google-cloud-kms-v1 0.6.1 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -325,8 +325,27 @@ module Google
325
325
  # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#import_crypto_key_version KeyManagementService.ImportCryptoKeyVersion}.
326
326
  # @!attribute [rw] parent
327
327
  # @return [::String]
328
- # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to
329
- # be imported into.
328
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to be imported into.
329
+ #
330
+ # The create permission is only required on this key when creating a new
331
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
332
+ # @!attribute [rw] crypto_key_version
333
+ # @return [::String]
334
+ # Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of an existing
335
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to target for an import operation.
336
+ # If this field is not present, a new {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} containing the
337
+ # supplied key material is created.
338
+ #
339
+ # If this field is present, the supplied key material is imported into
340
+ # the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To import into an existing
341
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}, the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} must be a child of
342
+ # {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#parent ImportCryptoKeyVersionRequest.parent}, have been previously created via
343
+ # [ImportCryptoKeyVersion][], and be in
344
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED} or
345
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::IMPORT_FAILED IMPORT_FAILED}
346
+ # state. The key material and algorithm must match the previous
347
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} has ever contained
348
+ # key material.
330
349
  # @!attribute [rw] algorithm
331
350
  # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm]
332
351
  # Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm algorithm} of
@@ -408,6 +427,36 @@ module Google
408
427
  extend ::Google::Protobuf::MessageExts::ClassMethods
409
428
  end
410
429
 
430
+ # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key_primary_version KeyManagementService.UpdateCryptoKeyPrimaryVersion}.
431
+ # @!attribute [rw] name
432
+ # @return [::String]
433
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
434
+ # @!attribute [rw] crypto_key_version_id
435
+ # @return [::String]
436
+ # Required. The id of the child {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
437
+ class UpdateCryptoKeyPrimaryVersionRequest
438
+ include ::Google::Protobuf::MessageExts
439
+ extend ::Google::Protobuf::MessageExts::ClassMethods
440
+ end
441
+
442
+ # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#destroy_crypto_key_version KeyManagementService.DestroyCryptoKeyVersion}.
443
+ # @!attribute [rw] name
444
+ # @return [::String]
445
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
446
+ class DestroyCryptoKeyVersionRequest
447
+ include ::Google::Protobuf::MessageExts
448
+ extend ::Google::Protobuf::MessageExts::ClassMethods
449
+ end
450
+
451
+ # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#restore_crypto_key_version KeyManagementService.RestoreCryptoKeyVersion}.
452
+ # @!attribute [rw] name
453
+ # @return [::String]
454
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
455
+ class RestoreCryptoKeyVersionRequest
456
+ include ::Google::Protobuf::MessageExts
457
+ extend ::Google::Protobuf::MessageExts::ClassMethods
458
+ end
459
+
411
460
  # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt KeyManagementService.Encrypt}.
412
461
  # @!attribute [rw] name
413
462
  # @return [::String]
@@ -452,8 +501,6 @@ module Google
452
501
  # different languages. However, it is a non-negative integer, which will
453
502
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
454
503
  # that support this type.
455
- #
456
- # NOTE: This field is in Beta.
457
504
  # @!attribute [rw] additional_authenticated_data_crc32c
458
505
  # @return [::Google::Protobuf::Int64Value]
459
506
  # Optional. An optional CRC32C checksum of the
@@ -470,8 +517,6 @@ module Google
470
517
  # different languages. However, it is a non-negative integer, which will
471
518
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
472
519
  # that support this type.
473
- #
474
- # NOTE: This field is in Beta.
475
520
  class EncryptRequest
476
521
  include ::Google::Protobuf::MessageExts
477
522
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -505,8 +550,6 @@ module Google
505
550
  # different languages. However, it is a non-negative integer, which will
506
551
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
507
552
  # that support this type.
508
- #
509
- # NOTE: This field is in Beta.
510
553
  # @!attribute [rw] additional_authenticated_data_crc32c
511
554
  # @return [::Google::Protobuf::Int64Value]
512
555
  # Optional. An optional CRC32C checksum of the
@@ -523,8 +566,6 @@ module Google
523
566
  # different languages. However, it is a non-negative integer, which will
524
567
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
525
568
  # that support this type.
526
- #
527
- # NOTE: This field is in Beta.
528
569
  class DecryptRequest
529
570
  include ::Google::Protobuf::MessageExts
530
571
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -554,8 +595,6 @@ module Google
554
595
  # different languages. However, it is a non-negative integer, which will
555
596
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
556
597
  # that support this type.
557
- #
558
- # NOTE: This field is in Beta.
559
598
  class AsymmetricSignRequest
560
599
  include ::Google::Protobuf::MessageExts
561
600
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -585,35 +624,99 @@ module Google
585
624
  # different languages. However, it is a non-negative integer, which will
586
625
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
587
626
  # that support this type.
588
- #
589
- # NOTE: This field is in Beta.
590
627
  class AsymmetricDecryptRequest
591
628
  include ::Google::Protobuf::MessageExts
592
629
  extend ::Google::Protobuf::MessageExts::ClassMethods
593
630
  end
594
631
 
595
- # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt KeyManagementService.Decrypt}.
596
- # @!attribute [rw] plaintext
632
+ # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
633
+ # @!attribute [rw] name
597
634
  # @return [::String]
598
- # The decrypted data originally supplied in {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
599
- # @!attribute [rw] plaintext_crc32c
635
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for signing.
636
+ # @!attribute [rw] data
637
+ # @return [::String]
638
+ # Required. The data to sign. The MAC tag is computed over this data field based on
639
+ # the specific algorithm.
640
+ # @!attribute [rw] data_crc32c
600
641
  # @return [::Google::Protobuf::Int64Value]
601
- # Integrity verification field. A CRC32C checksum of the returned
602
- # {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}. An integrity check of
603
- # {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} can be performed by computing the CRC32C
604
- # checksum of {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} and comparing your results to
605
- # this field. Discard the response in case of non-matching checksum values,
606
- # and perform a limited number of retries. A persistent mismatch may indicate
607
- # an issue in your computation of the CRC32C checksum. Note: receiving this
608
- # response message indicates that {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} is able to
609
- # successfully decrypt the {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext ciphertext}.
642
+ # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}. If
643
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
644
+ # received {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} using this checksum.
645
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
646
+ # fails. If you receive a checksum error, your client should verify that
647
+ # CRC32C({::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}) is equal to
648
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}, and if so, perform a limited
649
+ # number of retries. A persistent mismatch may indicate an issue in your
650
+ # computation of the CRC32C checksum.
610
651
  # Note: This field is defined as int64 for reasons of compatibility across
611
652
  # different languages. However, it is a non-negative integer, which will
612
653
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
613
654
  # that support this type.
614
- #
615
- # NOTE: This field is in Beta.
616
- class DecryptResponse
655
+ class MacSignRequest
656
+ include ::Google::Protobuf::MessageExts
657
+ extend ::Google::Protobuf::MessageExts::ClassMethods
658
+ end
659
+
660
+ # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
661
+ # @!attribute [rw] name
662
+ # @return [::String]
663
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for verification.
664
+ # @!attribute [rw] data
665
+ # @return [::String]
666
+ # Required. The data used previously as a {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} to generate the MAC
667
+ # tag.
668
+ # @!attribute [rw] data_crc32c
669
+ # @return [::Google::Protobuf::Int64Value]
670
+ # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}. If
671
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
672
+ # received {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} using this checksum.
673
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
674
+ # fails. If you receive a checksum error, your client should verify that
675
+ # CRC32C({::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}) is equal to
676
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}, and if so, perform a limited
677
+ # number of retries. A persistent mismatch may indicate an issue in your
678
+ # computation of the CRC32C checksum.
679
+ # Note: This field is defined as int64 for reasons of compatibility across
680
+ # different languages. However, it is a non-negative integer, which will
681
+ # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
682
+ # that support this type.
683
+ # @!attribute [rw] mac
684
+ # @return [::String]
685
+ # Required. The signature to verify.
686
+ # @!attribute [rw] mac_crc32c
687
+ # @return [::Google::Protobuf::Int64Value]
688
+ # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac}. If
689
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
690
+ # received {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} using this checksum.
691
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
692
+ # fails. If you receive a checksum error, your client should verify that
693
+ # CRC32C([MacVerifyRequest.tag][]) is equal to
694
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}, and if so, perform a limited
695
+ # number of retries. A persistent mismatch may indicate an issue in your
696
+ # computation of the CRC32C checksum.
697
+ # Note: This field is defined as int64 for reasons of compatibility across
698
+ # different languages. However, it is a non-negative integer, which will
699
+ # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
700
+ # that support this type.
701
+ class MacVerifyRequest
702
+ include ::Google::Protobuf::MessageExts
703
+ extend ::Google::Protobuf::MessageExts::ClassMethods
704
+ end
705
+
706
+ # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
707
+ # @!attribute [rw] location
708
+ # @return [::String]
709
+ # The project-specific location in which to generate random bytes.
710
+ # For example, "projects/my-project/locations/us-central1".
711
+ # @!attribute [rw] length_bytes
712
+ # @return [::Integer]
713
+ # The length in bytes of the amount of randomness to retrieve. Minimum 8
714
+ # bytes, maximum 1024 bytes.
715
+ # @!attribute [rw] protection_level
716
+ # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
717
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when generating the random data. Defaults to
718
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE}.
719
+ class GenerateRandomBytesRequest
617
720
  include ::Google::Protobuf::MessageExts
618
721
  extend ::Google::Protobuf::MessageExts::ClassMethods
619
722
  end
@@ -639,8 +742,6 @@ module Google
639
742
  # different languages. However, it is a non-negative integer, which will
640
743
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
641
744
  # that support this type.
642
- #
643
- # NOTE: This field is in Beta.
644
745
  # @!attribute [rw] verified_plaintext_crc32c
645
746
  # @return [::Boolean]
646
747
  # Integrity verification field. A flag indicating whether
@@ -651,8 +752,6 @@ module Google
651
752
  # that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've set
652
753
  # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c} but this field is still false, discard
653
754
  # the response and perform a limited number of retries.
654
- #
655
- # NOTE: This field is in Beta.
656
755
  # @!attribute [rw] verified_additional_authenticated_data_crc32c
657
756
  # @return [::Boolean]
658
757
  # Integrity verification field. A flag indicating whether
@@ -664,13 +763,44 @@ module Google
664
763
  # that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've set
665
764
  # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c} but this field is
666
765
  # still false, discard the response and perform a limited number of retries.
667
- #
668
- # NOTE: This field is in Beta.
766
+ # @!attribute [rw] protection_level
767
+ # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
768
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in encryption.
669
769
  class EncryptResponse
670
770
  include ::Google::Protobuf::MessageExts
671
771
  extend ::Google::Protobuf::MessageExts::ClassMethods
672
772
  end
673
773
 
774
+ # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt KeyManagementService.Decrypt}.
775
+ # @!attribute [rw] plaintext
776
+ # @return [::String]
777
+ # The decrypted data originally supplied in {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
778
+ # @!attribute [rw] plaintext_crc32c
779
+ # @return [::Google::Protobuf::Int64Value]
780
+ # Integrity verification field. A CRC32C checksum of the returned
781
+ # {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}. An integrity check of
782
+ # {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} can be performed by computing the CRC32C
783
+ # checksum of {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} and comparing your results to
784
+ # this field. Discard the response in case of non-matching checksum values,
785
+ # and perform a limited number of retries. A persistent mismatch may indicate
786
+ # an issue in your computation of the CRC32C checksum. Note: receiving this
787
+ # response message indicates that {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} is able to
788
+ # successfully decrypt the {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext ciphertext}.
789
+ # Note: This field is defined as int64 for reasons of compatibility across
790
+ # different languages. However, it is a non-negative integer, which will
791
+ # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
792
+ # that support this type.
793
+ # @!attribute [rw] used_primary
794
+ # @return [::Boolean]
795
+ # Whether the Decryption was performed using the primary key version.
796
+ # @!attribute [rw] protection_level
797
+ # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
798
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in decryption.
799
+ class DecryptResponse
800
+ include ::Google::Protobuf::MessageExts
801
+ extend ::Google::Protobuf::MessageExts::ClassMethods
802
+ end
803
+
674
804
  # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_sign KeyManagementService.AsymmetricSign}.
675
805
  # @!attribute [rw] signature
676
806
  # @return [::String]
@@ -688,8 +818,6 @@ module Google
688
818
  # different languages. However, it is a non-negative integer, which will
689
819
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
690
820
  # that support this type.
691
- #
692
- # NOTE: This field is in Beta.
693
821
  # @!attribute [rw] verified_digest_crc32c
694
822
  # @return [::Boolean]
695
823
  # Integrity verification field. A flag indicating whether
@@ -700,14 +828,13 @@ module Google
700
828
  # unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
701
829
  # set {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c} but this field is still false,
702
830
  # discard the response and perform a limited number of retries.
703
- #
704
- # NOTE: This field is in Beta.
705
831
  # @!attribute [rw] name
706
832
  # @return [::String]
707
833
  # The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing. Check
708
834
  # this field to verify that the intended resource was used for signing.
709
- #
710
- # NOTE: This field is in Beta.
835
+ # @!attribute [rw] protection_level
836
+ # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
837
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
711
838
  class AsymmetricSignResponse
712
839
  include ::Google::Protobuf::MessageExts
713
840
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -730,8 +857,6 @@ module Google
730
857
  # different languages. However, it is a non-negative integer, which will
731
858
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
732
859
  # that support this type.
733
- #
734
- # NOTE: This field is in Beta.
735
860
  # @!attribute [rw] verified_ciphertext_crc32c
736
861
  # @return [::Boolean]
737
862
  # Integrity verification field. A flag indicating whether
@@ -742,39 +867,115 @@ module Google
742
867
  # was left unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If
743
868
  # you've set {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c} but this field is
744
869
  # still false, discard the response and perform a limited number of retries.
745
- #
746
- # NOTE: This field is in Beta.
870
+ # @!attribute [rw] protection_level
871
+ # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
872
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in decryption.
747
873
  class AsymmetricDecryptResponse
748
874
  include ::Google::Protobuf::MessageExts
749
875
  extend ::Google::Protobuf::MessageExts::ClassMethods
750
876
  end
751
877
 
752
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key_primary_version KeyManagementService.UpdateCryptoKeyPrimaryVersion}.
878
+ # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
753
879
  # @!attribute [rw] name
754
880
  # @return [::String]
755
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
756
- # @!attribute [rw] crypto_key_version_id
881
+ # The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing. Check
882
+ # this field to verify that the intended resource was used for signing.
883
+ # @!attribute [rw] mac
757
884
  # @return [::String]
758
- # Required. The id of the child {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
759
- class UpdateCryptoKeyPrimaryVersionRequest
885
+ # The created signature.
886
+ # @!attribute [rw] mac_crc32c
887
+ # @return [::Google::Protobuf::Int64Value]
888
+ # Integrity verification field. A CRC32C checksum of the returned
889
+ # {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac}. An integrity check of
890
+ # {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} can be performed by computing the
891
+ # CRC32C checksum of {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} and comparing your
892
+ # results to this field. Discard the response in case of non-matching
893
+ # checksum values, and perform a limited number of retries. A persistent
894
+ # mismatch may indicate an issue in your computation of the CRC32C checksum.
895
+ # Note: This field is defined as int64 for reasons of compatibility across
896
+ # different languages. However, it is a non-negative integer, which will
897
+ # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
898
+ # that support this type.
899
+ # @!attribute [rw] verified_data_crc32c
900
+ # @return [::Boolean]
901
+ # Integrity verification field. A flag indicating whether
902
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c} was received by
903
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
904
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data data}. A false value of this field
905
+ # indicates either that {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c} was left
906
+ # unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
907
+ # set {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c} but this field is still false,
908
+ # discard the response and perform a limited number of retries.
909
+ # @!attribute [rw] protection_level
910
+ # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
911
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
912
+ class MacSignResponse
760
913
  include ::Google::Protobuf::MessageExts
761
914
  extend ::Google::Protobuf::MessageExts::ClassMethods
762
915
  end
763
916
 
764
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#destroy_crypto_key_version KeyManagementService.DestroyCryptoKeyVersion}.
917
+ # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
765
918
  # @!attribute [rw] name
766
919
  # @return [::String]
767
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
768
- class DestroyCryptoKeyVersionRequest
920
+ # The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for verification.
921
+ # Check this field to verify that the intended resource was used for
922
+ # verification.
923
+ # @!attribute [rw] success
924
+ # @return [::Boolean]
925
+ # This field indicates whether or not the verification operation for
926
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} over {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} was successful.
927
+ # @!attribute [rw] verified_data_crc32c
928
+ # @return [::Boolean]
929
+ # Integrity verification field. A flag indicating whether
930
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c} was received by
931
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
932
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data data}. A false value of this field
933
+ # indicates either that {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c} was left
934
+ # unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
935
+ # set {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c} but this field is still false,
936
+ # discard the response and perform a limited number of retries.
937
+ # @!attribute [rw] verified_mac_crc32c
938
+ # @return [::Boolean]
939
+ # Integrity verification field. A flag indicating whether
940
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c} was received by
941
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
942
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac data}. A false value of this field
943
+ # indicates either that {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c} was left
944
+ # unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
945
+ # set {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c} but this field is still false,
946
+ # discard the response and perform a limited number of retries.
947
+ # @!attribute [rw] verified_success_integrity
948
+ # @return [::Boolean]
949
+ # Integrity verification field. This value is used for the integrity
950
+ # verification of [MacVerifyResponse.success]. If the value of this field
951
+ # contradicts the value of [MacVerifyResponse.success], discard the response
952
+ # and perform a limited number of retries.
953
+ # @!attribute [rw] protection_level
954
+ # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
955
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for verification.
956
+ class MacVerifyResponse
769
957
  include ::Google::Protobuf::MessageExts
770
958
  extend ::Google::Protobuf::MessageExts::ClassMethods
771
959
  end
772
960
 
773
- # Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#restore_crypto_key_version KeyManagementService.RestoreCryptoKeyVersion}.
774
- # @!attribute [rw] name
961
+ # Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
962
+ # @!attribute [rw] data
775
963
  # @return [::String]
776
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
777
- class RestoreCryptoKeyVersionRequest
964
+ # The generated data.
965
+ # @!attribute [rw] data_crc32c
966
+ # @return [::Google::Protobuf::Int64Value]
967
+ # Integrity verification field. A CRC32C checksum of the returned
968
+ # {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}. An integrity check of
969
+ # {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data} can be performed by computing the
970
+ # CRC32C checksum of {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data} and comparing your
971
+ # results to this field. Discard the response in case of non-matching
972
+ # checksum values, and perform a limited number of retries. A persistent
973
+ # mismatch may indicate an issue in your computation of the CRC32C checksum.
974
+ # Note: This field is defined as int64 for reasons of compatibility across
975
+ # different languages. However, it is a non-negative integer, which will
976
+ # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
977
+ # that support this type.
978
+ class GenerateRandomBytesResponse
778
979
  include ::Google::Protobuf::MessageExts
779
980
  extend ::Google::Protobuf::MessageExts::ClassMethods
780
981
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-cloud-kms-v1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.1
4
+ version: 0.9.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-07-08 00:00:00.000000000 Z
11
+ date: 2021-10-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gapic-common
@@ -16,7 +16,7 @@ dependencies:
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: '0.5'
19
+ version: '0.7'
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
22
  version: 2.a
@@ -26,7 +26,7 @@ dependencies:
26
26
  requirements:
27
27
  - - ">="
28
28
  - !ruby/object:Gem::Version
29
- version: '0.5'
29
+ version: '0.7'
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
32
  version: 2.a