google-cloud-kms-v1 0.9.0 → 0.11.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.yardopts +1 -1
- data/AUTHENTICATION.md +13 -31
- data/README.md +4 -4
- data/lib/google/cloud/kms/v1/ekm_service/client.rb +731 -0
- data/lib/google/cloud/kms/v1/ekm_service/credentials.rb +52 -0
- data/lib/google/cloud/kms/v1/ekm_service/paths.rb +90 -0
- data/lib/google/cloud/kms/v1/ekm_service.rb +53 -0
- data/lib/google/cloud/kms/v1/ekm_service_pb.rb +79 -0
- data/lib/google/cloud/kms/v1/ekm_service_services_pb.rb +57 -0
- data/lib/google/cloud/kms/v1/iam_policy/client.rb +60 -9
- data/lib/google/cloud/kms/v1/key_management_service/client.rb +975 -340
- data/lib/google/cloud/kms/v1/resources_pb.rb +13 -1
- data/lib/google/cloud/kms/v1/service_pb.rb +3 -0
- data/lib/google/cloud/kms/v1/service_services_pb.rb +84 -48
- data/lib/google/cloud/kms/v1/version.rb +1 -1
- data/lib/google/cloud/kms/v1.rb +2 -1
- data/proto_docs/google/api/resource.rb +10 -71
- data/proto_docs/google/cloud/kms/v1/ekm_service.rb +226 -0
- data/proto_docs/google/cloud/kms/v1/resources.rb +308 -160
- data/proto_docs/google/cloud/kms/v1/service.rb +661 -390
- metadata +10 -3
|
@@ -21,17 +21,22 @@ module Google
|
|
|
21
21
|
module Cloud
|
|
22
22
|
module Kms
|
|
23
23
|
module V1
|
|
24
|
-
# Request message for
|
|
24
|
+
# Request message for
|
|
25
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_key_rings KeyManagementService.ListKeyRings}.
|
|
25
26
|
# @!attribute [rw] parent
|
|
26
27
|
# @return [::String]
|
|
27
28
|
# Required. The resource name of the location associated with the
|
|
28
|
-
# {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
|
|
29
|
+
# {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
|
|
30
|
+
# `projects/*/locations/*`.
|
|
29
31
|
# @!attribute [rw] page_size
|
|
30
32
|
# @return [::Integer]
|
|
31
|
-
# Optional. Optional limit on the number of
|
|
32
|
-
#
|
|
33
|
-
#
|
|
34
|
-
#
|
|
33
|
+
# Optional. Optional limit on the number of
|
|
34
|
+
# {::Google::Cloud::Kms::V1::KeyRing KeyRings} to include in the response. Further
|
|
35
|
+
# {::Google::Cloud::Kms::V1::KeyRing KeyRings} can subsequently be obtained by
|
|
36
|
+
# including the
|
|
37
|
+
# {::Google::Cloud::Kms::V1::ListKeyRingsResponse#next_page_token ListKeyRingsResponse.next_page_token}
|
|
38
|
+
# in a subsequent request. If unspecified, the server will pick an
|
|
39
|
+
# appropriate default.
|
|
35
40
|
# @!attribute [rw] page_token
|
|
36
41
|
# @return [::String]
|
|
37
42
|
# Optional. Optional pagination token, returned earlier via
|
|
@@ -53,17 +58,21 @@ module Google
|
|
|
53
58
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
54
59
|
end
|
|
55
60
|
|
|
56
|
-
# Request message for
|
|
61
|
+
# Request message for
|
|
62
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_keys KeyManagementService.ListCryptoKeys}.
|
|
57
63
|
# @!attribute [rw] parent
|
|
58
64
|
# @return [::String]
|
|
59
|
-
# Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
|
|
60
|
-
# `projects/*/locations/*/keyRings/*`.
|
|
65
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
|
|
66
|
+
# to list, in the format `projects/*/locations/*/keyRings/*`.
|
|
61
67
|
# @!attribute [rw] page_size
|
|
62
68
|
# @return [::Integer]
|
|
63
|
-
# Optional. Optional limit on the number of
|
|
64
|
-
#
|
|
65
|
-
#
|
|
66
|
-
#
|
|
69
|
+
# Optional. Optional limit on the number of
|
|
70
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} to include in the response.
|
|
71
|
+
# Further {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} can subsequently be
|
|
72
|
+
# obtained by including the
|
|
73
|
+
# {::Google::Cloud::Kms::V1::ListCryptoKeysResponse#next_page_token ListCryptoKeysResponse.next_page_token}
|
|
74
|
+
# in a subsequent request. If unspecified, the server will pick an
|
|
75
|
+
# appropriate default.
|
|
67
76
|
# @!attribute [rw] page_token
|
|
68
77
|
# @return [::String]
|
|
69
78
|
# Optional. Optional pagination token, returned earlier via
|
|
@@ -88,18 +97,22 @@ module Google
|
|
|
88
97
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
89
98
|
end
|
|
90
99
|
|
|
91
|
-
# Request message for
|
|
100
|
+
# Request message for
|
|
101
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_key_versions KeyManagementService.ListCryptoKeyVersions}.
|
|
92
102
|
# @!attribute [rw] parent
|
|
93
103
|
# @return [::String]
|
|
94
|
-
# Required. The resource name of the
|
|
104
|
+
# Required. The resource name of the
|
|
105
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to list, in the format
|
|
95
106
|
# `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
|
|
96
107
|
# @!attribute [rw] page_size
|
|
97
108
|
# @return [::Integer]
|
|
98
|
-
# Optional. Optional limit on the number of
|
|
99
|
-
#
|
|
100
|
-
#
|
|
101
|
-
#
|
|
102
|
-
#
|
|
109
|
+
# Optional. Optional limit on the number of
|
|
110
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} to include in the
|
|
111
|
+
# response. Further {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}
|
|
112
|
+
# can subsequently be obtained by including the
|
|
113
|
+
# {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse#next_page_token ListCryptoKeyVersionsResponse.next_page_token}
|
|
114
|
+
# in a subsequent request. If unspecified, the server will pick an
|
|
115
|
+
# appropriate default.
|
|
103
116
|
# @!attribute [rw] page_token
|
|
104
117
|
# @return [::String]
|
|
105
118
|
# Optional. Optional pagination token, returned earlier via
|
|
@@ -124,17 +137,21 @@ module Google
|
|
|
124
137
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
125
138
|
end
|
|
126
139
|
|
|
127
|
-
# Request message for
|
|
140
|
+
# Request message for
|
|
141
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_import_jobs KeyManagementService.ListImportJobs}.
|
|
128
142
|
# @!attribute [rw] parent
|
|
129
143
|
# @return [::String]
|
|
130
|
-
# Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
|
|
131
|
-
# `projects/*/locations/*/keyRings/*`.
|
|
144
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
|
|
145
|
+
# to list, in the format `projects/*/locations/*/keyRings/*`.
|
|
132
146
|
# @!attribute [rw] page_size
|
|
133
147
|
# @return [::Integer]
|
|
134
|
-
# Optional. Optional limit on the number of
|
|
135
|
-
#
|
|
136
|
-
#
|
|
137
|
-
#
|
|
148
|
+
# Optional. Optional limit on the number of
|
|
149
|
+
# {::Google::Cloud::Kms::V1::ImportJob ImportJobs} to include in the response.
|
|
150
|
+
# Further {::Google::Cloud::Kms::V1::ImportJob ImportJobs} can subsequently be
|
|
151
|
+
# obtained by including the
|
|
152
|
+
# {::Google::Cloud::Kms::V1::ListImportJobsResponse#next_page_token ListImportJobsResponse.next_page_token}
|
|
153
|
+
# in a subsequent request. If unspecified, the server will pick an
|
|
154
|
+
# appropriate default.
|
|
138
155
|
# @!attribute [rw] page_token
|
|
139
156
|
# @return [::String]
|
|
140
157
|
# Optional. Optional pagination token, returned earlier via
|
|
@@ -156,152 +173,180 @@ module Google
|
|
|
156
173
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
157
174
|
end
|
|
158
175
|
|
|
159
|
-
# Response message for
|
|
176
|
+
# Response message for
|
|
177
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_key_rings KeyManagementService.ListKeyRings}.
|
|
160
178
|
# @!attribute [rw] key_rings
|
|
161
179
|
# @return [::Array<::Google::Cloud::Kms::V1::KeyRing>]
|
|
162
180
|
# The list of {::Google::Cloud::Kms::V1::KeyRing KeyRings}.
|
|
163
181
|
# @!attribute [rw] next_page_token
|
|
164
182
|
# @return [::String]
|
|
165
183
|
# A token to retrieve next page of results. Pass this value in
|
|
166
|
-
# {::Google::Cloud::Kms::V1::ListKeyRingsRequest#page_token ListKeyRingsRequest.page_token}
|
|
184
|
+
# {::Google::Cloud::Kms::V1::ListKeyRingsRequest#page_token ListKeyRingsRequest.page_token}
|
|
185
|
+
# to retrieve the next page of results.
|
|
167
186
|
# @!attribute [rw] total_size
|
|
168
187
|
# @return [::Integer]
|
|
169
|
-
# The total number of {::Google::Cloud::Kms::V1::KeyRing KeyRings} that matched
|
|
188
|
+
# The total number of {::Google::Cloud::Kms::V1::KeyRing KeyRings} that matched
|
|
189
|
+
# the query.
|
|
170
190
|
class ListKeyRingsResponse
|
|
171
191
|
include ::Google::Protobuf::MessageExts
|
|
172
192
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
173
193
|
end
|
|
174
194
|
|
|
175
|
-
# Response message for
|
|
195
|
+
# Response message for
|
|
196
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_keys KeyManagementService.ListCryptoKeys}.
|
|
176
197
|
# @!attribute [rw] crypto_keys
|
|
177
198
|
# @return [::Array<::Google::Cloud::Kms::V1::CryptoKey>]
|
|
178
199
|
# The list of {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
|
|
179
200
|
# @!attribute [rw] next_page_token
|
|
180
201
|
# @return [::String]
|
|
181
202
|
# A token to retrieve next page of results. Pass this value in
|
|
182
|
-
# {::Google::Cloud::Kms::V1::ListCryptoKeysRequest#page_token ListCryptoKeysRequest.page_token}
|
|
203
|
+
# {::Google::Cloud::Kms::V1::ListCryptoKeysRequest#page_token ListCryptoKeysRequest.page_token}
|
|
204
|
+
# to retrieve the next page of results.
|
|
183
205
|
# @!attribute [rw] total_size
|
|
184
206
|
# @return [::Integer]
|
|
185
|
-
# The total number of {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} that
|
|
207
|
+
# The total number of {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} that
|
|
208
|
+
# matched the query.
|
|
186
209
|
class ListCryptoKeysResponse
|
|
187
210
|
include ::Google::Protobuf::MessageExts
|
|
188
211
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
189
212
|
end
|
|
190
213
|
|
|
191
|
-
# Response message for
|
|
214
|
+
# Response message for
|
|
215
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_crypto_key_versions KeyManagementService.ListCryptoKeyVersions}.
|
|
192
216
|
# @!attribute [rw] crypto_key_versions
|
|
193
217
|
# @return [::Array<::Google::Cloud::Kms::V1::CryptoKeyVersion>]
|
|
194
218
|
# The list of {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
|
|
195
219
|
# @!attribute [rw] next_page_token
|
|
196
220
|
# @return [::String]
|
|
197
221
|
# A token to retrieve next page of results. Pass this value in
|
|
198
|
-
# {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest#page_token ListCryptoKeyVersionsRequest.page_token}
|
|
199
|
-
# results.
|
|
222
|
+
# {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest#page_token ListCryptoKeyVersionsRequest.page_token}
|
|
223
|
+
# to retrieve the next page of results.
|
|
200
224
|
# @!attribute [rw] total_size
|
|
201
225
|
# @return [::Integer]
|
|
202
|
-
# The total number of
|
|
226
|
+
# The total number of
|
|
227
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} that matched the
|
|
203
228
|
# query.
|
|
204
229
|
class ListCryptoKeyVersionsResponse
|
|
205
230
|
include ::Google::Protobuf::MessageExts
|
|
206
231
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
207
232
|
end
|
|
208
233
|
|
|
209
|
-
# Response message for
|
|
234
|
+
# Response message for
|
|
235
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#list_import_jobs KeyManagementService.ListImportJobs}.
|
|
210
236
|
# @!attribute [rw] import_jobs
|
|
211
237
|
# @return [::Array<::Google::Cloud::Kms::V1::ImportJob>]
|
|
212
238
|
# The list of {::Google::Cloud::Kms::V1::ImportJob ImportJobs}.
|
|
213
239
|
# @!attribute [rw] next_page_token
|
|
214
240
|
# @return [::String]
|
|
215
241
|
# A token to retrieve next page of results. Pass this value in
|
|
216
|
-
# {::Google::Cloud::Kms::V1::ListImportJobsRequest#page_token ListImportJobsRequest.page_token}
|
|
242
|
+
# {::Google::Cloud::Kms::V1::ListImportJobsRequest#page_token ListImportJobsRequest.page_token}
|
|
243
|
+
# to retrieve the next page of results.
|
|
217
244
|
# @!attribute [rw] total_size
|
|
218
245
|
# @return [::Integer]
|
|
219
|
-
# The total number of {::Google::Cloud::Kms::V1::ImportJob ImportJobs} that
|
|
246
|
+
# The total number of {::Google::Cloud::Kms::V1::ImportJob ImportJobs} that
|
|
247
|
+
# matched the query.
|
|
220
248
|
class ListImportJobsResponse
|
|
221
249
|
include ::Google::Protobuf::MessageExts
|
|
222
250
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
223
251
|
end
|
|
224
252
|
|
|
225
|
-
# Request message for
|
|
253
|
+
# Request message for
|
|
254
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_key_ring KeyManagementService.GetKeyRing}.
|
|
226
255
|
# @!attribute [rw] name
|
|
227
256
|
# @return [::String]
|
|
228
|
-
# Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
|
|
257
|
+
# Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
|
|
258
|
+
# {::Google::Cloud::Kms::V1::KeyRing KeyRing} to get.
|
|
229
259
|
class GetKeyRingRequest
|
|
230
260
|
include ::Google::Protobuf::MessageExts
|
|
231
261
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
232
262
|
end
|
|
233
263
|
|
|
234
|
-
# Request message for
|
|
264
|
+
# Request message for
|
|
265
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_crypto_key KeyManagementService.GetCryptoKey}.
|
|
235
266
|
# @!attribute [rw] name
|
|
236
267
|
# @return [::String]
|
|
237
|
-
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
|
268
|
+
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
|
269
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to get.
|
|
238
270
|
class GetCryptoKeyRequest
|
|
239
271
|
include ::Google::Protobuf::MessageExts
|
|
240
272
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
241
273
|
end
|
|
242
274
|
|
|
243
|
-
# Request message for
|
|
275
|
+
# Request message for
|
|
276
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_crypto_key_version KeyManagementService.GetCryptoKeyVersion}.
|
|
244
277
|
# @!attribute [rw] name
|
|
245
278
|
# @return [::String]
|
|
246
|
-
# Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
|
|
279
|
+
# Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
|
|
280
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to get.
|
|
247
281
|
class GetCryptoKeyVersionRequest
|
|
248
282
|
include ::Google::Protobuf::MessageExts
|
|
249
283
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
250
284
|
end
|
|
251
285
|
|
|
252
|
-
# Request message for
|
|
286
|
+
# Request message for
|
|
287
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_public_key KeyManagementService.GetPublicKey}.
|
|
253
288
|
# @!attribute [rw] name
|
|
254
289
|
# @return [::String]
|
|
255
|
-
# Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
|
|
256
|
-
# get.
|
|
290
|
+
# Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
|
|
291
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} public key to get.
|
|
257
292
|
class GetPublicKeyRequest
|
|
258
293
|
include ::Google::Protobuf::MessageExts
|
|
259
294
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
260
295
|
end
|
|
261
296
|
|
|
262
|
-
# Request message for
|
|
297
|
+
# Request message for
|
|
298
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_import_job KeyManagementService.GetImportJob}.
|
|
263
299
|
# @!attribute [rw] name
|
|
264
300
|
# @return [::String]
|
|
265
|
-
# Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
|
|
301
|
+
# Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
|
|
302
|
+
# {::Google::Cloud::Kms::V1::ImportJob ImportJob} to get.
|
|
266
303
|
class GetImportJobRequest
|
|
267
304
|
include ::Google::Protobuf::MessageExts
|
|
268
305
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
269
306
|
end
|
|
270
307
|
|
|
271
|
-
# Request message for
|
|
308
|
+
# Request message for
|
|
309
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_key_ring KeyManagementService.CreateKeyRing}.
|
|
272
310
|
# @!attribute [rw] parent
|
|
273
311
|
# @return [::String]
|
|
274
312
|
# Required. The resource name of the location associated with the
|
|
275
|
-
# {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
|
|
313
|
+
# {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
|
|
314
|
+
# `projects/*/locations/*`.
|
|
276
315
|
# @!attribute [rw] key_ring_id
|
|
277
316
|
# @return [::String]
|
|
278
317
|
# Required. It must be unique within a location and match the regular
|
|
279
318
|
# expression `[a-zA-Z0-9_-]{1,63}`
|
|
280
319
|
# @!attribute [rw] key_ring
|
|
281
320
|
# @return [::Google::Cloud::Kms::V1::KeyRing]
|
|
282
|
-
# Required. A {::Google::Cloud::Kms::V1::KeyRing KeyRing} with initial field
|
|
321
|
+
# Required. A {::Google::Cloud::Kms::V1::KeyRing KeyRing} with initial field
|
|
322
|
+
# values.
|
|
283
323
|
class CreateKeyRingRequest
|
|
284
324
|
include ::Google::Protobuf::MessageExts
|
|
285
325
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
286
326
|
end
|
|
287
327
|
|
|
288
|
-
# Request message for
|
|
328
|
+
# Request message for
|
|
329
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_crypto_key KeyManagementService.CreateCryptoKey}.
|
|
289
330
|
# @!attribute [rw] parent
|
|
290
331
|
# @return [::String]
|
|
291
|
-
# Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the KeyRing
|
|
292
|
-
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
|
|
332
|
+
# Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the KeyRing
|
|
333
|
+
# associated with the {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
|
|
293
334
|
# @!attribute [rw] crypto_key_id
|
|
294
335
|
# @return [::String]
|
|
295
336
|
# Required. It must be unique within a KeyRing and match the regular
|
|
296
337
|
# expression `[a-zA-Z0-9_-]{1,63}`
|
|
297
338
|
# @!attribute [rw] crypto_key
|
|
298
339
|
# @return [::Google::Cloud::Kms::V1::CryptoKey]
|
|
299
|
-
# Required. A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with initial field
|
|
340
|
+
# Required. A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with initial field
|
|
341
|
+
# values.
|
|
300
342
|
# @!attribute [rw] skip_initial_version_creation
|
|
301
343
|
# @return [::Boolean]
|
|
302
|
-
# If set to true, the request will create a
|
|
303
|
-
# {::Google::Cloud::Kms::V1::
|
|
304
|
-
# {::Google::Cloud::Kms::V1::
|
|
344
|
+
# If set to true, the request will create a
|
|
345
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} without any
|
|
346
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}. You must
|
|
347
|
+
# manually call
|
|
348
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_crypto_key_version CreateCryptoKeyVersion}
|
|
349
|
+
# or
|
|
305
350
|
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#import_crypto_key_version ImportCryptoKeyVersion}
|
|
306
351
|
# before you can use this {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
|
307
352
|
class CreateCryptoKeyRequest
|
|
@@ -309,53 +354,65 @@ module Google
|
|
|
309
354
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
310
355
|
end
|
|
311
356
|
|
|
312
|
-
# Request message for
|
|
357
|
+
# Request message for
|
|
358
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_crypto_key_version KeyManagementService.CreateCryptoKeyVersion}.
|
|
313
359
|
# @!attribute [rw] parent
|
|
314
360
|
# @return [::String]
|
|
315
|
-
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
|
316
|
-
#
|
|
361
|
+
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
|
362
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with the
|
|
363
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
|
|
317
364
|
# @!attribute [rw] crypto_key_version
|
|
318
365
|
# @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
|
|
319
|
-
# Required. A {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
|
|
366
|
+
# Required. A {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
|
|
367
|
+
# initial field values.
|
|
320
368
|
class CreateCryptoKeyVersionRequest
|
|
321
369
|
include ::Google::Protobuf::MessageExts
|
|
322
370
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
323
371
|
end
|
|
324
372
|
|
|
325
|
-
# Request message for
|
|
373
|
+
# Request message for
|
|
374
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#import_crypto_key_version KeyManagementService.ImportCryptoKeyVersion}.
|
|
326
375
|
# @!attribute [rw] parent
|
|
327
376
|
# @return [::String]
|
|
328
|
-
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
|
377
|
+
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
|
378
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to be imported into.
|
|
329
379
|
#
|
|
330
380
|
# The create permission is only required on this key when creating a new
|
|
331
381
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
|
|
332
382
|
# @!attribute [rw] crypto_key_version
|
|
333
383
|
# @return [::String]
|
|
334
|
-
# Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of
|
|
335
|
-
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to
|
|
336
|
-
# If this field is not present, a new
|
|
384
|
+
# Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of
|
|
385
|
+
# an existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to
|
|
386
|
+
# target for an import operation. If this field is not present, a new
|
|
387
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} containing the
|
|
337
388
|
# supplied key material is created.
|
|
338
389
|
#
|
|
339
390
|
# If this field is present, the supplied key material is imported into
|
|
340
|
-
# the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To
|
|
341
|
-
#
|
|
342
|
-
# {::Google::Cloud::Kms::V1::
|
|
343
|
-
#
|
|
344
|
-
# {::Google::Cloud::Kms::V1::
|
|
391
|
+
# the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To
|
|
392
|
+
# import into an existing
|
|
393
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}, the
|
|
394
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} must be a child of
|
|
395
|
+
# {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#parent ImportCryptoKeyVersionRequest.parent},
|
|
396
|
+
# have been previously created via [ImportCryptoKeyVersion][], and be in
|
|
397
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED}
|
|
398
|
+
# or
|
|
345
399
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::IMPORT_FAILED IMPORT_FAILED}
|
|
346
400
|
# state. The key material and algorithm must match the previous
|
|
347
|
-
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the
|
|
401
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the
|
|
402
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} has ever contained
|
|
348
403
|
# key material.
|
|
349
404
|
# @!attribute [rw] algorithm
|
|
350
405
|
# @return [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm]
|
|
351
|
-
# Required. The
|
|
352
|
-
#
|
|
353
|
-
#
|
|
354
|
-
#
|
|
406
|
+
# Required. The
|
|
407
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm algorithm}
|
|
408
|
+
# of the key being imported. This does not need to match the
|
|
409
|
+
# {::Google::Cloud::Kms::V1::CryptoKey#version_template version_template} of the
|
|
410
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} this version imports into.
|
|
355
411
|
# @!attribute [rw] import_job
|
|
356
412
|
# @return [::String]
|
|
357
|
-
# Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
|
|
358
|
-
# wrap this key
|
|
413
|
+
# Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
|
|
414
|
+
# {::Google::Cloud::Kms::V1::ImportJob ImportJob} that was used to wrap this key
|
|
415
|
+
# material.
|
|
359
416
|
# @!attribute [rw] rsa_aes_wrapped_key
|
|
360
417
|
# @return [::String]
|
|
361
418
|
# Wrapped key material produced with
|
|
@@ -366,8 +423,9 @@ module Google
|
|
|
366
423
|
# This field contains the concatenation of two wrapped keys:
|
|
367
424
|
# <ol>
|
|
368
425
|
# <li>An ephemeral AES-256 wrapping key wrapped with the
|
|
369
|
-
# {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using
|
|
370
|
-
# MGF1 with SHA-1, and an
|
|
426
|
+
# {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using
|
|
427
|
+
# RSAES-OAEP with SHA-1/SHA-256, MGF1 with SHA-1/SHA-256, and an
|
|
428
|
+
# empty label.
|
|
371
429
|
# </li>
|
|
372
430
|
# <li>The key to be imported, wrapped with the ephemeral AES-256 key
|
|
373
431
|
# using AES-KWP (RFC 5649).
|
|
@@ -386,10 +444,12 @@ module Google
|
|
|
386
444
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
387
445
|
end
|
|
388
446
|
|
|
389
|
-
# Request message for
|
|
447
|
+
# Request message for
|
|
448
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_import_job KeyManagementService.CreateImportJob}.
|
|
390
449
|
# @!attribute [rw] parent
|
|
391
450
|
# @return [::String]
|
|
392
|
-
# Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
|
|
451
|
+
# Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
|
|
452
|
+
# {::Google::Cloud::Kms::V1::KeyRing KeyRing} associated with the
|
|
393
453
|
# {::Google::Cloud::Kms::V1::ImportJob ImportJobs}.
|
|
394
454
|
# @!attribute [rw] import_job_id
|
|
395
455
|
# @return [::String]
|
|
@@ -397,13 +457,15 @@ module Google
|
|
|
397
457
|
# expression `[a-zA-Z0-9_-]{1,63}`
|
|
398
458
|
# @!attribute [rw] import_job
|
|
399
459
|
# @return [::Google::Cloud::Kms::V1::ImportJob]
|
|
400
|
-
# Required. An {::Google::Cloud::Kms::V1::ImportJob ImportJob} with initial field
|
|
460
|
+
# Required. An {::Google::Cloud::Kms::V1::ImportJob ImportJob} with initial field
|
|
461
|
+
# values.
|
|
401
462
|
class CreateImportJobRequest
|
|
402
463
|
include ::Google::Protobuf::MessageExts
|
|
403
464
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
404
465
|
end
|
|
405
466
|
|
|
406
|
-
# Request message for
|
|
467
|
+
# Request message for
|
|
468
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key KeyManagementService.UpdateCryptoKey}.
|
|
407
469
|
# @!attribute [rw] crypto_key
|
|
408
470
|
# @return [::Google::Cloud::Kms::V1::CryptoKey]
|
|
409
471
|
# Required. {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with updated values.
|
|
@@ -415,10 +477,12 @@ module Google
|
|
|
415
477
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
416
478
|
end
|
|
417
479
|
|
|
418
|
-
# Request message for
|
|
480
|
+
# Request message for
|
|
481
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key_version KeyManagementService.UpdateCryptoKeyVersion}.
|
|
419
482
|
# @!attribute [rw] crypto_key_version
|
|
420
483
|
# @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
|
|
421
|
-
# Required. {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
|
|
484
|
+
# Required. {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
|
|
485
|
+
# updated values.
|
|
422
486
|
# @!attribute [rw] update_mask
|
|
423
487
|
# @return [::Google::Protobuf::FieldMask]
|
|
424
488
|
# Required. List of fields to be updated in this request.
|
|
@@ -427,106 +491,132 @@ module Google
|
|
|
427
491
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
428
492
|
end
|
|
429
493
|
|
|
430
|
-
# Request message for
|
|
494
|
+
# Request message for
|
|
495
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#update_crypto_key_primary_version KeyManagementService.UpdateCryptoKeyPrimaryVersion}.
|
|
431
496
|
# @!attribute [rw] name
|
|
432
497
|
# @return [::String]
|
|
433
|
-
# Required. The resource name of the
|
|
498
|
+
# Required. The resource name of the
|
|
499
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
|
|
434
500
|
# @!attribute [rw] crypto_key_version_id
|
|
435
501
|
# @return [::String]
|
|
436
|
-
# Required. The id of the child
|
|
502
|
+
# Required. The id of the child
|
|
503
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
|
|
437
504
|
class UpdateCryptoKeyPrimaryVersionRequest
|
|
438
505
|
include ::Google::Protobuf::MessageExts
|
|
439
506
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
440
507
|
end
|
|
441
508
|
|
|
442
|
-
# Request message for
|
|
509
|
+
# Request message for
|
|
510
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#destroy_crypto_key_version KeyManagementService.DestroyCryptoKeyVersion}.
|
|
443
511
|
# @!attribute [rw] name
|
|
444
512
|
# @return [::String]
|
|
445
|
-
# Required. The resource name of the
|
|
513
|
+
# Required. The resource name of the
|
|
514
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
|
|
446
515
|
class DestroyCryptoKeyVersionRequest
|
|
447
516
|
include ::Google::Protobuf::MessageExts
|
|
448
517
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
449
518
|
end
|
|
450
519
|
|
|
451
|
-
# Request message for
|
|
520
|
+
# Request message for
|
|
521
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#restore_crypto_key_version KeyManagementService.RestoreCryptoKeyVersion}.
|
|
452
522
|
# @!attribute [rw] name
|
|
453
523
|
# @return [::String]
|
|
454
|
-
# Required. The resource name of the
|
|
524
|
+
# Required. The resource name of the
|
|
525
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
|
|
455
526
|
class RestoreCryptoKeyVersionRequest
|
|
456
527
|
include ::Google::Protobuf::MessageExts
|
|
457
528
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
458
529
|
end
|
|
459
530
|
|
|
460
|
-
# Request message for
|
|
531
|
+
# Request message for
|
|
532
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt KeyManagementService.Encrypt}.
|
|
461
533
|
# @!attribute [rw] name
|
|
462
534
|
# @return [::String]
|
|
463
|
-
# Required. The resource name of the
|
|
464
|
-
#
|
|
535
|
+
# Required. The resource name of the
|
|
536
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} or
|
|
537
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
|
538
|
+
# encryption.
|
|
465
539
|
#
|
|
466
|
-
# If a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} is specified, the server
|
|
467
|
-
# {::Google::Cloud::Kms::V1::CryptoKey#primary primary version}.
|
|
540
|
+
# If a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} is specified, the server
|
|
541
|
+
# will use its {::Google::Cloud::Kms::V1::CryptoKey#primary primary version}.
|
|
468
542
|
# @!attribute [rw] plaintext
|
|
469
543
|
# @return [::String]
|
|
470
544
|
# Required. The data to encrypt. Must be no larger than 64KiB.
|
|
471
545
|
#
|
|
472
546
|
# The maximum size depends on the key version's
|
|
473
|
-
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
|
474
|
-
# {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the
|
|
475
|
-
#
|
|
476
|
-
#
|
|
477
|
-
#
|
|
547
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
|
548
|
+
# For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the
|
|
549
|
+
# plaintext must be no larger than 64KiB. For
|
|
550
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
|
|
551
|
+
# the plaintext and additional_authenticated_data fields must be no larger
|
|
552
|
+
# than 8KiB.
|
|
478
553
|
# @!attribute [rw] additional_authenticated_data
|
|
479
554
|
# @return [::String]
|
|
480
|
-
# Optional. Optional data that, if specified, must also be provided during
|
|
481
|
-
# through
|
|
555
|
+
# Optional. Optional data that, if specified, must also be provided during
|
|
556
|
+
# decryption through
|
|
557
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}.
|
|
482
558
|
#
|
|
483
559
|
# The maximum size depends on the key version's
|
|
484
|
-
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
|
485
|
-
# {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the AAD
|
|
486
|
-
#
|
|
487
|
-
#
|
|
488
|
-
#
|
|
560
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
|
561
|
+
# For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the AAD
|
|
562
|
+
# must be no larger than 64KiB. For
|
|
563
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
|
|
564
|
+
# the plaintext and additional_authenticated_data fields must be no larger
|
|
565
|
+
# than 8KiB.
|
|
489
566
|
# @!attribute [rw] plaintext_crc32c
|
|
490
567
|
# @return [::Google::Protobuf::Int64Value]
|
|
491
|
-
# Optional. An optional CRC32C checksum of the
|
|
492
|
-
#
|
|
493
|
-
#
|
|
494
|
-
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
495
|
-
#
|
|
496
|
-
#
|
|
497
|
-
#
|
|
498
|
-
#
|
|
499
|
-
# the
|
|
500
|
-
#
|
|
501
|
-
#
|
|
502
|
-
#
|
|
503
|
-
#
|
|
568
|
+
# Optional. An optional CRC32C checksum of the
|
|
569
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
|
|
570
|
+
# If specified,
|
|
571
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
572
|
+
# verify the integrity of the received
|
|
573
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}
|
|
574
|
+
# using this checksum.
|
|
575
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
576
|
+
# report an error if the checksum verification fails. If you receive a
|
|
577
|
+
# checksum error, your client should verify that
|
|
578
|
+
# CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext})
|
|
579
|
+
# is equal to
|
|
580
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c},
|
|
581
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
|
582
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
|
583
|
+
# field is defined as int64 for reasons of compatibility across different
|
|
584
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
|
585
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
|
586
|
+
# this type.
|
|
504
587
|
# @!attribute [rw] additional_authenticated_data_crc32c
|
|
505
588
|
# @return [::Google::Protobuf::Int64Value]
|
|
506
589
|
# Optional. An optional CRC32C checksum of the
|
|
507
|
-
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
|
|
508
|
-
#
|
|
509
|
-
# {::Google::Cloud::Kms::V1::
|
|
510
|
-
#
|
|
511
|
-
#
|
|
512
|
-
#
|
|
513
|
-
# {::Google::Cloud::Kms::V1::
|
|
514
|
-
#
|
|
515
|
-
# your
|
|
516
|
-
#
|
|
517
|
-
#
|
|
518
|
-
#
|
|
519
|
-
#
|
|
590
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
|
|
591
|
+
# If specified,
|
|
592
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
593
|
+
# verify the integrity of the received
|
|
594
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}
|
|
595
|
+
# using this checksum.
|
|
596
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
597
|
+
# report an error if the checksum verification fails. If you receive a
|
|
598
|
+
# checksum error, your client should verify that
|
|
599
|
+
# CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data})
|
|
600
|
+
# is equal to
|
|
601
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c},
|
|
602
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
|
603
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
|
604
|
+
# field is defined as int64 for reasons of compatibility across different
|
|
605
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
|
606
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
|
607
|
+
# this type.
|
|
520
608
|
class EncryptRequest
|
|
521
609
|
include ::Google::Protobuf::MessageExts
|
|
522
610
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
523
611
|
end
|
|
524
612
|
|
|
525
|
-
# Request message for
|
|
613
|
+
# Request message for
|
|
614
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt KeyManagementService.Decrypt}.
|
|
526
615
|
# @!attribute [rw] name
|
|
527
616
|
# @return [::String]
|
|
528
|
-
# Required. The resource name of the
|
|
529
|
-
#
|
|
617
|
+
# Required. The resource name of the
|
|
618
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to use for decryption. The
|
|
619
|
+
# server will choose the appropriate version.
|
|
530
620
|
# @!attribute [rw] ciphertext
|
|
531
621
|
# @return [::String]
|
|
532
622
|
# Required. The encrypted data originally returned in
|
|
@@ -537,173 +627,253 @@ module Google
|
|
|
537
627
|
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
|
|
538
628
|
# @!attribute [rw] ciphertext_crc32c
|
|
539
629
|
# @return [::Google::Protobuf::Int64Value]
|
|
540
|
-
# Optional. An optional CRC32C checksum of the
|
|
541
|
-
#
|
|
542
|
-
#
|
|
543
|
-
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
544
|
-
#
|
|
545
|
-
#
|
|
546
|
-
#
|
|
547
|
-
#
|
|
548
|
-
#
|
|
549
|
-
#
|
|
550
|
-
#
|
|
551
|
-
#
|
|
552
|
-
#
|
|
630
|
+
# Optional. An optional CRC32C checksum of the
|
|
631
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}.
|
|
632
|
+
# If specified,
|
|
633
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
634
|
+
# verify the integrity of the received
|
|
635
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}
|
|
636
|
+
# using this checksum.
|
|
637
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
638
|
+
# report an error if the checksum verification fails. If you receive a
|
|
639
|
+
# checksum error, your client should verify that
|
|
640
|
+
# CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext})
|
|
641
|
+
# is equal to
|
|
642
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext_crc32c DecryptRequest.ciphertext_crc32c},
|
|
643
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
|
644
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
|
645
|
+
# field is defined as int64 for reasons of compatibility across different
|
|
646
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
|
647
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
|
648
|
+
# this type.
|
|
553
649
|
# @!attribute [rw] additional_authenticated_data_crc32c
|
|
554
650
|
# @return [::Google::Protobuf::Int64Value]
|
|
555
651
|
# Optional. An optional CRC32C checksum of the
|
|
556
|
-
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}.
|
|
557
|
-
#
|
|
558
|
-
# {::Google::Cloud::Kms::V1::
|
|
559
|
-
#
|
|
560
|
-
#
|
|
561
|
-
#
|
|
562
|
-
# {::Google::Cloud::Kms::V1::
|
|
563
|
-
#
|
|
564
|
-
# your
|
|
565
|
-
#
|
|
566
|
-
#
|
|
567
|
-
#
|
|
568
|
-
#
|
|
652
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}.
|
|
653
|
+
# If specified,
|
|
654
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
655
|
+
# verify the integrity of the received
|
|
656
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}
|
|
657
|
+
# using this checksum.
|
|
658
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
659
|
+
# report an error if the checksum verification fails. If you receive a
|
|
660
|
+
# checksum error, your client should verify that
|
|
661
|
+
# CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data})
|
|
662
|
+
# is equal to
|
|
663
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data_crc32c DecryptRequest.additional_authenticated_data_crc32c},
|
|
664
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
|
665
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
|
666
|
+
# field is defined as int64 for reasons of compatibility across different
|
|
667
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
|
668
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
|
669
|
+
# this type.
|
|
569
670
|
class DecryptRequest
|
|
570
671
|
include ::Google::Protobuf::MessageExts
|
|
571
672
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
572
673
|
end
|
|
573
674
|
|
|
574
|
-
# Request message for
|
|
675
|
+
# Request message for
|
|
676
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_sign KeyManagementService.AsymmetricSign}.
|
|
575
677
|
# @!attribute [rw] name
|
|
576
678
|
# @return [::String]
|
|
577
|
-
# Required. The resource name of the
|
|
679
|
+
# Required. The resource name of the
|
|
680
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
|
681
|
+
# signing.
|
|
578
682
|
# @!attribute [rw] digest
|
|
579
683
|
# @return [::Google::Cloud::Kms::V1::Digest]
|
|
580
|
-
#
|
|
684
|
+
# Optional. The digest of the data to sign. The digest must be produced with
|
|
581
685
|
# the same digest algorithm as specified by the key version's
|
|
582
686
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersion#algorithm algorithm}.
|
|
687
|
+
#
|
|
688
|
+
# This field may not be supplied if
|
|
689
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}
|
|
690
|
+
# is supplied.
|
|
583
691
|
# @!attribute [rw] digest_crc32c
|
|
584
692
|
# @return [::Google::Protobuf::Int64Value]
|
|
585
|
-
# Optional. An optional CRC32C checksum of the
|
|
586
|
-
#
|
|
587
|
-
#
|
|
588
|
-
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
589
|
-
#
|
|
590
|
-
#
|
|
591
|
-
#
|
|
592
|
-
#
|
|
593
|
-
#
|
|
594
|
-
#
|
|
595
|
-
#
|
|
596
|
-
#
|
|
597
|
-
#
|
|
693
|
+
# Optional. An optional CRC32C checksum of the
|
|
694
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}.
|
|
695
|
+
# If specified,
|
|
696
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
697
|
+
# verify the integrity of the received
|
|
698
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}
|
|
699
|
+
# using this checksum.
|
|
700
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
701
|
+
# report an error if the checksum verification fails. If you receive a
|
|
702
|
+
# checksum error, your client should verify that
|
|
703
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest})
|
|
704
|
+
# is equal to
|
|
705
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c},
|
|
706
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
|
707
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
|
708
|
+
# field is defined as int64 for reasons of compatibility across different
|
|
709
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
|
710
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
|
711
|
+
# this type.
|
|
712
|
+
# @!attribute [rw] data
|
|
713
|
+
# @return [::String]
|
|
714
|
+
# Optional. The data to sign.
|
|
715
|
+
# It can't be supplied if
|
|
716
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}
|
|
717
|
+
# is supplied.
|
|
718
|
+
# @!attribute [rw] data_crc32c
|
|
719
|
+
# @return [::Google::Protobuf::Int64Value]
|
|
720
|
+
# Optional. An optional CRC32C checksum of the
|
|
721
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}.
|
|
722
|
+
# If specified,
|
|
723
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
724
|
+
# verify the integrity of the received
|
|
725
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}
|
|
726
|
+
# using this checksum.
|
|
727
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
728
|
+
# report an error if the checksum verification fails. If you receive a
|
|
729
|
+
# checksum error, your client should verify that
|
|
730
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data})
|
|
731
|
+
# is equal to
|
|
732
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c},
|
|
733
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
|
734
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
|
735
|
+
# field is defined as int64 for reasons of compatibility across different
|
|
736
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
|
737
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
|
738
|
+
# this type.
|
|
598
739
|
class AsymmetricSignRequest
|
|
599
740
|
include ::Google::Protobuf::MessageExts
|
|
600
741
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
601
742
|
end
|
|
602
743
|
|
|
603
|
-
# Request message for
|
|
744
|
+
# Request message for
|
|
745
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_decrypt KeyManagementService.AsymmetricDecrypt}.
|
|
604
746
|
# @!attribute [rw] name
|
|
605
747
|
# @return [::String]
|
|
606
|
-
# Required. The resource name of the
|
|
748
|
+
# Required. The resource name of the
|
|
749
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
|
607
750
|
# decryption.
|
|
608
751
|
# @!attribute [rw] ciphertext
|
|
609
752
|
# @return [::String]
|
|
610
|
-
# Required. The data encrypted with the named
|
|
611
|
-
# key using
|
|
753
|
+
# Required. The data encrypted with the named
|
|
754
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s public key using
|
|
755
|
+
# OAEP.
|
|
612
756
|
# @!attribute [rw] ciphertext_crc32c
|
|
613
757
|
# @return [::Google::Protobuf::Int64Value]
|
|
614
|
-
# Optional. An optional CRC32C checksum of the
|
|
615
|
-
#
|
|
616
|
-
#
|
|
617
|
-
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
618
|
-
#
|
|
619
|
-
#
|
|
620
|
-
#
|
|
621
|
-
#
|
|
622
|
-
#
|
|
623
|
-
#
|
|
624
|
-
#
|
|
625
|
-
#
|
|
626
|
-
#
|
|
758
|
+
# Optional. An optional CRC32C checksum of the
|
|
759
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}.
|
|
760
|
+
# If specified,
|
|
761
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
762
|
+
# verify the integrity of the received
|
|
763
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}
|
|
764
|
+
# using this checksum.
|
|
765
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
766
|
+
# report an error if the checksum verification fails. If you receive a
|
|
767
|
+
# checksum error, your client should verify that
|
|
768
|
+
# CRC32C({::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext})
|
|
769
|
+
# is equal to
|
|
770
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c},
|
|
771
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
|
772
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
|
773
|
+
# field is defined as int64 for reasons of compatibility across different
|
|
774
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
|
775
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
|
776
|
+
# this type.
|
|
627
777
|
class AsymmetricDecryptRequest
|
|
628
778
|
include ::Google::Protobuf::MessageExts
|
|
629
779
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
630
780
|
end
|
|
631
781
|
|
|
632
|
-
# Request message for
|
|
782
|
+
# Request message for
|
|
783
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
|
|
633
784
|
# @!attribute [rw] name
|
|
634
785
|
# @return [::String]
|
|
635
|
-
# Required. The resource name of the
|
|
786
|
+
# Required. The resource name of the
|
|
787
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
|
788
|
+
# signing.
|
|
636
789
|
# @!attribute [rw] data
|
|
637
790
|
# @return [::String]
|
|
638
|
-
# Required. The data to sign. The MAC tag is computed over this data field
|
|
639
|
-
# the specific algorithm.
|
|
791
|
+
# Required. The data to sign. The MAC tag is computed over this data field
|
|
792
|
+
# based on the specific algorithm.
|
|
640
793
|
# @!attribute [rw] data_crc32c
|
|
641
794
|
# @return [::Google::Protobuf::Int64Value]
|
|
642
|
-
# Optional. An optional CRC32C checksum of the
|
|
643
|
-
#
|
|
644
|
-
#
|
|
645
|
-
#
|
|
646
|
-
#
|
|
647
|
-
#
|
|
648
|
-
#
|
|
649
|
-
#
|
|
650
|
-
#
|
|
651
|
-
#
|
|
652
|
-
#
|
|
653
|
-
#
|
|
654
|
-
#
|
|
795
|
+
# Optional. An optional CRC32C checksum of the
|
|
796
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}. If
|
|
797
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
|
|
798
|
+
# will verify the integrity of the received
|
|
799
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} using this
|
|
800
|
+
# checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
|
|
801
|
+
# will report an error if the checksum verification fails. If you receive a
|
|
802
|
+
# checksum error, your client should verify that
|
|
803
|
+
# CRC32C({::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}) is
|
|
804
|
+
# equal to
|
|
805
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c},
|
|
806
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
|
807
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
|
808
|
+
# field is defined as int64 for reasons of compatibility across different
|
|
809
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
|
810
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
|
811
|
+
# this type.
|
|
655
812
|
class MacSignRequest
|
|
656
813
|
include ::Google::Protobuf::MessageExts
|
|
657
814
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
658
815
|
end
|
|
659
816
|
|
|
660
|
-
# Request message for
|
|
817
|
+
# Request message for
|
|
818
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
|
|
661
819
|
# @!attribute [rw] name
|
|
662
820
|
# @return [::String]
|
|
663
|
-
# Required. The resource name of the
|
|
821
|
+
# Required. The resource name of the
|
|
822
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
|
823
|
+
# verification.
|
|
664
824
|
# @!attribute [rw] data
|
|
665
825
|
# @return [::String]
|
|
666
|
-
# Required. The data used previously as a
|
|
667
|
-
#
|
|
826
|
+
# Required. The data used previously as a
|
|
827
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} to generate
|
|
828
|
+
# the MAC tag.
|
|
668
829
|
# @!attribute [rw] data_crc32c
|
|
669
830
|
# @return [::Google::Protobuf::Int64Value]
|
|
670
|
-
# Optional. An optional CRC32C checksum of the
|
|
671
|
-
#
|
|
672
|
-
#
|
|
673
|
-
#
|
|
674
|
-
#
|
|
675
|
-
#
|
|
676
|
-
# {::Google::Cloud::Kms::V1::
|
|
677
|
-
#
|
|
678
|
-
#
|
|
679
|
-
#
|
|
680
|
-
#
|
|
681
|
-
#
|
|
682
|
-
#
|
|
831
|
+
# Optional. An optional CRC32C checksum of the
|
|
832
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}. If
|
|
833
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
|
|
834
|
+
# will verify the integrity of the received
|
|
835
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} using
|
|
836
|
+
# this checksum.
|
|
837
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will
|
|
838
|
+
# report an error if the checksum verification fails. If you receive a
|
|
839
|
+
# checksum error, your client should verify that
|
|
840
|
+
# CRC32C({::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data})
|
|
841
|
+
# is equal to
|
|
842
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c},
|
|
843
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
|
844
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
|
845
|
+
# field is defined as int64 for reasons of compatibility across different
|
|
846
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
|
847
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
|
848
|
+
# this type.
|
|
683
849
|
# @!attribute [rw] mac
|
|
684
850
|
# @return [::String]
|
|
685
851
|
# Required. The signature to verify.
|
|
686
852
|
# @!attribute [rw] mac_crc32c
|
|
687
853
|
# @return [::Google::Protobuf::Int64Value]
|
|
688
|
-
# Optional. An optional CRC32C checksum of the
|
|
689
|
-
#
|
|
690
|
-
#
|
|
691
|
-
#
|
|
692
|
-
#
|
|
854
|
+
# Optional. An optional CRC32C checksum of the
|
|
855
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac}. If
|
|
856
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
|
|
857
|
+
# will verify the integrity of the received
|
|
858
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} using this
|
|
859
|
+
# checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}
|
|
860
|
+
# will report an error if the checksum verification fails. If you receive a
|
|
861
|
+
# checksum error, your client should verify that
|
|
693
862
|
# CRC32C([MacVerifyRequest.tag][]) is equal to
|
|
694
|
-
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c},
|
|
695
|
-
# number of retries. A persistent mismatch may
|
|
696
|
-
# computation of the CRC32C checksum.
|
|
697
|
-
#
|
|
698
|
-
#
|
|
699
|
-
#
|
|
700
|
-
#
|
|
863
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c},
|
|
864
|
+
# and if so, perform a limited number of retries. A persistent mismatch may
|
|
865
|
+
# indicate an issue in your computation of the CRC32C checksum. Note: This
|
|
866
|
+
# field is defined as int64 for reasons of compatibility across different
|
|
867
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
|
868
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
|
869
|
+
# this type.
|
|
701
870
|
class MacVerifyRequest
|
|
702
871
|
include ::Google::Protobuf::MessageExts
|
|
703
872
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
704
873
|
end
|
|
705
874
|
|
|
706
|
-
# Request message for
|
|
875
|
+
# Request message for
|
|
876
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
|
|
707
877
|
# @!attribute [rw] location
|
|
708
878
|
# @return [::String]
|
|
709
879
|
# The project-specific location in which to generate random bytes.
|
|
@@ -714,236 +884,329 @@ module Google
|
|
|
714
884
|
# bytes, maximum 1024 bytes.
|
|
715
885
|
# @!attribute [rw] protection_level
|
|
716
886
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
|
717
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when
|
|
718
|
-
#
|
|
887
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when
|
|
888
|
+
# generating the random data. Currently, only
|
|
889
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} protection level is
|
|
890
|
+
# supported.
|
|
719
891
|
class GenerateRandomBytesRequest
|
|
720
892
|
include ::Google::Protobuf::MessageExts
|
|
721
893
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
722
894
|
end
|
|
723
895
|
|
|
724
|
-
# Response message for
|
|
896
|
+
# Response message for
|
|
897
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt KeyManagementService.Encrypt}.
|
|
725
898
|
# @!attribute [rw] name
|
|
726
899
|
# @return [::String]
|
|
727
|
-
# The resource name of the
|
|
728
|
-
#
|
|
900
|
+
# The resource name of the
|
|
901
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in
|
|
902
|
+
# encryption. Check this field to verify that the intended resource was used
|
|
903
|
+
# for encryption.
|
|
729
904
|
# @!attribute [rw] ciphertext
|
|
730
905
|
# @return [::String]
|
|
731
906
|
# The encrypted data.
|
|
732
907
|
# @!attribute [rw] ciphertext_crc32c
|
|
733
908
|
# @return [::Google::Protobuf::Int64Value]
|
|
734
909
|
# Integrity verification field. A CRC32C checksum of the returned
|
|
735
|
-
# {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}.
|
|
736
|
-
#
|
|
737
|
-
#
|
|
738
|
-
#
|
|
739
|
-
#
|
|
740
|
-
#
|
|
741
|
-
#
|
|
742
|
-
#
|
|
743
|
-
#
|
|
744
|
-
#
|
|
910
|
+
# {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}.
|
|
911
|
+
# An integrity check of
|
|
912
|
+
# {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}
|
|
913
|
+
# can be performed by computing the CRC32C checksum of
|
|
914
|
+
# {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}
|
|
915
|
+
# and comparing your results to this field. Discard the response in case of
|
|
916
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
|
917
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
|
918
|
+
# checksum. Note: This field is defined as int64 for reasons of compatibility
|
|
919
|
+
# across different languages. However, it is a non-negative integer, which
|
|
920
|
+
# will never exceed 2^32-1, and can be safely downconverted to uint32 in
|
|
921
|
+
# languages that support this type.
|
|
745
922
|
# @!attribute [rw] verified_plaintext_crc32c
|
|
746
923
|
# @return [::Boolean]
|
|
747
924
|
# Integrity verification field. A flag indicating whether
|
|
748
|
-
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}
|
|
749
|
-
#
|
|
750
|
-
# {::Google::Cloud::Kms::V1::
|
|
751
|
-
#
|
|
752
|
-
#
|
|
753
|
-
#
|
|
754
|
-
#
|
|
925
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}
|
|
926
|
+
# was received by
|
|
927
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
|
928
|
+
# for the integrity verification of the
|
|
929
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext plaintext}. A false value of
|
|
930
|
+
# this field indicates either that
|
|
931
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}
|
|
932
|
+
# was left unset or that it was not delivered to
|
|
933
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
|
934
|
+
# set
|
|
935
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}
|
|
936
|
+
# but this field is still false, discard the response and perform a limited
|
|
937
|
+
# number of retries.
|
|
755
938
|
# @!attribute [rw] verified_additional_authenticated_data_crc32c
|
|
756
939
|
# @return [::Boolean]
|
|
757
940
|
# Integrity verification field. A flag indicating whether
|
|
758
|
-
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}
|
|
759
|
-
#
|
|
760
|
-
# {::Google::Cloud::Kms::V1::
|
|
761
|
-
#
|
|
762
|
-
# {::Google::Cloud::Kms::V1::EncryptRequest#
|
|
763
|
-
#
|
|
764
|
-
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}
|
|
765
|
-
#
|
|
941
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}
|
|
942
|
+
# was received by
|
|
943
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
|
944
|
+
# for the integrity verification of the
|
|
945
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data AAD}. A
|
|
946
|
+
# false value of this field indicates either that
|
|
947
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}
|
|
948
|
+
# was left unset or that it was not delivered to
|
|
949
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
|
950
|
+
# set
|
|
951
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}
|
|
952
|
+
# but this field is still false, discard the response and perform a limited
|
|
953
|
+
# number of retries.
|
|
766
954
|
# @!attribute [rw] protection_level
|
|
767
955
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
|
768
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
|
956
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
|
957
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in
|
|
958
|
+
# encryption.
|
|
769
959
|
class EncryptResponse
|
|
770
960
|
include ::Google::Protobuf::MessageExts
|
|
771
961
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
772
962
|
end
|
|
773
963
|
|
|
774
|
-
# Response message for
|
|
964
|
+
# Response message for
|
|
965
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt KeyManagementService.Decrypt}.
|
|
775
966
|
# @!attribute [rw] plaintext
|
|
776
967
|
# @return [::String]
|
|
777
|
-
# The decrypted data originally supplied in
|
|
968
|
+
# The decrypted data originally supplied in
|
|
969
|
+
# {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
|
|
778
970
|
# @!attribute [rw] plaintext_crc32c
|
|
779
971
|
# @return [::Google::Protobuf::Int64Value]
|
|
780
972
|
# Integrity verification field. A CRC32C checksum of the returned
|
|
781
|
-
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}.
|
|
782
|
-
#
|
|
783
|
-
#
|
|
784
|
-
#
|
|
785
|
-
#
|
|
786
|
-
#
|
|
787
|
-
#
|
|
788
|
-
#
|
|
789
|
-
# Note:
|
|
790
|
-
#
|
|
791
|
-
#
|
|
792
|
-
#
|
|
973
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}.
|
|
974
|
+
# An integrity check of
|
|
975
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}
|
|
976
|
+
# can be performed by computing the CRC32C checksum of
|
|
977
|
+
# {::Google::Cloud::Kms::V1::DecryptResponse#plaintext DecryptResponse.plaintext}
|
|
978
|
+
# and comparing your results to this field. Discard the response in case of
|
|
979
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
|
980
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
|
981
|
+
# checksum. Note: receiving this response message indicates that
|
|
982
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} is able to
|
|
983
|
+
# successfully decrypt the
|
|
984
|
+
# {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext ciphertext}. Note: This
|
|
985
|
+
# field is defined as int64 for reasons of compatibility across different
|
|
986
|
+
# languages. However, it is a non-negative integer, which will never exceed
|
|
987
|
+
# 2^32-1, and can be safely downconverted to uint32 in languages that support
|
|
988
|
+
# this type.
|
|
793
989
|
# @!attribute [rw] used_primary
|
|
794
990
|
# @return [::Boolean]
|
|
795
991
|
# Whether the Decryption was performed using the primary key version.
|
|
796
992
|
# @!attribute [rw] protection_level
|
|
797
993
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
|
798
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
|
994
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
|
995
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in
|
|
996
|
+
# decryption.
|
|
799
997
|
class DecryptResponse
|
|
800
998
|
include ::Google::Protobuf::MessageExts
|
|
801
999
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
802
1000
|
end
|
|
803
1001
|
|
|
804
|
-
# Response message for
|
|
1002
|
+
# Response message for
|
|
1003
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_sign KeyManagementService.AsymmetricSign}.
|
|
805
1004
|
# @!attribute [rw] signature
|
|
806
1005
|
# @return [::String]
|
|
807
1006
|
# The created signature.
|
|
808
1007
|
# @!attribute [rw] signature_crc32c
|
|
809
1008
|
# @return [::Google::Protobuf::Int64Value]
|
|
810
1009
|
# Integrity verification field. A CRC32C checksum of the returned
|
|
811
|
-
# {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}.
|
|
812
|
-
#
|
|
813
|
-
#
|
|
814
|
-
#
|
|
815
|
-
#
|
|
816
|
-
#
|
|
817
|
-
#
|
|
818
|
-
#
|
|
819
|
-
#
|
|
820
|
-
#
|
|
1010
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}.
|
|
1011
|
+
# An integrity check of
|
|
1012
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}
|
|
1013
|
+
# can be performed by computing the CRC32C checksum of
|
|
1014
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignResponse#signature AsymmetricSignResponse.signature}
|
|
1015
|
+
# and comparing your results to this field. Discard the response in case of
|
|
1016
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
|
1017
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
|
1018
|
+
# checksum. Note: This field is defined as int64 for reasons of compatibility
|
|
1019
|
+
# across different languages. However, it is a non-negative integer, which
|
|
1020
|
+
# will never exceed 2^32-1, and can be safely downconverted to uint32 in
|
|
1021
|
+
# languages that support this type.
|
|
821
1022
|
# @!attribute [rw] verified_digest_crc32c
|
|
822
1023
|
# @return [::Boolean]
|
|
823
1024
|
# Integrity verification field. A flag indicating whether
|
|
824
|
-
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}
|
|
825
|
-
#
|
|
826
|
-
# {::Google::Cloud::Kms::V1::
|
|
827
|
-
#
|
|
828
|
-
#
|
|
829
|
-
#
|
|
830
|
-
#
|
|
1025
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}
|
|
1026
|
+
# was received by
|
|
1027
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
|
1028
|
+
# for the integrity verification of the
|
|
1029
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest digest}. A false value
|
|
1030
|
+
# of this field indicates either that
|
|
1031
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}
|
|
1032
|
+
# was left unset or that it was not delivered to
|
|
1033
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
|
1034
|
+
# set
|
|
1035
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}
|
|
1036
|
+
# but this field is still false, discard the response and perform a limited
|
|
1037
|
+
# number of retries.
|
|
831
1038
|
# @!attribute [rw] name
|
|
832
1039
|
# @return [::String]
|
|
833
|
-
# The resource name of the
|
|
834
|
-
#
|
|
1040
|
+
# The resource name of the
|
|
1041
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
|
|
1042
|
+
# Check this field to verify that the intended resource was used for signing.
|
|
1043
|
+
# @!attribute [rw] verified_data_crc32c
|
|
1044
|
+
# @return [::Boolean]
|
|
1045
|
+
# Integrity verification field. A flag indicating whether
|
|
1046
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c}
|
|
1047
|
+
# was received by
|
|
1048
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
|
1049
|
+
# for the integrity verification of the
|
|
1050
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data data}. A false value of
|
|
1051
|
+
# this field indicates either that
|
|
1052
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c}
|
|
1053
|
+
# was left unset or that it was not delivered to
|
|
1054
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
|
1055
|
+
# set
|
|
1056
|
+
# {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c}
|
|
1057
|
+
# but this field is still false, discard the response and perform a limited
|
|
1058
|
+
# number of retries.
|
|
835
1059
|
# @!attribute [rw] protection_level
|
|
836
1060
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
|
837
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
|
1061
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
|
1062
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
|
|
838
1063
|
class AsymmetricSignResponse
|
|
839
1064
|
include ::Google::Protobuf::MessageExts
|
|
840
1065
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
841
1066
|
end
|
|
842
1067
|
|
|
843
|
-
# Response message for
|
|
1068
|
+
# Response message for
|
|
1069
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#asymmetric_decrypt KeyManagementService.AsymmetricDecrypt}.
|
|
844
1070
|
# @!attribute [rw] plaintext
|
|
845
1071
|
# @return [::String]
|
|
846
1072
|
# The decrypted data originally encrypted with the matching public key.
|
|
847
1073
|
# @!attribute [rw] plaintext_crc32c
|
|
848
1074
|
# @return [::Google::Protobuf::Int64Value]
|
|
849
1075
|
# Integrity verification field. A CRC32C checksum of the returned
|
|
850
|
-
# {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}.
|
|
851
|
-
#
|
|
852
|
-
#
|
|
853
|
-
#
|
|
854
|
-
#
|
|
855
|
-
#
|
|
856
|
-
#
|
|
857
|
-
#
|
|
858
|
-
#
|
|
859
|
-
#
|
|
1076
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}.
|
|
1077
|
+
# An integrity check of
|
|
1078
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}
|
|
1079
|
+
# can be performed by computing the CRC32C checksum of
|
|
1080
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptResponse#plaintext AsymmetricDecryptResponse.plaintext}
|
|
1081
|
+
# and comparing your results to this field. Discard the response in case of
|
|
1082
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
|
1083
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
|
1084
|
+
# checksum. Note: This field is defined as int64 for reasons of compatibility
|
|
1085
|
+
# across different languages. However, it is a non-negative integer, which
|
|
1086
|
+
# will never exceed 2^32-1, and can be safely downconverted to uint32 in
|
|
1087
|
+
# languages that support this type.
|
|
860
1088
|
# @!attribute [rw] verified_ciphertext_crc32c
|
|
861
1089
|
# @return [::Boolean]
|
|
862
1090
|
# Integrity verification field. A flag indicating whether
|
|
863
|
-
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
|
|
864
|
-
#
|
|
865
|
-
# {::Google::Cloud::Kms::V1::
|
|
866
|
-
#
|
|
867
|
-
#
|
|
868
|
-
#
|
|
869
|
-
#
|
|
1091
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
|
|
1092
|
+
# was received by
|
|
1093
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
|
1094
|
+
# for the integrity verification of the
|
|
1095
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext ciphertext}. A
|
|
1096
|
+
# false value of this field indicates either that
|
|
1097
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
|
|
1098
|
+
# was left unset or that it was not delivered to
|
|
1099
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
|
1100
|
+
# set
|
|
1101
|
+
# {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}
|
|
1102
|
+
# but this field is still false, discard the response and perform a limited
|
|
1103
|
+
# number of retries.
|
|
870
1104
|
# @!attribute [rw] protection_level
|
|
871
1105
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
|
872
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
|
1106
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
|
1107
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in
|
|
1108
|
+
# decryption.
|
|
873
1109
|
class AsymmetricDecryptResponse
|
|
874
1110
|
include ::Google::Protobuf::MessageExts
|
|
875
1111
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
876
1112
|
end
|
|
877
1113
|
|
|
878
|
-
# Response message for
|
|
1114
|
+
# Response message for
|
|
1115
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_sign KeyManagementService.MacSign}.
|
|
879
1116
|
# @!attribute [rw] name
|
|
880
1117
|
# @return [::String]
|
|
881
|
-
# The resource name of the
|
|
882
|
-
#
|
|
1118
|
+
# The resource name of the
|
|
1119
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
|
|
1120
|
+
# Check this field to verify that the intended resource was used for signing.
|
|
883
1121
|
# @!attribute [rw] mac
|
|
884
1122
|
# @return [::String]
|
|
885
1123
|
# The created signature.
|
|
886
1124
|
# @!attribute [rw] mac_crc32c
|
|
887
1125
|
# @return [::Google::Protobuf::Int64Value]
|
|
888
1126
|
# Integrity verification field. A CRC32C checksum of the returned
|
|
889
|
-
# {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac}. An
|
|
890
|
-
#
|
|
891
|
-
#
|
|
892
|
-
#
|
|
893
|
-
#
|
|
894
|
-
#
|
|
895
|
-
#
|
|
896
|
-
#
|
|
897
|
-
#
|
|
898
|
-
#
|
|
1127
|
+
# {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac}. An
|
|
1128
|
+
# integrity check of
|
|
1129
|
+
# {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} can be
|
|
1130
|
+
# performed by computing the CRC32C checksum of
|
|
1131
|
+
# {::Google::Cloud::Kms::V1::MacSignResponse#mac MacSignResponse.mac} and
|
|
1132
|
+
# comparing your results to this field. Discard the response in case of
|
|
1133
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
|
1134
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
|
1135
|
+
# checksum. Note: This field is defined as int64 for reasons of compatibility
|
|
1136
|
+
# across different languages. However, it is a non-negative integer, which
|
|
1137
|
+
# will never exceed 2^32-1, and can be safely downconverted to uint32 in
|
|
1138
|
+
# languages that support this type.
|
|
899
1139
|
# @!attribute [rw] verified_data_crc32c
|
|
900
1140
|
# @return [::Boolean]
|
|
901
1141
|
# Integrity verification field. A flag indicating whether
|
|
902
|
-
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}
|
|
903
|
-
#
|
|
904
|
-
# {::Google::Cloud::Kms::V1::
|
|
905
|
-
#
|
|
906
|
-
#
|
|
907
|
-
#
|
|
908
|
-
#
|
|
1142
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}
|
|
1143
|
+
# was received by
|
|
1144
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
|
1145
|
+
# for the integrity verification of the
|
|
1146
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data data}. A false value of this
|
|
1147
|
+
# field indicates either that
|
|
1148
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}
|
|
1149
|
+
# was left unset or that it was not delivered to
|
|
1150
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
|
1151
|
+
# set
|
|
1152
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}
|
|
1153
|
+
# but this field is still false, discard the response and perform a limited
|
|
1154
|
+
# number of retries.
|
|
909
1155
|
# @!attribute [rw] protection_level
|
|
910
1156
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
|
911
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
|
1157
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
|
1158
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for signing.
|
|
912
1159
|
class MacSignResponse
|
|
913
1160
|
include ::Google::Protobuf::MessageExts
|
|
914
1161
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
915
1162
|
end
|
|
916
1163
|
|
|
917
|
-
# Response message for
|
|
1164
|
+
# Response message for
|
|
1165
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#mac_verify KeyManagementService.MacVerify}.
|
|
918
1166
|
# @!attribute [rw] name
|
|
919
1167
|
# @return [::String]
|
|
920
|
-
# The resource name of the
|
|
921
|
-
#
|
|
922
|
-
# verification.
|
|
1168
|
+
# The resource name of the
|
|
1169
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for
|
|
1170
|
+
# verification. Check this field to verify that the intended resource was
|
|
1171
|
+
# used for verification.
|
|
923
1172
|
# @!attribute [rw] success
|
|
924
1173
|
# @return [::Boolean]
|
|
925
1174
|
# This field indicates whether or not the verification operation for
|
|
926
|
-
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} over
|
|
1175
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} over
|
|
1176
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} was
|
|
1177
|
+
# successful.
|
|
927
1178
|
# @!attribute [rw] verified_data_crc32c
|
|
928
1179
|
# @return [::Boolean]
|
|
929
1180
|
# Integrity verification field. A flag indicating whether
|
|
930
|
-
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}
|
|
931
|
-
#
|
|
932
|
-
# {::Google::Cloud::Kms::V1::
|
|
933
|
-
#
|
|
934
|
-
#
|
|
935
|
-
#
|
|
936
|
-
#
|
|
1181
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}
|
|
1182
|
+
# was received by
|
|
1183
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
|
1184
|
+
# for the integrity verification of the
|
|
1185
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data data}. A false value of this
|
|
1186
|
+
# field indicates either that
|
|
1187
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}
|
|
1188
|
+
# was left unset or that it was not delivered to
|
|
1189
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
|
1190
|
+
# set
|
|
1191
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}
|
|
1192
|
+
# but this field is still false, discard the response and perform a limited
|
|
1193
|
+
# number of retries.
|
|
937
1194
|
# @!attribute [rw] verified_mac_crc32c
|
|
938
1195
|
# @return [::Boolean]
|
|
939
1196
|
# Integrity verification field. A flag indicating whether
|
|
940
|
-
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}
|
|
941
|
-
#
|
|
942
|
-
# {::Google::Cloud::Kms::V1::
|
|
943
|
-
#
|
|
944
|
-
#
|
|
945
|
-
#
|
|
946
|
-
#
|
|
1197
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}
|
|
1198
|
+
# was received by
|
|
1199
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} and used
|
|
1200
|
+
# for the integrity verification of the
|
|
1201
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac data}. A false value of this
|
|
1202
|
+
# field indicates either that
|
|
1203
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}
|
|
1204
|
+
# was left unset or that it was not delivered to
|
|
1205
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService}. If you've
|
|
1206
|
+
# set
|
|
1207
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}
|
|
1208
|
+
# but this field is still false, discard the response and perform a limited
|
|
1209
|
+
# number of retries.
|
|
947
1210
|
# @!attribute [rw] verified_success_integrity
|
|
948
1211
|
# @return [::Boolean]
|
|
949
1212
|
# Integrity verification field. This value is used for the integrity
|
|
@@ -952,29 +1215,34 @@ module Google
|
|
|
952
1215
|
# and perform a limited number of retries.
|
|
953
1216
|
# @!attribute [rw] protection_level
|
|
954
1217
|
# @return [::Google::Cloud::Kms::V1::ProtectionLevel]
|
|
955
|
-
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
|
1218
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of the
|
|
1219
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used for
|
|
1220
|
+
# verification.
|
|
956
1221
|
class MacVerifyResponse
|
|
957
1222
|
include ::Google::Protobuf::MessageExts
|
|
958
1223
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
959
1224
|
end
|
|
960
1225
|
|
|
961
|
-
# Response message for
|
|
1226
|
+
# Response message for
|
|
1227
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#generate_random_bytes KeyManagementService.GenerateRandomBytes}.
|
|
962
1228
|
# @!attribute [rw] data
|
|
963
1229
|
# @return [::String]
|
|
964
1230
|
# The generated data.
|
|
965
1231
|
# @!attribute [rw] data_crc32c
|
|
966
1232
|
# @return [::Google::Protobuf::Int64Value]
|
|
967
1233
|
# Integrity verification field. A CRC32C checksum of the returned
|
|
968
|
-
# {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}.
|
|
969
|
-
#
|
|
970
|
-
#
|
|
971
|
-
#
|
|
972
|
-
#
|
|
973
|
-
#
|
|
974
|
-
#
|
|
975
|
-
#
|
|
976
|
-
#
|
|
977
|
-
#
|
|
1234
|
+
# {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}.
|
|
1235
|
+
# An integrity check of
|
|
1236
|
+
# {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}
|
|
1237
|
+
# can be performed by computing the CRC32C checksum of
|
|
1238
|
+
# {::Google::Cloud::Kms::V1::GenerateRandomBytesResponse#data GenerateRandomBytesResponse.data}
|
|
1239
|
+
# and comparing your results to this field. Discard the response in case of
|
|
1240
|
+
# non-matching checksum values, and perform a limited number of retries. A
|
|
1241
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
|
1242
|
+
# checksum. Note: This field is defined as int64 for reasons of compatibility
|
|
1243
|
+
# across different languages. However, it is a non-negative integer, which
|
|
1244
|
+
# will never exceed 2^32-1, and can be safely downconverted to uint32 in
|
|
1245
|
+
# languages that support this type.
|
|
978
1246
|
class GenerateRandomBytesResponse
|
|
979
1247
|
include ::Google::Protobuf::MessageExts
|
|
980
1248
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -995,17 +1263,20 @@ module Google
|
|
|
995
1263
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
996
1264
|
end
|
|
997
1265
|
|
|
998
|
-
# Cloud KMS metadata for the given
|
|
1266
|
+
# Cloud KMS metadata for the given
|
|
1267
|
+
# [google.cloud.location.Location][google.cloud.location.Location].
|
|
999
1268
|
# @!attribute [rw] hsm_available
|
|
1000
1269
|
# @return [::Boolean]
|
|
1001
1270
|
# Indicates whether {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with
|
|
1002
1271
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}
|
|
1003
|
-
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} can be created in this
|
|
1272
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} can be created in this
|
|
1273
|
+
# location.
|
|
1004
1274
|
# @!attribute [rw] ekm_available
|
|
1005
1275
|
# @return [::Boolean]
|
|
1006
1276
|
# Indicates whether {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with
|
|
1007
1277
|
# {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}
|
|
1008
|
-
# {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL} can be created in
|
|
1278
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL} can be created in
|
|
1279
|
+
# this location.
|
|
1009
1280
|
class LocationMetadata
|
|
1010
1281
|
include ::Google::Protobuf::MessageExts
|
|
1011
1282
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|