google-cloud-kms-v1 0.6.1 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +3 -3
- data/lib/google/cloud/kms/v1/iam_policy/client.rb +38 -39
- data/lib/google/cloud/kms/v1/key_management_service/client.rb +515 -166
- data/lib/google/cloud/kms/v1/resources_pb.rb +11 -2
- data/lib/google/cloud/kms/v1/service_pb.rb +62 -14
- data/lib/google/cloud/kms/v1/service_services_pb.rb +37 -24
- data/lib/google/cloud/kms/v1/version.rb +1 -1
- data/proto_docs/google/cloud/kms/v1/resources.rb +47 -4
- data/proto_docs/google/cloud/kms/v1/service.rb +259 -58
- metadata +4 -4
@@ -325,8 +325,27 @@ module Google
|
|
325
325
|
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#import_crypto_key_version KeyManagementService.ImportCryptoKeyVersion}.
|
326
326
|
# @!attribute [rw] parent
|
327
327
|
# @return [::String]
|
328
|
-
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to
|
329
|
-
#
|
328
|
+
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to be imported into.
|
329
|
+
#
|
330
|
+
# The create permission is only required on this key when creating a new
|
331
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
|
332
|
+
# @!attribute [rw] crypto_key_version
|
333
|
+
# @return [::String]
|
334
|
+
# Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of an existing
|
335
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to target for an import operation.
|
336
|
+
# If this field is not present, a new {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} containing the
|
337
|
+
# supplied key material is created.
|
338
|
+
#
|
339
|
+
# If this field is present, the supplied key material is imported into
|
340
|
+
# the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To import into an existing
|
341
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}, the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} must be a child of
|
342
|
+
# {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#parent ImportCryptoKeyVersionRequest.parent}, have been previously created via
|
343
|
+
# [ImportCryptoKeyVersion][], and be in
|
344
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED} or
|
345
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::IMPORT_FAILED IMPORT_FAILED}
|
346
|
+
# state. The key material and algorithm must match the previous
|
347
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} has ever contained
|
348
|
+
# key material.
|
330
349
|
# @!attribute [rw] algorithm
|
331
350
|
# @return [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm]
|
332
351
|
# Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm algorithm} of
|
@@ -408,6 +427,36 @@ module Google
|
|
408
427
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
409
428
|
end
|
410
429
|
|
430
|
+
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key_primary_version KeyManagementService.UpdateCryptoKeyPrimaryVersion}.
|
431
|
+
# @!attribute [rw] name
|
432
|
+
# @return [::String]
|
433
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
|
434
|
+
# @!attribute [rw] crypto_key_version_id
|
435
|
+
# @return [::String]
|
436
|
+
# Required. The id of the child {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
|
437
|
+
class UpdateCryptoKeyPrimaryVersionRequest
|
438
|
+
include ::Google::Protobuf::MessageExts
|
439
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
440
|
+
end
|
441
|
+
|
442
|
+
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#destroy_crypto_key_version KeyManagementService.DestroyCryptoKeyVersion}.
|
443
|
+
# @!attribute [rw] name
|
444
|
+
# @return [::String]
|
445
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
|
446
|
+
class DestroyCryptoKeyVersionRequest
|
447
|
+
include ::Google::Protobuf::MessageExts
|
448
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
449
|
+
end
|
450
|
+
|
451
|
+
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#restore_crypto_key_version KeyManagementService.RestoreCryptoKeyVersion}.
|
452
|
+
# @!attribute [rw] name
|
453
|
+
# @return [::String]
|
454
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
|
455
|
+
class RestoreCryptoKeyVersionRequest
|
456
|
+
include ::Google::Protobuf::MessageExts
|
457
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
458
|
+
end
|
459
|
+
|
411
460
|
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt KeyManagementService.Encrypt}.
|
412
461
|
# @!attribute [rw] name
|
413
462
|
# @return [::String]
|
@@ -452,8 +501,6 @@ module Google
|
|
452
501
|
# different languages. However, it is a non-negative integer, which will
|
453
502
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
454
503
|
# that support this type.
|
455
|
-
#
|
456
|
-
# NOTE: This field is in Beta.
|
457
504
|
# @!attribute [rw] additional_authenticated_data_crc32c
|
458
505
|
# @return [::Google::Protobuf::Int64Value]
|
459
506
|
# Optional. An optional CRC32C checksum of the
|
@@ -470,8 +517,6 @@ module Google
|
|
470
517
|
# different languages. However, it is a non-negative integer, which will
|
471
518
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
472
519
|
# that support this type.
|
473
|
-
#
|
474
|
-
# NOTE: This field is in Beta.
|
475
520
|
class EncryptRequest
|
476
521
|
include ::Google::Protobuf::MessageExts
|
477
522
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -505,8 +550,6 @@ module Google
|
|
505
550
|
# different languages. However, it is a non-negative integer, which will
|
506
551
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
507
552
|
# that support this type.
|
508
|
-
#
|
509
|
-
# NOTE: This field is in Beta.
|
510
553
|
# @!attribute [rw] additional_authenticated_data_crc32c
|
511
554
|
# @return [::Google::Protobuf::Int64Value]
|
512
555
|
# Optional. An optional CRC32C checksum of the
|
@@ -523,8 +566,6 @@ module Google
|
|
523
566
|
# different languages. However, it is a non-negative integer, which will
|
524
567
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
525
568
|
# that support this type.
|
526
|
-
#
|
527
|
-
# NOTE: This field is in Beta.
|
528
569
|
class DecryptRequest
|
529
570
|
include ::Google::Protobuf::MessageExts
|
530
571
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -554,8 +595,6 @@ module Google
|
|
554
595
|
# different languages. However, it is a non-negative integer, which will
|
555
596
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
556
597
|
# that support this type.
|
557
|
-
#
|
558
|
-
# NOTE: This field is in Beta.
|
559
598
|
class AsymmetricSignRequest
|
560
599
|
include ::Google::Protobuf::MessageExts
|
561
600
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -585,35 +624,99 @@ module Google
|
|
585
624
|
# different languages. However, it is a non-negative integer, which will
|
586
625
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
587
626
|
# that support this type.
|
588
|
-
#
|
589
|
-
# NOTE: This field is in Beta.
|
590
627
|
class AsymmetricDecryptRequest
|
591
628
|
include ::Google::Protobuf::MessageExts
|
592
629
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
593
630
|
end
|
594
631
|
|
595
|
-
#
|
596
|
-
# @!attribute [rw]
|
632
|
+
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
|
633
|
+
# @!attribute [rw] name
|
597
634
|
# @return [::String]
|
598
|
-
# The
|
599
|
-
# @!attribute [rw]
|
635
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for signing.
|
636
|
+
# @!attribute [rw] data
|
637
|
+
# @return [::String]
|
638
|
+
# Required. The data to sign. The MAC tag is computed over this data field based on
|
639
|
+
# the specific algorithm.
|
640
|
+
# @!attribute [rw] data_crc32c
|
600
641
|
# @return [::Google::Protobuf::Int64Value]
|
601
|
-
#
|
602
|
-
# {::Google::Cloud::Kms::V1::
|
603
|
-
# {::Google::Cloud::Kms::V1::
|
604
|
-
#
|
605
|
-
#
|
606
|
-
#
|
607
|
-
#
|
608
|
-
#
|
609
|
-
#
|
642
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}. If
|
643
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
644
|
+
# received {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} using this checksum.
|
645
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
646
|
+
# fails. If you receive a checksum error, your client should verify that
|
647
|
+
# CRC32C({::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}) is equal to
|
648
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}, and if so, perform a limited
|
649
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
650
|
+
# computation of the CRC32C checksum.
|
610
651
|
# Note: This field is defined as int64 for reasons of compatibility across
|
611
652
|
# different languages. However, it is a non-negative integer, which will
|
612
653
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
613
654
|
# that support this type.
|
614
|
-
|
615
|
-
|
616
|
-
|
655
|
+
class MacSignRequest
|
656
|
+
include ::Google::Protobuf::MessageExts
|
657
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
658
|
+
end
|
659
|
+
|
660
|
+
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
|
661
|
+
# @!attribute [rw] name
|
662
|
+
# @return [::String]
|
663
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for verification.
|
664
|
+
# @!attribute [rw] data
|
665
|
+
# @return [::String]
|
666
|
+
# Required. The data used previously as a {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} to generate the MAC
|
667
|
+
# tag.
|
668
|
+
# @!attribute [rw] data_crc32c
|
669
|
+
# @return [::Google::Protobuf::Int64Value]
|
670
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}. If
|
671
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
672
|
+
# received {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} using this checksum.
|
673
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
674
|
+
# fails. If you receive a checksum error, your client should verify that
|
675
|
+
# CRC32C({::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}) is equal to
|
676
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}, and if so, perform a limited
|
677
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
678
|
+
# computation of the CRC32C checksum.
|
679
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
680
|
+
# different languages. However, it is a non-negative integer, which will
|
681
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
682
|
+
# that support this type.
|
683
|
+
# @!attribute [rw] mac
|
684
|
+
# @return [::String]
|
685
|
+
# Required. The signature to verify.
|
686
|
+
# @!attribute [rw] mac_crc32c
|
687
|
+
# @return [::Google::Protobuf::Int64Value]
|
688
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac}. If
|
689
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
690
|
+
# received {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} using this checksum.
|
691
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
692
|
+
# fails. If you receive a checksum error, your client should verify that
|
693
|
+
# CRC32C([MacVerifyRequest.tag][]) is equal to
|
694
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}, and if so, perform a limited
|
695
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
696
|
+
# computation of the CRC32C checksum.
|
697
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
698
|
+
# different languages. However, it is a non-negative integer, which will
|
699
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
700
|
+
# that support this type.
|
701
|
+
class MacVerifyRequest
|
702
|
+
include ::Google::Protobuf::MessageExts
|
703
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
704
|
+
end
|
705
|
+
|
706
|
+
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
|
707
|
+
# @!attribute [rw] location
|
708
|
+
# @return [::String]
|
709
|
+
# The project-specific location in which to generate random bytes.
|
710
|
+
# For example, "projects/my-project/locations/us-central1".
|
711
|
+
# @!attribute [rw] length_bytes
|
712
|
+
# @return [::Integer]
|
713
|
+
# The length in bytes of the amount of randomness to retrieve. Minimum 8
|
714
|
+
# bytes, maximum 1024 bytes.
|
715
|
+
# @!attribute [rw] protection_level
|
716
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
717
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when generating the random data. Defaults to
|
718
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE}.
|
719
|
+
class GenerateRandomBytesRequest
|
617
720
|
include ::Google::Protobuf::MessageExts
|
618
721
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
619
722
|
end
|
@@ -639,8 +742,6 @@ module Google
|
|
639
742
|
# different languages. However, it is a non-negative integer, which will
|
640
743
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
641
744
|
# that support this type.
|
642
|
-
#
|
643
|
-
# NOTE: This field is in Beta.
|
644
745
|
# @!attribute [rw] verified_plaintext_crc32c
|
645
746
|
# @return [::Boolean]
|
646
747
|
# Integrity verification field. A flag indicating whether
|
@@ -651,8 +752,6 @@ module Google
|
|
651
752
|
# that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've set
|
652
753
|
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c} but this field is still false, discard
|
653
754
|
# the response and perform a limited number of retries.
|
654
|
-
#
|
655
|
-
# NOTE: This field is in Beta.
|
656
755
|
# @!attribute [rw] verified_additional_authenticated_data_crc32c
|
657
756
|
# @return [::Boolean]
|
658
757
|
# Integrity verification field. A flag indicating whether
|
@@ -664,13 +763,44 @@ module Google
|
|
664
763
|
# that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've set
|
665
764
|
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c} but this field is
|
666
765
|
# still false, discard the response and perform a limited number of retries.
|
667
|
-
#
|
668
|
-
#
|
766
|
+
# @!attribute [rw] protection_level
|
767
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
768
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in encryption.
|
669
769
|
class EncryptResponse
|
670
770
|
include ::Google::Protobuf::MessageExts
|
671
771
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
672
772
|
end
|
673
773
|
|
774
|
+
# Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt KeyManagementService.Decrypt}.
|
775
|
+
# @!attribute [rw] plaintext
|
776
|
+
# @return [::String]
|
777
|
+
# The decrypted data originally supplied in {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
|
778
|
+
# @!attribute [rw] plaintext_crc32c
|
779
|
+
# @return [::Google::Protobuf::Int64Value]
|
780
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
781
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}. An integrity check of
|
782
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} can be performed by computing the CRC32C
|
783
|
+
# checksum of {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} and comparing your results to
|
784
|
+
# this field. Discard the response in case of non-matching checksum values,
|
785
|
+
# and perform a limited number of retries. A persistent mismatch may indicate
|
786
|
+
# an issue in your computation of the CRC32C checksum. Note: receiving this
|
787
|
+
# response message indicates that {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} is able to
|
788
|
+
# successfully decrypt the {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext ciphertext}.
|
789
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
790
|
+
# different languages. However, it is a non-negative integer, which will
|
791
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
792
|
+
# that support this type.
|
793
|
+
# @!attribute [rw] used_primary
|
794
|
+
# @return [::Boolean]
|
795
|
+
# Whether the Decryption was performed using the primary key version.
|
796
|
+
# @!attribute [rw] protection_level
|
797
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
798
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in decryption.
|
799
|
+
class DecryptResponse
|
800
|
+
include ::Google::Protobuf::MessageExts
|
801
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
802
|
+
end
|
803
|
+
|
674
804
|
# Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_sign KeyManagementService.AsymmetricSign}.
|
675
805
|
# @!attribute [rw] signature
|
676
806
|
# @return [::String]
|
@@ -688,8 +818,6 @@ module Google
|
|
688
818
|
# different languages. However, it is a non-negative integer, which will
|
689
819
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
690
820
|
# that support this type.
|
691
|
-
#
|
692
|
-
# NOTE: This field is in Beta.
|
693
821
|
# @!attribute [rw] verified_digest_crc32c
|
694
822
|
# @return [::Boolean]
|
695
823
|
# Integrity verification field. A flag indicating whether
|
@@ -700,14 +828,13 @@ module Google
|
|
700
828
|
# unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
701
829
|
# set {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c} but this field is still false,
|
702
830
|
# discard the response and perform a limited number of retries.
|
703
|
-
#
|
704
|
-
# NOTE: This field is in Beta.
|
705
831
|
# @!attribute [rw] name
|
706
832
|
# @return [::String]
|
707
833
|
# The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing. Check
|
708
834
|
# this field to verify that the intended resource was used for signing.
|
709
|
-
#
|
710
|
-
#
|
835
|
+
# @!attribute [rw] protection_level
|
836
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
837
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
|
711
838
|
class AsymmetricSignResponse
|
712
839
|
include ::Google::Protobuf::MessageExts
|
713
840
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -730,8 +857,6 @@ module Google
|
|
730
857
|
# different languages. However, it is a non-negative integer, which will
|
731
858
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
732
859
|
# that support this type.
|
733
|
-
#
|
734
|
-
# NOTE: This field is in Beta.
|
735
860
|
# @!attribute [rw] verified_ciphertext_crc32c
|
736
861
|
# @return [::Boolean]
|
737
862
|
# Integrity verification field. A flag indicating whether
|
@@ -742,39 +867,115 @@ module Google
|
|
742
867
|
# was left unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If
|
743
868
|
# you've set {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c} but this field is
|
744
869
|
# still false, discard the response and perform a limited number of retries.
|
745
|
-
#
|
746
|
-
#
|
870
|
+
# @!attribute [rw] protection_level
|
871
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
872
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in decryption.
|
747
873
|
class AsymmetricDecryptResponse
|
748
874
|
include ::Google::Protobuf::MessageExts
|
749
875
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
750
876
|
end
|
751
877
|
|
752
|
-
#
|
878
|
+
# Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
|
753
879
|
# @!attribute [rw] name
|
754
880
|
# @return [::String]
|
755
|
-
#
|
756
|
-
#
|
881
|
+
# The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing. Check
|
882
|
+
# this field to verify that the intended resource was used for signing.
|
883
|
+
# @!attribute [rw] mac
|
757
884
|
# @return [::String]
|
758
|
-
#
|
759
|
-
|
885
|
+
# The created signature.
|
886
|
+
# @!attribute [rw] mac_crc32c
|
887
|
+
# @return [::Google::Protobuf::Int64Value]
|
888
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
889
|
+
# {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac}. An integrity check of
|
890
|
+
# {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} can be performed by computing the
|
891
|
+
# CRC32C checksum of {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} and comparing your
|
892
|
+
# results to this field. Discard the response in case of non-matching
|
893
|
+
# checksum values, and perform a limited number of retries. A persistent
|
894
|
+
# mismatch may indicate an issue in your computation of the CRC32C checksum.
|
895
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
896
|
+
# different languages. However, it is a non-negative integer, which will
|
897
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
898
|
+
# that support this type.
|
899
|
+
# @!attribute [rw] verified_data_crc32c
|
900
|
+
# @return [::Boolean]
|
901
|
+
# Integrity verification field. A flag indicating whether
|
902
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c} was received by
|
903
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
904
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data data}. A false value of this field
|
905
|
+
# indicates either that {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c} was left
|
906
|
+
# unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
907
|
+
# set {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c} but this field is still false,
|
908
|
+
# discard the response and perform a limited number of retries.
|
909
|
+
# @!attribute [rw] protection_level
|
910
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
911
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
|
912
|
+
class MacSignResponse
|
760
913
|
include ::Google::Protobuf::MessageExts
|
761
914
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
762
915
|
end
|
763
916
|
|
764
|
-
#
|
917
|
+
# Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
|
765
918
|
# @!attribute [rw] name
|
766
919
|
# @return [::String]
|
767
|
-
#
|
768
|
-
|
920
|
+
# The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for verification.
|
921
|
+
# Check this field to verify that the intended resource was used for
|
922
|
+
# verification.
|
923
|
+
# @!attribute [rw] success
|
924
|
+
# @return [::Boolean]
|
925
|
+
# This field indicates whether or not the verification operation for
|
926
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} over {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} was successful.
|
927
|
+
# @!attribute [rw] verified_data_crc32c
|
928
|
+
# @return [::Boolean]
|
929
|
+
# Integrity verification field. A flag indicating whether
|
930
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c} was received by
|
931
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
932
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data data}. A false value of this field
|
933
|
+
# indicates either that {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c} was left
|
934
|
+
# unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
935
|
+
# set {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c} but this field is still false,
|
936
|
+
# discard the response and perform a limited number of retries.
|
937
|
+
# @!attribute [rw] verified_mac_crc32c
|
938
|
+
# @return [::Boolean]
|
939
|
+
# Integrity verification field. A flag indicating whether
|
940
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c} was received by
|
941
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
942
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac data}. A false value of this field
|
943
|
+
# indicates either that {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c} was left
|
944
|
+
# unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
945
|
+
# set {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c} but this field is still false,
|
946
|
+
# discard the response and perform a limited number of retries.
|
947
|
+
# @!attribute [rw] verified_success_integrity
|
948
|
+
# @return [::Boolean]
|
949
|
+
# Integrity verification field. This value is used for the integrity
|
950
|
+
# verification of [MacVerifyResponse.success]. If the value of this field
|
951
|
+
# contradicts the value of [MacVerifyResponse.success], discard the response
|
952
|
+
# and perform a limited number of retries.
|
953
|
+
# @!attribute [rw] protection_level
|
954
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
955
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for verification.
|
956
|
+
class MacVerifyResponse
|
769
957
|
include ::Google::Protobuf::MessageExts
|
770
958
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
771
959
|
end
|
772
960
|
|
773
|
-
#
|
774
|
-
# @!attribute [rw]
|
961
|
+
# Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
|
962
|
+
# @!attribute [rw] data
|
775
963
|
# @return [::String]
|
776
|
-
#
|
777
|
-
|
964
|
+
# The generated data.
|
965
|
+
# @!attribute [rw] data_crc32c
|
966
|
+
# @return [::Google::Protobuf::Int64Value]
|
967
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
968
|
+
# {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}. An integrity check of
|
969
|
+
# {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data} can be performed by computing the
|
970
|
+
# CRC32C checksum of {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data} and comparing your
|
971
|
+
# results to this field. Discard the response in case of non-matching
|
972
|
+
# checksum values, and perform a limited number of retries. A persistent
|
973
|
+
# mismatch may indicate an issue in your computation of the CRC32C checksum.
|
974
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
975
|
+
# different languages. However, it is a non-negative integer, which will
|
976
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
977
|
+
# that support this type.
|
978
|
+
class GenerateRandomBytesResponse
|
778
979
|
include ::Google::Protobuf::MessageExts
|
779
980
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
780
981
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-kms-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.9.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-10-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -16,7 +16,7 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '0.
|
19
|
+
version: '0.7'
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
22
|
version: 2.a
|
@@ -26,7 +26,7 @@ dependencies:
|
|
26
26
|
requirements:
|
27
27
|
- - ">="
|
28
28
|
- !ruby/object:Gem::Version
|
29
|
-
version: '0.
|
29
|
+
version: '0.7'
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 2.a
|