google-cloud-kms-v1 0.8.0 → 0.10.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,14 +1,14 @@
1
1
  # Generated by the protocol buffer compiler. DO NOT EDIT!
2
2
  # source: google/cloud/kms/v1/resources.proto
3
3
 
4
- require 'google/protobuf'
5
-
6
4
  require 'google/api/field_behavior_pb'
7
5
  require 'google/api/resource_pb'
8
6
  require 'google/protobuf/duration_pb'
9
7
  require 'google/protobuf/timestamp_pb'
10
8
  require 'google/protobuf/wrappers_pb'
11
9
  require 'google/api/annotations_pb'
10
+ require 'google/protobuf'
11
+
12
12
  Google::Protobuf::DescriptorPool.generated_pool.build do
13
13
  add_file("google/cloud/kms/v1/resources.proto", :syntax => :proto3) do
14
14
  add_message "google.cloud.kms.v1.KeyRing" do
@@ -76,10 +76,16 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
76
76
  value :RSA_SIGN_PKCS1_3072_SHA256, 6
77
77
  value :RSA_SIGN_PKCS1_4096_SHA256, 7
78
78
  value :RSA_SIGN_PKCS1_4096_SHA512, 16
79
+ value :RSA_SIGN_RAW_PKCS1_2048, 28
80
+ value :RSA_SIGN_RAW_PKCS1_3072, 29
81
+ value :RSA_SIGN_RAW_PKCS1_4096, 30
79
82
  value :RSA_DECRYPT_OAEP_2048_SHA256, 8
80
83
  value :RSA_DECRYPT_OAEP_3072_SHA256, 9
81
84
  value :RSA_DECRYPT_OAEP_4096_SHA256, 10
82
85
  value :RSA_DECRYPT_OAEP_4096_SHA512, 17
86
+ value :RSA_DECRYPT_OAEP_2048_SHA1, 37
87
+ value :RSA_DECRYPT_OAEP_3072_SHA1, 38
88
+ value :RSA_DECRYPT_OAEP_4096_SHA1, 39
83
89
  value :EC_SIGN_P256_SHA256, 12
84
90
  value :EC_SIGN_P384_SHA384, 13
85
91
  value :EC_SIGN_SECP256K1_SHA256, 31
@@ -1,8 +1,6 @@
1
1
  # Generated by the protocol buffer compiler. DO NOT EDIT!
2
2
  # source: google/cloud/kms/v1/service.proto
3
3
 
4
- require 'google/protobuf'
5
-
6
4
  require 'google/api/annotations_pb'
7
5
  require 'google/api/client_pb'
8
6
  require 'google/api/field_behavior_pb'
@@ -10,6 +8,8 @@ require 'google/api/resource_pb'
10
8
  require 'google/cloud/kms/v1/resources_pb'
11
9
  require 'google/protobuf/field_mask_pb'
12
10
  require 'google/protobuf/wrappers_pb'
11
+ require 'google/protobuf'
12
+
13
13
  Google::Protobuf::DescriptorPool.generated_pool.build do
14
14
  add_file("google/cloud/kms/v1/service.proto", :syntax => :proto3) do
15
15
  add_message "google.cloud.kms.v1.ListKeyRingsRequest" do
@@ -142,6 +142,8 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
142
142
  optional :name, :string, 1
143
143
  optional :digest, :message, 3, "google.cloud.kms.v1.Digest"
144
144
  optional :digest_crc32c, :message, 4, "google.protobuf.Int64Value"
145
+ optional :data, :bytes, 6
146
+ optional :data_crc32c, :message, 7, "google.protobuf.Int64Value"
145
147
  end
146
148
  add_message "google.cloud.kms.v1.AsymmetricDecryptRequest" do
147
149
  optional :name, :string, 1
@@ -184,6 +186,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
184
186
  optional :signature_crc32c, :message, 2, "google.protobuf.Int64Value"
185
187
  optional :verified_digest_crc32c, :bool, 3
186
188
  optional :name, :string, 4
189
+ optional :verified_data_crc32c, :bool, 5
187
190
  optional :protection_level, :enum, 6, "google.cloud.kms.v1.ProtectionLevel"
188
191
  end
189
192
  add_message "google.cloud.kms.v1.AsymmetricDecryptResponse" do
@@ -38,7 +38,7 @@ module Google
38
38
  # [Using gRPC with Cloud KMS](https://cloud.google.com/kms/docs/grpc).
39
39
  class Service
40
40
 
41
- include GRPC::GenericService
41
+ include ::GRPC::GenericService
42
42
 
43
43
  self.marshal_class_method = :encode
44
44
  self.unmarshal_class_method = :decode
@@ -21,7 +21,7 @@ module Google
21
21
  module Cloud
22
22
  module Kms
23
23
  module V1
24
- VERSION = "0.8.0"
24
+ VERSION = "0.10.2"
25
25
  end
26
26
  end
27
27
  end
@@ -33,11 +33,7 @@ module Google
33
33
  # // For Kubernetes resources, the format is {api group}/{kind}.
34
34
  # option (google.api.resource) = {
35
35
  # type: "pubsub.googleapis.com/Topic"
36
- # name_descriptor: {
37
- # pattern: "projects/{project}/topics/{topic}"
38
- # parent_type: "cloudresourcemanager.googleapis.com/Project"
39
- # parent_name_extractor: "projects/{project}"
40
- # }
36
+ # pattern: "projects/{project}/topics/{topic}"
41
37
  # };
42
38
  # }
43
39
  #
@@ -45,10 +41,7 @@ module Google
45
41
  #
46
42
  # resources:
47
43
  # - type: "pubsub.googleapis.com/Topic"
48
- # name_descriptor:
49
- # - pattern: "projects/{project}/topics/{topic}"
50
- # parent_type: "cloudresourcemanager.googleapis.com/Project"
51
- # parent_name_extractor: "projects/{project}"
44
+ # pattern: "projects/{project}/topics/{topic}"
52
45
  #
53
46
  # Sometimes, resources have multiple patterns, typically because they can
54
47
  # live under multiple parents.
@@ -58,26 +51,10 @@ module Google
58
51
  # message LogEntry {
59
52
  # option (google.api.resource) = {
60
53
  # type: "logging.googleapis.com/LogEntry"
61
- # name_descriptor: {
62
- # pattern: "projects/{project}/logs/{log}"
63
- # parent_type: "cloudresourcemanager.googleapis.com/Project"
64
- # parent_name_extractor: "projects/{project}"
65
- # }
66
- # name_descriptor: {
67
- # pattern: "folders/{folder}/logs/{log}"
68
- # parent_type: "cloudresourcemanager.googleapis.com/Folder"
69
- # parent_name_extractor: "folders/{folder}"
70
- # }
71
- # name_descriptor: {
72
- # pattern: "organizations/{organization}/logs/{log}"
73
- # parent_type: "cloudresourcemanager.googleapis.com/Organization"
74
- # parent_name_extractor: "organizations/{organization}"
75
- # }
76
- # name_descriptor: {
77
- # pattern: "billingAccounts/{billing_account}/logs/{log}"
78
- # parent_type: "billing.googleapis.com/BillingAccount"
79
- # parent_name_extractor: "billingAccounts/{billing_account}"
80
- # }
54
+ # pattern: "projects/{project}/logs/{log}"
55
+ # pattern: "folders/{folder}/logs/{log}"
56
+ # pattern: "organizations/{organization}/logs/{log}"
57
+ # pattern: "billingAccounts/{billing_account}/logs/{log}"
81
58
  # };
82
59
  # }
83
60
  #
@@ -85,48 +62,10 @@ module Google
85
62
  #
86
63
  # resources:
87
64
  # - type: 'logging.googleapis.com/LogEntry'
88
- # name_descriptor:
89
- # - pattern: "projects/{project}/logs/{log}"
90
- # parent_type: "cloudresourcemanager.googleapis.com/Project"
91
- # parent_name_extractor: "projects/{project}"
92
- # - pattern: "folders/{folder}/logs/{log}"
93
- # parent_type: "cloudresourcemanager.googleapis.com/Folder"
94
- # parent_name_extractor: "folders/{folder}"
95
- # - pattern: "organizations/{organization}/logs/{log}"
96
- # parent_type: "cloudresourcemanager.googleapis.com/Organization"
97
- # parent_name_extractor: "organizations/{organization}"
98
- # - pattern: "billingAccounts/{billing_account}/logs/{log}"
99
- # parent_type: "billing.googleapis.com/BillingAccount"
100
- # parent_name_extractor: "billingAccounts/{billing_account}"
101
- #
102
- # For flexible resources, the resource name doesn't contain parent names, but
103
- # the resource itself has parents for policy evaluation.
104
- #
105
- # Example:
106
- #
107
- # message Shelf {
108
- # option (google.api.resource) = {
109
- # type: "library.googleapis.com/Shelf"
110
- # name_descriptor: {
111
- # pattern: "shelves/{shelf}"
112
- # parent_type: "cloudresourcemanager.googleapis.com/Project"
113
- # }
114
- # name_descriptor: {
115
- # pattern: "shelves/{shelf}"
116
- # parent_type: "cloudresourcemanager.googleapis.com/Folder"
117
- # }
118
- # };
119
- # }
120
- #
121
- # The ResourceDescriptor Yaml config will look like:
122
- #
123
- # resources:
124
- # - type: 'library.googleapis.com/Shelf'
125
- # name_descriptor:
126
- # - pattern: "shelves/{shelf}"
127
- # parent_type: "cloudresourcemanager.googleapis.com/Project"
128
- # - pattern: "shelves/{shelf}"
129
- # parent_type: "cloudresourcemanager.googleapis.com/Folder"
65
+ # pattern: "projects/{project}/logs/{log}"
66
+ # pattern: "folders/{folder}/logs/{log}"
67
+ # pattern: "organizations/{organization}/logs/{log}"
68
+ # pattern: "billingAccounts/{billing_account}/logs/{log}"
130
69
  # @!attribute [rw] type
131
70
  # @return [::String]
132
71
  # The resource type. It must be in the format of
@@ -346,6 +346,15 @@ module Google
346
346
  # RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest.
347
347
  RSA_SIGN_PKCS1_4096_SHA512 = 16
348
348
 
349
+ # RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key.
350
+ RSA_SIGN_RAW_PKCS1_2048 = 28
351
+
352
+ # RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key.
353
+ RSA_SIGN_RAW_PKCS1_3072 = 29
354
+
355
+ # RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key.
356
+ RSA_SIGN_RAW_PKCS1_4096 = 30
357
+
349
358
  # RSAES-OAEP 2048 bit key with a SHA256 digest.
350
359
  RSA_DECRYPT_OAEP_2048_SHA256 = 8
351
360
 
@@ -358,6 +367,15 @@ module Google
358
367
  # RSAES-OAEP 4096 bit key with a SHA512 digest.
359
368
  RSA_DECRYPT_OAEP_4096_SHA512 = 17
360
369
 
370
+ # RSAES-OAEP 2048 bit key with a SHA1 digest.
371
+ RSA_DECRYPT_OAEP_2048_SHA1 = 37
372
+
373
+ # RSAES-OAEP 3072 bit key with a SHA1 digest.
374
+ RSA_DECRYPT_OAEP_3072_SHA1 = 38
375
+
376
+ # RSAES-OAEP 4096 bit key with a SHA1 digest.
377
+ RSA_DECRYPT_OAEP_4096_SHA1 = 39
378
+
361
379
  # ECDSA on the NIST P-256 curve with a SHA256 digest.
362
380
  EC_SIGN_P256_SHA256 = 12
363
381
 
@@ -577,7 +577,7 @@ module Google
577
577
  # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for signing.
578
578
  # @!attribute [rw] digest
579
579
  # @return [::Google::Cloud::Kms::V1::Digest]
580
- # Required. The digest of the data to sign. The digest must be produced with
580
+ # Optional. The digest of the data to sign. The digest must be produced with
581
581
  # the same digest algorithm as specified by the key version's
582
582
  # {::Google::Cloud::Kms::V1::CryptoKeyVersion#algorithm algorithm}.
583
583
  # @!attribute [rw] digest_crc32c
@@ -595,6 +595,26 @@ module Google
595
595
  # different languages. However, it is a non-negative integer, which will
596
596
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
597
597
  # that support this type.
598
+ # @!attribute [rw] data
599
+ # @return [::String]
600
+ # Optional. This field will only be honored for RAW_PKCS1 keys.
601
+ # The data to sign. A digest is computed over the data that will be signed,
602
+ # PKCS #1 padding is applied to the digest directly and then encrypted.
603
+ # @!attribute [rw] data_crc32c
604
+ # @return [::Google::Protobuf::Int64Value]
605
+ # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}. If
606
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
607
+ # received {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data} using this checksum.
608
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
609
+ # fails. If you receive a checksum error, your client should verify that
610
+ # CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}) is equal to
611
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c}, and if so, perform a limited
612
+ # number of retries. A persistent mismatch may indicate an issue in your
613
+ # computation of the CRC32C checksum.
614
+ # Note: This field is defined as int64 for reasons of compatibility across
615
+ # different languages. However, it is a non-negative integer, which will
616
+ # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
617
+ # that support this type.
598
618
  class AsymmetricSignRequest
599
619
  include ::Google::Protobuf::MessageExts
600
620
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -832,6 +852,16 @@ module Google
832
852
  # @return [::String]
833
853
  # The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing. Check
834
854
  # this field to verify that the intended resource was used for signing.
855
+ # @!attribute [rw] verified_data_crc32c
856
+ # @return [::Boolean]
857
+ # Integrity verification field. A flag indicating whether
858
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c} was received by
859
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used for the integrity verification of the
860
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data data}. A false value of this field
861
+ # indicates either that {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c} was left
862
+ # unset or that it was not delivered to {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
863
+ # set {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c} but this field is still false,
864
+ # discard the response and perform a limited number of retries.
835
865
  # @!attribute [rw] protection_level
836
866
  # @return [::Google::Cloud::Kms::V1::ProtectionLevel]
837
867
  # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-cloud-kms-v1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.0
4
+ version: 0.10.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-09-02 00:00:00.000000000 Z
11
+ date: 2022-01-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gapic-common
@@ -234,7 +234,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
234
234
  - !ruby/object:Gem::Version
235
235
  version: '0'
236
236
  requirements: []
237
- rubygems_version: 3.2.17
237
+ rubygems_version: 3.3.4
238
238
  signing_key:
239
239
  specification_version: 4
240
240
  summary: API Client library for the Cloud Key Management Service (KMS) V1 API