com.google.cloud.kms.v1.service
Members list
Type members
Classlikes
Request message for [KeyManagementService.AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt].
Request message for [KeyManagementService.AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt].
Value parameters
- ciphertext
-
Required. The data encrypted with the named [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s public key using OAEP.
- ciphertextCrc32C
-
Optional. An optional CRC32C checksum of the [AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received [AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext] using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C([AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext]) is equal to [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c], and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- name
-
Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for decryption.
Attributes
- Companion
- object
- Source
- AsymmetricDecryptRequest.scala
- Supertypes
-
trait Updatable[AsymmetricDecryptRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- AsymmetricDecryptRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[AsymmetricDecryptRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Response message for [KeyManagementService.AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt].
Response message for [KeyManagementService.AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt].
Value parameters
- plaintext
-
The decrypted data originally encrypted with the matching public key.
- plaintextCrc32C
-
Integrity verification field. A CRC32C checksum of the returned [AsymmetricDecryptResponse.plaintext][google.cloud.kms.v1.AsymmetricDecryptResponse.plaintext]. An integrity check of [AsymmetricDecryptResponse.plaintext][google.cloud.kms.v1.AsymmetricDecryptResponse.plaintext] can be performed by computing the CRC32C checksum of [AsymmetricDecryptResponse.plaintext][google.cloud.kms.v1.AsymmetricDecryptResponse.plaintext] and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- protectionLevel
-
The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in decryption.
- verifiedCiphertextCrc32C
-
Integrity verification field. A flag indicating whether [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the [ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext]. A false value of this field indicates either that [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c] but this field is still false, discard the response and perform a limited number of retries.
Attributes
- Companion
- object
- Source
- AsymmetricDecryptResponse.scala
- Supertypes
-
trait Updatable[AsymmetricDecryptResponse]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- AsymmetricDecryptResponse.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[AsymmetricDecryptResponse]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Request message for [KeyManagementService.AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign].
Request message for [KeyManagementService.AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign].
Value parameters
- data
-
Optional. The data to sign. It can't be supplied if [AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest] is supplied.
- dataCrc32C
-
Optional. An optional CRC32C checksum of the [AsymmetricSignRequest.data][google.cloud.kms.v1.AsymmetricSignRequest.data]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received [AsymmetricSignRequest.data][google.cloud.kms.v1.AsymmetricSignRequest.data] using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C([AsymmetricSignRequest.data][google.cloud.kms.v1.AsymmetricSignRequest.data]) is equal to [AsymmetricSignRequest.data_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.data_crc32c], and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- digest
-
Optional. The digest of the data to sign. The digest must be produced with the same digest algorithm as specified by the key version's [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm]. This field may not be supplied if [AsymmetricSignRequest.data][google.cloud.kms.v1.AsymmetricSignRequest.data] is supplied.
- digestCrc32C
-
Optional. An optional CRC32C checksum of the [AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received [AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest] using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C([AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest]) is equal to [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c], and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- name
-
Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for signing.
Attributes
- Companion
- object
- Source
- AsymmetricSignRequest.scala
- Supertypes
-
trait Updatable[AsymmetricSignRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- AsymmetricSignRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[AsymmetricSignRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Response message for [KeyManagementService.AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign].
Response message for [KeyManagementService.AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign].
Value parameters
- name
-
The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for signing. Check this field to verify that the intended resource was used for signing.
- protectionLevel
-
The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for signing.
- signature
-
The created signature.
- signatureCrc32C
-
Integrity verification field. A CRC32C checksum of the returned [AsymmetricSignResponse.signature][google.cloud.kms.v1.AsymmetricSignResponse.signature]. An integrity check of [AsymmetricSignResponse.signature][google.cloud.kms.v1.AsymmetricSignResponse.signature] can be performed by computing the CRC32C checksum of [AsymmetricSignResponse.signature][google.cloud.kms.v1.AsymmetricSignResponse.signature] and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- verifiedDataCrc32C
-
Integrity verification field. A flag indicating whether [AsymmetricSignRequest.data_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.data_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the [data][google.cloud.kms.v1.AsymmetricSignRequest.data]. A false value of this field indicates either that [AsymmetricSignRequest.data_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.data_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [AsymmetricSignRequest.data_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.data_crc32c] but this field is still false, discard the response and perform a limited number of retries.
- verifiedDigestCrc32C
-
Integrity verification field. A flag indicating whether [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the [digest][google.cloud.kms.v1.AsymmetricSignRequest.digest]. A false value of this field indicates either that [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c] but this field is still false, discard the response and perform a limited number of retries.
Attributes
- Companion
- object
- Source
- AsymmetricSignResponse.scala
- Supertypes
-
trait Updatable[AsymmetricSignResponse]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- AsymmetricSignResponse.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[AsymmetricSignResponse]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Request message for [KeyManagementService.CreateCryptoKey][google.cloud.kms.v1.KeyManagementService.CreateCryptoKey].
Request message for [KeyManagementService.CreateCryptoKey][google.cloud.kms.v1.KeyManagementService.CreateCryptoKey].
Value parameters
- cryptoKey
-
Required. A [CryptoKey][google.cloud.kms.v1.CryptoKey] with initial field values.
- cryptoKeyId
-
Required. It must be unique within a KeyRing and match the regular expression
[a-zA-Z0-9_-]{1,63}
- parent
-
Required. The [name][google.cloud.kms.v1.KeyRing.name] of the KeyRing associated with the [CryptoKeys][google.cloud.kms.v1.CryptoKey].
- skipInitialVersionCreation
-
If set to true, the request will create a [CryptoKey][google.cloud.kms.v1.CryptoKey] without any [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion]. You must manually call [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] or [ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion] before you can use this [CryptoKey][google.cloud.kms.v1.CryptoKey].
Attributes
- Companion
- object
- Source
- CreateCryptoKeyRequest.scala
- Supertypes
-
trait Updatable[CreateCryptoKeyRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- CreateCryptoKeyRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[CreateCryptoKeyRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Request message for [KeyManagementService.CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion].
Request message for [KeyManagementService.CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion].
Value parameters
- cryptoKeyVersion
-
Required. A [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with initial field values.
- parent
-
Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] associated with the [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
Attributes
- Companion
- object
- Source
- CreateCryptoKeyVersionRequest.scala
- Supertypes
-
trait Updatable[CreateCryptoKeyVersionRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- CreateCryptoKeyVersionRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[CreateCryptoKeyVersionRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Request message for [KeyManagementService.CreateImportJob][google.cloud.kms.v1.KeyManagementService.CreateImportJob].
Request message for [KeyManagementService.CreateImportJob][google.cloud.kms.v1.KeyManagementService.CreateImportJob].
Value parameters
- importJob
-
Required. An [ImportJob][google.cloud.kms.v1.ImportJob] with initial field values.
- importJobId
-
Required. It must be unique within a KeyRing and match the regular expression
[a-zA-Z0-9_-]{1,63}
- parent
-
Required. The [name][google.cloud.kms.v1.KeyRing.name] of the [KeyRing][google.cloud.kms.v1.KeyRing] associated with the [ImportJobs][google.cloud.kms.v1.ImportJob].
Attributes
- Companion
- object
- Source
- CreateImportJobRequest.scala
- Supertypes
-
trait Updatable[CreateImportJobRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- CreateImportJobRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[CreateImportJobRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Request message for [KeyManagementService.CreateKeyRing][google.cloud.kms.v1.KeyManagementService.CreateKeyRing].
Request message for [KeyManagementService.CreateKeyRing][google.cloud.kms.v1.KeyManagementService.CreateKeyRing].
Value parameters
- keyRing
-
Required. A [KeyRing][google.cloud.kms.v1.KeyRing] with initial field values.
- keyRingId
-
Required. It must be unique within a location and match the regular expression
[a-zA-Z0-9_-]{1,63}
- parent
-
Required. The resource name of the location associated with the [KeyRings][google.cloud.kms.v1.KeyRing], in the format
projects/*/locations/*
.
Attributes
- Companion
- object
- Source
- CreateKeyRingRequest.scala
- Supertypes
-
trait Updatable[CreateKeyRingRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- CreateKeyRingRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[CreateKeyRingRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
CreateKeyRingRequest.type
Request message for [KeyManagementService.Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
Request message for [KeyManagementService.Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
Value parameters
- additionalAuthenticatedData
-
Optional. Optional data that must match the data originally supplied in [EncryptRequest.additional_authenticated_data][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data].
- additionalAuthenticatedDataCrc32C
-
Optional. An optional CRC32C checksum of the [DecryptRequest.additional_authenticated_data][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received [DecryptRequest.additional_authenticated_data][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data] using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C([DecryptRequest.additional_authenticated_data][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data]) is equal to [DecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data_crc32c], and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- ciphertext
-
Required. The encrypted data originally returned in [EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext].
- ciphertextCrc32C
-
Optional. An optional CRC32C checksum of the [DecryptRequest.ciphertext][google.cloud.kms.v1.DecryptRequest.ciphertext]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received [DecryptRequest.ciphertext][google.cloud.kms.v1.DecryptRequest.ciphertext] using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C([DecryptRequest.ciphertext][google.cloud.kms.v1.DecryptRequest.ciphertext]) is equal to [DecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.DecryptRequest.ciphertext_crc32c], and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- name
-
Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to use for decryption. The server will choose the appropriate version.
Attributes
- Companion
- object
- Source
- DecryptRequest.scala
- Supertypes
-
trait Updatable[DecryptRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- DecryptRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[DecryptRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
DecryptRequest.type
Response message for [KeyManagementService.Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
Response message for [KeyManagementService.Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
Value parameters
- plaintext
-
The decrypted data originally supplied in [EncryptRequest.plaintext][google.cloud.kms.v1.EncryptRequest.plaintext].
- plaintextCrc32C
-
Integrity verification field. A CRC32C checksum of the returned [DecryptResponse.plaintext][google.cloud.kms.v1.DecryptResponse.plaintext]. An integrity check of [DecryptResponse.plaintext][google.cloud.kms.v1.DecryptResponse.plaintext] can be performed by computing the CRC32C checksum of [DecryptResponse.plaintext][google.cloud.kms.v1.DecryptResponse.plaintext] and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: receiving this response message indicates that [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to successfully decrypt the [ciphertext][google.cloud.kms.v1.DecryptRequest.ciphertext]. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- protectionLevel
-
The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in decryption.
- usedPrimary
-
Whether the Decryption was performed using the primary key version.
Attributes
- Companion
- object
- Source
- DecryptResponse.scala
- Supertypes
-
trait Updatable[DecryptResponse]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- DecryptResponse.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[DecryptResponse]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
DecryptResponse.type
Request message for [KeyManagementService.DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion].
Request message for [KeyManagementService.DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion].
Value parameters
- name
-
Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to destroy.
Attributes
- Companion
- object
- Source
- DestroyCryptoKeyVersionRequest.scala
- Supertypes
-
trait Updatable[DestroyCryptoKeyVersionRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- DestroyCryptoKeyVersionRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[DestroyCryptoKeyVersionRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
A [Digest][google.cloud.kms.v1.Digest] holds a cryptographic message digest.
A [Digest][google.cloud.kms.v1.Digest] holds a cryptographic message digest.
Attributes
- Companion
- object
- Source
- Digest.scala
- Supertypes
-
trait Updatable[Digest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- Digest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[Digest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
Digest.type
Request message for [KeyManagementService.Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
Request message for [KeyManagementService.Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
Value parameters
- additionalAuthenticatedData
-
Optional. Optional data that, if specified, must also be provided during decryption through [DecryptRequest.additional_authenticated_data][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data]. The maximum size depends on the key version's [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE], [EXTERNAL][google.cloud.kms.v1.ProtectionLevel.EXTERNAL], and [EXTERNAL_VPC][google.cloud.kms.v1.ProtectionLevel.EXTERNAL_VPC] keys the AAD must be no larger than 64KiB. For [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of the plaintext and additional_authenticated_data fields must be no larger than 8KiB.
- additionalAuthenticatedDataCrc32C
-
Optional. An optional CRC32C checksum of the [EncryptRequest.additional_authenticated_data][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received [EncryptRequest.additional_authenticated_data][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data] using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C([EncryptRequest.additional_authenticated_data][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data]) is equal to [EncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c], and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- name
-
Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] or [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for encryption. If a [CryptoKey][google.cloud.kms.v1.CryptoKey] is specified, the server will use its [primary version][google.cloud.kms.v1.CryptoKey.primary].
- plaintext
-
Required. The data to encrypt. Must be no larger than 64KiB. The maximum size depends on the key version's [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE], [EXTERNAL][google.cloud.kms.v1.ProtectionLevel.EXTERNAL], and [EXTERNAL_VPC][google.cloud.kms.v1.ProtectionLevel.EXTERNAL_VPC] keys, the plaintext must be no larger than 64KiB. For [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of the plaintext and additional_authenticated_data fields must be no larger than 8KiB.
- plaintextCrc32C
-
Optional. An optional CRC32C checksum of the [EncryptRequest.plaintext][google.cloud.kms.v1.EncryptRequest.plaintext]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received [EncryptRequest.plaintext][google.cloud.kms.v1.EncryptRequest.plaintext] using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C([EncryptRequest.plaintext][google.cloud.kms.v1.EncryptRequest.plaintext]) is equal to [EncryptRequest.plaintext_crc32c][google.cloud.kms.v1.EncryptRequest.plaintext_crc32c], and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
Attributes
- Companion
- object
- Source
- EncryptRequest.scala
- Supertypes
-
trait Updatable[EncryptRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- EncryptRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[EncryptRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
EncryptRequest.type
Response message for [KeyManagementService.Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
Response message for [KeyManagementService.Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
Value parameters
- ciphertext
-
The encrypted data.
- ciphertextCrc32C
-
Integrity verification field. A CRC32C checksum of the returned [EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext]. An integrity check of [EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext] can be performed by computing the CRC32C checksum of [EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext] and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- name
-
The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in encryption. Check this field to verify that the intended resource was used for encryption.
- protectionLevel
-
The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in encryption.
- verifiedAdditionalAuthenticatedDataCrc32C
-
Integrity verification field. A flag indicating whether [EncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the [AAD][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data]. A false value of this field indicates either that [EncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [EncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c] but this field is still false, discard the response and perform a limited number of retries.
- verifiedPlaintextCrc32C
-
Integrity verification field. A flag indicating whether [EncryptRequest.plaintext_crc32c][google.cloud.kms.v1.EncryptRequest.plaintext_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the [plaintext][google.cloud.kms.v1.EncryptRequest.plaintext]. A false value of this field indicates either that [EncryptRequest.plaintext_crc32c][google.cloud.kms.v1.EncryptRequest.plaintext_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [EncryptRequest.plaintext_crc32c][google.cloud.kms.v1.EncryptRequest.plaintext_crc32c] but this field is still false, discard the response and perform a limited number of retries.
Attributes
- Companion
- object
- Source
- EncryptResponse.scala
- Supertypes
-
trait Updatable[EncryptResponse]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- EncryptResponse.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[EncryptResponse]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
EncryptResponse.type
Request message for [KeyManagementService.GenerateRandomBytes][google.cloud.kms.v1.KeyManagementService.GenerateRandomBytes].
Request message for [KeyManagementService.GenerateRandomBytes][google.cloud.kms.v1.KeyManagementService.GenerateRandomBytes].
Value parameters
- lengthBytes
-
The length in bytes of the amount of randomness to retrieve. Minimum 8 bytes, maximum 1024 bytes.
- location
-
The project-specific location in which to generate random bytes. For example, "projects/my-project/locations/us-central1".
- protectionLevel
-
The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] to use when generating the random data. Currently, only [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] protection level is supported.
Attributes
- Companion
- object
- Source
- GenerateRandomBytesRequest.scala
- Supertypes
-
trait Updatable[GenerateRandomBytesRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- GenerateRandomBytesRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[GenerateRandomBytesRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Response message for [KeyManagementService.GenerateRandomBytes][google.cloud.kms.v1.KeyManagementService.GenerateRandomBytes].
Response message for [KeyManagementService.GenerateRandomBytes][google.cloud.kms.v1.KeyManagementService.GenerateRandomBytes].
Value parameters
- data
-
The generated data.
- dataCrc32C
-
Integrity verification field. A CRC32C checksum of the returned [GenerateRandomBytesResponse.data][google.cloud.kms.v1.GenerateRandomBytesResponse.data]. An integrity check of [GenerateRandomBytesResponse.data][google.cloud.kms.v1.GenerateRandomBytesResponse.data] can be performed by computing the CRC32C checksum of [GenerateRandomBytesResponse.data][google.cloud.kms.v1.GenerateRandomBytesResponse.data] and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
Attributes
- Companion
- object
- Source
- GenerateRandomBytesResponse.scala
- Supertypes
-
trait Updatable[GenerateRandomBytesResponse]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- GenerateRandomBytesResponse.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[GenerateRandomBytesResponse]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Request message for [KeyManagementService.GetCryptoKey][google.cloud.kms.v1.KeyManagementService.GetCryptoKey].
Request message for [KeyManagementService.GetCryptoKey][google.cloud.kms.v1.KeyManagementService.GetCryptoKey].
Value parameters
- name
-
Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to get.
Attributes
- Companion
- object
- Source
- GetCryptoKeyRequest.scala
- Supertypes
-
trait Updatable[GetCryptoKeyRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- GetCryptoKeyRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[GetCryptoKeyRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
GetCryptoKeyRequest.type
Request message for [KeyManagementService.GetCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.GetCryptoKeyVersion].
Request message for [KeyManagementService.GetCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.GetCryptoKeyVersion].
Value parameters
- name
-
Required. The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to get.
Attributes
- Companion
- object
- Source
- GetCryptoKeyVersionRequest.scala
- Supertypes
-
trait Updatable[GetCryptoKeyVersionRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- GetCryptoKeyVersionRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[GetCryptoKeyVersionRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Request message for [KeyManagementService.GetImportJob][google.cloud.kms.v1.KeyManagementService.GetImportJob].
Request message for [KeyManagementService.GetImportJob][google.cloud.kms.v1.KeyManagementService.GetImportJob].
Value parameters
- name
-
Required. The [name][google.cloud.kms.v1.ImportJob.name] of the [ImportJob][google.cloud.kms.v1.ImportJob] to get.
Attributes
- Companion
- object
- Source
- GetImportJobRequest.scala
- Supertypes
-
trait Updatable[GetImportJobRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- GetImportJobRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[GetImportJobRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
GetImportJobRequest.type
Request message for [KeyManagementService.GetKeyRing][google.cloud.kms.v1.KeyManagementService.GetKeyRing].
Request message for [KeyManagementService.GetKeyRing][google.cloud.kms.v1.KeyManagementService.GetKeyRing].
Value parameters
- name
-
Required. The [name][google.cloud.kms.v1.KeyRing.name] of the [KeyRing][google.cloud.kms.v1.KeyRing] to get.
Attributes
- Companion
- object
- Source
- GetKeyRingRequest.scala
- Supertypes
-
trait Updatable[GetKeyRingRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- GetKeyRingRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[GetKeyRingRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
GetKeyRingRequest.type
Request message for [KeyManagementService.GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
Request message for [KeyManagementService.GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
Value parameters
- name
-
Required. The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] public key to get.
Attributes
- Companion
- object
- Source
- GetPublicKeyRequest.scala
- Supertypes
-
trait Updatable[GetPublicKeyRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- GetPublicKeyRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[GetPublicKeyRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
GetPublicKeyRequest.type
Request message for [KeyManagementService.ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion].
Request message for [KeyManagementService.ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion].
Value parameters
- algorithm
-
Required. The [algorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] of the key being imported. This does not need to match the [version_template][google.cloud.kms.v1.CryptoKey.version_template] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] this version imports into.
- cryptoKeyVersion
-
Optional. The optional [name][google.cloud.kms.v1.CryptoKeyVersion.name] of an existing [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to target for an import operation. If this field is not present, a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] containing the supplied key material is created. If this field is present, the supplied key material is imported into the existing [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. To import into an existing [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] must be a child of [ImportCryptoKeyVersionRequest.parent][google.cloud.kms.v1.ImportCryptoKeyVersionRequest.parent], have been previously created via [ImportCryptoKeyVersion][], and be in [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED] or [IMPORT_FAILED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.IMPORT_FAILED] state. The key material and algorithm must match the previous [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] exactly if the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] has ever contained key material.
- importJob
-
Required. The [name][google.cloud.kms.v1.ImportJob.name] of the [ImportJob][google.cloud.kms.v1.ImportJob] that was used to wrap this key material.
- parent
-
Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to be imported into. The create permission is only required on this key when creating a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
- wrappedKey
-
Optional. The wrapped key material to import. Before wrapping, key material must be formatted. If importing symmetric key material, the expected key material format is plain bytes. If importing asymmetric key material, the expected key material format is PKCS#8-encoded DER (the PrivateKeyInfo structure from RFC 5208). When wrapping with import methods ([RSA_OAEP_3072_SHA1_AES_256][google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_3072_SHA1_AES_256] or [RSA_OAEP_4096_SHA1_AES_256][google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_4096_SHA1_AES_256] or [RSA_OAEP_3072_SHA256_AES_256][google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_3072_SHA256_AES_256] or [RSA_OAEP_4096_SHA256_AES_256][google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_4096_SHA256_AES_256]), this field must contain the concatenation of: <ol> <li>An ephemeral AES-256 wrapping key wrapped with the [public_key][google.cloud.kms.v1.ImportJob.public_key] using RSAES-OAEP with SHA-1/SHA-256, MGF1 with SHA-1/SHA-256, and an empty label. </li> <li>The formatted key to be imported, wrapped with the ephemeral AES-256 key using AES-KWP (RFC 5649). </li> </ol> This format is the same as the format produced by PKCS#11 mechanism CKM_RSA_AES_KEY_WRAP. When wrapping with import methods ([RSA_OAEP_3072_SHA256][google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_3072_SHA256] or [RSA_OAEP_4096_SHA256][google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_4096_SHA256]), this field must contain the formatted key to be imported, wrapped with the [public_key][google.cloud.kms.v1.ImportJob.public_key] using RSAES-OAEP with SHA-256, MGF1 with SHA-256, and an empty label.
Attributes
- Companion
- object
- Source
- ImportCryptoKeyVersionRequest.scala
- Supertypes
-
trait Updatable[ImportCryptoKeyVersionRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- ImportCryptoKeyVersionRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[ImportCryptoKeyVersionRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Google Cloud Key Management Service
Google Cloud Key Management Service
Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects:
- [KeyRing][google.cloud.kms.v1.KeyRing]
- [CryptoKey][google.cloud.kms.v1.CryptoKey]
- [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
- [ImportJob][google.cloud.kms.v1.ImportJob]
If you are using manual gRPC libraries, see Using gRPC with Cloud KMS.
Attributes
- Companion
- object
- Source
- KeyManagementService.scala
- Supertypes
-
class Objecttrait Matchableclass Any
Attributes
- Companion
- trait
- Source
- KeyManagementService.scala
- Supertypes
-
class Objecttrait Matchableclass Any
- Self type
-
KeyManagementService.type
Request message for [KeyManagementService.ListCryptoKeyVersions][google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions].
Request message for [KeyManagementService.ListCryptoKeyVersions][google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions].
Value parameters
- filter
-
Optional. Only include resources that match the filter in the response. For more information, see Sorting and filtering list results.
- orderBy
-
Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see Sorting and filtering list results.
- pageSize
-
Optional. Optional limit on the number of [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] to include in the response. Further [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] can subsequently be obtained by including the [ListCryptoKeyVersionsResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token] in a subsequent request. If unspecified, the server will pick an appropriate default.
- pageToken
-
Optional. Optional pagination token, returned earlier via [ListCryptoKeyVersionsResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token].
- parent
-
Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to list, in the format
projects/*/locations/*/keyRings/*/cryptoKeys/*
. - view
-
The fields to include in the response.
Attributes
- Companion
- object
- Source
- ListCryptoKeyVersionsRequest.scala
- Supertypes
-
trait Updatable[ListCryptoKeyVersionsRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- ListCryptoKeyVersionsRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[ListCryptoKeyVersionsRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Response message for [KeyManagementService.ListCryptoKeyVersions][google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions].
Response message for [KeyManagementService.ListCryptoKeyVersions][google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions].
Value parameters
- cryptoKeyVersions
-
The list of [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
- nextPageToken
-
A token to retrieve next page of results. Pass this value in [ListCryptoKeyVersionsRequest.page_token][google.cloud.kms.v1.ListCryptoKeyVersionsRequest.page_token] to retrieve the next page of results.
- totalSize
-
The total number of [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] that matched the query.
Attributes
- Companion
- object
- Source
- ListCryptoKeyVersionsResponse.scala
- Supertypes
-
trait Updatable[ListCryptoKeyVersionsResponse]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- ListCryptoKeyVersionsResponse.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[ListCryptoKeyVersionsResponse]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Request message for [KeyManagementService.ListCryptoKeys][google.cloud.kms.v1.KeyManagementService.ListCryptoKeys].
Request message for [KeyManagementService.ListCryptoKeys][google.cloud.kms.v1.KeyManagementService.ListCryptoKeys].
Value parameters
- filter
-
Optional. Only include resources that match the filter in the response. For more information, see Sorting and filtering list results.
- orderBy
-
Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see Sorting and filtering list results.
- pageSize
-
Optional. Optional limit on the number of [CryptoKeys][google.cloud.kms.v1.CryptoKey] to include in the response. Further [CryptoKeys][google.cloud.kms.v1.CryptoKey] can subsequently be obtained by including the [ListCryptoKeysResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token] in a subsequent request. If unspecified, the server will pick an appropriate default.
- pageToken
-
Optional. Optional pagination token, returned earlier via [ListCryptoKeysResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token].
- parent
-
Required. The resource name of the [KeyRing][google.cloud.kms.v1.KeyRing] to list, in the format
projects/*/locations/*/keyRings/*
. - versionView
-
The fields of the primary version to include in the response.
Attributes
- Companion
- object
- Source
- ListCryptoKeysRequest.scala
- Supertypes
-
trait Updatable[ListCryptoKeysRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- ListCryptoKeysRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[ListCryptoKeysRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Response message for [KeyManagementService.ListCryptoKeys][google.cloud.kms.v1.KeyManagementService.ListCryptoKeys].
Response message for [KeyManagementService.ListCryptoKeys][google.cloud.kms.v1.KeyManagementService.ListCryptoKeys].
Value parameters
- cryptoKeys
-
The list of [CryptoKeys][google.cloud.kms.v1.CryptoKey].
- nextPageToken
-
A token to retrieve next page of results. Pass this value in [ListCryptoKeysRequest.page_token][google.cloud.kms.v1.ListCryptoKeysRequest.page_token] to retrieve the next page of results.
- totalSize
-
The total number of [CryptoKeys][google.cloud.kms.v1.CryptoKey] that matched the query.
Attributes
- Companion
- object
- Source
- ListCryptoKeysResponse.scala
- Supertypes
-
trait Updatable[ListCryptoKeysResponse]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- ListCryptoKeysResponse.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[ListCryptoKeysResponse]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Request message for [KeyManagementService.ListImportJobs][google.cloud.kms.v1.KeyManagementService.ListImportJobs].
Request message for [KeyManagementService.ListImportJobs][google.cloud.kms.v1.KeyManagementService.ListImportJobs].
Value parameters
- filter
-
Optional. Only include resources that match the filter in the response. For more information, see Sorting and filtering list results.
- orderBy
-
Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see Sorting and filtering list results.
- pageSize
-
Optional. Optional limit on the number of [ImportJobs][google.cloud.kms.v1.ImportJob] to include in the response. Further [ImportJobs][google.cloud.kms.v1.ImportJob] can subsequently be obtained by including the [ListImportJobsResponse.next_page_token][google.cloud.kms.v1.ListImportJobsResponse.next_page_token] in a subsequent request. If unspecified, the server will pick an appropriate default.
- pageToken
-
Optional. Optional pagination token, returned earlier via [ListImportJobsResponse.next_page_token][google.cloud.kms.v1.ListImportJobsResponse.next_page_token].
- parent
-
Required. The resource name of the [KeyRing][google.cloud.kms.v1.KeyRing] to list, in the format
projects/*/locations/*/keyRings/*
.
Attributes
- Companion
- object
- Source
- ListImportJobsRequest.scala
- Supertypes
-
trait Updatable[ListImportJobsRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- ListImportJobsRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[ListImportJobsRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Response message for [KeyManagementService.ListImportJobs][google.cloud.kms.v1.KeyManagementService.ListImportJobs].
Response message for [KeyManagementService.ListImportJobs][google.cloud.kms.v1.KeyManagementService.ListImportJobs].
Value parameters
- importJobs
-
The list of [ImportJobs][google.cloud.kms.v1.ImportJob].
- nextPageToken
-
A token to retrieve next page of results. Pass this value in [ListImportJobsRequest.page_token][google.cloud.kms.v1.ListImportJobsRequest.page_token] to retrieve the next page of results.
- totalSize
-
The total number of [ImportJobs][google.cloud.kms.v1.ImportJob] that matched the query.
Attributes
- Companion
- object
- Source
- ListImportJobsResponse.scala
- Supertypes
-
trait Updatable[ListImportJobsResponse]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- ListImportJobsResponse.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[ListImportJobsResponse]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Request message for [KeyManagementService.ListKeyRings][google.cloud.kms.v1.KeyManagementService.ListKeyRings].
Request message for [KeyManagementService.ListKeyRings][google.cloud.kms.v1.KeyManagementService.ListKeyRings].
Value parameters
- filter
-
Optional. Only include resources that match the filter in the response. For more information, see Sorting and filtering list results.
- orderBy
-
Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see Sorting and filtering list results.
- pageSize
-
Optional. Optional limit on the number of [KeyRings][google.cloud.kms.v1.KeyRing] to include in the response. Further [KeyRings][google.cloud.kms.v1.KeyRing] can subsequently be obtained by including the [ListKeyRingsResponse.next_page_token][google.cloud.kms.v1.ListKeyRingsResponse.next_page_token] in a subsequent request. If unspecified, the server will pick an appropriate default.
- pageToken
-
Optional. Optional pagination token, returned earlier via [ListKeyRingsResponse.next_page_token][google.cloud.kms.v1.ListKeyRingsResponse.next_page_token].
- parent
-
Required. The resource name of the location associated with the [KeyRings][google.cloud.kms.v1.KeyRing], in the format
projects/*/locations/*
.
Attributes
- Companion
- object
- Source
- ListKeyRingsRequest.scala
- Supertypes
-
trait Updatable[ListKeyRingsRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- ListKeyRingsRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[ListKeyRingsRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
ListKeyRingsRequest.type
Response message for [KeyManagementService.ListKeyRings][google.cloud.kms.v1.KeyManagementService.ListKeyRings].
Response message for [KeyManagementService.ListKeyRings][google.cloud.kms.v1.KeyManagementService.ListKeyRings].
Value parameters
- keyRings
-
The list of [KeyRings][google.cloud.kms.v1.KeyRing].
- nextPageToken
-
A token to retrieve next page of results. Pass this value in [ListKeyRingsRequest.page_token][google.cloud.kms.v1.ListKeyRingsRequest.page_token] to retrieve the next page of results.
- totalSize
-
The total number of [KeyRings][google.cloud.kms.v1.KeyRing] that matched the query.
Attributes
- Companion
- object
- Source
- ListKeyRingsResponse.scala
- Supertypes
-
trait Updatable[ListKeyRingsResponse]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- ListKeyRingsResponse.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[ListKeyRingsResponse]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
ListKeyRingsResponse.type
Cloud KMS metadata for the given [google.cloud.location.Location][google.cloud.location.Location].
Cloud KMS metadata for the given [google.cloud.location.Location][google.cloud.location.Location].
Value parameters
- ekmAvailable
-
Indicates whether [CryptoKeys][google.cloud.kms.v1.CryptoKey] with [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level] [EXTERNAL][google.cloud.kms.v1.ProtectionLevel.EXTERNAL] can be created in this location.
- hsmAvailable
-
Indicates whether [CryptoKeys][google.cloud.kms.v1.CryptoKey] with [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level] [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] can be created in this location.
Attributes
- Companion
- object
- Source
- LocationMetadata.scala
- Supertypes
-
trait Updatable[LocationMetadata]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- LocationMetadata.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[LocationMetadata]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
LocationMetadata.type
Request message for [KeyManagementService.MacSign][google.cloud.kms.v1.KeyManagementService.MacSign].
Request message for [KeyManagementService.MacSign][google.cloud.kms.v1.KeyManagementService.MacSign].
Value parameters
- data
-
Required. The data to sign. The MAC tag is computed over this data field based on the specific algorithm.
- dataCrc32C
-
Optional. An optional CRC32C checksum of the [MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received [MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data] using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C([MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data]) is equal to [MacSignRequest.data_crc32c][google.cloud.kms.v1.MacSignRequest.data_crc32c], and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- name
-
Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for signing.
Attributes
- Companion
- object
- Source
- MacSignRequest.scala
- Supertypes
-
trait Updatable[MacSignRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- MacSignRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[MacSignRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
MacSignRequest.type
Response message for [KeyManagementService.MacSign][google.cloud.kms.v1.KeyManagementService.MacSign].
Response message for [KeyManagementService.MacSign][google.cloud.kms.v1.KeyManagementService.MacSign].
Value parameters
- mac
-
The created signature.
- macCrc32C
-
Integrity verification field. A CRC32C checksum of the returned [MacSignResponse.mac][google.cloud.kms.v1.MacSignResponse.mac]. An integrity check of [MacSignResponse.mac][google.cloud.kms.v1.MacSignResponse.mac] can be performed by computing the CRC32C checksum of [MacSignResponse.mac][google.cloud.kms.v1.MacSignResponse.mac] and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- name
-
The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for signing. Check this field to verify that the intended resource was used for signing.
- protectionLevel
-
The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for signing.
- verifiedDataCrc32C
-
Integrity verification field. A flag indicating whether [MacSignRequest.data_crc32c][google.cloud.kms.v1.MacSignRequest.data_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the [data][google.cloud.kms.v1.MacSignRequest.data]. A false value of this field indicates either that [MacSignRequest.data_crc32c][google.cloud.kms.v1.MacSignRequest.data_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [MacSignRequest.data_crc32c][google.cloud.kms.v1.MacSignRequest.data_crc32c] but this field is still false, discard the response and perform a limited number of retries.
Attributes
- Companion
- object
- Source
- MacSignResponse.scala
- Supertypes
-
trait Updatable[MacSignResponse]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- MacSignResponse.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[MacSignResponse]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
MacSignResponse.type
Request message for [KeyManagementService.MacVerify][google.cloud.kms.v1.KeyManagementService.MacVerify].
Request message for [KeyManagementService.MacVerify][google.cloud.kms.v1.KeyManagementService.MacVerify].
Value parameters
- data
-
Required. The data used previously as a [MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data] to generate the MAC tag.
- dataCrc32C
-
Optional. An optional CRC32C checksum of the [MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received [MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data] using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C([MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data]) is equal to [MacVerifyRequest.data_crc32c][google.cloud.kms.v1.MacVerifyRequest.data_crc32c], and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- mac
-
Required. The signature to verify.
- macCrc32C
-
Optional. An optional CRC32C checksum of the [MacVerifyRequest.mac][google.cloud.kms.v1.MacVerifyRequest.mac]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received [MacVerifyRequest.mac][google.cloud.kms.v1.MacVerifyRequest.mac] using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C([MacVerifyRequest.tag][]) is equal to [MacVerifyRequest.mac_crc32c][google.cloud.kms.v1.MacVerifyRequest.mac_crc32c], and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- name
-
Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for verification.
Attributes
- Companion
- object
- Source
- MacVerifyRequest.scala
- Supertypes
-
trait Updatable[MacVerifyRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- MacVerifyRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[MacVerifyRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
MacVerifyRequest.type
Response message for [KeyManagementService.MacVerify][google.cloud.kms.v1.KeyManagementService.MacVerify].
Response message for [KeyManagementService.MacVerify][google.cloud.kms.v1.KeyManagementService.MacVerify].
Value parameters
- name
-
The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for verification. Check this field to verify that the intended resource was used for verification.
- protectionLevel
-
The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for verification.
- success
-
This field indicates whether or not the verification operation for [MacVerifyRequest.mac][google.cloud.kms.v1.MacVerifyRequest.mac] over [MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data] was successful.
- verifiedDataCrc32C
-
Integrity verification field. A flag indicating whether [MacVerifyRequest.data_crc32c][google.cloud.kms.v1.MacVerifyRequest.data_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the [data][google.cloud.kms.v1.MacVerifyRequest.data]. A false value of this field indicates either that [MacVerifyRequest.data_crc32c][google.cloud.kms.v1.MacVerifyRequest.data_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [MacVerifyRequest.data_crc32c][google.cloud.kms.v1.MacVerifyRequest.data_crc32c] but this field is still false, discard the response and perform a limited number of retries.
- verifiedMacCrc32C
-
Integrity verification field. A flag indicating whether [MacVerifyRequest.mac_crc32c][google.cloud.kms.v1.MacVerifyRequest.mac_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the [data][google.cloud.kms.v1.MacVerifyRequest.mac]. A false value of this field indicates either that [MacVerifyRequest.mac_crc32c][google.cloud.kms.v1.MacVerifyRequest.mac_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [MacVerifyRequest.mac_crc32c][google.cloud.kms.v1.MacVerifyRequest.mac_crc32c] but this field is still false, discard the response and perform a limited number of retries.
- verifiedSuccessIntegrity
-
Integrity verification field. This value is used for the integrity verification of [MacVerifyResponse.success]. If the value of this field contradicts the value of [MacVerifyResponse.success], discard the response and perform a limited number of retries.
Attributes
- Companion
- object
- Source
- MacVerifyResponse.scala
- Supertypes
-
trait Updatable[MacVerifyResponse]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- MacVerifyResponse.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[MacVerifyResponse]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
MacVerifyResponse.type
Request message for [KeyManagementService.RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt].
Request message for [KeyManagementService.RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt].
Value parameters
- additionalAuthenticatedData
-
Optional. Optional data that must match the data originally supplied in [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data].
- additionalAuthenticatedDataCrc32C
-
Optional. An optional CRC32C checksum of the [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received additional_authenticated_data using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(additional_authenticated_data) is equal to additional_authenticated_data_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- ciphertext
-
Required. The encrypted data originally returned in [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext].
- ciphertextCrc32C
-
Optional. An optional CRC32C checksum of the [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received ciphertext using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(ciphertext) is equal to ciphertext_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- initializationVector
-
Required. The initialization vector (IV) used during encryption, which must match the data originally provided in [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector].
- initializationVectorCrc32C
-
Optional. An optional CRC32C checksum of the [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received initialization_vector using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- name
-
Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for decryption.
- tagLength
-
The length of the authentication tag that is appended to the end of the ciphertext. If unspecified (0), the default value for the key's algorithm will be used (for AES-GCM, the default value is 16).
Attributes
- Companion
- object
- Source
- RawDecryptRequest.scala
- Supertypes
-
trait Updatable[RawDecryptRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- RawDecryptRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[RawDecryptRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
RawDecryptRequest.type
Response message for [KeyManagementService.RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt].
Response message for [KeyManagementService.RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt].
Value parameters
- plaintext
-
The decrypted data.
- plaintextCrc32C
-
Integrity verification field. A CRC32C checksum of the returned [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. An integrity check of plaintext can be performed by computing the CRC32C checksum of plaintext and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: receiving this response message indicates that [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to successfully decrypt the [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- protectionLevel
-
The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in decryption.
- verifiedAdditionalAuthenticatedDataCrc32C
-
Integrity verification field. A flag indicating whether [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of additional_authenticated_data. A false value of this field indicates either that // [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] but this field is still false, discard the response and perform a limited number of retries.
- verifiedCiphertextCrc32C
-
Integrity verification field. A flag indicating whether [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the ciphertext. A false value of this field indicates either that [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] but this field is still false, discard the response and perform a limited number of retries.
- verifiedInitializationVectorCrc32C
-
Integrity verification field. A flag indicating whether [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of initialization_vector. A false value of this field indicates either that [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] but this field is still false, discard the response and perform a limited number of retries.
Attributes
- Companion
- object
- Source
- RawDecryptResponse.scala
- Supertypes
-
trait Updatable[RawDecryptResponse]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- RawDecryptResponse.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[RawDecryptResponse]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
RawDecryptResponse.type
Request message for [KeyManagementService.RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt].
Request message for [KeyManagementService.RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt].
Value parameters
- additionalAuthenticatedData
-
Optional. Optional data that, if specified, must also be provided during decryption through [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. This field may only be used in conjunction with an [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm] that accepts additional authenticated data (for example, AES-GCM). The maximum size depends on the key version's [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the plaintext must be no larger than 64KiB. For [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of the plaintext and additional_authenticated_data fields must be no larger than 8KiB.
- additionalAuthenticatedDataCrc32C
-
Optional. An optional CRC32C checksum of the [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received additional_authenticated_data using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(additional_authenticated_data) is equal to additional_authenticated_data_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- initializationVector
-
Optional. A customer-supplied initialization vector that will be used for encryption. If it is not provided for AES-CBC and AES-CTR, one will be generated. It will be returned in [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector].
- initializationVectorCrc32C
-
Optional. An optional CRC32C checksum of the [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received initialization_vector using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- name
-
Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for encryption.
- plaintext
-
Required. The data to encrypt. Must be no larger than 64KiB. The maximum size depends on the key version's [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the plaintext must be no larger than 64KiB. For [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of the plaintext and additional_authenticated_data fields must be no larger than 8KiB.
- plaintextCrc32C
-
Optional. An optional CRC32C checksum of the [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received plaintext using this checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(plaintext) is equal to plaintext_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
Attributes
- Companion
- object
- Source
- RawEncryptRequest.scala
- Supertypes
-
trait Updatable[RawEncryptRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- RawEncryptRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[RawEncryptRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
RawEncryptRequest.type
Response message for [KeyManagementService.RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt].
Response message for [KeyManagementService.RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt].
Value parameters
- ciphertext
-
The encrypted data. In the case of AES-GCM, the authentication tag is the [tag_length][google.cloud.kms.v1.RawEncryptResponse.tag_length] bytes at the end of this field.
- ciphertextCrc32C
-
Integrity verification field. A CRC32C checksum of the returned [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. An integrity check of ciphertext can be performed by computing the CRC32C checksum of ciphertext and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- initializationVector
-
The initialization vector (IV) generated by the service during encryption. This value must be stored and provided in [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector] at decryption time.
- initializationVectorCrc32C
-
Integrity verification field. A CRC32C checksum of the returned [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. An integrity check of initialization_vector can be performed by computing the CRC32C checksum of initialization_vector and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
- name
-
The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in encryption. Check this field to verify that the intended resource was used for encryption.
- protectionLevel
-
The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in encryption.
- tagLength
-
The length of the authentication tag that is appended to the end of the ciphertext.
- verifiedAdditionalAuthenticatedDataCrc32C
-
Integrity verification field. A flag indicating whether [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of additional_authenticated_data. A false value of this field indicates either that // [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] but this field is still false, discard the response and perform a limited number of retries.
- verifiedInitializationVectorCrc32C
-
Integrity verification field. A flag indicating whether [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of initialization_vector. A false value of this field indicates either that [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] but this field is still false, discard the response and perform a limited number of retries.
- verifiedPlaintextCrc32C
-
Integrity verification field. A flag indicating whether [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] was received by [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the plaintext. A false value of this field indicates either that [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] but this field is still false, discard the response and perform a limited number of retries.
Attributes
- Companion
- object
- Source
- RawEncryptResponse.scala
- Supertypes
-
trait Updatable[RawEncryptResponse]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- RawEncryptResponse.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[RawEncryptResponse]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
-
RawEncryptResponse.type
Request message for [KeyManagementService.RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion].
Request message for [KeyManagementService.RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion].
Value parameters
- name
-
Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to restore.
Attributes
- Companion
- object
- Source
- RestoreCryptoKeyVersionRequest.scala
- Supertypes
-
trait Updatable[RestoreCryptoKeyVersionRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- RestoreCryptoKeyVersionRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[RestoreCryptoKeyVersionRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Attributes
- Source
- ServiceProto.scala
- Supertypes
-
class GeneratedFileObjectclass Objecttrait Matchableclass Any
- Self type
-
ServiceProto.type
Request message for [KeyManagementService.UpdateCryptoKeyPrimaryVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVersion].
Request message for [KeyManagementService.UpdateCryptoKeyPrimaryVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVersion].
Value parameters
- cryptoKeyVersionId
-
Required. The id of the child [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use as primary.
- name
-
Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to update.
Attributes
- Companion
- object
- Source
- UpdateCryptoKeyPrimaryVersionRequest.scala
- Supertypes
-
trait Updatable[UpdateCryptoKeyPrimaryVersionRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- UpdateCryptoKeyPrimaryVersionRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[UpdateCryptoKeyPrimaryVersionRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Request message for [KeyManagementService.UpdateCryptoKey][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKey].
Request message for [KeyManagementService.UpdateCryptoKey][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKey].
Value parameters
- cryptoKey
-
Required. [CryptoKey][google.cloud.kms.v1.CryptoKey] with updated values.
- updateMask
-
Required. List of fields to be updated in this request.
Attributes
- Companion
- object
- Source
- UpdateCryptoKeyRequest.scala
- Supertypes
-
trait Updatable[UpdateCryptoKeyRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- UpdateCryptoKeyRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[UpdateCryptoKeyRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type
Request message for [KeyManagementService.UpdateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyVersion].
Request message for [KeyManagementService.UpdateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyVersion].
Value parameters
- cryptoKeyVersion
-
Required. [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with updated values.
- updateMask
-
Required. List of fields to be updated in this request.
Attributes
- Companion
- object
- Source
- UpdateCryptoKeyVersionRequest.scala
- Supertypes
-
trait Updatable[UpdateCryptoKeyVersionRequest]trait GeneratedMessagetrait Serializabletrait Producttrait Equalsclass Objecttrait Matchableclass AnyShow all
Attributes
- Companion
- class
- Source
- UpdateCryptoKeyVersionRequest.scala
- Supertypes
-
trait Producttrait Mirrortrait GeneratedMessageCompanion[UpdateCryptoKeyVersionRequest]trait Serializableclass Objecttrait Matchableclass AnyShow all
- Self type