google-cloud-kms-v1 0.6.2 → 0.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/google/cloud/kms/v1/iam_policy/client.rb +38 -39
- data/lib/google/cloud/kms/v1/key_management_service/client.rb +535 -168
- data/lib/google/cloud/kms/v1/resources_pb.rb +14 -2
- data/lib/google/cloud/kms/v1/service_pb.rb +65 -14
- data/lib/google/cloud/kms/v1/service_services_pb.rb +37 -24
- data/lib/google/cloud/kms/v1/version.rb +1 -1
- data/proto_docs/google/cloud/kms/v1/resources.rb +56 -4
- data/proto_docs/google/cloud/kms/v1/service.rb +290 -59
- metadata +4 -4
@@ -325,8 +325,27 @@ module Google
|
|
325
325
|
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#import_crypto_key_version KeyManagementService.ImportCryptoKeyVersion}.
|
326
326
|
# @!attribute [rw] parent
|
327
327
|
# @return [::String]
|
328
|
-
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to
|
329
|
-
#
|
328
|
+
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to be imported into.
|
329
|
+
#
|
330
|
+
# The create permission is only required on this key when creating a new
|
331
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
|
332
|
+
# @!attribute [rw] crypto_key_version
|
333
|
+
# @return [::String]
|
334
|
+
# Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of an existing
|
335
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to target for an import operation.
|
336
|
+
# If this field is not present, a new {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} containing the
|
337
|
+
# supplied key material is created.
|
338
|
+
#
|
339
|
+
# If this field is present, the supplied key material is imported into
|
340
|
+
# the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To import into an existing
|
341
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}, the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} must be a child of
|
342
|
+
# {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#parent ImportCryptoKeyVersionRequest.parent}, have been previously created via
|
343
|
+
# [ImportCryptoKeyVersion][], and be in
|
344
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED} or
|
345
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::IMPORT_FAILED IMPORT_FAILED}
|
346
|
+
# state. The key material and algorithm must match the previous
|
347
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} has ever contained
|
348
|
+
# key material.
|
330
349
|
# @!attribute [rw] algorithm
|
331
350
|
# @return [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm]
|
332
351
|
# Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm algorithm} of
|
@@ -408,6 +427,36 @@ module Google
|
|
408
427
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
409
428
|
end
|
410
429
|
|
430
|
+
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key_primary_version KeyManagementService.UpdateCryptoKeyPrimaryVersion}.
|
431
|
+
# @!attribute [rw] name
|
432
|
+
# @return [::String]
|
433
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
|
434
|
+
# @!attribute [rw] crypto_key_version_id
|
435
|
+
# @return [::String]
|
436
|
+
# Required. The id of the child {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
|
437
|
+
class UpdateCryptoKeyPrimaryVersionRequest
|
438
|
+
include ::Google::Protobuf::MessageExts
|
439
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
440
|
+
end
|
441
|
+
|
442
|
+
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#destroy_crypto_key_version KeyManagementService.DestroyCryptoKeyVersion}.
|
443
|
+
# @!attribute [rw] name
|
444
|
+
# @return [::String]
|
445
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
|
446
|
+
class DestroyCryptoKeyVersionRequest
|
447
|
+
include ::Google::Protobuf::MessageExts
|
448
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
449
|
+
end
|
450
|
+
|
451
|
+
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#restore_crypto_key_version KeyManagementService.RestoreCryptoKeyVersion}.
|
452
|
+
# @!attribute [rw] name
|
453
|
+
# @return [::String]
|
454
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
|
455
|
+
class RestoreCryptoKeyVersionRequest
|
456
|
+
include ::Google::Protobuf::MessageExts
|
457
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
458
|
+
end
|
459
|
+
|
411
460
|
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt KeyManagementService.Encrypt}.
|
412
461
|
# @!attribute [rw] name
|
413
462
|
# @return [::String]
|
@@ -452,8 +501,6 @@ module Google
|
|
452
501
|
# different languages. However, it is a non-negative integer, which will
|
453
502
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
454
503
|
# that support this type.
|
455
|
-
#
|
456
|
-
# NOTE: This field is in Beta.
|
457
504
|
# @!attribute [rw] additional_authenticated_data_crc32c
|
458
505
|
# @return [::Google::Protobuf::Int64Value]
|
459
506
|
# Optional. An optional CRC32C checksum of the
|
@@ -470,8 +517,6 @@ module Google
|
|
470
517
|
# different languages. However, it is a non-negative integer, which will
|
471
518
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
472
519
|
# that support this type.
|
473
|
-
#
|
474
|
-
# NOTE: This field is in Beta.
|
475
520
|
class EncryptRequest
|
476
521
|
include ::Google::Protobuf::MessageExts
|
477
522
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -505,8 +550,6 @@ module Google
|
|
505
550
|
# different languages. However, it is a non-negative integer, which will
|
506
551
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
507
552
|
# that support this type.
|
508
|
-
#
|
509
|
-
# NOTE: This field is in Beta.
|
510
553
|
# @!attribute [rw] additional_authenticated_data_crc32c
|
511
554
|
# @return [::Google::Protobuf::Int64Value]
|
512
555
|
# Optional. An optional CRC32C checksum of the
|
@@ -523,8 +566,6 @@ module Google
|
|
523
566
|
# different languages. However, it is a non-negative integer, which will
|
524
567
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
525
568
|
# that support this type.
|
526
|
-
#
|
527
|
-
# NOTE: This field is in Beta.
|
528
569
|
class DecryptRequest
|
529
570
|
include ::Google::Protobuf::MessageExts
|
530
571
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -536,7 +577,7 @@ module Google
|
|
536
577
|
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for signing.
|
537
578
|
# @!attribute [rw] digest
|
538
579
|
# @return [::Google::Cloud::Kms::V1::Digest]
|
539
|
-
#
|
580
|
+
# Optional. The digest of the data to sign. The digest must be produced with
|
540
581
|
# the same digest algorithm as specified by the key version's
|
541
582
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersion#algorithm algorithm}.
|
542
583
|
# @!attribute [rw] digest_crc32c
|
@@ -554,8 +595,26 @@ module Google
|
|
554
595
|
# different languages. However, it is a non-negative integer, which will
|
555
596
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
556
597
|
# that support this type.
|
557
|
-
#
|
558
|
-
#
|
598
|
+
# @!attribute [rw] data
|
599
|
+
# @return [::String]
|
600
|
+
# Optional. This field will only be honored for RAW_PKCS1 keys.
|
601
|
+
# The data to sign. A digest is computed over the data that will be signed,
|
602
|
+
# PKCS #1 padding is applied to the digest directly and then encrypted.
|
603
|
+
# @!attribute [rw] data_crc32c
|
604
|
+
# @return [::Google::Protobuf::Int64Value]
|
605
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}. If
|
606
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
607
|
+
# received {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data} using this checksum.
|
608
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
609
|
+
# fails. If you receive a checksum error, your client should verify that
|
610
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}) is equal to
|
611
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c}, and if so, perform a limited
|
612
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
613
|
+
# computation of the CRC32C checksum.
|
614
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
615
|
+
# different languages. However, it is a non-negative integer, which will
|
616
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
617
|
+
# that support this type.
|
559
618
|
class AsymmetricSignRequest
|
560
619
|
include ::Google::Protobuf::MessageExts
|
561
620
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -585,35 +644,99 @@ module Google
|
|
585
644
|
# different languages. However, it is a non-negative integer, which will
|
586
645
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
587
646
|
# that support this type.
|
588
|
-
#
|
589
|
-
# NOTE: This field is in Beta.
|
590
647
|
class AsymmetricDecryptRequest
|
591
648
|
include ::Google::Protobuf::MessageExts
|
592
649
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
593
650
|
end
|
594
651
|
|
595
|
-
#
|
596
|
-
# @!attribute [rw]
|
652
|
+
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
|
653
|
+
# @!attribute [rw] name
|
597
654
|
# @return [::String]
|
598
|
-
# The
|
599
|
-
# @!attribute [rw]
|
655
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for signing.
|
656
|
+
# @!attribute [rw] data
|
657
|
+
# @return [::String]
|
658
|
+
# Required. The data to sign. The MAC tag is computed over this data field based on
|
659
|
+
# the specific algorithm.
|
660
|
+
# @!attribute [rw] data_crc32c
|
600
661
|
# @return [::Google::Protobuf::Int64Value]
|
601
|
-
#
|
602
|
-
# {::Google::Cloud::Kms::V1::
|
603
|
-
# {::Google::Cloud::Kms::V1::
|
604
|
-
#
|
605
|
-
#
|
606
|
-
#
|
607
|
-
#
|
608
|
-
#
|
609
|
-
#
|
662
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}. If
|
663
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
664
|
+
# received {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} using this checksum.
|
665
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
666
|
+
# fails. If you receive a checksum error, your client should verify that
|
667
|
+
# CRC32C({::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}) is equal to
|
668
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}, and if so, perform a limited
|
669
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
670
|
+
# computation of the CRC32C checksum.
|
610
671
|
# Note: This field is defined as int64 for reasons of compatibility across
|
611
672
|
# different languages. However, it is a non-negative integer, which will
|
612
673
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
613
674
|
# that support this type.
|
614
|
-
|
615
|
-
|
616
|
-
|
675
|
+
class MacSignRequest
|
676
|
+
include ::Google::Protobuf::MessageExts
|
677
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
678
|
+
end
|
679
|
+
|
680
|
+
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
|
681
|
+
# @!attribute [rw] name
|
682
|
+
# @return [::String]
|
683
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for verification.
|
684
|
+
# @!attribute [rw] data
|
685
|
+
# @return [::String]
|
686
|
+
# Required. The data used previously as a {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} to generate the MAC
|
687
|
+
# tag.
|
688
|
+
# @!attribute [rw] data_crc32c
|
689
|
+
# @return [::Google::Protobuf::Int64Value]
|
690
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}. If
|
691
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
692
|
+
# received {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} using this checksum.
|
693
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
694
|
+
# fails. If you receive a checksum error, your client should verify that
|
695
|
+
# CRC32C({::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}) is equal to
|
696
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}, and if so, perform a limited
|
697
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
698
|
+
# computation of the CRC32C checksum.
|
699
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
700
|
+
# different languages. However, it is a non-negative integer, which will
|
701
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
702
|
+
# that support this type.
|
703
|
+
# @!attribute [rw] mac
|
704
|
+
# @return [::String]
|
705
|
+
# Required. The signature to verify.
|
706
|
+
# @!attribute [rw] mac_crc32c
|
707
|
+
# @return [::Google::Protobuf::Int64Value]
|
708
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac}. If
|
709
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
710
|
+
# received {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} using this checksum.
|
711
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
712
|
+
# fails. If you receive a checksum error, your client should verify that
|
713
|
+
# CRC32C([MacVerifyRequest.tag][]) is equal to
|
714
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}, and if so, perform a limited
|
715
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
716
|
+
# computation of the CRC32C checksum.
|
717
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
718
|
+
# different languages. However, it is a non-negative integer, which will
|
719
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
720
|
+
# that support this type.
|
721
|
+
class MacVerifyRequest
|
722
|
+
include ::Google::Protobuf::MessageExts
|
723
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
724
|
+
end
|
725
|
+
|
726
|
+
# Request message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
|
727
|
+
# @!attribute [rw] location
|
728
|
+
# @return [::String]
|
729
|
+
# The project-specific location in which to generate random bytes.
|
730
|
+
# For example, "projects/my-project/locations/us-central1".
|
731
|
+
# @!attribute [rw] length_bytes
|
732
|
+
# @return [::Integer]
|
733
|
+
# The length in bytes of the amount of randomness to retrieve. Minimum 8
|
734
|
+
# bytes, maximum 1024 bytes.
|
735
|
+
# @!attribute [rw] protection_level
|
736
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
737
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when generating the random data. Defaults to
|
738
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE}.
|
739
|
+
class GenerateRandomBytesRequest
|
617
740
|
include ::Google::Protobuf::MessageExts
|
618
741
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
619
742
|
end
|
@@ -639,8 +762,6 @@ module Google
|
|
639
762
|
# different languages. However, it is a non-negative integer, which will
|
640
763
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
641
764
|
# that support this type.
|
642
|
-
#
|
643
|
-
# NOTE: This field is in Beta.
|
644
765
|
# @!attribute [rw] verified_plaintext_crc32c
|
645
766
|
# @return [::Boolean]
|
646
767
|
# Integrity verification field. A flag indicating whether
|
@@ -651,8 +772,6 @@ module Google
|
|
651
772
|
# that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've set
|
652
773
|
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c} but this field is still false, discard
|
653
774
|
# the response and perform a limited number of retries.
|
654
|
-
#
|
655
|
-
# NOTE: This field is in Beta.
|
656
775
|
# @!attribute [rw] verified_additional_authenticated_data_crc32c
|
657
776
|
# @return [::Boolean]
|
658
777
|
# Integrity verification field. A flag indicating whether
|
@@ -664,13 +783,44 @@ module Google
|
|
664
783
|
# that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've set
|
665
784
|
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c} but this field is
|
666
785
|
# still false, discard the response and perform a limited number of retries.
|
667
|
-
#
|
668
|
-
#
|
786
|
+
# @!attribute [rw] protection_level
|
787
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
788
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in encryption.
|
669
789
|
class EncryptResponse
|
670
790
|
include ::Google::Protobuf::MessageExts
|
671
791
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
672
792
|
end
|
673
793
|
|
794
|
+
# Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt KeyManagementService.Decrypt}.
|
795
|
+
# @!attribute [rw] plaintext
|
796
|
+
# @return [::String]
|
797
|
+
# The decrypted data originally supplied in {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
|
798
|
+
# @!attribute [rw] plaintext_crc32c
|
799
|
+
# @return [::Google::Protobuf::Int64Value]
|
800
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
801
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}. An integrity check of
|
802
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} can be performed by computing the CRC32C
|
803
|
+
# checksum of {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext} and comparing your results to
|
804
|
+
# this field. Discard the response in case of non-matching checksum values,
|
805
|
+
# and perform a limited number of retries. A persistent mismatch may indicate
|
806
|
+
# an issue in your computation of the CRC32C checksum. Note: receiving this
|
807
|
+
# response message indicates that {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} is able to
|
808
|
+
# successfully decrypt the {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext ciphertext}.
|
809
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
810
|
+
# different languages. However, it is a non-negative integer, which will
|
811
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
812
|
+
# that support this type.
|
813
|
+
# @!attribute [rw] used_primary
|
814
|
+
# @return [::Boolean]
|
815
|
+
# Whether the Decryption was performed using the primary key version.
|
816
|
+
# @!attribute [rw] protection_level
|
817
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
818
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in decryption.
|
819
|
+
class DecryptResponse
|
820
|
+
include ::Google::Protobuf::MessageExts
|
821
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
822
|
+
end
|
823
|
+
|
674
824
|
# Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_sign KeyManagementService.AsymmetricSign}.
|
675
825
|
# @!attribute [rw] signature
|
676
826
|
# @return [::String]
|
@@ -688,8 +838,6 @@ module Google
|
|
688
838
|
# different languages. However, it is a non-negative integer, which will
|
689
839
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
690
840
|
# that support this type.
|
691
|
-
#
|
692
|
-
# NOTE: This field is in Beta.
|
693
841
|
# @!attribute [rw] verified_digest_crc32c
|
694
842
|
# @return [::Boolean]
|
695
843
|
# Integrity verification field. A flag indicating whether
|
@@ -700,14 +848,23 @@ module Google
|
|
700
848
|
# unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
701
849
|
# set {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c} but this field is still false,
|
702
850
|
# discard the response and perform a limited number of retries.
|
703
|
-
#
|
704
|
-
# NOTE: This field is in Beta.
|
705
851
|
# @!attribute [rw] name
|
706
852
|
# @return [::String]
|
707
853
|
# The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing. Check
|
708
854
|
# this field to verify that the intended resource was used for signing.
|
709
|
-
#
|
710
|
-
#
|
855
|
+
# @!attribute [rw] verified_data_crc32c
|
856
|
+
# @return [::Boolean]
|
857
|
+
# Integrity verification field. A flag indicating whether
|
858
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c} was received by
|
859
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
860
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data data}. A false value of this field
|
861
|
+
# indicates either that {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c} was left
|
862
|
+
# unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
863
|
+
# set {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c} but this field is still false,
|
864
|
+
# discard the response and perform a limited number of retries.
|
865
|
+
# @!attribute [rw] protection_level
|
866
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
867
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
|
711
868
|
class AsymmetricSignResponse
|
712
869
|
include ::Google::Protobuf::MessageExts
|
713
870
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -730,8 +887,6 @@ module Google
|
|
730
887
|
# different languages. However, it is a non-negative integer, which will
|
731
888
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
732
889
|
# that support this type.
|
733
|
-
#
|
734
|
-
# NOTE: This field is in Beta.
|
735
890
|
# @!attribute [rw] verified_ciphertext_crc32c
|
736
891
|
# @return [::Boolean]
|
737
892
|
# Integrity verification field. A flag indicating whether
|
@@ -742,39 +897,115 @@ module Google
|
|
742
897
|
# was left unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If
|
743
898
|
# you've set {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c} but this field is
|
744
899
|
# still false, discard the response and perform a limited number of retries.
|
745
|
-
#
|
746
|
-
#
|
900
|
+
# @!attribute [rw] protection_level
|
901
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
902
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in decryption.
|
747
903
|
class AsymmetricDecryptResponse
|
748
904
|
include ::Google::Protobuf::MessageExts
|
749
905
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
750
906
|
end
|
751
907
|
|
752
|
-
#
|
908
|
+
# Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
|
753
909
|
# @!attribute [rw] name
|
754
910
|
# @return [::String]
|
755
|
-
#
|
756
|
-
#
|
911
|
+
# The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing. Check
|
912
|
+
# this field to verify that the intended resource was used for signing.
|
913
|
+
# @!attribute [rw] mac
|
757
914
|
# @return [::String]
|
758
|
-
#
|
759
|
-
|
915
|
+
# The created signature.
|
916
|
+
# @!attribute [rw] mac_crc32c
|
917
|
+
# @return [::Google::Protobuf::Int64Value]
|
918
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
919
|
+
# {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac}. An integrity check of
|
920
|
+
# {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} can be performed by computing the
|
921
|
+
# CRC32C checksum of {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} and comparing your
|
922
|
+
# results to this field. Discard the response in case of non-matching
|
923
|
+
# checksum values, and perform a limited number of retries. A persistent
|
924
|
+
# mismatch may indicate an issue in your computation of the CRC32C checksum.
|
925
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
926
|
+
# different languages. However, it is a non-negative integer, which will
|
927
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
928
|
+
# that support this type.
|
929
|
+
# @!attribute [rw] verified_data_crc32c
|
930
|
+
# @return [::Boolean]
|
931
|
+
# Integrity verification field. A flag indicating whether
|
932
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c} was received by
|
933
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
934
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data data}. A false value of this field
|
935
|
+
# indicates either that {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c} was left
|
936
|
+
# unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
937
|
+
# set {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c} but this field is still false,
|
938
|
+
# discard the response and perform a limited number of retries.
|
939
|
+
# @!attribute [rw] protection_level
|
940
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
941
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
|
942
|
+
class MacSignResponse
|
760
943
|
include ::Google::Protobuf::MessageExts
|
761
944
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
762
945
|
end
|
763
946
|
|
764
|
-
#
|
947
|
+
# Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
|
765
948
|
# @!attribute [rw] name
|
766
949
|
# @return [::String]
|
767
|
-
#
|
768
|
-
|
950
|
+
# The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for verification.
|
951
|
+
# Check this field to verify that the intended resource was used for
|
952
|
+
# verification.
|
953
|
+
# @!attribute [rw] success
|
954
|
+
# @return [::Boolean]
|
955
|
+
# This field indicates whether or not the verification operation for
|
956
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} over {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} was successful.
|
957
|
+
# @!attribute [rw] verified_data_crc32c
|
958
|
+
# @return [::Boolean]
|
959
|
+
# Integrity verification field. A flag indicating whether
|
960
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c} was received by
|
961
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
962
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data data}. A false value of this field
|
963
|
+
# indicates either that {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c} was left
|
964
|
+
# unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
965
|
+
# set {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c} but this field is still false,
|
966
|
+
# discard the response and perform a limited number of retries.
|
967
|
+
# @!attribute [rw] verified_mac_crc32c
|
968
|
+
# @return [::Boolean]
|
969
|
+
# Integrity verification field. A flag indicating whether
|
970
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c} was received by
|
971
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
|
972
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac data}. A false value of this field
|
973
|
+
# indicates either that {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c} was left
|
974
|
+
# unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
975
|
+
# set {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c} but this field is still false,
|
976
|
+
# discard the response and perform a limited number of retries.
|
977
|
+
# @!attribute [rw] verified_success_integrity
|
978
|
+
# @return [::Boolean]
|
979
|
+
# Integrity verification field. This value is used for the integrity
|
980
|
+
# verification of [MacVerifyResponse.success]. If the value of this field
|
981
|
+
# contradicts the value of [MacVerifyResponse.success], discard the response
|
982
|
+
# and perform a limited number of retries.
|
983
|
+
# @!attribute [rw] protection_level
|
984
|
+
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
985
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for verification.
|
986
|
+
class MacVerifyResponse
|
769
987
|
include ::Google::Protobuf::MessageExts
|
770
988
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
771
989
|
end
|
772
990
|
|
773
|
-
#
|
774
|
-
# @!attribute [rw]
|
991
|
+
# Response message for {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
|
992
|
+
# @!attribute [rw] data
|
775
993
|
# @return [::String]
|
776
|
-
#
|
777
|
-
|
994
|
+
# The generated data.
|
995
|
+
# @!attribute [rw] data_crc32c
|
996
|
+
# @return [::Google::Protobuf::Int64Value]
|
997
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
998
|
+
# {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}. An integrity check of
|
999
|
+
# {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data} can be performed by computing the
|
1000
|
+
# CRC32C checksum of {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data} and comparing your
|
1001
|
+
# results to this field. Discard the response in case of non-matching
|
1002
|
+
# checksum values, and perform a limited number of retries. A persistent
|
1003
|
+
# mismatch may indicate an issue in your computation of the CRC32C checksum.
|
1004
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1005
|
+
# different languages. However, it is a non-negative integer, which will
|
1006
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1007
|
+
# that support this type.
|
1008
|
+
class GenerateRandomBytesResponse
|
778
1009
|
include ::Google::Protobuf::MessageExts
|
779
1010
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
780
1011
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-kms-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.10.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-10-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -16,7 +16,7 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '0.
|
19
|
+
version: '0.7'
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
22
|
version: 2.a
|
@@ -26,7 +26,7 @@ dependencies:
|
|
26
26
|
requirements:
|
27
27
|
- - ">="
|
28
28
|
- !ruby/object:Gem::Version
|
29
|
-
version: '0.
|
29
|
+
version: '0.7'
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 2.a
|