::V1::GetImportJobRequest, Google::Cloud::Kms::V1::ImportJob
|
68
|
+
rpc :GetImportJob, ::Google::Cloud::Kms::V1::GetImportJobRequest, ::Google::Cloud::Kms::V1::ImportJob
|
69
69
|
# Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location.
|
70
|
-
rpc :CreateKeyRing, Google::Cloud::Kms::V1::CreateKeyRingRequest, Google::Cloud::Kms::V1::KeyRing
|
70
|
+
rpc :CreateKeyRing, ::Google::Cloud::Kms::V1::CreateKeyRingRequest, ::Google::Cloud::Kms::V1::KeyRing
|
71
71
|
# Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a [KeyRing][google.cloud.kms.v1.KeyRing].
|
72
72
|
#
|
73
73
|
# [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and
|
74
74
|
# [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm]
|
75
75
|
# are required.
|
76
|
-
rpc :CreateCryptoKey, Google::Cloud::Kms::V1::CreateCryptoKeyRequest, Google::Cloud::Kms::V1::CryptoKey
|
76
|
+
rpc :CreateCryptoKey, ::Google::Cloud::Kms::V1::CreateCryptoKeyRequest, ::Google::Cloud::Kms::V1::CryptoKey
|
77
77
|
# Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a [CryptoKey][google.cloud.kms.v1.CryptoKey].
|
78
78
|
#
|
79
79
|
# The server will assign the next sequential id. If unset,
|
80
80
|
# [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
|
81
81
|
# [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
|
82
|
-
rpc :CreateCryptoKeyVersion, Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest, Google::Cloud::Kms::V1::CryptoKeyVersion
|
82
|
+
rpc :CreateCryptoKeyVersion, ::Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest, ::Google::Cloud::Kms::V1::CryptoKeyVersion
|
83
83
|
# Imports a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] into an existing [CryptoKey][google.cloud.kms.v1.CryptoKey] using the
|
84
84
|
# wrapped key material provided in the request.
|
85
85
|
#
|
86
86
|
# The version ID will be assigned the next sequential id within the
|
87
87
|
# [CryptoKey][google.cloud.kms.v1.CryptoKey].
|
88
|
-
rpc :ImportCryptoKeyVersion, Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest, Google::Cloud::Kms::V1::CryptoKeyVersion
|
88
|
+
rpc :ImportCryptoKeyVersion, ::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest, ::Google::Cloud::Kms::V1::CryptoKeyVersion
|
89
89
|
# Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a [KeyRing][google.cloud.kms.v1.KeyRing].
|
90
90
|
#
|
91
91
|
# [ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is required.
|
92
|
-
rpc :CreateImportJob, Google::Cloud::Kms::V1::CreateImportJobRequest, Google::Cloud::Kms::V1::ImportJob
|
92
|
+
rpc :CreateImportJob, ::Google::Cloud::Kms::V1::CreateImportJobRequest, ::Google::Cloud::Kms::V1::ImportJob
|
93
93
|
# Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
|
94
|
-
rpc :UpdateCryptoKey, Google::Cloud::Kms::V1::UpdateCryptoKeyRequest, Google::Cloud::Kms::V1::CryptoKey
|
94
|
+
rpc :UpdateCryptoKey, ::Google::Cloud::Kms::V1::UpdateCryptoKeyRequest, ::Google::Cloud::Kms::V1::CryptoKey
|
95
95
|
# Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s metadata.
|
96
96
|
#
|
97
97
|
# [state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between
|
@@ -99,26 +99,26 @@ module Google
|
|
99
99
|
# [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this
|
100
100
|
# method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to
|
101
101
|
# move between other states.
|
102
|
-
rpc :UpdateCryptoKeyVersion, Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest, Google::Cloud::Kms::V1::CryptoKeyVersion
|
102
|
+
rpc :UpdateCryptoKeyVersion, ::Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest, ::Google::Cloud::Kms::V1::CryptoKeyVersion
|
103
103
|
# Encrypts data, so that it can only be recovered by a call to [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
|
104
104
|
# The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
|
105
105
|
# [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
|
106
|
-
rpc :Encrypt, Google::Cloud::Kms::V1::EncryptRequest, Google::Cloud::Kms::V1::EncryptResponse
|
106
|
+
rpc :Encrypt, ::Google::Cloud::Kms::V1::EncryptRequest, ::Google::Cloud::Kms::V1::EncryptResponse
|
107
107
|
# Decrypts data that was protected by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
|
108
108
|
# must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
|
109
|
-
rpc :Decrypt, Google::Cloud::Kms::V1::DecryptRequest, Google::Cloud::Kms::V1::DecryptResponse
|
109
|
+
rpc :Decrypt, ::Google::Cloud::Kms::V1::DecryptRequest, ::Google::Cloud::Kms::V1::DecryptResponse
|
110
110
|
# Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
|
111
111
|
# ASYMMETRIC_SIGN, producing a signature that can be verified with the public
|
112
112
|
# key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
|
113
|
-
rpc :AsymmetricSign, Google::Cloud::Kms::V1::AsymmetricSignRequest, Google::Cloud::Kms::V1::AsymmetricSignResponse
|
113
|
+
rpc :AsymmetricSign, ::Google::Cloud::Kms::V1::AsymmetricSignRequest, ::Google::Cloud::Kms::V1::AsymmetricSignResponse
|
114
114
|
# Decrypts data that was encrypted with a public key retrieved from
|
115
115
|
# [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
|
116
116
|
# [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT.
|
117
|
-
rpc :AsymmetricDecrypt, Google::Cloud::Kms::V1::AsymmetricDecryptRequest, Google::Cloud::Kms::V1::AsymmetricDecryptResponse
|
117
|
+
rpc :AsymmetricDecrypt, ::Google::Cloud::Kms::V1::AsymmetricDecryptRequest, ::Google::Cloud::Kms::V1::AsymmetricDecryptResponse
|
118
118
|
# Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
|
119
119
|
#
|
120
120
|
# Returns an error if called on an asymmetric key.
|
121
|
-
rpc :UpdateCryptoKeyPrimaryVersion, Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest, Google::Cloud::Kms::V1::CryptoKey
|
121
|
+
rpc :UpdateCryptoKeyPrimaryVersion, ::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest, ::Google::Cloud::Kms::V1::CryptoKey
|
122
122
|
# Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction.
|
123
123
|
#
|
124
124
|
# Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
|
@@ -131,7 +131,7 @@ module Google
|
|
131
131
|
#
|
132
132
|
# Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached,
|
133
133
|
# [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process.
|
134
|
-
rpc :DestroyCryptoKeyVersion, Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest, Google::Cloud::Kms::V1::CryptoKeyVersion
|
134
|
+
rpc :DestroyCryptoKeyVersion, ::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest, ::Google::Cloud::Kms::V1::CryptoKeyVersion
|
135
135
|
# Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
|
136
136
|
# [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
|
137
137
|
# state.
|
@@ -139,7 +139,7 @@ module Google
|
|
139
139
|
# Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state]
|
140
140
|
# will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED],
|
141
141
|
# and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared.
|
142
|
-
rpc :RestoreCryptoKeyVersion, Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest, Google::Cloud::Kms::V1::CryptoKeyVersion
|
142
|
+
rpc :RestoreCryptoKeyVersion, ::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest, ::Google::Cloud::Kms::V1::CryptoKeyVersion
|
143
143
|
end
|
144
144
|
|
145
145
|
Stub = Service.rpc_stub_class
|
@@ -59,11 +59,11 @@ module Google
|
|
59
59
|
|
60
60
|
# Sets the access control policy on the specified resource. Replaces any
|
61
61
|
# existing policy.
|
62
|
-
rpc :SetIamPolicy, Google::Iam::V1::SetIamPolicyRequest, Google::Iam::V1::Policy
|
62
|
+
rpc :SetIamPolicy, ::Google::Iam::V1::SetIamPolicyRequest, ::Google::Iam::V1::Policy
|
63
63
|
# Gets the access control policy for a resource.
|
64
64
|
# Returns an empty policy if the resource exists and does not have a policy
|
65
65
|
# set.
|
66
|
-
rpc :GetIamPolicy, Google::Iam::V1::GetIamPolicyRequest, Google::Iam::V1::Policy
|
66
|
+
rpc :GetIamPolicy, ::Google::Iam::V1::GetIamPolicyRequest, ::Google::Iam::V1::Policy
|
67
67
|
# Returns permissions that a caller has on the specified resource.
|
68
68
|
# If the resource does not exist, this will return an empty set of
|
69
69
|
# permissions, not a NOT_FOUND error.
|
@@ -71,7 +71,7 @@ module Google
|
|
71
71
|
# Note: This operation is designed to be used for building permission-aware
|
72
72
|
# UIs and command-line tools, not for authorization checking. This operation
|
73
73
|
# may "fail open" without warning.
|
74
|
-
rpc :TestIamPermissions, Google::Iam::V1::TestIamPermissionsRequest, Google::Iam::V1::TestIamPermissionsResponse
|
74
|
+
rpc :TestIamPermissions, ::Google::Iam::V1::TestIamPermissionsRequest, ::Google::Iam::V1::TestIamPermissionsResponse
|
75
75
|
end
|
76
76
|
|
77
77
|
Stub = Service.rpc_stub_class
|
@@ -54,6 +54,12 @@ module Google
|
|
54
54
|
# This indicates that the field may be set once in a request to create a
|
55
55
|
# resource, but may not be changed thereafter.
|
56
56
|
IMMUTABLE = 5
|
57
|
+
|
58
|
+
# Denotes that a (repeated) field is an unordered list.
|
59
|
+
# This indicates that the service may provide the elements of the list
|
60
|
+
# in any arbitrary order, rather than the order the user originally
|
61
|
+
# provided. Additionally, the list's order may or may not be stable.
|
62
|
+
UNORDERED_LIST = 6
|
57
63
|
end
|
58
64
|
end
|
59
65
|
end
|
@@ -43,12 +43,12 @@ module Google
|
|
43
43
|
#
|
44
44
|
# The ResourceDescriptor Yaml config will look like:
|
45
45
|
#
|
46
|
-
#
|
47
|
-
#
|
48
|
-
#
|
49
|
-
#
|
50
|
-
#
|
51
|
-
#
|
46
|
+
# resources:
|
47
|
+
# - type: "pubsub.googleapis.com/Topic"
|
48
|
+
# name_descriptor:
|
49
|
+
# - pattern: "projects/{project}/topics/{topic}"
|
50
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
51
|
+
# parent_name_extractor: "projects/{project}"
|
52
52
|
#
|
53
53
|
# Sometimes, resources have multiple patterns, typically because they can
|
54
54
|
# live under multiple parents.
|
@@ -183,15 +183,24 @@ module Google
|
|
183
183
|
# }
|
184
184
|
# @!attribute [rw] plural
|
185
185
|
# @return [::String]
|
186
|
-
# The plural name used in the resource name, such as
|
187
|
-
# the name of 'projects/\\{project}'
|
188
|
-
#
|
186
|
+
# The plural name used in the resource name and permission names, such as
|
187
|
+
# 'projects' for the resource name of 'projects/\\{project}' and the permission
|
188
|
+
# name of 'cloudresourcemanager.googleapis.com/projects.get'. It is the same
|
189
|
+
# concept of the `plural` field in k8s CRD spec
|
189
190
|
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
191
|
+
#
|
192
|
+
# Note: The plural form is required even for singleton resources. See
|
193
|
+
# https://aip.dev/156
|
190
194
|
# @!attribute [rw] singular
|
191
195
|
# @return [::String]
|
192
196
|
# The same concept of the `singular` field in k8s CRD spec
|
193
197
|
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
194
198
|
# Such as "project" for the `resourcemanager.googleapis.com/Project` type.
|
199
|
+
# @!attribute [rw] style
|
200
|
+
# @return [::Array<::Google::Api::ResourceDescriptor::Style>]
|
201
|
+
# Style flag(s) for this resource.
|
202
|
+
# These indicate that a resource is expected to conform to a given
|
203
|
+
# style. See the specific style flags for additional information.
|
195
204
|
class ResourceDescriptor
|
196
205
|
include ::Google::Protobuf::MessageExts
|
197
206
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -211,6 +220,22 @@ module Google
|
|
211
220
|
# that from being necessary once there are multiple patterns.)
|
212
221
|
FUTURE_MULTI_PATTERN = 2
|
213
222
|
end
|
223
|
+
|
224
|
+
# A flag representing a specific style that a resource claims to conform to.
|
225
|
+
module Style
|
226
|
+
# The unspecified value. Do not use.
|
227
|
+
STYLE_UNSPECIFIED = 0
|
228
|
+
|
229
|
+
# This resource is intended to be "declarative-friendly".
|
230
|
+
#
|
231
|
+
# Declarative-friendly resources must be more strictly consistent, and
|
232
|
+
# setting this to true communicates to tools that this resource should
|
233
|
+
# adhere to declarative-friendly expectations.
|
234
|
+
#
|
235
|
+
# Note: This is used by the API linter (linter.aip.dev) to enable
|
236
|
+
# additional checks.
|
237
|
+
DECLARATIVE_FRIENDLY = 1
|
238
|
+
end
|
214
239
|
end
|
215
240
|
|
216
241
|
# Defines a proto annotation that describes a string field that refers to
|
@@ -226,6 +251,17 @@ module Google
|
|
226
251
|
# type: "pubsub.googleapis.com/Topic"
|
227
252
|
# }];
|
228
253
|
# }
|
254
|
+
#
|
255
|
+
# Occasionally, a field may reference an arbitrary resource. In this case,
|
256
|
+
# APIs use the special value * in their resource reference.
|
257
|
+
#
|
258
|
+
# Example:
|
259
|
+
#
|
260
|
+
# message GetIamPolicyRequest {
|
261
|
+
# string resource = 2 [(google.api.resource_reference) = {
|
262
|
+
# type: "*"
|
263
|
+
# }];
|
264
|
+
# }
|
229
265
|
# @!attribute [rw] child_type
|
230
266
|
# @return [::String]
|
231
267
|
# The resource type of a child collection that the annotated field
|
@@ -234,11 +270,11 @@ module Google
|
|
234
270
|
#
|
235
271
|
# Example:
|
236
272
|
#
|
237
|
-
#
|
238
|
-
#
|
239
|
-
#
|
240
|
-
#
|
241
|
-
#
|
273
|
+
# message ListLogEntriesRequest {
|
274
|
+
# string parent = 1 [(google.api.resource_reference) = {
|
275
|
+
# child_type: "logging.googleapis.com/LogEntry"
|
276
|
+
# };
|
277
|
+
# }
|
242
278
|
class ResourceReference
|
243
279
|
include ::Google::Protobuf::MessageExts
|
244
280
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -37,8 +37,8 @@ module Google
|
|
37
37
|
# A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} represents a logical key that can be used for cryptographic
|
38
38
|
# operations.
|
39
39
|
#
|
40
|
-
# A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} is made up of
|
41
|
-
# represent the actual key material used in cryptographic operations.
|
40
|
+
# A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} is made up of zero or more {::Google::Cloud::Kms::V1::CryptoKeyVersion versions},
|
41
|
+
# which represent the actual key material used in cryptographic operations.
|
42
42
|
# @!attribute [r] name
|
43
43
|
# @return [::String]
|
44
44
|
# Output only. The resource name for this {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} in the format
|
@@ -410,6 +410,27 @@ module Google
|
|
410
410
|
# @return [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm]
|
411
411
|
# The {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm Algorithm} associated
|
412
412
|
# with this key.
|
413
|
+
# @!attribute [rw] pem_crc32c
|
414
|
+
# @return [::Google::Protobuf::Int64Value]
|
415
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
416
|
+
# {::Google::Cloud::Kms::V1::PublicKey#pem PublicKey.pem}. An integrity check of {::Google::Cloud::Kms::V1::PublicKey#pem PublicKey.pem} can be performed
|
417
|
+
# by computing the CRC32C checksum of {::Google::Cloud::Kms::V1::PublicKey#pem PublicKey.pem} and
|
418
|
+
# comparing your results to this field. Discard the response in case of
|
419
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
420
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
421
|
+
# checksum.
|
422
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
423
|
+
# different languages. However, it is a non-negative integer, which will
|
424
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
425
|
+
# that support this type.
|
426
|
+
#
|
427
|
+
# NOTE: This field is in Beta.
|
428
|
+
# @!attribute [rw] name
|
429
|
+
# @return [::String]
|
430
|
+
# The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} public key.
|
431
|
+
# Provided here for verification.
|
432
|
+
#
|
433
|
+
# NOTE: This field is in Beta.
|
413
434
|
class PublicKey
|
414
435
|
include ::Google::Protobuf::MessageExts
|
415
436
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -437,6 +437,41 @@ module Google
|
|
437
437
|
# 64KiB. For {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of the
|
438
438
|
# plaintext and additional_authenticated_data fields must be no larger than
|
439
439
|
# 8KiB.
|
440
|
+
# @!attribute [rw] plaintext_crc32c
|
441
|
+
# @return [::Google::Protobuf::Int64Value]
|
442
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}. If
|
443
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
444
|
+
# received {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext} using this checksum.
|
445
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
446
|
+
# fails. If you receive a checksum error, your client should verify that
|
447
|
+
# CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}) is equal to
|
448
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}, and if so, perform a limited number of
|
449
|
+
# retries. A persistent mismatch may indicate an issue in your computation of
|
450
|
+
# the CRC32C checksum.
|
451
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
452
|
+
# different languages. However, it is a non-negative integer, which will
|
453
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
454
|
+
# that support this type.
|
455
|
+
#
|
456
|
+
# NOTE: This field is in Beta.
|
457
|
+
# @!attribute [rw] additional_authenticated_data_crc32c
|
458
|
+
# @return [::Google::Protobuf::Int64Value]
|
459
|
+
# Optional. An optional CRC32C checksum of the
|
460
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}. If specified,
|
461
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received
|
462
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data} using this checksum.
|
463
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
464
|
+
# fails. If you receive a checksum error, your client should verify that
|
465
|
+
# CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}) is equal to
|
466
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}, and if so, perform
|
467
|
+
# a limited number of retries. A persistent mismatch may indicate an issue in
|
468
|
+
# your computation of the CRC32C checksum.
|
469
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
470
|
+
# different languages. However, it is a non-negative integer, which will
|
471
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
472
|
+
# that support this type.
|
473
|
+
#
|
474
|
+
# NOTE: This field is in Beta.
|
440
475
|
class EncryptRequest
|
441
476
|
include ::Google::Protobuf::MessageExts
|
442
477
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -455,6 +490,41 @@ module Google
|
|
455
490
|
# @return [::String]
|
456
491
|
# Optional. Optional data that must match the data originally supplied in
|
457
492
|
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
|
493
|
+
# @!attribute [rw] ciphertext_crc32c
|
494
|
+
# @return [::Google::Protobuf::Int64Value]
|
495
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}. If
|
496
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
497
|
+
# received {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext} using this checksum.
|
498
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
499
|
+
# fails. If you receive a checksum error, your client should verify that
|
500
|
+
# CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}) is equal to
|
501
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext_crc32c DecryptRequest.ciphertext_crc32c}, and if so, perform a limited number
|
502
|
+
# of retries. A persistent mismatch may indicate an issue in your computation
|
503
|
+
# of the CRC32C checksum.
|
504
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
505
|
+
# different languages. However, it is a non-negative integer, which will
|
506
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
507
|
+
# that support this type.
|
508
|
+
#
|
509
|
+
# NOTE: This field is in Beta.
|
510
|
+
# @!attribute [rw] additional_authenticated_data_crc32c
|
511
|
+
# @return [::Google::Protobuf::Int64Value]
|
512
|
+
# Optional. An optional CRC32C checksum of the
|
513
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}. If specified,
|
514
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received
|
515
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data} using this checksum.
|
516
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
517
|
+
# fails. If you receive a checksum error, your client should verify that
|
518
|
+
# CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}) is equal to
|
519
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data_crc32c DecryptRequest.additional_authenticated_data_crc32c}, and if so, perform
|
520
|
+
# a limited number of retries. A persistent mismatch may indicate an issue in
|
521
|
+
# your computation of the CRC32C checksum.
|
522
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
523
|
+
# different languages. However, it is a non-negative integer, which will
|
524
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
525
|
+
# that support this type.
|
526
|
+
#
|
527
|
+
# NOTE: This field is in Beta.
|
458
528
|
class DecryptRequest
|
459
529
|
include ::Google::Protobuf::MessageExts
|
460
530
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -469,6 +539,23 @@ module Google
|
|
469
539
|
# Required. The digest of the data to sign. The digest must be produced with
|
470
540
|
# the same digest algorithm as specified by the key version's
|
471
541
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersion#algorithm algorithm}.
|
542
|
+
# @!attribute [rw] digest_crc32c
|
543
|
+
# @return [::Google::Protobuf::Int64Value]
|
544
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}. If
|
545
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
546
|
+
# received {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest} using this checksum.
|
547
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
548
|
+
# fails. If you receive a checksum error, your client should verify that
|
549
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}) is equal to
|
550
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}, and if so, perform a limited
|
551
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
552
|
+
# computation of the CRC32C checksum.
|
553
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
554
|
+
# different languages. However, it is a non-negative integer, which will
|
555
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
556
|
+
# that support this type.
|
557
|
+
#
|
558
|
+
# NOTE: This field is in Beta.
|
472
559
|
class AsymmetricSignRequest
|
473
560
|
include ::Google::Protobuf::MessageExts
|
474
561
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -483,6 +570,23 @@ module Google
|
|
483
570
|
# @return [::String]
|
484
571
|
# Required. The data encrypted with the named {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s public
|
485
572
|
# key using OAEP.
|
573
|
+
# @!attribute [rw] ciphertext_crc32c
|
574
|
+
# @return [::Google::Protobuf::Int64Value]
|
575
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}.
|
576
|
+
# If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
577
|
+
# received {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext} using this checksum.
|
578
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
579
|
+
# fails. If you receive a checksum error, your client should verify that
|
580
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}) is equal to
|
581
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}, and if so, perform a
|
582
|
+
# limited number of retries. A persistent mismatch may indicate an issue in
|
583
|
+
# your computation of the CRC32C checksum.
|
584
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
585
|
+
# different languages. However, it is a non-negative integer, which will
|
586
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
587
|
+
# that support this type.
|
588
|
+
#
|
589
|
+
# NOTE: This field is in Beta.
|
486
590
|
class AsymmetricDecryptRequest
|
487
591
|
include ::Google::Protobuf::MessageExts
|
488
592
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -492,6 +596,23 @@ module Google
|
|
492
596
|
# @!attribute [rw] plaintext
|
493
597
|
# @return [::String]
|
494
598
|
# The decrypted data originally supplied in {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
|
599
|
+
# @!attribute [rw] plaintext_crc32c
|
600
|
+
# @return [::Google::Protobuf::Int64Value]
|
601
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
602
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}. An integrity check of
|
603
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} can be performed by computing the CRC32C
|
604
|
+
# checksum of {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} and comparing your results to
|
605
|
+
# this field. Discard the response in case of non-matching checksum values,
|
606
|
+
# and perform a limited number of retries. A persistent mismatch may indicate
|
607
|
+
# an issue in your computation of the CRC32C checksum. Note: receiving this
|
608
|
+
# response message indicates that {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} is able to
|
609
|
+
# successfully decrypt the {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext ciphertext}.
|
610
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
611
|
+
# different languages. However, it is a non-negative integer, which will
|
612
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
613
|
+
# that support this type.
|
614
|
+
#
|
615
|
+
# NOTE: This field is in Beta.
|
495
616
|
class DecryptResponse
|
496
617
|
include ::Google::Protobuf::MessageExts
|
497
618
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -505,6 +626,46 @@ module Google
|
|
505
626
|
# @!attribute [rw] ciphertext
|
506
627
|
# @return [::String]
|
507
628
|
# The encrypted data.
|
629
|
+
# @!attribute [rw] ciphertext_crc32c
|
630
|
+
# @return [::Google::Protobuf::Int64Value]
|
631
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
632
|
+
# {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}. An integrity check of
|
633
|
+
# {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext} can be performed by computing the CRC32C
|
634
|
+
# checksum of {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext} and comparing your results to
|
635
|
+
# this field. Discard the response in case of non-matching checksum values,
|
636
|
+
# and perform a limited number of retries. A persistent mismatch may indicate
|
637
|
+
# an issue in your computation of the CRC32C checksum.
|
638
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
639
|
+
# different languages. However, it is a non-negative integer, which will
|
640
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
641
|
+
# that support this type.
|
642
|
+
#
|
643
|
+
# NOTE: This field is in Beta.
|
644
|
+
# @!attribute [rw] verified_plaintext_crc32c
|
645
|
+
# @return [::Boolean]
|
646
|
+
# Integrity verification field. A flag indicating whether
|
647
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c} was received by
|
648
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
649
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext plaintext}. A false value of this field
|
650
|
+
# indicates either that {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c} was left unset or
|
651
|
+
# that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've set
|
652
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c} but this field is still false, discard
|
653
|
+
# the response and perform a limited number of retries.
|
654
|
+
#
|
655
|
+
# NOTE: This field is in Beta.
|
656
|
+
# @!attribute [rw] verified_additional_authenticated_data_crc32c
|
657
|
+
# @return [::Boolean]
|
658
|
+
# Integrity verification field. A flag indicating whether
|
659
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c} was received by
|
660
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
661
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data AAD}. A false value of this
|
662
|
+
# field indicates either that
|
663
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c} was left unset or
|
664
|
+
# that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've set
|
665
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c} but this field is
|
666
|
+
# still false, discard the response and perform a limited number of retries.
|
667
|
+
#
|
668
|
+
# NOTE: This field is in Beta.
|
508
669
|
class EncryptResponse
|
509
670
|
include ::Google::Protobuf::MessageExts
|
510
671
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -514,6 +675,39 @@ module Google
|
|
514
675
|
# @!attribute [rw] signature
|
515
676
|
# @return [::String]
|
516
677
|
# The created signature.
|
678
|
+
# @!attribute [rw] signature_crc32c
|
679
|
+
# @return [::Google::Protobuf::Int64Value]
|
680
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
681
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}. An integrity check of
|
682
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature} can be performed by computing the
|
683
|
+
# CRC32C checksum of {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature} and comparing your
|
684
|
+
# results to this field. Discard the response in case of non-matching
|
685
|
+
# checksum values, and perform a limited number of retries. A persistent
|
686
|
+
# mismatch may indicate an issue in your computation of the CRC32C checksum.
|
687
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
688
|
+
# different languages. However, it is a non-negative integer, which will
|
689
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
690
|
+
# that support this type.
|
691
|
+
#
|
692
|
+
# NOTE: This field is in Beta.
|
693
|
+
# @!attribute [rw] verified_digest_crc32c
|
694
|
+
# @return [::Boolean]
|
695
|
+
# Integrity verification field. A flag indicating whether
|
696
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c} was received by
|
697
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
698
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest digest}. A false value of this field
|
699
|
+
# indicates either that {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c} was left
|
700
|
+
# unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
701
|
+
# set {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c} but this field is still false,
|
702
|
+
# discard the response and perform a limited number of retries.
|
703
|
+
#
|
704
|
+
# NOTE: This field is in Beta.
|
705
|
+
# @!attribute [rw] name
|
706
|
+
# @return [::String]
|
707
|
+
# The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing. Check
|
708
|
+
# this field to verify that the intended resource was used for signing.
|
709
|
+
#
|
710
|
+
# NOTE: This field is in Beta.
|
517
711
|
class AsymmetricSignResponse
|
518
712
|
include ::Google::Protobuf::MessageExts
|
519
713
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -523,6 +717,33 @@ module Google
|
|
523
717
|
# @!attribute [rw] plaintext
|
524
718
|
# @return [::String]
|
525
719
|
# The decrypted data originally encrypted with the matching public key.
|
720
|
+
# @!attribute [rw] plaintext_crc32c
|
721
|
+
# @return [::Google::Protobuf::Int64Value]
|
722
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
723
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}. An integrity check of
|
724
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext} can be performed by computing the
|
725
|
+
# CRC32C checksum of {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext} and comparing
|
726
|
+
# your results to this field. Discard the response in case of non-matching
|
727
|
+
# checksum values, and perform a limited number of retries. A persistent
|
728
|
+
# mismatch may indicate an issue in your computation of the CRC32C checksum.
|
729
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
730
|
+
# different languages. However, it is a non-negative integer, which will
|
731
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
732
|
+
# that support this type.
|
733
|
+
#
|
734
|
+
# NOTE: This field is in Beta.
|
735
|
+
# @!attribute [rw] verified_ciphertext_crc32c
|
736
|
+
# @return [::Boolean]
|
737
|
+
# Integrity verification field. A flag indicating whether
|
738
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c} was received by
|
739
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
740
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext ciphertext}. A false value of this
|
741
|
+
# field indicates either that {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
|
742
|
+
# was left unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If
|
743
|
+
# you've set {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c} but this field is
|
744
|
+
# still false, discard the response and perform a limited number of retries.
|
745
|
+
#
|
746
|
+
# NOTE: This field is in Beta.
|
526
747
|
class AsymmetricDecryptResponse
|
527
748
|
include ::Google::Protobuf::MessageExts
|
528
749
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|