google-cloud-kms-v1 0.2.4 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE.md +188 -190
- data/README.md +66 -2
- data/lib/google/cloud/kms/v1.rb +3 -0
- data/lib/google/cloud/kms/v1/iam_policy/client.rb +14 -8
- data/lib/google/cloud/kms/v1/key_management_service/client.rb +199 -95
- data/lib/google/cloud/kms/v1/resources_pb.rb +3 -0
- data/lib/google/cloud/kms/v1/service_pb.rb +16 -0
- data/lib/google/cloud/kms/v1/service_services_pb.rb +23 -23
- data/lib/google/cloud/kms/v1/version.rb +1 -1
- data/lib/google/iam/v1/iam_policy_services_pb.rb +3 -3
- data/proto_docs/google/api/field_behavior.rb +6 -0
- data/proto_docs/google/api/resource.rb +50 -14
- data/proto_docs/google/cloud/kms/v1/resources.rb +23 -2
- data/proto_docs/google/cloud/kms/v1/service.rb +221 -0
- data/proto_docs/google/protobuf/timestamp.rb +10 -1
- data/proto_docs/google/protobuf/wrappers.rb +121 -0
- metadata +10 -7
data/lib/google/cloud/kms/v1.rb
CHANGED
@@ -82,7 +82,7 @@ module Google
|
|
82
82
|
parent_config = while namespace.any?
|
83
83
|
parent_name = namespace.join "::"
|
84
84
|
parent_const = const_get parent_name
|
85
|
-
break parent_const.configure if parent_const
|
85
|
+
break parent_const.configure if parent_const.respond_to? :configure
|
86
86
|
namespace.pop
|
87
87
|
end
|
88
88
|
default_config = Client::Configuration.new parent_config
|
@@ -148,7 +148,13 @@ module Google
|
|
148
148
|
|
149
149
|
# Create credentials
|
150
150
|
credentials = @config.credentials
|
151
|
-
|
151
|
+
# Use self-signed JWT if the scope and endpoint are unchanged from default,
|
152
|
+
# but only if the default endpoint does not have a region prefix.
|
153
|
+
enable_self_signed_jwt = @config.scope == Client.configure.scope &&
|
154
|
+
@config.endpoint == Client.configure.endpoint &&
|
155
|
+
!@config.endpoint.split(".").first.include?("-")
|
156
|
+
credentials ||= Credentials.default scope: @config.scope,
|
157
|
+
enable_self_signed_jwt: enable_self_signed_jwt
|
152
158
|
if credentials.is_a?(String) || credentials.is_a?(Hash)
|
153
159
|
credentials = Credentials.new credentials, scope: @config.scope
|
154
160
|
end
|
@@ -481,7 +487,7 @@ module Google
|
|
481
487
|
config_attr :scope, nil, ::String, ::Array, nil
|
482
488
|
config_attr :lib_name, nil, ::String, nil
|
483
489
|
config_attr :lib_version, nil, ::String, nil
|
484
|
-
config_attr(:channel_args, { "grpc.service_config_disable_resolution"=>1 }, ::Hash, nil)
|
490
|
+
config_attr(:channel_args, { "grpc.service_config_disable_resolution" => 1 }, ::Hash, nil)
|
485
491
|
config_attr :interceptors, nil, ::Array, nil
|
486
492
|
config_attr :timeout, nil, ::Numeric, nil
|
487
493
|
config_attr :metadata, nil, ::Hash, nil
|
@@ -502,7 +508,7 @@ module Google
|
|
502
508
|
def rpcs
|
503
509
|
@rpcs ||= begin
|
504
510
|
parent_rpcs = nil
|
505
|
-
parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config
|
511
|
+
parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs)
|
506
512
|
Rpcs.new parent_rpcs
|
507
513
|
end
|
508
514
|
end
|
@@ -514,7 +520,7 @@ module Google
|
|
514
520
|
# Each configuration object is of type `Gapic::Config::Method` and includes
|
515
521
|
# the following configuration fields:
|
516
522
|
#
|
517
|
-
# * `timeout` (*type:* `Numeric`) - The call timeout in
|
523
|
+
# * `timeout` (*type:* `Numeric`) - The call timeout in seconds
|
518
524
|
# * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional gRPC headers
|
519
525
|
# * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields
|
520
526
|
# include the following keys:
|
@@ -543,11 +549,11 @@ module Google
|
|
543
549
|
|
544
550
|
# @private
|
545
551
|
def initialize parent_rpcs = nil
|
546
|
-
set_iam_policy_config = parent_rpcs
|
552
|
+
set_iam_policy_config = parent_rpcs.set_iam_policy if parent_rpcs.respond_to? :set_iam_policy
|
547
553
|
@set_iam_policy = ::Gapic::Config::Method.new set_iam_policy_config
|
548
|
-
get_iam_policy_config = parent_rpcs
|
554
|
+
get_iam_policy_config = parent_rpcs.get_iam_policy if parent_rpcs.respond_to? :get_iam_policy
|
549
555
|
@get_iam_policy = ::Gapic::Config::Method.new get_iam_policy_config
|
550
|
-
test_iam_permissions_config = parent_rpcs
|
556
|
+
test_iam_permissions_config = parent_rpcs.test_iam_permissions if parent_rpcs.respond_to? :test_iam_permissions
|
551
557
|
@test_iam_permissions = ::Gapic::Config::Method.new test_iam_permissions_config
|
552
558
|
|
553
559
|
yield self if block_given?
|
@@ -71,7 +71,7 @@ module Google
|
|
71
71
|
parent_config = while namespace.any?
|
72
72
|
parent_name = namespace.join "::"
|
73
73
|
parent_const = const_get parent_name
|
74
|
-
break parent_const.configure if parent_const
|
74
|
+
break parent_const.configure if parent_const.respond_to? :configure
|
75
75
|
namespace.pop
|
76
76
|
end
|
77
77
|
default_config = Client::Configuration.new parent_config
|
@@ -79,89 +79,89 @@ module Google
|
|
79
79
|
default_config.rpcs.list_key_rings.timeout = 60.0
|
80
80
|
default_config.rpcs.list_key_rings.retry_policy = {
|
81
81
|
initial_delay: 0.1,
|
82
|
-
|
83
|
-
|
84
|
-
|
82
|
+
max_delay: 60.0,
|
83
|
+
multiplier: 1.3,
|
84
|
+
retry_codes: [14, 4]
|
85
85
|
}
|
86
86
|
|
87
87
|
default_config.rpcs.list_crypto_keys.timeout = 60.0
|
88
88
|
default_config.rpcs.list_crypto_keys.retry_policy = {
|
89
89
|
initial_delay: 0.1,
|
90
|
-
|
91
|
-
|
92
|
-
|
90
|
+
max_delay: 60.0,
|
91
|
+
multiplier: 1.3,
|
92
|
+
retry_codes: [14, 4]
|
93
93
|
}
|
94
94
|
|
95
95
|
default_config.rpcs.list_crypto_key_versions.timeout = 60.0
|
96
96
|
default_config.rpcs.list_crypto_key_versions.retry_policy = {
|
97
97
|
initial_delay: 0.1,
|
98
|
-
|
99
|
-
|
100
|
-
|
98
|
+
max_delay: 60.0,
|
99
|
+
multiplier: 1.3,
|
100
|
+
retry_codes: [14, 4]
|
101
101
|
}
|
102
102
|
|
103
103
|
default_config.rpcs.list_import_jobs.timeout = 60.0
|
104
104
|
default_config.rpcs.list_import_jobs.retry_policy = {
|
105
105
|
initial_delay: 0.1,
|
106
|
-
|
107
|
-
|
108
|
-
|
106
|
+
max_delay: 60.0,
|
107
|
+
multiplier: 1.3,
|
108
|
+
retry_codes: [14, 4]
|
109
109
|
}
|
110
110
|
|
111
111
|
default_config.rpcs.get_key_ring.timeout = 60.0
|
112
112
|
default_config.rpcs.get_key_ring.retry_policy = {
|
113
113
|
initial_delay: 0.1,
|
114
|
-
|
115
|
-
|
116
|
-
|
114
|
+
max_delay: 60.0,
|
115
|
+
multiplier: 1.3,
|
116
|
+
retry_codes: [14, 4]
|
117
117
|
}
|
118
118
|
|
119
119
|
default_config.rpcs.get_crypto_key.timeout = 60.0
|
120
120
|
default_config.rpcs.get_crypto_key.retry_policy = {
|
121
121
|
initial_delay: 0.1,
|
122
|
-
|
123
|
-
|
124
|
-
|
122
|
+
max_delay: 60.0,
|
123
|
+
multiplier: 1.3,
|
124
|
+
retry_codes: [14, 4]
|
125
125
|
}
|
126
126
|
|
127
127
|
default_config.rpcs.get_crypto_key_version.timeout = 60.0
|
128
128
|
default_config.rpcs.get_crypto_key_version.retry_policy = {
|
129
129
|
initial_delay: 0.1,
|
130
|
-
|
131
|
-
|
132
|
-
|
130
|
+
max_delay: 60.0,
|
131
|
+
multiplier: 1.3,
|
132
|
+
retry_codes: [14, 4]
|
133
133
|
}
|
134
134
|
|
135
135
|
default_config.rpcs.get_public_key.timeout = 60.0
|
136
136
|
default_config.rpcs.get_public_key.retry_policy = {
|
137
137
|
initial_delay: 0.1,
|
138
|
-
|
139
|
-
|
140
|
-
|
138
|
+
max_delay: 60.0,
|
139
|
+
multiplier: 1.3,
|
140
|
+
retry_codes: [14, 4]
|
141
141
|
}
|
142
142
|
|
143
143
|
default_config.rpcs.get_import_job.timeout = 60.0
|
144
144
|
default_config.rpcs.get_import_job.retry_policy = {
|
145
145
|
initial_delay: 0.1,
|
146
|
-
|
147
|
-
|
148
|
-
|
146
|
+
max_delay: 60.0,
|
147
|
+
multiplier: 1.3,
|
148
|
+
retry_codes: [14, 4]
|
149
149
|
}
|
150
150
|
|
151
151
|
default_config.rpcs.create_key_ring.timeout = 60.0
|
152
152
|
default_config.rpcs.create_key_ring.retry_policy = {
|
153
153
|
initial_delay: 0.1,
|
154
|
-
|
155
|
-
|
156
|
-
|
154
|
+
max_delay: 60.0,
|
155
|
+
multiplier: 1.3,
|
156
|
+
retry_codes: [14, 4]
|
157
157
|
}
|
158
158
|
|
159
159
|
default_config.rpcs.create_crypto_key.timeout = 60.0
|
160
160
|
default_config.rpcs.create_crypto_key.retry_policy = {
|
161
161
|
initial_delay: 0.1,
|
162
|
-
|
163
|
-
|
164
|
-
|
162
|
+
max_delay: 60.0,
|
163
|
+
multiplier: 1.3,
|
164
|
+
retry_codes: [14, 4]
|
165
165
|
}
|
166
166
|
|
167
167
|
default_config.rpcs.create_crypto_key_version.timeout = 60.0
|
@@ -171,81 +171,81 @@ module Google
|
|
171
171
|
default_config.rpcs.create_import_job.timeout = 60.0
|
172
172
|
default_config.rpcs.create_import_job.retry_policy = {
|
173
173
|
initial_delay: 0.1,
|
174
|
-
|
175
|
-
|
176
|
-
|
174
|
+
max_delay: 60.0,
|
175
|
+
multiplier: 1.3,
|
176
|
+
retry_codes: [14, 4]
|
177
177
|
}
|
178
178
|
|
179
179
|
default_config.rpcs.update_crypto_key.timeout = 60.0
|
180
180
|
default_config.rpcs.update_crypto_key.retry_policy = {
|
181
181
|
initial_delay: 0.1,
|
182
|
-
|
183
|
-
|
184
|
-
|
182
|
+
max_delay: 60.0,
|
183
|
+
multiplier: 1.3,
|
184
|
+
retry_codes: [14, 4]
|
185
185
|
}
|
186
186
|
|
187
187
|
default_config.rpcs.update_crypto_key_version.timeout = 60.0
|
188
188
|
default_config.rpcs.update_crypto_key_version.retry_policy = {
|
189
189
|
initial_delay: 0.1,
|
190
|
-
|
191
|
-
|
192
|
-
|
190
|
+
max_delay: 60.0,
|
191
|
+
multiplier: 1.3,
|
192
|
+
retry_codes: [14, 4]
|
193
193
|
}
|
194
194
|
|
195
195
|
default_config.rpcs.encrypt.timeout = 60.0
|
196
196
|
default_config.rpcs.encrypt.retry_policy = {
|
197
197
|
initial_delay: 0.1,
|
198
|
-
|
199
|
-
|
200
|
-
|
198
|
+
max_delay: 60.0,
|
199
|
+
multiplier: 1.3,
|
200
|
+
retry_codes: [14, 4]
|
201
201
|
}
|
202
202
|
|
203
203
|
default_config.rpcs.decrypt.timeout = 60.0
|
204
204
|
default_config.rpcs.decrypt.retry_policy = {
|
205
205
|
initial_delay: 0.1,
|
206
|
-
|
207
|
-
|
208
|
-
|
206
|
+
max_delay: 60.0,
|
207
|
+
multiplier: 1.3,
|
208
|
+
retry_codes: [14, 4]
|
209
209
|
}
|
210
210
|
|
211
211
|
default_config.rpcs.asymmetric_sign.timeout = 60.0
|
212
212
|
default_config.rpcs.asymmetric_sign.retry_policy = {
|
213
213
|
initial_delay: 0.1,
|
214
|
-
|
215
|
-
|
216
|
-
|
214
|
+
max_delay: 60.0,
|
215
|
+
multiplier: 1.3,
|
216
|
+
retry_codes: [14, 4]
|
217
217
|
}
|
218
218
|
|
219
219
|
default_config.rpcs.asymmetric_decrypt.timeout = 60.0
|
220
220
|
default_config.rpcs.asymmetric_decrypt.retry_policy = {
|
221
221
|
initial_delay: 0.1,
|
222
|
-
|
223
|
-
|
224
|
-
|
222
|
+
max_delay: 60.0,
|
223
|
+
multiplier: 1.3,
|
224
|
+
retry_codes: [14, 4]
|
225
225
|
}
|
226
226
|
|
227
227
|
default_config.rpcs.update_crypto_key_primary_version.timeout = 60.0
|
228
228
|
default_config.rpcs.update_crypto_key_primary_version.retry_policy = {
|
229
229
|
initial_delay: 0.1,
|
230
|
-
|
231
|
-
|
232
|
-
|
230
|
+
max_delay: 60.0,
|
231
|
+
multiplier: 1.3,
|
232
|
+
retry_codes: [14, 4]
|
233
233
|
}
|
234
234
|
|
235
235
|
default_config.rpcs.destroy_crypto_key_version.timeout = 60.0
|
236
236
|
default_config.rpcs.destroy_crypto_key_version.retry_policy = {
|
237
237
|
initial_delay: 0.1,
|
238
|
-
|
239
|
-
|
240
|
-
|
238
|
+
max_delay: 60.0,
|
239
|
+
multiplier: 1.3,
|
240
|
+
retry_codes: [14, 4]
|
241
241
|
}
|
242
242
|
|
243
243
|
default_config.rpcs.restore_crypto_key_version.timeout = 60.0
|
244
244
|
default_config.rpcs.restore_crypto_key_version.retry_policy = {
|
245
245
|
initial_delay: 0.1,
|
246
|
-
|
247
|
-
|
248
|
-
|
246
|
+
max_delay: 60.0,
|
247
|
+
multiplier: 1.3,
|
248
|
+
retry_codes: [14, 4]
|
249
249
|
}
|
250
250
|
|
251
251
|
default_config
|
@@ -309,7 +309,13 @@ module Google
|
|
309
309
|
|
310
310
|
# Create credentials
|
311
311
|
credentials = @config.credentials
|
312
|
-
|
312
|
+
# Use self-signed JWT if the scope and endpoint are unchanged from default,
|
313
|
+
# but only if the default endpoint does not have a region prefix.
|
314
|
+
enable_self_signed_jwt = @config.scope == Client.configure.scope &&
|
315
|
+
@config.endpoint == Client.configure.endpoint &&
|
316
|
+
!@config.endpoint.split(".").first.include?("-")
|
317
|
+
credentials ||= Credentials.default scope: @config.scope,
|
318
|
+
enable_self_signed_jwt: enable_self_signed_jwt
|
313
319
|
if credentials.is_a?(String) || credentials.is_a?(Hash)
|
314
320
|
credentials = Credentials.new credentials, scope: @config.scope
|
315
321
|
end
|
@@ -1572,7 +1578,7 @@ module Google
|
|
1572
1578
|
# @param options [::Gapic::CallOptions, ::Hash]
|
1573
1579
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1574
1580
|
#
|
1575
|
-
# @overload encrypt(name: nil, plaintext: nil, additional_authenticated_data: nil)
|
1581
|
+
# @overload encrypt(name: nil, plaintext: nil, additional_authenticated_data: nil, plaintext_crc32c: nil, additional_authenticated_data_crc32c: nil)
|
1576
1582
|
# Pass arguments to `encrypt` via keyword arguments. Note that at
|
1577
1583
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
1578
1584
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -1602,6 +1608,39 @@ module Google
|
|
1602
1608
|
# 64KiB. For {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of the
|
1603
1609
|
# plaintext and additional_authenticated_data fields must be no larger than
|
1604
1610
|
# 8KiB.
|
1611
|
+
# @param plaintext_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1612
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}. If
|
1613
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
1614
|
+
# received {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext} using this checksum.
|
1615
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
1616
|
+
# fails. If you receive a checksum error, your client should verify that
|
1617
|
+
# CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}) is equal to
|
1618
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}, and if so, perform a limited number of
|
1619
|
+
# retries. A persistent mismatch may indicate an issue in your computation of
|
1620
|
+
# the CRC32C checksum.
|
1621
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1622
|
+
# different languages. However, it is a non-negative integer, which will
|
1623
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1624
|
+
# that support this type.
|
1625
|
+
#
|
1626
|
+
# NOTE: This field is in Beta.
|
1627
|
+
# @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1628
|
+
# Optional. An optional CRC32C checksum of the
|
1629
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}. If specified,
|
1630
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received
|
1631
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data} using this checksum.
|
1632
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
1633
|
+
# fails. If you receive a checksum error, your client should verify that
|
1634
|
+
# CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}) is equal to
|
1635
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}, and if so, perform
|
1636
|
+
# a limited number of retries. A persistent mismatch may indicate an issue in
|
1637
|
+
# your computation of the CRC32C checksum.
|
1638
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1639
|
+
# different languages. However, it is a non-negative integer, which will
|
1640
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1641
|
+
# that support this type.
|
1642
|
+
#
|
1643
|
+
# NOTE: This field is in Beta.
|
1605
1644
|
#
|
1606
1645
|
# @yield [response, operation] Access the result along with the RPC operation
|
1607
1646
|
# @yieldparam response [::Google::Cloud::Kms::V1::EncryptResponse]
|
@@ -1662,7 +1701,7 @@ module Google
|
|
1662
1701
|
# @param options [::Gapic::CallOptions, ::Hash]
|
1663
1702
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1664
1703
|
#
|
1665
|
-
# @overload decrypt(name: nil, ciphertext: nil, additional_authenticated_data: nil)
|
1704
|
+
# @overload decrypt(name: nil, ciphertext: nil, additional_authenticated_data: nil, ciphertext_crc32c: nil, additional_authenticated_data_crc32c: nil)
|
1666
1705
|
# Pass arguments to `decrypt` via keyword arguments. Note that at
|
1667
1706
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
1668
1707
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -1676,6 +1715,39 @@ module Google
|
|
1676
1715
|
# @param additional_authenticated_data [::String]
|
1677
1716
|
# Optional. Optional data that must match the data originally supplied in
|
1678
1717
|
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
|
1718
|
+
# @param ciphertext_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1719
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}. If
|
1720
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
1721
|
+
# received {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext} using this checksum.
|
1722
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
1723
|
+
# fails. If you receive a checksum error, your client should verify that
|
1724
|
+
# CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}) is equal to
|
1725
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext_crc32c DecryptRequest.ciphertext_crc32c}, and if so, perform a limited number
|
1726
|
+
# of retries. A persistent mismatch may indicate an issue in your computation
|
1727
|
+
# of the CRC32C checksum.
|
1728
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1729
|
+
# different languages. However, it is a non-negative integer, which will
|
1730
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1731
|
+
# that support this type.
|
1732
|
+
#
|
1733
|
+
# NOTE: This field is in Beta.
|
1734
|
+
# @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1735
|
+
# Optional. An optional CRC32C checksum of the
|
1736
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}. If specified,
|
1737
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received
|
1738
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data} using this checksum.
|
1739
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
1740
|
+
# fails. If you receive a checksum error, your client should verify that
|
1741
|
+
# CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}) is equal to
|
1742
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data_crc32c DecryptRequest.additional_authenticated_data_crc32c}, and if so, perform
|
1743
|
+
# a limited number of retries. A persistent mismatch may indicate an issue in
|
1744
|
+
# your computation of the CRC32C checksum.
|
1745
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1746
|
+
# different languages. However, it is a non-negative integer, which will
|
1747
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1748
|
+
# that support this type.
|
1749
|
+
#
|
1750
|
+
# NOTE: This field is in Beta.
|
1679
1751
|
#
|
1680
1752
|
# @yield [response, operation] Access the result along with the RPC operation
|
1681
1753
|
# @yieldparam response [::Google::Cloud::Kms::V1::DecryptResponse]
|
@@ -1737,7 +1809,7 @@ module Google
|
|
1737
1809
|
# @param options [::Gapic::CallOptions, ::Hash]
|
1738
1810
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1739
1811
|
#
|
1740
|
-
# @overload asymmetric_sign(name: nil, digest: nil)
|
1812
|
+
# @overload asymmetric_sign(name: nil, digest: nil, digest_crc32c: nil)
|
1741
1813
|
# Pass arguments to `asymmetric_sign` via keyword arguments. Note that at
|
1742
1814
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
1743
1815
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -1748,6 +1820,22 @@ module Google
|
|
1748
1820
|
# Required. The digest of the data to sign. The digest must be produced with
|
1749
1821
|
# the same digest algorithm as specified by the key version's
|
1750
1822
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersion#algorithm algorithm}.
|
1823
|
+
# @param digest_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1824
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}. If
|
1825
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
1826
|
+
# received {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest} using this checksum.
|
1827
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
1828
|
+
# fails. If you receive a checksum error, your client should verify that
|
1829
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}) is equal to
|
1830
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}, and if so, perform a limited
|
1831
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
1832
|
+
# computation of the CRC32C checksum.
|
1833
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1834
|
+
# different languages. However, it is a non-negative integer, which will
|
1835
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1836
|
+
# that support this type.
|
1837
|
+
#
|
1838
|
+
# NOTE: This field is in Beta.
|
1751
1839
|
#
|
1752
1840
|
# @yield [response, operation] Access the result along with the RPC operation
|
1753
1841
|
# @yieldparam response [::Google::Cloud::Kms::V1::AsymmetricSignResponse]
|
@@ -1809,7 +1897,7 @@ module Google
|
|
1809
1897
|
# @param options [::Gapic::CallOptions, ::Hash]
|
1810
1898
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1811
1899
|
#
|
1812
|
-
# @overload asymmetric_decrypt(name: nil, ciphertext: nil)
|
1900
|
+
# @overload asymmetric_decrypt(name: nil, ciphertext: nil, ciphertext_crc32c: nil)
|
1813
1901
|
# Pass arguments to `asymmetric_decrypt` via keyword arguments. Note that at
|
1814
1902
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
1815
1903
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -1820,6 +1908,22 @@ module Google
|
|
1820
1908
|
# @param ciphertext [::String]
|
1821
1909
|
# Required. The data encrypted with the named {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s public
|
1822
1910
|
# key using OAEP.
|
1911
|
+
# @param ciphertext_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1912
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}.
|
1913
|
+
# If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
1914
|
+
# received {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext} using this checksum.
|
1915
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
1916
|
+
# fails. If you receive a checksum error, your client should verify that
|
1917
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}) is equal to
|
1918
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}, and if so, perform a
|
1919
|
+
# limited number of retries. A persistent mismatch may indicate an issue in
|
1920
|
+
# your computation of the CRC32C checksum.
|
1921
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1922
|
+
# different languages. However, it is a non-negative integer, which will
|
1923
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1924
|
+
# that support this type.
|
1925
|
+
#
|
1926
|
+
# NOTE: This field is in Beta.
|
1823
1927
|
#
|
1824
1928
|
# @yield [response, operation] Access the result along with the RPC operation
|
1825
1929
|
# @yieldparam response [::Google::Cloud::Kms::V1::AsymmetricDecryptResponse]
|
@@ -2177,7 +2281,7 @@ module Google
|
|
2177
2281
|
config_attr :scope, nil, ::String, ::Array, nil
|
2178
2282
|
config_attr :lib_name, nil, ::String, nil
|
2179
2283
|
config_attr :lib_version, nil, ::String, nil
|
2180
|
-
config_attr(:channel_args, { "grpc.service_config_disable_resolution"=>1 }, ::Hash, nil)
|
2284
|
+
config_attr(:channel_args, { "grpc.service_config_disable_resolution" => 1 }, ::Hash, nil)
|
2181
2285
|
config_attr :interceptors, nil, ::Array, nil
|
2182
2286
|
config_attr :timeout, nil, ::Numeric, nil
|
2183
2287
|
config_attr :metadata, nil, ::Hash, nil
|
@@ -2198,7 +2302,7 @@ module Google
|
|
2198
2302
|
def rpcs
|
2199
2303
|
@rpcs ||= begin
|
2200
2304
|
parent_rpcs = nil
|
2201
|
-
parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config
|
2305
|
+
parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs)
|
2202
2306
|
Rpcs.new parent_rpcs
|
2203
2307
|
end
|
2204
2308
|
end
|
@@ -2210,7 +2314,7 @@ module Google
|
|
2210
2314
|
# Each configuration object is of type `Gapic::Config::Method` and includes
|
2211
2315
|
# the following configuration fields:
|
2212
2316
|
#
|
2213
|
-
# * `timeout` (*type:* `Numeric`) - The call timeout in
|
2317
|
+
# * `timeout` (*type:* `Numeric`) - The call timeout in seconds
|
2214
2318
|
# * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional gRPC headers
|
2215
2319
|
# * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields
|
2216
2320
|
# include the following keys:
|
@@ -2339,51 +2443,51 @@ module Google
|
|
2339
2443
|
|
2340
2444
|
# @private
|
2341
2445
|
def initialize parent_rpcs = nil
|
2342
|
-
list_key_rings_config = parent_rpcs
|
2446
|
+
list_key_rings_config = parent_rpcs.list_key_rings if parent_rpcs.respond_to? :list_key_rings
|
2343
2447
|
@list_key_rings = ::Gapic::Config::Method.new list_key_rings_config
|
2344
|
-
list_crypto_keys_config = parent_rpcs
|
2448
|
+
list_crypto_keys_config = parent_rpcs.list_crypto_keys if parent_rpcs.respond_to? :list_crypto_keys
|
2345
2449
|
@list_crypto_keys = ::Gapic::Config::Method.new list_crypto_keys_config
|
2346
|
-
list_crypto_key_versions_config = parent_rpcs
|
2450
|
+
list_crypto_key_versions_config = parent_rpcs.list_crypto_key_versions if parent_rpcs.respond_to? :list_crypto_key_versions
|
2347
2451
|
@list_crypto_key_versions = ::Gapic::Config::Method.new list_crypto_key_versions_config
|
2348
|
-
list_import_jobs_config = parent_rpcs
|
2452
|
+
list_import_jobs_config = parent_rpcs.list_import_jobs if parent_rpcs.respond_to? :list_import_jobs
|
2349
2453
|
@list_import_jobs = ::Gapic::Config::Method.new list_import_jobs_config
|
2350
|
-
get_key_ring_config = parent_rpcs
|
2454
|
+
get_key_ring_config = parent_rpcs.get_key_ring if parent_rpcs.respond_to? :get_key_ring
|
2351
2455
|
@get_key_ring = ::Gapic::Config::Method.new get_key_ring_config
|
2352
|
-
get_crypto_key_config = parent_rpcs
|
2456
|
+
get_crypto_key_config = parent_rpcs.get_crypto_key if parent_rpcs.respond_to? :get_crypto_key
|
2353
2457
|
@get_crypto_key = ::Gapic::Config::Method.new get_crypto_key_config
|
2354
|
-
get_crypto_key_version_config = parent_rpcs
|
2458
|
+
get_crypto_key_version_config = parent_rpcs.get_crypto_key_version if parent_rpcs.respond_to? :get_crypto_key_version
|
2355
2459
|
@get_crypto_key_version = ::Gapic::Config::Method.new get_crypto_key_version_config
|
2356
|
-
get_public_key_config = parent_rpcs
|
2460
|
+
get_public_key_config = parent_rpcs.get_public_key if parent_rpcs.respond_to? :get_public_key
|
2357
2461
|
@get_public_key = ::Gapic::Config::Method.new get_public_key_config
|
2358
|
-
get_import_job_config = parent_rpcs
|
2462
|
+
get_import_job_config = parent_rpcs.get_import_job if parent_rpcs.respond_to? :get_import_job
|
2359
2463
|
@get_import_job = ::Gapic::Config::Method.new get_import_job_config
|
2360
|
-
create_key_ring_config = parent_rpcs
|
2464
|
+
create_key_ring_config = parent_rpcs.create_key_ring if parent_rpcs.respond_to? :create_key_ring
|
2361
2465
|
@create_key_ring = ::Gapic::Config::Method.new create_key_ring_config
|
2362
|
-
create_crypto_key_config = parent_rpcs
|
2466
|
+
create_crypto_key_config = parent_rpcs.create_crypto_key if parent_rpcs.respond_to? :create_crypto_key
|
2363
2467
|
@create_crypto_key = ::Gapic::Config::Method.new create_crypto_key_config
|
2364
|
-
create_crypto_key_version_config = parent_rpcs
|
2468
|
+
create_crypto_key_version_config = parent_rpcs.create_crypto_key_version if parent_rpcs.respond_to? :create_crypto_key_version
|
2365
2469
|
@create_crypto_key_version = ::Gapic::Config::Method.new create_crypto_key_version_config
|
2366
|
-
import_crypto_key_version_config = parent_rpcs
|
2470
|
+
import_crypto_key_version_config = parent_rpcs.import_crypto_key_version if parent_rpcs.respond_to? :import_crypto_key_version
|
2367
2471
|
@import_crypto_key_version = ::Gapic::Config::Method.new import_crypto_key_version_config
|
2368
|
-
create_import_job_config = parent_rpcs
|
2472
|
+
create_import_job_config = parent_rpcs.create_import_job if parent_rpcs.respond_to? :create_import_job
|
2369
2473
|
@create_import_job = ::Gapic::Config::Method.new create_import_job_config
|
2370
|
-
update_crypto_key_config = parent_rpcs
|
2474
|
+
update_crypto_key_config = parent_rpcs.update_crypto_key if parent_rpcs.respond_to? :update_crypto_key
|
2371
2475
|
@update_crypto_key = ::Gapic::Config::Method.new update_crypto_key_config
|
2372
|
-
update_crypto_key_version_config = parent_rpcs
|
2476
|
+
update_crypto_key_version_config = parent_rpcs.update_crypto_key_version if parent_rpcs.respond_to? :update_crypto_key_version
|
2373
2477
|
@update_crypto_key_version = ::Gapic::Config::Method.new update_crypto_key_version_config
|
2374
|
-
encrypt_config = parent_rpcs
|
2478
|
+
encrypt_config = parent_rpcs.encrypt if parent_rpcs.respond_to? :encrypt
|
2375
2479
|
@encrypt = ::Gapic::Config::Method.new encrypt_config
|
2376
|
-
decrypt_config = parent_rpcs
|
2480
|
+
decrypt_config = parent_rpcs.decrypt if parent_rpcs.respond_to? :decrypt
|
2377
2481
|
@decrypt = ::Gapic::Config::Method.new decrypt_config
|
2378
|
-
asymmetric_sign_config = parent_rpcs
|
2482
|
+
asymmetric_sign_config = parent_rpcs.asymmetric_sign if parent_rpcs.respond_to? :asymmetric_sign
|
2379
2483
|
@asymmetric_sign = ::Gapic::Config::Method.new asymmetric_sign_config
|
2380
|
-
asymmetric_decrypt_config = parent_rpcs
|
2484
|
+
asymmetric_decrypt_config = parent_rpcs.asymmetric_decrypt if parent_rpcs.respond_to? :asymmetric_decrypt
|
2381
2485
|
@asymmetric_decrypt = ::Gapic::Config::Method.new asymmetric_decrypt_config
|
2382
|
-
update_crypto_key_primary_version_config = parent_rpcs
|
2486
|
+
update_crypto_key_primary_version_config = parent_rpcs.update_crypto_key_primary_version if parent_rpcs.respond_to? :update_crypto_key_primary_version
|
2383
2487
|
@update_crypto_key_primary_version = ::Gapic::Config::Method.new update_crypto_key_primary_version_config
|
2384
|
-
destroy_crypto_key_version_config = parent_rpcs
|
2488
|
+
destroy_crypto_key_version_config = parent_rpcs.destroy_crypto_key_version if parent_rpcs.respond_to? :destroy_crypto_key_version
|
2385
2489
|
@destroy_crypto_key_version = ::Gapic::Config::Method.new destroy_crypto_key_version_config
|
2386
|
-
restore_crypto_key_version_config = parent_rpcs
|
2490
|
+
restore_crypto_key_version_config = parent_rpcs.restore_crypto_key_version if parent_rpcs.respond_to? :restore_crypto_key_version
|
2387
2491
|
@restore_crypto_key_version = ::Gapic::Config::Method.new restore_crypto_key_version_config
|
2388
2492
|
|
2389
2493
|
yield self if block_given?
|