genproto: google.golang.org/genproto/googleapis/cloud/kms/v1 Index | Files

package kms

import "google.golang.org/genproto/googleapis/cloud/kms/v1"

Index

Package Files

resources.pb.go service.pb.go

Variables

var (
    ProtectionLevel_name = map[int32]string{
        0:  "PROTECTION_LEVEL_UNSPECIFIED",
        1:  "SOFTWARE",
        2:  "HSM",
        3:  "EXTERNAL",
    }
    ProtectionLevel_value = map[string]int32{
        "PROTECTION_LEVEL_UNSPECIFIED": 0,
        "SOFTWARE":                     1,
        "HSM":                          2,
        "EXTERNAL":                     3,
    }
)

Enum value maps for ProtectionLevel.

var (
    CryptoKey_CryptoKeyPurpose_name = map[int32]string{
        0:  "CRYPTO_KEY_PURPOSE_UNSPECIFIED",
        1:  "ENCRYPT_DECRYPT",
        5:  "ASYMMETRIC_SIGN",
        6:  "ASYMMETRIC_DECRYPT",
    }
    CryptoKey_CryptoKeyPurpose_value = map[string]int32{
        "CRYPTO_KEY_PURPOSE_UNSPECIFIED": 0,
        "ENCRYPT_DECRYPT":                1,
        "ASYMMETRIC_SIGN":                5,
        "ASYMMETRIC_DECRYPT":             6,
    }
)

Enum value maps for CryptoKey_CryptoKeyPurpose.

var (
    KeyOperationAttestation_AttestationFormat_name = map[int32]string{
        0:  "ATTESTATION_FORMAT_UNSPECIFIED",
        3:  "CAVIUM_V1_COMPRESSED",
        4:  "CAVIUM_V2_COMPRESSED",
    }
    KeyOperationAttestation_AttestationFormat_value = map[string]int32{
        "ATTESTATION_FORMAT_UNSPECIFIED": 0,
        "CAVIUM_V1_COMPRESSED":           3,
        "CAVIUM_V2_COMPRESSED":           4,
    }
)

Enum value maps for KeyOperationAttestation_AttestationFormat.

var (
    CryptoKeyVersion_CryptoKeyVersionAlgorithm_name = map[int32]string{
        0:  "CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED",
        1:  "GOOGLE_SYMMETRIC_ENCRYPTION",
        2:  "RSA_SIGN_PSS_2048_SHA256",
        3:  "RSA_SIGN_PSS_3072_SHA256",
        4:  "RSA_SIGN_PSS_4096_SHA256",
        15: "RSA_SIGN_PSS_4096_SHA512",
        5:  "RSA_SIGN_PKCS1_2048_SHA256",
        6:  "RSA_SIGN_PKCS1_3072_SHA256",
        7:  "RSA_SIGN_PKCS1_4096_SHA256",
        16: "RSA_SIGN_PKCS1_4096_SHA512",
        8:  "RSA_DECRYPT_OAEP_2048_SHA256",
        9:  "RSA_DECRYPT_OAEP_3072_SHA256",
        10: "RSA_DECRYPT_OAEP_4096_SHA256",
        17: "RSA_DECRYPT_OAEP_4096_SHA512",
        12: "EC_SIGN_P256_SHA256",
        13: "EC_SIGN_P384_SHA384",
        18: "EXTERNAL_SYMMETRIC_ENCRYPTION",
    }
    CryptoKeyVersion_CryptoKeyVersionAlgorithm_value = map[string]int32{
        "CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED": 0,
        "GOOGLE_SYMMETRIC_ENCRYPTION":              1,
        "RSA_SIGN_PSS_2048_SHA256":                 2,
        "RSA_SIGN_PSS_3072_SHA256":                 3,
        "RSA_SIGN_PSS_4096_SHA256":                 4,
        "RSA_SIGN_PSS_4096_SHA512":                 15,
        "RSA_SIGN_PKCS1_2048_SHA256":               5,
        "RSA_SIGN_PKCS1_3072_SHA256":               6,
        "RSA_SIGN_PKCS1_4096_SHA256":               7,
        "RSA_SIGN_PKCS1_4096_SHA512":               16,
        "RSA_DECRYPT_OAEP_2048_SHA256":             8,
        "RSA_DECRYPT_OAEP_3072_SHA256":             9,
        "RSA_DECRYPT_OAEP_4096_SHA256":             10,
        "RSA_DECRYPT_OAEP_4096_SHA512":             17,
        "EC_SIGN_P256_SHA256":                      12,
        "EC_SIGN_P384_SHA384":                      13,
        "EXTERNAL_SYMMETRIC_ENCRYPTION":            18,
    }
)

Enum value maps for CryptoKeyVersion_CryptoKeyVersionAlgorithm.

var (
    CryptoKeyVersion_CryptoKeyVersionState_name = map[int32]string{
        0:  "CRYPTO_KEY_VERSION_STATE_UNSPECIFIED",
        5:  "PENDING_GENERATION",
        1:  "ENABLED",
        2:  "DISABLED",
        3:  "DESTROYED",
        4:  "DESTROY_SCHEDULED",
        6:  "PENDING_IMPORT",
        7:  "IMPORT_FAILED",
    }
    CryptoKeyVersion_CryptoKeyVersionState_value = map[string]int32{
        "CRYPTO_KEY_VERSION_STATE_UNSPECIFIED": 0,
        "PENDING_GENERATION":                   5,
        "ENABLED":                              1,
        "DISABLED":                             2,
        "DESTROYED":                            3,
        "DESTROY_SCHEDULED":                    4,
        "PENDING_IMPORT":                       6,
        "IMPORT_FAILED":                        7,
    }
)

Enum value maps for CryptoKeyVersion_CryptoKeyVersionState.

var (
    CryptoKeyVersion_CryptoKeyVersionView_name = map[int32]string{
        0:  "CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED",
        1:  "FULL",
    }
    CryptoKeyVersion_CryptoKeyVersionView_value = map[string]int32{
        "CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED": 0,
        "FULL":                                1,
    }
)

Enum value maps for CryptoKeyVersion_CryptoKeyVersionView.

var (
    ImportJob_ImportMethod_name = map[int32]string{
        0:  "IMPORT_METHOD_UNSPECIFIED",
        1:  "RSA_OAEP_3072_SHA1_AES_256",
        2:  "RSA_OAEP_4096_SHA1_AES_256",
    }
    ImportJob_ImportMethod_value = map[string]int32{
        "IMPORT_METHOD_UNSPECIFIED":  0,
        "RSA_OAEP_3072_SHA1_AES_256": 1,
        "RSA_OAEP_4096_SHA1_AES_256": 2,
    }
)

Enum value maps for ImportJob_ImportMethod.

var (
    ImportJob_ImportJobState_name = map[int32]string{
        0:  "IMPORT_JOB_STATE_UNSPECIFIED",
        1:  "PENDING_GENERATION",
        2:  "ACTIVE",
        3:  "EXPIRED",
    }
    ImportJob_ImportJobState_value = map[string]int32{
        "IMPORT_JOB_STATE_UNSPECIFIED": 0,
        "PENDING_GENERATION":           1,
        "ACTIVE":                       2,
        "EXPIRED":                      3,
    }
)

Enum value maps for ImportJob_ImportJobState.

var File_google_cloud_kms_v1_resources_proto protoreflect.FileDescriptor
var File_google_cloud_kms_v1_service_proto protoreflect.FileDescriptor

func RegisterKeyManagementServiceServer Uses

func RegisterKeyManagementServiceServer(s *grpc.Server, srv KeyManagementServiceServer)

type AsymmetricDecryptRequest Uses

type AsymmetricDecryptRequest struct {

    // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for
    // decryption.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // Required. The data encrypted with the named [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s public
    // key using OAEP.
    Ciphertext []byte `protobuf:"bytes,3,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt].

func (*AsymmetricDecryptRequest) Descriptor Uses

func (*AsymmetricDecryptRequest) Descriptor() ([]byte, []int)

Deprecated: Use AsymmetricDecryptRequest.ProtoReflect.Descriptor instead.

func (*AsymmetricDecryptRequest) GetCiphertext Uses

func (x *AsymmetricDecryptRequest) GetCiphertext() []byte

func (*AsymmetricDecryptRequest) GetName Uses

func (x *AsymmetricDecryptRequest) GetName() string

func (*AsymmetricDecryptRequest) ProtoMessage Uses

func (*AsymmetricDecryptRequest) ProtoMessage()

func (*AsymmetricDecryptRequest) ProtoReflect Uses

func (x *AsymmetricDecryptRequest) ProtoReflect() protoreflect.Message

func (*AsymmetricDecryptRequest) Reset Uses

func (x *AsymmetricDecryptRequest) Reset()

func (*AsymmetricDecryptRequest) String Uses

func (x *AsymmetricDecryptRequest) String() string

type AsymmetricDecryptResponse Uses

type AsymmetricDecryptResponse struct {

    // The decrypted data originally encrypted with the matching public key.
    Plaintext []byte `protobuf:"bytes,1,opt,name=plaintext,proto3" json:"plaintext,omitempty"`
    // contains filtered or unexported fields
}

Response message for [KeyManagementService.AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt].

func (*AsymmetricDecryptResponse) Descriptor Uses

func (*AsymmetricDecryptResponse) Descriptor() ([]byte, []int)

Deprecated: Use AsymmetricDecryptResponse.ProtoReflect.Descriptor instead.

func (*AsymmetricDecryptResponse) GetPlaintext Uses

func (x *AsymmetricDecryptResponse) GetPlaintext() []byte

func (*AsymmetricDecryptResponse) ProtoMessage Uses

func (*AsymmetricDecryptResponse) ProtoMessage()

func (*AsymmetricDecryptResponse) ProtoReflect Uses

func (x *AsymmetricDecryptResponse) ProtoReflect() protoreflect.Message

func (*AsymmetricDecryptResponse) Reset Uses

func (x *AsymmetricDecryptResponse) Reset()

func (*AsymmetricDecryptResponse) String Uses

func (x *AsymmetricDecryptResponse) String() string

type AsymmetricSignRequest Uses

type AsymmetricSignRequest struct {

    // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for signing.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // Required. The digest of the data to sign. The digest must be produced with
    // the same digest algorithm as specified by the key version's
    // [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm].
    Digest *Digest `protobuf:"bytes,3,opt,name=digest,proto3" json:"digest,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign].

func (*AsymmetricSignRequest) Descriptor Uses

func (*AsymmetricSignRequest) Descriptor() ([]byte, []int)

Deprecated: Use AsymmetricSignRequest.ProtoReflect.Descriptor instead.

func (*AsymmetricSignRequest) GetDigest Uses

func (x *AsymmetricSignRequest) GetDigest() *Digest

func (*AsymmetricSignRequest) GetName Uses

func (x *AsymmetricSignRequest) GetName() string

func (*AsymmetricSignRequest) ProtoMessage Uses

func (*AsymmetricSignRequest) ProtoMessage()

func (*AsymmetricSignRequest) ProtoReflect Uses

func (x *AsymmetricSignRequest) ProtoReflect() protoreflect.Message

func (*AsymmetricSignRequest) Reset Uses

func (x *AsymmetricSignRequest) Reset()

func (*AsymmetricSignRequest) String Uses

func (x *AsymmetricSignRequest) String() string

type AsymmetricSignResponse Uses

type AsymmetricSignResponse struct {

    // The created signature.
    Signature []byte `protobuf:"bytes,1,opt,name=signature,proto3" json:"signature,omitempty"`
    // contains filtered or unexported fields
}

Response message for [KeyManagementService.AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign].

func (*AsymmetricSignResponse) Descriptor Uses

func (*AsymmetricSignResponse) Descriptor() ([]byte, []int)

Deprecated: Use AsymmetricSignResponse.ProtoReflect.Descriptor instead.

func (*AsymmetricSignResponse) GetSignature Uses

func (x *AsymmetricSignResponse) GetSignature() []byte

func (*AsymmetricSignResponse) ProtoMessage Uses

func (*AsymmetricSignResponse) ProtoMessage()

func (*AsymmetricSignResponse) ProtoReflect Uses

func (x *AsymmetricSignResponse) ProtoReflect() protoreflect.Message

func (*AsymmetricSignResponse) Reset Uses

func (x *AsymmetricSignResponse) Reset()

func (*AsymmetricSignResponse) String Uses

func (x *AsymmetricSignResponse) String() string

type CreateCryptoKeyRequest Uses

type CreateCryptoKeyRequest struct {

    // Required. The [name][google.cloud.kms.v1.KeyRing.name] of the KeyRing associated with the
    // [CryptoKeys][google.cloud.kms.v1.CryptoKey].
    Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
    // Required. It must be unique within a KeyRing and match the regular
    // expression `[a-zA-Z0-9_-]{1,63}`
    CryptoKeyId string `protobuf:"bytes,2,opt,name=crypto_key_id,json=cryptoKeyId,proto3" json:"crypto_key_id,omitempty"`
    // Required. A [CryptoKey][google.cloud.kms.v1.CryptoKey] with initial field values.
    CryptoKey *CryptoKey `protobuf:"bytes,3,opt,name=crypto_key,json=cryptoKey,proto3" json:"crypto_key,omitempty"`
    // If set to true, the request will create a [CryptoKey][google.cloud.kms.v1.CryptoKey] without any
    // [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion]. You must manually call
    // [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] or
    // [ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion]
    // before you can use this [CryptoKey][google.cloud.kms.v1.CryptoKey].
    SkipInitialVersionCreation bool `protobuf:"varint,5,opt,name=skip_initial_version_creation,json=skipInitialVersionCreation,proto3" json:"skip_initial_version_creation,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.CreateCryptoKey][google.cloud.kms.v1.KeyManagementService.CreateCryptoKey].

func (*CreateCryptoKeyRequest) Descriptor Uses

func (*CreateCryptoKeyRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateCryptoKeyRequest.ProtoReflect.Descriptor instead.

func (*CreateCryptoKeyRequest) GetCryptoKey Uses

func (x *CreateCryptoKeyRequest) GetCryptoKey() *CryptoKey

func (*CreateCryptoKeyRequest) GetCryptoKeyId Uses

func (x *CreateCryptoKeyRequest) GetCryptoKeyId() string

func (*CreateCryptoKeyRequest) GetParent Uses

func (x *CreateCryptoKeyRequest) GetParent() string

func (*CreateCryptoKeyRequest) GetSkipInitialVersionCreation Uses

func (x *CreateCryptoKeyRequest) GetSkipInitialVersionCreation() bool

func (*CreateCryptoKeyRequest) ProtoMessage Uses

func (*CreateCryptoKeyRequest) ProtoMessage()

func (*CreateCryptoKeyRequest) ProtoReflect Uses

func (x *CreateCryptoKeyRequest) ProtoReflect() protoreflect.Message

func (*CreateCryptoKeyRequest) Reset Uses

func (x *CreateCryptoKeyRequest) Reset()

func (*CreateCryptoKeyRequest) String Uses

func (x *CreateCryptoKeyRequest) String() string

type CreateCryptoKeyVersionRequest Uses

type CreateCryptoKeyVersionRequest struct {

    // Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] associated with
    // the [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
    Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
    // Required. A [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with initial field values.
    CryptoKeyVersion *CryptoKeyVersion `protobuf:"bytes,2,opt,name=crypto_key_version,json=cryptoKeyVersion,proto3" json:"crypto_key_version,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion].

func (*CreateCryptoKeyVersionRequest) Descriptor Uses

func (*CreateCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateCryptoKeyVersionRequest.ProtoReflect.Descriptor instead.

func (*CreateCryptoKeyVersionRequest) GetCryptoKeyVersion Uses

func (x *CreateCryptoKeyVersionRequest) GetCryptoKeyVersion() *CryptoKeyVersion

func (*CreateCryptoKeyVersionRequest) GetParent Uses

func (x *CreateCryptoKeyVersionRequest) GetParent() string

func (*CreateCryptoKeyVersionRequest) ProtoMessage Uses

func (*CreateCryptoKeyVersionRequest) ProtoMessage()

func (*CreateCryptoKeyVersionRequest) ProtoReflect Uses

func (x *CreateCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (*CreateCryptoKeyVersionRequest) Reset Uses

func (x *CreateCryptoKeyVersionRequest) Reset()

func (*CreateCryptoKeyVersionRequest) String Uses

func (x *CreateCryptoKeyVersionRequest) String() string

type CreateImportJobRequest Uses

type CreateImportJobRequest struct {

    // Required. The [name][google.cloud.kms.v1.KeyRing.name] of the [KeyRing][google.cloud.kms.v1.KeyRing] associated with the
    // [ImportJobs][google.cloud.kms.v1.ImportJob].
    Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
    // Required. It must be unique within a KeyRing and match the regular
    // expression `[a-zA-Z0-9_-]{1,63}`
    ImportJobId string `protobuf:"bytes,2,opt,name=import_job_id,json=importJobId,proto3" json:"import_job_id,omitempty"`
    // Required. An [ImportJob][google.cloud.kms.v1.ImportJob] with initial field values.
    ImportJob *ImportJob `protobuf:"bytes,3,opt,name=import_job,json=importJob,proto3" json:"import_job,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.CreateImportJob][google.cloud.kms.v1.KeyManagementService.CreateImportJob].

func (*CreateImportJobRequest) Descriptor Uses

func (*CreateImportJobRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateImportJobRequest.ProtoReflect.Descriptor instead.

func (*CreateImportJobRequest) GetImportJob Uses

func (x *CreateImportJobRequest) GetImportJob() *ImportJob

func (*CreateImportJobRequest) GetImportJobId Uses

func (x *CreateImportJobRequest) GetImportJobId() string

func (*CreateImportJobRequest) GetParent Uses

func (x *CreateImportJobRequest) GetParent() string

func (*CreateImportJobRequest) ProtoMessage Uses

func (*CreateImportJobRequest) ProtoMessage()

func (*CreateImportJobRequest) ProtoReflect Uses

func (x *CreateImportJobRequest) ProtoReflect() protoreflect.Message

func (*CreateImportJobRequest) Reset Uses

func (x *CreateImportJobRequest) Reset()

func (*CreateImportJobRequest) String Uses

func (x *CreateImportJobRequest) String() string

type CreateKeyRingRequest Uses

type CreateKeyRingRequest struct {

    // Required. The resource name of the location associated with the
    // [KeyRings][google.cloud.kms.v1.KeyRing], in the format `projects/*/locations/*`.
    Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
    // Required. It must be unique within a location and match the regular
    // expression `[a-zA-Z0-9_-]{1,63}`
    KeyRingId string `protobuf:"bytes,2,opt,name=key_ring_id,json=keyRingId,proto3" json:"key_ring_id,omitempty"`
    // Required. A [KeyRing][google.cloud.kms.v1.KeyRing] with initial field values.
    KeyRing *KeyRing `protobuf:"bytes,3,opt,name=key_ring,json=keyRing,proto3" json:"key_ring,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.CreateKeyRing][google.cloud.kms.v1.KeyManagementService.CreateKeyRing].

func (*CreateKeyRingRequest) Descriptor Uses

func (*CreateKeyRingRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateKeyRingRequest.ProtoReflect.Descriptor instead.

func (*CreateKeyRingRequest) GetKeyRing Uses

func (x *CreateKeyRingRequest) GetKeyRing() *KeyRing

func (*CreateKeyRingRequest) GetKeyRingId Uses

func (x *CreateKeyRingRequest) GetKeyRingId() string

func (*CreateKeyRingRequest) GetParent Uses

func (x *CreateKeyRingRequest) GetParent() string

func (*CreateKeyRingRequest) ProtoMessage Uses

func (*CreateKeyRingRequest) ProtoMessage()

func (*CreateKeyRingRequest) ProtoReflect Uses

func (x *CreateKeyRingRequest) ProtoReflect() protoreflect.Message

func (*CreateKeyRingRequest) Reset Uses

func (x *CreateKeyRingRequest) Reset()

func (*CreateKeyRingRequest) String Uses

func (x *CreateKeyRingRequest) String() string

type CryptoKey Uses

type CryptoKey struct {

    // Output only. The resource name for this [CryptoKey][google.cloud.kms.v1.CryptoKey] in the format
    // `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // Output only. A copy of the "primary" [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] that will be used
    // by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] when this [CryptoKey][google.cloud.kms.v1.CryptoKey] is given
    // in [EncryptRequest.name][google.cloud.kms.v1.EncryptRequest.name].
    //
    // The [CryptoKey][google.cloud.kms.v1.CryptoKey]'s primary version can be updated via
    // [UpdateCryptoKeyPrimaryVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVersion].
    //
    // Keys with [purpose][google.cloud.kms.v1.CryptoKey.purpose]
    // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT] may have a
    // primary. For other keys, this field will be omitted.
    Primary *CryptoKeyVersion `protobuf:"bytes,2,opt,name=primary,proto3" json:"primary,omitempty"`
    // Immutable. The immutable purpose of this [CryptoKey][google.cloud.kms.v1.CryptoKey].
    Purpose CryptoKey_CryptoKeyPurpose `protobuf:"varint,3,opt,name=purpose,proto3,enum=google.cloud.kms.v1.CryptoKey_CryptoKeyPurpose" json:"purpose,omitempty"`
    // Output only. The time at which this [CryptoKey][google.cloud.kms.v1.CryptoKey] was created.
    CreateTime *timestamp.Timestamp `protobuf:"bytes,5,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
    // At [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time], the Key Management Service will automatically:
    //
    // 1. Create a new version of this [CryptoKey][google.cloud.kms.v1.CryptoKey].
    // 2. Mark the new version as primary.
    //
    // Key rotations performed manually via
    // [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] and
    // [UpdateCryptoKeyPrimaryVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVersion]
    // do not affect [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time].
    //
    // Keys with [purpose][google.cloud.kms.v1.CryptoKey.purpose]
    // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT] support
    // automatic rotation. For other keys, this field must be omitted.
    NextRotationTime *timestamp.Timestamp `protobuf:"bytes,7,opt,name=next_rotation_time,json=nextRotationTime,proto3" json:"next_rotation_time,omitempty"`
    // Controls the rate of automatic rotation.
    //
    // Types that are assignable to RotationSchedule:
    //	*CryptoKey_RotationPeriod
    RotationSchedule isCryptoKey_RotationSchedule `protobuf_oneof:"rotation_schedule"`
    // A template describing settings for new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] instances.
    // The properties of new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] instances created by either
    // [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] or
    // auto-rotation are controlled by this template.
    VersionTemplate *CryptoKeyVersionTemplate `protobuf:"bytes,11,opt,name=version_template,json=versionTemplate,proto3" json:"version_template,omitempty"`
    // Labels with user-defined metadata. For more information, see
    // [Labeling Keys](https://cloud.google.com/kms/docs/labeling-keys).
    Labels map[string]string `protobuf:"bytes,10,rep,name=labels,proto3" json:"labels,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
    // contains filtered or unexported fields
}

A [CryptoKey][google.cloud.kms.v1.CryptoKey] represents a logical key that can be used for cryptographic operations.

A [CryptoKey][google.cloud.kms.v1.CryptoKey] is made up of one or more [versions][google.cloud.kms.v1.CryptoKeyVersion], which represent the actual key material used in cryptographic operations.

func (*CryptoKey) Descriptor Uses

func (*CryptoKey) Descriptor() ([]byte, []int)

Deprecated: Use CryptoKey.ProtoReflect.Descriptor instead.

func (*CryptoKey) GetCreateTime Uses

func (x *CryptoKey) GetCreateTime() *timestamp.Timestamp

func (*CryptoKey) GetLabels Uses

func (x *CryptoKey) GetLabels() map[string]string

func (*CryptoKey) GetName Uses

func (x *CryptoKey) GetName() string

func (*CryptoKey) GetNextRotationTime Uses

func (x *CryptoKey) GetNextRotationTime() *timestamp.Timestamp

func (*CryptoKey) GetPrimary Uses

func (x *CryptoKey) GetPrimary() *CryptoKeyVersion

func (*CryptoKey) GetPurpose Uses

func (x *CryptoKey) GetPurpose() CryptoKey_CryptoKeyPurpose

func (*CryptoKey) GetRotationPeriod Uses

func (x *CryptoKey) GetRotationPeriod() *duration.Duration

func (*CryptoKey) GetRotationSchedule Uses

func (m *CryptoKey) GetRotationSchedule() isCryptoKey_RotationSchedule

func (*CryptoKey) GetVersionTemplate Uses

func (x *CryptoKey) GetVersionTemplate() *CryptoKeyVersionTemplate

func (*CryptoKey) ProtoMessage Uses

func (*CryptoKey) ProtoMessage()

func (*CryptoKey) ProtoReflect Uses

func (x *CryptoKey) ProtoReflect() protoreflect.Message

func (*CryptoKey) Reset Uses

func (x *CryptoKey) Reset()

func (*CryptoKey) String Uses

func (x *CryptoKey) String() string

type CryptoKeyVersion Uses

type CryptoKeyVersion struct {

    // Output only. The resource name for this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the format
    // `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // The current state of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
    State CryptoKeyVersion_CryptoKeyVersionState `protobuf:"varint,3,opt,name=state,proto3,enum=google.cloud.kms.v1.CryptoKeyVersion_CryptoKeyVersionState" json:"state,omitempty"`
    // Output only. The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] describing how crypto operations are
    // performed with this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
    ProtectionLevel ProtectionLevel `protobuf:"varint,7,opt,name=protection_level,json=protectionLevel,proto3,enum=google.cloud.kms.v1.ProtectionLevel" json:"protection_level,omitempty"`
    // Output only. The [CryptoKeyVersionAlgorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] that this
    // [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] supports.
    Algorithm CryptoKeyVersion_CryptoKeyVersionAlgorithm `protobuf:"varint,10,opt,name=algorithm,proto3,enum=google.cloud.kms.v1.CryptoKeyVersion_CryptoKeyVersionAlgorithm" json:"algorithm,omitempty"`
    // Output only. Statement that was generated and signed by the HSM at key
    // creation time. Use this statement to verify attributes of the key as stored
    // on the HSM, independently of Google. Only provided for key versions with
    // [protection_level][google.cloud.kms.v1.CryptoKeyVersion.protection_level] [HSM][google.cloud.kms.v1.ProtectionLevel.HSM].
    Attestation *KeyOperationAttestation `protobuf:"bytes,8,opt,name=attestation,proto3" json:"attestation,omitempty"`
    // Output only. The time at which this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] was created.
    CreateTime *timestamp.Timestamp `protobuf:"bytes,4,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
    // Output only. The time this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s key material was
    // generated.
    GenerateTime *timestamp.Timestamp `protobuf:"bytes,11,opt,name=generate_time,json=generateTime,proto3" json:"generate_time,omitempty"`
    // Output only. The time this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s key material is scheduled
    // for destruction. Only present if [state][google.cloud.kms.v1.CryptoKeyVersion.state] is
    // [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED].
    DestroyTime *timestamp.Timestamp `protobuf:"bytes,5,opt,name=destroy_time,json=destroyTime,proto3" json:"destroy_time,omitempty"`
    // Output only. The time this CryptoKeyVersion's key material was
    // destroyed. Only present if [state][google.cloud.kms.v1.CryptoKeyVersion.state] is
    // [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED].
    DestroyEventTime *timestamp.Timestamp `protobuf:"bytes,6,opt,name=destroy_event_time,json=destroyEventTime,proto3" json:"destroy_event_time,omitempty"`
    // Output only. The name of the [ImportJob][google.cloud.kms.v1.ImportJob] used to import this
    // [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Only present if the underlying key material was
    // imported.
    ImportJob string `protobuf:"bytes,14,opt,name=import_job,json=importJob,proto3" json:"import_job,omitempty"`
    // Output only. The time at which this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s key material
    // was imported.
    ImportTime *timestamp.Timestamp `protobuf:"bytes,15,opt,name=import_time,json=importTime,proto3" json:"import_time,omitempty"`
    // Output only. The root cause of an import failure. Only present if
    // [state][google.cloud.kms.v1.CryptoKeyVersion.state] is
    // [IMPORT_FAILED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.IMPORT_FAILED].
    ImportFailureReason string `protobuf:"bytes,16,opt,name=import_failure_reason,json=importFailureReason,proto3" json:"import_failure_reason,omitempty"`
    // ExternalProtectionLevelOptions stores a group of additional fields for
    // configuring a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] that are specific to the
    // [EXTERNAL][google.cloud.kms.v1.ProtectionLevel.EXTERNAL] protection level.
    ExternalProtectionLevelOptions *ExternalProtectionLevelOptions `protobuf:"bytes,17,opt,name=external_protection_level_options,json=externalProtectionLevelOptions,proto3" json:"external_protection_level_options,omitempty"`
    // contains filtered or unexported fields
}

A [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] represents an individual cryptographic key, and the associated key material.

An [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] version can be used for cryptographic operations.

For security reasons, the raw cryptographic key material represented by a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] can never be viewed or exported. It can only be used to encrypt, decrypt, or sign data when an authorized user or application invokes Cloud KMS.

func (*CryptoKeyVersion) Descriptor Uses

func (*CryptoKeyVersion) Descriptor() ([]byte, []int)

Deprecated: Use CryptoKeyVersion.ProtoReflect.Descriptor instead.

func (*CryptoKeyVersion) GetAlgorithm Uses

func (x *CryptoKeyVersion) GetAlgorithm() CryptoKeyVersion_CryptoKeyVersionAlgorithm

func (*CryptoKeyVersion) GetAttestation Uses

func (x *CryptoKeyVersion) GetAttestation() *KeyOperationAttestation

func (*CryptoKeyVersion) GetCreateTime Uses

func (x *CryptoKeyVersion) GetCreateTime() *timestamp.Timestamp

func (*CryptoKeyVersion) GetDestroyEventTime Uses

func (x *CryptoKeyVersion) GetDestroyEventTime() *timestamp.Timestamp

func (*CryptoKeyVersion) GetDestroyTime Uses

func (x *CryptoKeyVersion) GetDestroyTime() *timestamp.Timestamp

func (*CryptoKeyVersion) GetExternalProtectionLevelOptions Uses

func (x *CryptoKeyVersion) GetExternalProtectionLevelOptions() *ExternalProtectionLevelOptions

func (*CryptoKeyVersion) GetGenerateTime Uses

func (x *CryptoKeyVersion) GetGenerateTime() *timestamp.Timestamp

func (*CryptoKeyVersion) GetImportFailureReason Uses

func (x *CryptoKeyVersion) GetImportFailureReason() string

func (*CryptoKeyVersion) GetImportJob Uses

func (x *CryptoKeyVersion) GetImportJob() string

func (*CryptoKeyVersion) GetImportTime Uses

func (x *CryptoKeyVersion) GetImportTime() *timestamp.Timestamp

func (*CryptoKeyVersion) GetName Uses

func (x *CryptoKeyVersion) GetName() string

func (*CryptoKeyVersion) GetProtectionLevel Uses

func (x *CryptoKeyVersion) GetProtectionLevel() ProtectionLevel

func (*CryptoKeyVersion) GetState Uses

func (x *CryptoKeyVersion) GetState() CryptoKeyVersion_CryptoKeyVersionState

func (*CryptoKeyVersion) ProtoMessage Uses

func (*CryptoKeyVersion) ProtoMessage()

func (*CryptoKeyVersion) ProtoReflect Uses

func (x *CryptoKeyVersion) ProtoReflect() protoreflect.Message

func (*CryptoKeyVersion) Reset Uses

func (x *CryptoKeyVersion) Reset()

func (*CryptoKeyVersion) String Uses

func (x *CryptoKeyVersion) String() string

type CryptoKeyVersionTemplate Uses

type CryptoKeyVersionTemplate struct {

    // [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] to use when creating a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] based on
    // this template. Immutable. Defaults to [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE].
    ProtectionLevel ProtectionLevel `protobuf:"varint,1,opt,name=protection_level,json=protectionLevel,proto3,enum=google.cloud.kms.v1.ProtectionLevel" json:"protection_level,omitempty"`
    // Required. [Algorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] to use
    // when creating a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] based on this template.
    //
    // For backwards compatibility, GOOGLE_SYMMETRIC_ENCRYPTION is implied if both
    // this field is omitted and [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] is
    // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
    Algorithm CryptoKeyVersion_CryptoKeyVersionAlgorithm `protobuf:"varint,3,opt,name=algorithm,proto3,enum=google.cloud.kms.v1.CryptoKeyVersion_CryptoKeyVersionAlgorithm" json:"algorithm,omitempty"`
    // contains filtered or unexported fields
}

A [CryptoKeyVersionTemplate][google.cloud.kms.v1.CryptoKeyVersionTemplate] specifies the properties to use when creating a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], either manually with [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] or automatically as a result of auto-rotation.

func (*CryptoKeyVersionTemplate) Descriptor Uses

func (*CryptoKeyVersionTemplate) Descriptor() ([]byte, []int)

Deprecated: Use CryptoKeyVersionTemplate.ProtoReflect.Descriptor instead.

func (*CryptoKeyVersionTemplate) GetAlgorithm Uses

func (x *CryptoKeyVersionTemplate) GetAlgorithm() CryptoKeyVersion_CryptoKeyVersionAlgorithm

func (*CryptoKeyVersionTemplate) GetProtectionLevel Uses

func (x *CryptoKeyVersionTemplate) GetProtectionLevel() ProtectionLevel

func (*CryptoKeyVersionTemplate) ProtoMessage Uses

func (*CryptoKeyVersionTemplate) ProtoMessage()

func (*CryptoKeyVersionTemplate) ProtoReflect Uses

func (x *CryptoKeyVersionTemplate) ProtoReflect() protoreflect.Message

func (*CryptoKeyVersionTemplate) Reset Uses

func (x *CryptoKeyVersionTemplate) Reset()

func (*CryptoKeyVersionTemplate) String Uses

func (x *CryptoKeyVersionTemplate) String() string

type CryptoKeyVersion_CryptoKeyVersionAlgorithm Uses

type CryptoKeyVersion_CryptoKeyVersionAlgorithm int32

The algorithm of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], indicating what parameters must be used for each cryptographic operation.

The [GOOGLE_SYMMETRIC_ENCRYPTION][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm.GOOGLE_SYMMETRIC_ENCRYPTION] algorithm is usable with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].

Algorithms beginning with "RSA_SIGN_" are usable with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN].

The fields in the name after "RSA_SIGN_" correspond to the following parameters: padding algorithm, modulus bit length, and digest algorithm.

For PSS, the salt length used is equal to the length of digest algorithm. For example, [RSA_SIGN_PSS_2048_SHA256][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256] will use PSS with a salt length of 256 bits or 32 bytes.

Algorithms beginning with "RSA_DECRYPT_" are usable with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].

The fields in the name after "RSA_DECRYPT_" correspond to the following parameters: padding algorithm, modulus bit length, and digest algorithm.

Algorithms beginning with "EC_SIGN_" are usable with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN].

The fields in the name after "EC_SIGN_" correspond to the following parameters: elliptic curve, digest algorithm.

For more information, see [Key purposes and algorithms] (https://cloud.google.com/kms/docs/algorithms).

const (
    // Not specified.
    CryptoKeyVersion_CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED CryptoKeyVersion_CryptoKeyVersionAlgorithm = 0
    // Creates symmetric encryption keys.
    CryptoKeyVersion_GOOGLE_SYMMETRIC_ENCRYPTION CryptoKeyVersion_CryptoKeyVersionAlgorithm = 1
    // RSASSA-PSS 2048 bit key with a SHA256 digest.
    CryptoKeyVersion_RSA_SIGN_PSS_2048_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 2
    // RSASSA-PSS 3072 bit key with a SHA256 digest.
    CryptoKeyVersion_RSA_SIGN_PSS_3072_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 3
    // RSASSA-PSS 4096 bit key with a SHA256 digest.
    CryptoKeyVersion_RSA_SIGN_PSS_4096_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 4
    // RSASSA-PSS 4096 bit key with a SHA512 digest.
    CryptoKeyVersion_RSA_SIGN_PSS_4096_SHA512 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 15
    // RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest.
    CryptoKeyVersion_RSA_SIGN_PKCS1_2048_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 5
    // RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest.
    CryptoKeyVersion_RSA_SIGN_PKCS1_3072_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 6
    // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest.
    CryptoKeyVersion_RSA_SIGN_PKCS1_4096_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 7
    // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest.
    CryptoKeyVersion_RSA_SIGN_PKCS1_4096_SHA512 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 16
    // RSAES-OAEP 2048 bit key with a SHA256 digest.
    CryptoKeyVersion_RSA_DECRYPT_OAEP_2048_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 8
    // RSAES-OAEP 3072 bit key with a SHA256 digest.
    CryptoKeyVersion_RSA_DECRYPT_OAEP_3072_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 9
    // RSAES-OAEP 4096 bit key with a SHA256 digest.
    CryptoKeyVersion_RSA_DECRYPT_OAEP_4096_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 10
    // RSAES-OAEP 4096 bit key with a SHA512 digest.
    CryptoKeyVersion_RSA_DECRYPT_OAEP_4096_SHA512 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 17
    // ECDSA on the NIST P-256 curve with a SHA256 digest.
    CryptoKeyVersion_EC_SIGN_P256_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 12
    // ECDSA on the NIST P-384 curve with a SHA384 digest.
    CryptoKeyVersion_EC_SIGN_P384_SHA384 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 13
    // Algorithm representing symmetric encryption by an external key manager.
    CryptoKeyVersion_EXTERNAL_SYMMETRIC_ENCRYPTION CryptoKeyVersion_CryptoKeyVersionAlgorithm = 18
)

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) Descriptor Uses

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) Descriptor() protoreflect.EnumDescriptor

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) Enum Uses

func (x CryptoKeyVersion_CryptoKeyVersionAlgorithm) Enum() *CryptoKeyVersion_CryptoKeyVersionAlgorithm

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) EnumDescriptor Uses

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) EnumDescriptor() ([]byte, []int)

Deprecated: Use CryptoKeyVersion_CryptoKeyVersionAlgorithm.Descriptor instead.

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) Number Uses

func (x CryptoKeyVersion_CryptoKeyVersionAlgorithm) Number() protoreflect.EnumNumber

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) String Uses

func (x CryptoKeyVersion_CryptoKeyVersionAlgorithm) String() string

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) Type Uses

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) Type() protoreflect.EnumType

type CryptoKeyVersion_CryptoKeyVersionState Uses

type CryptoKeyVersion_CryptoKeyVersionState int32

The state of a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], indicating if it can be used.

const (
    // Not specified.
    CryptoKeyVersion_CRYPTO_KEY_VERSION_STATE_UNSPECIFIED CryptoKeyVersion_CryptoKeyVersionState = 0
    // This version is still being generated. It may not be used, enabled,
    // disabled, or destroyed yet. Cloud KMS will automatically mark this
    // version [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] as soon as the version is ready.
    CryptoKeyVersion_PENDING_GENERATION CryptoKeyVersion_CryptoKeyVersionState = 5
    // This version may be used for cryptographic operations.
    CryptoKeyVersion_ENABLED CryptoKeyVersion_CryptoKeyVersionState = 1
    // This version may not be used, but the key material is still available,
    // and the version can be placed back into the [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] state.
    CryptoKeyVersion_DISABLED CryptoKeyVersion_CryptoKeyVersionState = 2
    // This version is destroyed, and the key material is no longer stored.
    // A version may not leave this state once entered.
    CryptoKeyVersion_DESTROYED CryptoKeyVersion_CryptoKeyVersionState = 3
    // This version is scheduled for destruction, and will be destroyed soon.
    // Call
    // [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]
    // to put it back into the [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] state.
    CryptoKeyVersion_DESTROY_SCHEDULED CryptoKeyVersion_CryptoKeyVersionState = 4
    // This version is still being imported. It may not be used, enabled,
    // disabled, or destroyed yet. Cloud KMS will automatically mark this
    // version [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] as soon as the version is ready.
    CryptoKeyVersion_PENDING_IMPORT CryptoKeyVersion_CryptoKeyVersionState = 6
    // This version was not imported successfully. It may not be used, enabled,
    // disabled, or destroyed. The submitted key material has been discarded.
    // Additional details can be found in
    // [CryptoKeyVersion.import_failure_reason][google.cloud.kms.v1.CryptoKeyVersion.import_failure_reason].
    CryptoKeyVersion_IMPORT_FAILED CryptoKeyVersion_CryptoKeyVersionState = 7
)

func (CryptoKeyVersion_CryptoKeyVersionState) Descriptor Uses

func (CryptoKeyVersion_CryptoKeyVersionState) Descriptor() protoreflect.EnumDescriptor

func (CryptoKeyVersion_CryptoKeyVersionState) Enum Uses

func (x CryptoKeyVersion_CryptoKeyVersionState) Enum() *CryptoKeyVersion_CryptoKeyVersionState

func (CryptoKeyVersion_CryptoKeyVersionState) EnumDescriptor Uses

func (CryptoKeyVersion_CryptoKeyVersionState) EnumDescriptor() ([]byte, []int)

Deprecated: Use CryptoKeyVersion_CryptoKeyVersionState.Descriptor instead.

func (CryptoKeyVersion_CryptoKeyVersionState) Number Uses

func (x CryptoKeyVersion_CryptoKeyVersionState) Number() protoreflect.EnumNumber

func (CryptoKeyVersion_CryptoKeyVersionState) String Uses

func (x CryptoKeyVersion_CryptoKeyVersionState) String() string

func (CryptoKeyVersion_CryptoKeyVersionState) Type Uses

func (CryptoKeyVersion_CryptoKeyVersionState) Type() protoreflect.EnumType

type CryptoKeyVersion_CryptoKeyVersionView Uses

type CryptoKeyVersion_CryptoKeyVersionView int32

A view for [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]s. Controls the level of detail returned for [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] in [KeyManagementService.ListCryptoKeyVersions][google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions] and [KeyManagementService.ListCryptoKeys][google.cloud.kms.v1.KeyManagementService.ListCryptoKeys].

const (
    // Default view for each [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Does not include
    // the [attestation][google.cloud.kms.v1.CryptoKeyVersion.attestation] field.
    CryptoKeyVersion_CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED CryptoKeyVersion_CryptoKeyVersionView = 0
    // Provides all fields in each [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], including the
    // [attestation][google.cloud.kms.v1.CryptoKeyVersion.attestation].
    CryptoKeyVersion_FULL CryptoKeyVersion_CryptoKeyVersionView = 1
)

func (CryptoKeyVersion_CryptoKeyVersionView) Descriptor Uses

func (CryptoKeyVersion_CryptoKeyVersionView) Descriptor() protoreflect.EnumDescriptor

func (CryptoKeyVersion_CryptoKeyVersionView) Enum Uses

func (x CryptoKeyVersion_CryptoKeyVersionView) Enum() *CryptoKeyVersion_CryptoKeyVersionView

func (CryptoKeyVersion_CryptoKeyVersionView) EnumDescriptor Uses

func (CryptoKeyVersion_CryptoKeyVersionView) EnumDescriptor() ([]byte, []int)

Deprecated: Use CryptoKeyVersion_CryptoKeyVersionView.Descriptor instead.

func (CryptoKeyVersion_CryptoKeyVersionView) Number Uses

func (x CryptoKeyVersion_CryptoKeyVersionView) Number() protoreflect.EnumNumber

func (CryptoKeyVersion_CryptoKeyVersionView) String Uses

func (x CryptoKeyVersion_CryptoKeyVersionView) String() string

func (CryptoKeyVersion_CryptoKeyVersionView) Type Uses

func (CryptoKeyVersion_CryptoKeyVersionView) Type() protoreflect.EnumType

type CryptoKey_CryptoKeyPurpose Uses

type CryptoKey_CryptoKeyPurpose int32

[CryptoKeyPurpose][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose] describes the cryptographic capabilities of a [CryptoKey][google.cloud.kms.v1.CryptoKey]. A given key can only be used for the operations allowed by its purpose. For more information, see [Key purposes](https://cloud.google.com/kms/docs/algorithms#key_purposes).

const (
    // Not specified.
    CryptoKey_CRYPTO_KEY_PURPOSE_UNSPECIFIED CryptoKey_CryptoKeyPurpose = 0
    // [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used with
    // [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and
    // [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
    CryptoKey_ENCRYPT_DECRYPT CryptoKey_CryptoKeyPurpose = 1
    // [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used with
    // [AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign] and
    // [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
    CryptoKey_ASYMMETRIC_SIGN CryptoKey_CryptoKeyPurpose = 5
    // [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used with
    // [AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt] and
    // [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
    CryptoKey_ASYMMETRIC_DECRYPT CryptoKey_CryptoKeyPurpose = 6
)

func (CryptoKey_CryptoKeyPurpose) Descriptor Uses

func (CryptoKey_CryptoKeyPurpose) Descriptor() protoreflect.EnumDescriptor

func (CryptoKey_CryptoKeyPurpose) Enum Uses

func (x CryptoKey_CryptoKeyPurpose) Enum() *CryptoKey_CryptoKeyPurpose

func (CryptoKey_CryptoKeyPurpose) EnumDescriptor Uses

func (CryptoKey_CryptoKeyPurpose) EnumDescriptor() ([]byte, []int)

Deprecated: Use CryptoKey_CryptoKeyPurpose.Descriptor instead.

func (CryptoKey_CryptoKeyPurpose) Number Uses

func (x CryptoKey_CryptoKeyPurpose) Number() protoreflect.EnumNumber

func (CryptoKey_CryptoKeyPurpose) String Uses

func (x CryptoKey_CryptoKeyPurpose) String() string

func (CryptoKey_CryptoKeyPurpose) Type Uses

func (CryptoKey_CryptoKeyPurpose) Type() protoreflect.EnumType

type CryptoKey_RotationPeriod Uses

type CryptoKey_RotationPeriod struct {
    // [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time] will be advanced by this period when the service
    // automatically rotates a key. Must be at least 24 hours and at most
    // 876,000 hours.
    //
    // If [rotation_period][google.cloud.kms.v1.CryptoKey.rotation_period] is set, [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time] must also be set.
    //
    // Keys with [purpose][google.cloud.kms.v1.CryptoKey.purpose]
    // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT] support
    // automatic rotation. For other keys, this field must be omitted.
    RotationPeriod *duration.Duration `protobuf:"bytes,8,opt,name=rotation_period,json=rotationPeriod,proto3,oneof"`
}

type DecryptRequest Uses

type DecryptRequest struct {

    // Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to use for decryption.
    // The server will choose the appropriate version.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // Required. The encrypted data originally returned in
    // [EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext].
    Ciphertext []byte `protobuf:"bytes,2,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`
    // Optional. Optional data that must match the data originally supplied in
    // [EncryptRequest.additional_authenticated_data][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data].
    AdditionalAuthenticatedData []byte `protobuf:"bytes,3,opt,name=additional_authenticated_data,json=additionalAuthenticatedData,proto3" json:"additional_authenticated_data,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].

func (*DecryptRequest) Descriptor Uses

func (*DecryptRequest) Descriptor() ([]byte, []int)

Deprecated: Use DecryptRequest.ProtoReflect.Descriptor instead.

func (*DecryptRequest) GetAdditionalAuthenticatedData Uses

func (x *DecryptRequest) GetAdditionalAuthenticatedData() []byte

func (*DecryptRequest) GetCiphertext Uses

func (x *DecryptRequest) GetCiphertext() []byte

func (*DecryptRequest) GetName Uses

func (x *DecryptRequest) GetName() string

func (*DecryptRequest) ProtoMessage Uses

func (*DecryptRequest) ProtoMessage()

func (*DecryptRequest) ProtoReflect Uses

func (x *DecryptRequest) ProtoReflect() protoreflect.Message

func (*DecryptRequest) Reset Uses

func (x *DecryptRequest) Reset()

func (*DecryptRequest) String Uses

func (x *DecryptRequest) String() string

type DecryptResponse Uses

type DecryptResponse struct {

    // The decrypted data originally supplied in [EncryptRequest.plaintext][google.cloud.kms.v1.EncryptRequest.plaintext].
    Plaintext []byte `protobuf:"bytes,1,opt,name=plaintext,proto3" json:"plaintext,omitempty"`
    // contains filtered or unexported fields
}

Response message for [KeyManagementService.Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].

func (*DecryptResponse) Descriptor Uses

func (*DecryptResponse) Descriptor() ([]byte, []int)

Deprecated: Use DecryptResponse.ProtoReflect.Descriptor instead.

func (*DecryptResponse) GetPlaintext Uses

func (x *DecryptResponse) GetPlaintext() []byte

func (*DecryptResponse) ProtoMessage Uses

func (*DecryptResponse) ProtoMessage()

func (*DecryptResponse) ProtoReflect Uses

func (x *DecryptResponse) ProtoReflect() protoreflect.Message

func (*DecryptResponse) Reset Uses

func (x *DecryptResponse) Reset()

func (*DecryptResponse) String Uses

func (x *DecryptResponse) String() string

type DestroyCryptoKeyVersionRequest Uses

type DestroyCryptoKeyVersionRequest struct {

    // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to destroy.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion].

func (*DestroyCryptoKeyVersionRequest) Descriptor Uses

func (*DestroyCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

Deprecated: Use DestroyCryptoKeyVersionRequest.ProtoReflect.Descriptor instead.

func (*DestroyCryptoKeyVersionRequest) GetName Uses

func (x *DestroyCryptoKeyVersionRequest) GetName() string

func (*DestroyCryptoKeyVersionRequest) ProtoMessage Uses

func (*DestroyCryptoKeyVersionRequest) ProtoMessage()

func (*DestroyCryptoKeyVersionRequest) ProtoReflect Uses

func (x *DestroyCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (*DestroyCryptoKeyVersionRequest) Reset Uses

func (x *DestroyCryptoKeyVersionRequest) Reset()

func (*DestroyCryptoKeyVersionRequest) String Uses

func (x *DestroyCryptoKeyVersionRequest) String() string

type Digest Uses

type Digest struct {

    // Required. The message digest.
    //
    // Types that are assignable to Digest:
    //	*Digest_Sha256
    //	*Digest_Sha384
    //	*Digest_Sha512
    Digest isDigest_Digest `protobuf_oneof:"digest"`
    // contains filtered or unexported fields
}

A [Digest][google.cloud.kms.v1.Digest] holds a cryptographic message digest.

func (*Digest) Descriptor Uses

func (*Digest) Descriptor() ([]byte, []int)

Deprecated: Use Digest.ProtoReflect.Descriptor instead.

func (*Digest) GetDigest Uses

func (m *Digest) GetDigest() isDigest_Digest

func (*Digest) GetSha256 Uses

func (x *Digest) GetSha256() []byte

func (*Digest) GetSha384 Uses

func (x *Digest) GetSha384() []byte

func (*Digest) GetSha512 Uses

func (x *Digest) GetSha512() []byte

func (*Digest) ProtoMessage Uses

func (*Digest) ProtoMessage()

func (*Digest) ProtoReflect Uses

func (x *Digest) ProtoReflect() protoreflect.Message

func (*Digest) Reset Uses

func (x *Digest) Reset()

func (*Digest) String Uses

func (x *Digest) String() string

type Digest_Sha256 Uses

type Digest_Sha256 struct {
    // A message digest produced with the SHA-256 algorithm.
    Sha256 []byte `protobuf:"bytes,1,opt,name=sha256,proto3,oneof"`
}

type Digest_Sha384 Uses

type Digest_Sha384 struct {
    // A message digest produced with the SHA-384 algorithm.
    Sha384 []byte `protobuf:"bytes,2,opt,name=sha384,proto3,oneof"`
}

type Digest_Sha512 Uses

type Digest_Sha512 struct {
    // A message digest produced with the SHA-512 algorithm.
    Sha512 []byte `protobuf:"bytes,3,opt,name=sha512,proto3,oneof"`
}

type EncryptRequest Uses

type EncryptRequest struct {

    // Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] or [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
    // to use for encryption.
    //
    // If a [CryptoKey][google.cloud.kms.v1.CryptoKey] is specified, the server will use its
    // [primary version][google.cloud.kms.v1.CryptoKey.primary].
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // Required. The data to encrypt. Must be no larger than 64KiB.
    //
    // The maximum size depends on the key version's
    // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. For
    // [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the plaintext must be no larger
    // than 64KiB. For [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of the
    // plaintext and additional_authenticated_data fields must be no larger than
    // 8KiB.
    Plaintext []byte `protobuf:"bytes,2,opt,name=plaintext,proto3" json:"plaintext,omitempty"`
    // Optional. Optional data that, if specified, must also be provided during decryption
    // through [DecryptRequest.additional_authenticated_data][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data].
    //
    // The maximum size depends on the key version's
    // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. For
    // [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the AAD must be no larger than
    // 64KiB. For [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of the
    // plaintext and additional_authenticated_data fields must be no larger than
    // 8KiB.
    AdditionalAuthenticatedData []byte `protobuf:"bytes,3,opt,name=additional_authenticated_data,json=additionalAuthenticatedData,proto3" json:"additional_authenticated_data,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].

func (*EncryptRequest) Descriptor Uses

func (*EncryptRequest) Descriptor() ([]byte, []int)

Deprecated: Use EncryptRequest.ProtoReflect.Descriptor instead.

func (*EncryptRequest) GetAdditionalAuthenticatedData Uses

func (x *EncryptRequest) GetAdditionalAuthenticatedData() []byte

func (*EncryptRequest) GetName Uses

func (x *EncryptRequest) GetName() string

func (*EncryptRequest) GetPlaintext Uses

func (x *EncryptRequest) GetPlaintext() []byte

func (*EncryptRequest) ProtoMessage Uses

func (*EncryptRequest) ProtoMessage()

func (*EncryptRequest) ProtoReflect Uses

func (x *EncryptRequest) ProtoReflect() protoreflect.Message

func (*EncryptRequest) Reset Uses

func (x *EncryptRequest) Reset()

func (*EncryptRequest) String Uses

func (x *EncryptRequest) String() string

type EncryptResponse Uses

type EncryptResponse struct {

    // The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in encryption. Check
    // this field to verify that the intended resource was used for encryption.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // The encrypted data.
    Ciphertext []byte `protobuf:"bytes,2,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`
    // contains filtered or unexported fields
}

Response message for [KeyManagementService.Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].

func (*EncryptResponse) Descriptor Uses

func (*EncryptResponse) Descriptor() ([]byte, []int)

Deprecated: Use EncryptResponse.ProtoReflect.Descriptor instead.

func (*EncryptResponse) GetCiphertext Uses

func (x *EncryptResponse) GetCiphertext() []byte

func (*EncryptResponse) GetName Uses

func (x *EncryptResponse) GetName() string

func (*EncryptResponse) ProtoMessage Uses

func (*EncryptResponse) ProtoMessage()

func (*EncryptResponse) ProtoReflect Uses

func (x *EncryptResponse) ProtoReflect() protoreflect.Message

func (*EncryptResponse) Reset Uses

func (x *EncryptResponse) Reset()

func (*EncryptResponse) String Uses

func (x *EncryptResponse) String() string

type ExternalProtectionLevelOptions Uses

type ExternalProtectionLevelOptions struct {

    // The URI for an external resource that this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] represents.
    ExternalKeyUri string `protobuf:"bytes,1,opt,name=external_key_uri,json=externalKeyUri,proto3" json:"external_key_uri,omitempty"`
    // contains filtered or unexported fields
}

ExternalProtectionLevelOptions stores a group of additional fields for configuring a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] that are specific to the [EXTERNAL][google.cloud.kms.v1.ProtectionLevel.EXTERNAL] protection level.

func (*ExternalProtectionLevelOptions) Descriptor Uses

func (*ExternalProtectionLevelOptions) Descriptor() ([]byte, []int)

Deprecated: Use ExternalProtectionLevelOptions.ProtoReflect.Descriptor instead.

func (*ExternalProtectionLevelOptions) GetExternalKeyUri Uses

func (x *ExternalProtectionLevelOptions) GetExternalKeyUri() string

func (*ExternalProtectionLevelOptions) ProtoMessage Uses

func (*ExternalProtectionLevelOptions) ProtoMessage()

func (*ExternalProtectionLevelOptions) ProtoReflect Uses

func (x *ExternalProtectionLevelOptions) ProtoReflect() protoreflect.Message

func (*ExternalProtectionLevelOptions) Reset Uses

func (x *ExternalProtectionLevelOptions) Reset()

func (*ExternalProtectionLevelOptions) String Uses

func (x *ExternalProtectionLevelOptions) String() string

type GetCryptoKeyRequest Uses

type GetCryptoKeyRequest struct {

    // Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to get.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.GetCryptoKey][google.cloud.kms.v1.KeyManagementService.GetCryptoKey].

func (*GetCryptoKeyRequest) Descriptor Uses

func (*GetCryptoKeyRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetCryptoKeyRequest.ProtoReflect.Descriptor instead.

func (*GetCryptoKeyRequest) GetName Uses

func (x *GetCryptoKeyRequest) GetName() string

func (*GetCryptoKeyRequest) ProtoMessage Uses

func (*GetCryptoKeyRequest) ProtoMessage()

func (*GetCryptoKeyRequest) ProtoReflect Uses

func (x *GetCryptoKeyRequest) ProtoReflect() protoreflect.Message

func (*GetCryptoKeyRequest) Reset Uses

func (x *GetCryptoKeyRequest) Reset()

func (*GetCryptoKeyRequest) String Uses

func (x *GetCryptoKeyRequest) String() string

type GetCryptoKeyVersionRequest Uses

type GetCryptoKeyVersionRequest struct {

    // Required. The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to get.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.GetCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.GetCryptoKeyVersion].

func (*GetCryptoKeyVersionRequest) Descriptor Uses

func (*GetCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetCryptoKeyVersionRequest.ProtoReflect.Descriptor instead.

func (*GetCryptoKeyVersionRequest) GetName Uses

func (x *GetCryptoKeyVersionRequest) GetName() string

func (*GetCryptoKeyVersionRequest) ProtoMessage Uses

func (*GetCryptoKeyVersionRequest) ProtoMessage()

func (*GetCryptoKeyVersionRequest) ProtoReflect Uses

func (x *GetCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (*GetCryptoKeyVersionRequest) Reset Uses

func (x *GetCryptoKeyVersionRequest) Reset()

func (*GetCryptoKeyVersionRequest) String Uses

func (x *GetCryptoKeyVersionRequest) String() string

type GetImportJobRequest Uses

type GetImportJobRequest struct {

    // Required. The [name][google.cloud.kms.v1.ImportJob.name] of the [ImportJob][google.cloud.kms.v1.ImportJob] to get.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.GetImportJob][google.cloud.kms.v1.KeyManagementService.GetImportJob].

func (*GetImportJobRequest) Descriptor Uses

func (*GetImportJobRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetImportJobRequest.ProtoReflect.Descriptor instead.

func (*GetImportJobRequest) GetName Uses

func (x *GetImportJobRequest) GetName() string

func (*GetImportJobRequest) ProtoMessage Uses

func (*GetImportJobRequest) ProtoMessage()

func (*GetImportJobRequest) ProtoReflect Uses

func (x *GetImportJobRequest) ProtoReflect() protoreflect.Message

func (*GetImportJobRequest) Reset Uses

func (x *GetImportJobRequest) Reset()

func (*GetImportJobRequest) String Uses

func (x *GetImportJobRequest) String() string

type GetKeyRingRequest Uses

type GetKeyRingRequest struct {

    // Required. The [name][google.cloud.kms.v1.KeyRing.name] of the [KeyRing][google.cloud.kms.v1.KeyRing] to get.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.GetKeyRing][google.cloud.kms.v1.KeyManagementService.GetKeyRing].

func (*GetKeyRingRequest) Descriptor Uses

func (*GetKeyRingRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetKeyRingRequest.ProtoReflect.Descriptor instead.

func (*GetKeyRingRequest) GetName Uses

func (x *GetKeyRingRequest) GetName() string

func (*GetKeyRingRequest) ProtoMessage Uses

func (*GetKeyRingRequest) ProtoMessage()

func (*GetKeyRingRequest) ProtoReflect Uses

func (x *GetKeyRingRequest) ProtoReflect() protoreflect.Message

func (*GetKeyRingRequest) Reset Uses

func (x *GetKeyRingRequest) Reset()

func (*GetKeyRingRequest) String Uses

func (x *GetKeyRingRequest) String() string

type GetPublicKeyRequest Uses

type GetPublicKeyRequest struct {

    // Required. The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] public key to
    // get.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].

func (*GetPublicKeyRequest) Descriptor Uses

func (*GetPublicKeyRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetPublicKeyRequest.ProtoReflect.Descriptor instead.

func (*GetPublicKeyRequest) GetName Uses

func (x *GetPublicKeyRequest) GetName() string

func (*GetPublicKeyRequest) ProtoMessage Uses

func (*GetPublicKeyRequest) ProtoMessage()

func (*GetPublicKeyRequest) ProtoReflect Uses

func (x *GetPublicKeyRequest) ProtoReflect() protoreflect.Message

func (*GetPublicKeyRequest) Reset Uses

func (x *GetPublicKeyRequest) Reset()

func (*GetPublicKeyRequest) String Uses

func (x *GetPublicKeyRequest) String() string

type ImportCryptoKeyVersionRequest Uses

type ImportCryptoKeyVersionRequest struct {

    // Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to
    // be imported into.
    Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
    // Required. The [algorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] of
    // the key being imported. This does not need to match the
    // [version_template][google.cloud.kms.v1.CryptoKey.version_template] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] this
    // version imports into.
    Algorithm CryptoKeyVersion_CryptoKeyVersionAlgorithm `protobuf:"varint,2,opt,name=algorithm,proto3,enum=google.cloud.kms.v1.CryptoKeyVersion_CryptoKeyVersionAlgorithm" json:"algorithm,omitempty"`
    // Required. The [name][google.cloud.kms.v1.ImportJob.name] of the [ImportJob][google.cloud.kms.v1.ImportJob] that was used to
    // wrap this key material.
    ImportJob string `protobuf:"bytes,4,opt,name=import_job,json=importJob,proto3" json:"import_job,omitempty"`
    // Required. The incoming wrapped key material that is to be imported.
    //
    // Types that are assignable to WrappedKeyMaterial:
    //	*ImportCryptoKeyVersionRequest_RsaAesWrappedKey
    WrappedKeyMaterial isImportCryptoKeyVersionRequest_WrappedKeyMaterial `protobuf_oneof:"wrapped_key_material"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion].

func (*ImportCryptoKeyVersionRequest) Descriptor Uses

func (*ImportCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

Deprecated: Use ImportCryptoKeyVersionRequest.ProtoReflect.Descriptor instead.

func (*ImportCryptoKeyVersionRequest) GetAlgorithm Uses

func (x *ImportCryptoKeyVersionRequest) GetAlgorithm() CryptoKeyVersion_CryptoKeyVersionAlgorithm

func (*ImportCryptoKeyVersionRequest) GetImportJob Uses

func (x *ImportCryptoKeyVersionRequest) GetImportJob() string

func (*ImportCryptoKeyVersionRequest) GetParent Uses

func (x *ImportCryptoKeyVersionRequest) GetParent() string

func (*ImportCryptoKeyVersionRequest) GetRsaAesWrappedKey Uses

func (x *ImportCryptoKeyVersionRequest) GetRsaAesWrappedKey() []byte

func (*ImportCryptoKeyVersionRequest) GetWrappedKeyMaterial Uses

func (m *ImportCryptoKeyVersionRequest) GetWrappedKeyMaterial() isImportCryptoKeyVersionRequest_WrappedKeyMaterial

func (*ImportCryptoKeyVersionRequest) ProtoMessage Uses

func (*ImportCryptoKeyVersionRequest) ProtoMessage()

func (*ImportCryptoKeyVersionRequest) ProtoReflect Uses

func (x *ImportCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (*ImportCryptoKeyVersionRequest) Reset Uses

func (x *ImportCryptoKeyVersionRequest) Reset()

func (*ImportCryptoKeyVersionRequest) String Uses

func (x *ImportCryptoKeyVersionRequest) String() string

type ImportCryptoKeyVersionRequest_RsaAesWrappedKey Uses

type ImportCryptoKeyVersionRequest_RsaAesWrappedKey struct {
    // Wrapped key material produced with
    // [RSA_OAEP_3072_SHA1_AES_256][google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_3072_SHA1_AES_256]
    // or
    // [RSA_OAEP_4096_SHA1_AES_256][google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_4096_SHA1_AES_256].
    //
    // This field contains the concatenation of two wrapped keys:
    // <ol>
    //   <li>An ephemeral AES-256 wrapping key wrapped with the
    //       [public_key][google.cloud.kms.v1.ImportJob.public_key] using RSAES-OAEP with SHA-1,
    //       MGF1 with SHA-1, and an empty label.
    //   </li>
    //   <li>The key to be imported, wrapped with the ephemeral AES-256 key
    //       using AES-KWP (RFC 5649).
    //   </li>
    // </ol>
    //
    // If importing symmetric key material, it is expected that the unwrapped
    // key contains plain bytes. If importing asymmetric key material, it is
    // expected that the unwrapped key is in PKCS#8-encoded DER format (the
    // PrivateKeyInfo structure from RFC 5208).
    //
    // This format is the same as the format produced by PKCS#11 mechanism
    // CKM_RSA_AES_KEY_WRAP.
    RsaAesWrappedKey []byte `protobuf:"bytes,5,opt,name=rsa_aes_wrapped_key,json=rsaAesWrappedKey,proto3,oneof"`
}

type ImportJob Uses

type ImportJob struct {

    // Output only. The resource name for this [ImportJob][google.cloud.kms.v1.ImportJob] in the format
    // `projects/*/locations/*/keyRings/*/importJobs/*`.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // Required. Immutable. The wrapping method to be used for incoming key material.
    ImportMethod ImportJob_ImportMethod `protobuf:"varint,2,opt,name=import_method,json=importMethod,proto3,enum=google.cloud.kms.v1.ImportJob_ImportMethod" json:"import_method,omitempty"`
    // Required. Immutable. The protection level of the [ImportJob][google.cloud.kms.v1.ImportJob]. This must match the
    // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level] of the
    // [version_template][google.cloud.kms.v1.CryptoKey.version_template] on the [CryptoKey][google.cloud.kms.v1.CryptoKey] you
    // attempt to import into.
    ProtectionLevel ProtectionLevel `protobuf:"varint,9,opt,name=protection_level,json=protectionLevel,proto3,enum=google.cloud.kms.v1.ProtectionLevel" json:"protection_level,omitempty"`
    // Output only. The time at which this [ImportJob][google.cloud.kms.v1.ImportJob] was created.
    CreateTime *timestamp.Timestamp `protobuf:"bytes,3,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
    // Output only. The time this [ImportJob][google.cloud.kms.v1.ImportJob]'s key material was generated.
    GenerateTime *timestamp.Timestamp `protobuf:"bytes,4,opt,name=generate_time,json=generateTime,proto3" json:"generate_time,omitempty"`
    // Output only. The time at which this [ImportJob][google.cloud.kms.v1.ImportJob] is scheduled for
    // expiration and can no longer be used to import key material.
    ExpireTime *timestamp.Timestamp `protobuf:"bytes,5,opt,name=expire_time,json=expireTime,proto3" json:"expire_time,omitempty"`
    // Output only. The time this [ImportJob][google.cloud.kms.v1.ImportJob] expired. Only present if
    // [state][google.cloud.kms.v1.ImportJob.state] is [EXPIRED][google.cloud.kms.v1.ImportJob.ImportJobState.EXPIRED].
    ExpireEventTime *timestamp.Timestamp `protobuf:"bytes,10,opt,name=expire_event_time,json=expireEventTime,proto3" json:"expire_event_time,omitempty"`
    // Output only. The current state of the [ImportJob][google.cloud.kms.v1.ImportJob], indicating if it can
    // be used.
    State ImportJob_ImportJobState `protobuf:"varint,6,opt,name=state,proto3,enum=google.cloud.kms.v1.ImportJob_ImportJobState" json:"state,omitempty"`
    // Output only. The public key with which to wrap key material prior to
    // import. Only returned if [state][google.cloud.kms.v1.ImportJob.state] is
    // [ACTIVE][google.cloud.kms.v1.ImportJob.ImportJobState.ACTIVE].
    PublicKey *ImportJob_WrappingPublicKey `protobuf:"bytes,7,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
    // Output only. Statement that was generated and signed by the key creator
    // (for example, an HSM) at key creation time. Use this statement to verify
    // attributes of the key as stored on the HSM, independently of Google.
    // Only present if the chosen [ImportMethod][google.cloud.kms.v1.ImportJob.ImportMethod] is one with a protection
    // level of [HSM][google.cloud.kms.v1.ProtectionLevel.HSM].
    Attestation *KeyOperationAttestation `protobuf:"bytes,8,opt,name=attestation,proto3" json:"attestation,omitempty"`
    // contains filtered or unexported fields
}

An [ImportJob][google.cloud.kms.v1.ImportJob] can be used to create [CryptoKeys][google.cloud.kms.v1.CryptoKey] and [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] using pre-existing key material, generated outside of Cloud KMS.

When an [ImportJob][google.cloud.kms.v1.ImportJob] is created, Cloud KMS will generate a "wrapping key", which is a public/private key pair. You use the wrapping key to encrypt (also known as wrap) the pre-existing key material to protect it during the import process. The nature of the wrapping key depends on the choice of [import_method][google.cloud.kms.v1.ImportJob.import_method]. When the wrapping key generation is complete, the [state][google.cloud.kms.v1.ImportJob.state] will be set to [ACTIVE][google.cloud.kms.v1.ImportJob.ImportJobState.ACTIVE] and the [public_key][google.cloud.kms.v1.ImportJob.public_key] can be fetched. The fetched public key can then be used to wrap your pre-existing key material.

Once the key material is wrapped, it can be imported into a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in an existing [CryptoKey][google.cloud.kms.v1.CryptoKey] by calling [ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion]. Multiple [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] can be imported with a single [ImportJob][google.cloud.kms.v1.ImportJob]. Cloud KMS uses the private key portion of the wrapping key to unwrap the key material. Only Cloud KMS has access to the private key.

An [ImportJob][google.cloud.kms.v1.ImportJob] expires 3 days after it is created. Once expired, Cloud KMS will no longer be able to import or unwrap any key material that was wrapped with the [ImportJob][google.cloud.kms.v1.ImportJob]'s public key.

For more information, see [Importing a key](https://cloud.google.com/kms/docs/importing-a-key).

func (*ImportJob) Descriptor Uses

func (*ImportJob) Descriptor() ([]byte, []int)

Deprecated: Use ImportJob.ProtoReflect.Descriptor instead.

func (*ImportJob) GetAttestation Uses

func (x *ImportJob) GetAttestation() *KeyOperationAttestation

func (*ImportJob) GetCreateTime Uses

func (x *ImportJob) GetCreateTime() *timestamp.Timestamp

func (*ImportJob) GetExpireEventTime Uses

func (x *ImportJob) GetExpireEventTime() *timestamp.Timestamp

func (*ImportJob) GetExpireTime Uses

func (x *ImportJob) GetExpireTime() *timestamp.Timestamp

func (*ImportJob) GetGenerateTime Uses

func (x *ImportJob) GetGenerateTime() *timestamp.Timestamp

func (*ImportJob) GetImportMethod Uses

func (x *ImportJob) GetImportMethod() ImportJob_ImportMethod

func (*ImportJob) GetName Uses

func (x *ImportJob) GetName() string

func (*ImportJob) GetProtectionLevel Uses

func (x *ImportJob) GetProtectionLevel() ProtectionLevel

func (*ImportJob) GetPublicKey Uses

func (x *ImportJob) GetPublicKey() *ImportJob_WrappingPublicKey

func (*ImportJob) GetState Uses

func (x *ImportJob) GetState() ImportJob_ImportJobState

func (*ImportJob) ProtoMessage Uses

func (*ImportJob) ProtoMessage()

func (*ImportJob) ProtoReflect Uses

func (x *ImportJob) ProtoReflect() protoreflect.Message

func (*ImportJob) Reset Uses

func (x *ImportJob) Reset()

func (*ImportJob) String Uses

func (x *ImportJob) String() string

type ImportJob_ImportJobState Uses

type ImportJob_ImportJobState int32

The state of the [ImportJob][google.cloud.kms.v1.ImportJob], indicating if it can be used.

const (
    // Not specified.
    ImportJob_IMPORT_JOB_STATE_UNSPECIFIED ImportJob_ImportJobState = 0
    // The wrapping key for this job is still being generated. It may not be
    // used. Cloud KMS will automatically mark this job as
    // [ACTIVE][google.cloud.kms.v1.ImportJob.ImportJobState.ACTIVE] as soon as the wrapping key is generated.
    ImportJob_PENDING_GENERATION ImportJob_ImportJobState = 1
    // This job may be used in
    // [CreateCryptoKey][google.cloud.kms.v1.KeyManagementService.CreateCryptoKey] and
    // [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion]
    // requests.
    ImportJob_ACTIVE ImportJob_ImportJobState = 2
    // This job can no longer be used and may not leave this state once entered.
    ImportJob_EXPIRED ImportJob_ImportJobState = 3
)

func (ImportJob_ImportJobState) Descriptor Uses

func (ImportJob_ImportJobState) Descriptor() protoreflect.EnumDescriptor

func (ImportJob_ImportJobState) Enum Uses

func (x ImportJob_ImportJobState) Enum() *ImportJob_ImportJobState

func (ImportJob_ImportJobState) EnumDescriptor Uses

func (ImportJob_ImportJobState) EnumDescriptor() ([]byte, []int)

Deprecated: Use ImportJob_ImportJobState.Descriptor instead.

func (ImportJob_ImportJobState) Number Uses

func (x ImportJob_ImportJobState) Number() protoreflect.EnumNumber

func (ImportJob_ImportJobState) String Uses

func (x ImportJob_ImportJobState) String() string

func (ImportJob_ImportJobState) Type Uses

func (ImportJob_ImportJobState) Type() protoreflect.EnumType

type ImportJob_ImportMethod Uses

type ImportJob_ImportMethod int32

[ImportMethod][google.cloud.kms.v1.ImportJob.ImportMethod] describes the key wrapping method chosen for this [ImportJob][google.cloud.kms.v1.ImportJob].

const (
    // Not specified.
    ImportJob_IMPORT_METHOD_UNSPECIFIED ImportJob_ImportMethod = 0
    // This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping
    // scheme defined in the PKCS #11 standard. In summary, this involves
    // wrapping the raw key with an ephemeral AES key, and wrapping the
    // ephemeral AES key with a 3072 bit RSA key. For more details, see
    // [RSA AES key wrap
    // mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908).
    ImportJob_RSA_OAEP_3072_SHA1_AES_256 ImportJob_ImportMethod = 1
    // This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping
    // scheme defined in the PKCS #11 standard. In summary, this involves
    // wrapping the raw key with an ephemeral AES key, and wrapping the
    // ephemeral AES key with a 4096 bit RSA key. For more details, see
    // [RSA AES key wrap
    // mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908).
    ImportJob_RSA_OAEP_4096_SHA1_AES_256 ImportJob_ImportMethod = 2
)

func (ImportJob_ImportMethod) Descriptor Uses

func (ImportJob_ImportMethod) Descriptor() protoreflect.EnumDescriptor

func (ImportJob_ImportMethod) Enum Uses

func (x ImportJob_ImportMethod) Enum() *ImportJob_ImportMethod

func (ImportJob_ImportMethod) EnumDescriptor Uses

func (ImportJob_ImportMethod) EnumDescriptor() ([]byte, []int)

Deprecated: Use ImportJob_ImportMethod.Descriptor instead.

func (ImportJob_ImportMethod) Number Uses

func (x ImportJob_ImportMethod) Number() protoreflect.EnumNumber

func (ImportJob_ImportMethod) String Uses

func (x ImportJob_ImportMethod) String() string

func (ImportJob_ImportMethod) Type Uses

func (ImportJob_ImportMethod) Type() protoreflect.EnumType

type ImportJob_WrappingPublicKey Uses

type ImportJob_WrappingPublicKey struct {

    // The public key, encoded in PEM format. For more information, see the [RFC
    // 7468](https://tools.ietf.org/html/rfc7468) sections for [General
    // Considerations](https://tools.ietf.org/html/rfc7468#section-2) and
    // [Textual Encoding of Subject Public Key Info]
    // (https://tools.ietf.org/html/rfc7468#section-13).
    Pem string `protobuf:"bytes,1,opt,name=pem,proto3" json:"pem,omitempty"`
    // contains filtered or unexported fields
}

The public key component of the wrapping key. For details of the type of key this public key corresponds to, see the [ImportMethod][google.cloud.kms.v1.ImportJob.ImportMethod].

func (*ImportJob_WrappingPublicKey) Descriptor Uses

func (*ImportJob_WrappingPublicKey) Descriptor() ([]byte, []int)

Deprecated: Use ImportJob_WrappingPublicKey.ProtoReflect.Descriptor instead.

func (*ImportJob_WrappingPublicKey) GetPem Uses

func (x *ImportJob_WrappingPublicKey) GetPem() string

func (*ImportJob_WrappingPublicKey) ProtoMessage Uses

func (*ImportJob_WrappingPublicKey) ProtoMessage()

func (*ImportJob_WrappingPublicKey) ProtoReflect Uses

func (x *ImportJob_WrappingPublicKey) ProtoReflect() protoreflect.Message

func (*ImportJob_WrappingPublicKey) Reset Uses

func (x *ImportJob_WrappingPublicKey) Reset()

func (*ImportJob_WrappingPublicKey) String Uses

func (x *ImportJob_WrappingPublicKey) String() string

type KeyManagementServiceClient Uses

type KeyManagementServiceClient interface {
    // Lists [KeyRings][google.cloud.kms.v1.KeyRing].
    ListKeyRings(ctx context.Context, in *ListKeyRingsRequest, opts ...grpc.CallOption) (*ListKeyRingsResponse, error)
    // Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
    ListCryptoKeys(ctx context.Context, in *ListCryptoKeysRequest, opts ...grpc.CallOption) (*ListCryptoKeysResponse, error)
    // Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
    ListCryptoKeyVersions(ctx context.Context, in *ListCryptoKeyVersionsRequest, opts ...grpc.CallOption) (*ListCryptoKeyVersionsResponse, error)
    // Lists [ImportJobs][google.cloud.kms.v1.ImportJob].
    ListImportJobs(ctx context.Context, in *ListImportJobsRequest, opts ...grpc.CallOption) (*ListImportJobsResponse, error)
    // Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
    GetKeyRing(ctx context.Context, in *GetKeyRingRequest, opts ...grpc.CallOption) (*KeyRing, error)
    // Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its
    // [primary][google.cloud.kms.v1.CryptoKey.primary] [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
    GetCryptoKey(ctx context.Context, in *GetCryptoKeyRequest, opts ...grpc.CallOption) (*CryptoKey, error)
    // Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
    GetCryptoKeyVersion(ctx context.Context, in *GetCryptoKeyVersionRequest, opts ...grpc.CallOption) (*CryptoKeyVersion, error)
    // Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The
    // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
    // [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN] or
    // [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].
    GetPublicKey(ctx context.Context, in *GetPublicKeyRequest, opts ...grpc.CallOption) (*PublicKey, error)
    // Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].
    GetImportJob(ctx context.Context, in *GetImportJobRequest, opts ...grpc.CallOption) (*ImportJob, error)
    // Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location.
    CreateKeyRing(ctx context.Context, in *CreateKeyRingRequest, opts ...grpc.CallOption) (*KeyRing, error)
    // Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a [KeyRing][google.cloud.kms.v1.KeyRing].
    //
    // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and
    // [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm]
    // are required.
    CreateCryptoKey(ctx context.Context, in *CreateCryptoKeyRequest, opts ...grpc.CallOption) (*CryptoKey, error)
    // Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a [CryptoKey][google.cloud.kms.v1.CryptoKey].
    //
    // The server will assign the next sequential id. If unset,
    // [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
    // [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
    CreateCryptoKeyVersion(ctx context.Context, in *CreateCryptoKeyVersionRequest, opts ...grpc.CallOption) (*CryptoKeyVersion, error)
    // Imports a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] into an existing [CryptoKey][google.cloud.kms.v1.CryptoKey] using the
    // wrapped key material provided in the request.
    //
    // The version ID will be assigned the next sequential id within the
    // [CryptoKey][google.cloud.kms.v1.CryptoKey].
    ImportCryptoKeyVersion(ctx context.Context, in *ImportCryptoKeyVersionRequest, opts ...grpc.CallOption) (*CryptoKeyVersion, error)
    // Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a [KeyRing][google.cloud.kms.v1.KeyRing].
    //
    // [ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is required.
    CreateImportJob(ctx context.Context, in *CreateImportJobRequest, opts ...grpc.CallOption) (*ImportJob, error)
    // Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
    UpdateCryptoKey(ctx context.Context, in *UpdateCryptoKeyRequest, opts ...grpc.CallOption) (*CryptoKey, error)
    // Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s metadata.
    //
    // [state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between
    // [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] and
    // [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this
    // method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to
    // move between other states.
    UpdateCryptoKeyVersion(ctx context.Context, in *UpdateCryptoKeyVersionRequest, opts ...grpc.CallOption) (*CryptoKeyVersion, error)
    // Encrypts data, so that it can only be recovered by a call to [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
    // The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
    // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
    Encrypt(ctx context.Context, in *EncryptRequest, opts ...grpc.CallOption) (*EncryptResponse, error)
    // Decrypts data that was protected by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
    // must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
    Decrypt(ctx context.Context, in *DecryptRequest, opts ...grpc.CallOption) (*DecryptResponse, error)
    // Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
    // ASYMMETRIC_SIGN, producing a signature that can be verified with the public
    // key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
    AsymmetricSign(ctx context.Context, in *AsymmetricSignRequest, opts ...grpc.CallOption) (*AsymmetricSignResponse, error)
    // Decrypts data that was encrypted with a public key retrieved from
    // [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
    // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT.
    AsymmetricDecrypt(ctx context.Context, in *AsymmetricDecryptRequest, opts ...grpc.CallOption) (*AsymmetricDecryptResponse, error)
    // Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
    //
    // Returns an error if called on an asymmetric key.
    UpdateCryptoKeyPrimaryVersion(ctx context.Context, in *UpdateCryptoKeyPrimaryVersionRequest, opts ...grpc.CallOption) (*CryptoKey, error)
    // Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction.
    //
    // Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
    // [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
    // and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be set to a time 24
    // hours in the future, at which point the [state][google.cloud.kms.v1.CryptoKeyVersion.state]
    // will be changed to
    // [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED], and the key
    // material will be irrevocably destroyed.
    //
    // Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached,
    // [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process.
    DestroyCryptoKeyVersion(ctx context.Context, in *DestroyCryptoKeyVersionRequest, opts ...grpc.CallOption) (*CryptoKeyVersion, error)
    // Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
    // [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
    // state.
    //
    // Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state]
    // will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED],
    // and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared.
    RestoreCryptoKeyVersion(ctx context.Context, in *RestoreCryptoKeyVersionRequest, opts ...grpc.CallOption) (*CryptoKeyVersion, error)
}

KeyManagementServiceClient is the client API for KeyManagementService service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewKeyManagementServiceClient Uses

func NewKeyManagementServiceClient(cc grpc.ClientConnInterface) KeyManagementServiceClient

type KeyManagementServiceServer Uses

type KeyManagementServiceServer interface {
    // Lists [KeyRings][google.cloud.kms.v1.KeyRing].
    ListKeyRings(context.Context, *ListKeyRingsRequest) (*ListKeyRingsResponse, error)
    // Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
    ListCryptoKeys(context.Context, *ListCryptoKeysRequest) (*ListCryptoKeysResponse, error)
    // Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
    ListCryptoKeyVersions(context.Context, *ListCryptoKeyVersionsRequest) (*ListCryptoKeyVersionsResponse, error)
    // Lists [ImportJobs][google.cloud.kms.v1.ImportJob].
    ListImportJobs(context.Context, *ListImportJobsRequest) (*ListImportJobsResponse, error)
    // Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
    GetKeyRing(context.Context, *GetKeyRingRequest) (*KeyRing, error)
    // Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its
    // [primary][google.cloud.kms.v1.CryptoKey.primary] [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
    GetCryptoKey(context.Context, *GetCryptoKeyRequest) (*CryptoKey, error)
    // Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
    GetCryptoKeyVersion(context.Context, *GetCryptoKeyVersionRequest) (*CryptoKeyVersion, error)
    // Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The
    // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
    // [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN] or
    // [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].
    GetPublicKey(context.Context, *GetPublicKeyRequest) (*PublicKey, error)
    // Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].
    GetImportJob(context.Context, *GetImportJobRequest) (*ImportJob, error)
    // Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location.
    CreateKeyRing(context.Context, *CreateKeyRingRequest) (*KeyRing, error)
    // Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a [KeyRing][google.cloud.kms.v1.KeyRing].
    //
    // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and
    // [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm]
    // are required.
    CreateCryptoKey(context.Context, *CreateCryptoKeyRequest) (*CryptoKey, error)
    // Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a [CryptoKey][google.cloud.kms.v1.CryptoKey].
    //
    // The server will assign the next sequential id. If unset,
    // [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
    // [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
    CreateCryptoKeyVersion(context.Context, *CreateCryptoKeyVersionRequest) (*CryptoKeyVersion, error)
    // Imports a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] into an existing [CryptoKey][google.cloud.kms.v1.CryptoKey] using the
    // wrapped key material provided in the request.
    //
    // The version ID will be assigned the next sequential id within the
    // [CryptoKey][google.cloud.kms.v1.CryptoKey].
    ImportCryptoKeyVersion(context.Context, *ImportCryptoKeyVersionRequest) (*CryptoKeyVersion, error)
    // Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a [KeyRing][google.cloud.kms.v1.KeyRing].
    //
    // [ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is required.
    CreateImportJob(context.Context, *CreateImportJobRequest) (*ImportJob, error)
    // Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
    UpdateCryptoKey(context.Context, *UpdateCryptoKeyRequest) (*CryptoKey, error)
    // Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s metadata.
    //
    // [state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between
    // [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] and
    // [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this
    // method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to
    // move between other states.
    UpdateCryptoKeyVersion(context.Context, *UpdateCryptoKeyVersionRequest) (*CryptoKeyVersion, error)
    // Encrypts data, so that it can only be recovered by a call to [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
    // The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
    // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
    Encrypt(context.Context, *EncryptRequest) (*EncryptResponse, error)
    // Decrypts data that was protected by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
    // must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
    Decrypt(context.Context, *DecryptRequest) (*DecryptResponse, error)
    // Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
    // ASYMMETRIC_SIGN, producing a signature that can be verified with the public
    // key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
    AsymmetricSign(context.Context, *AsymmetricSignRequest) (*AsymmetricSignResponse, error)
    // Decrypts data that was encrypted with a public key retrieved from
    // [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
    // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT.
    AsymmetricDecrypt(context.Context, *AsymmetricDecryptRequest) (*AsymmetricDecryptResponse, error)
    // Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
    //
    // Returns an error if called on an asymmetric key.
    UpdateCryptoKeyPrimaryVersion(context.Context, *UpdateCryptoKeyPrimaryVersionRequest) (*CryptoKey, error)
    // Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction.
    //
    // Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
    // [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
    // and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be set to a time 24
    // hours in the future, at which point the [state][google.cloud.kms.v1.CryptoKeyVersion.state]
    // will be changed to
    // [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED], and the key
    // material will be irrevocably destroyed.
    //
    // Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached,
    // [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process.
    DestroyCryptoKeyVersion(context.Context, *DestroyCryptoKeyVersionRequest) (*CryptoKeyVersion, error)
    // Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
    // [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
    // state.
    //
    // Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state]
    // will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED],
    // and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared.
    RestoreCryptoKeyVersion(context.Context, *RestoreCryptoKeyVersionRequest) (*CryptoKeyVersion, error)
}

KeyManagementServiceServer is the server API for KeyManagementService service.

type KeyOperationAttestation Uses

type KeyOperationAttestation struct {

    // Output only. The format of the attestation data.
    Format KeyOperationAttestation_AttestationFormat `protobuf:"varint,4,opt,name=format,proto3,enum=google.cloud.kms.v1.KeyOperationAttestation_AttestationFormat" json:"format,omitempty"`
    // Output only. The attestation data provided by the HSM when the key
    // operation was performed.
    Content []byte `protobuf:"bytes,5,opt,name=content,proto3" json:"content,omitempty"`
    // contains filtered or unexported fields
}

Contains an HSM-generated attestation about a key operation. For more information, see [Verifying attestations] (https://cloud.google.com/kms/docs/attest-key).

func (*KeyOperationAttestation) Descriptor Uses

func (*KeyOperationAttestation) Descriptor() ([]byte, []int)

Deprecated: Use KeyOperationAttestation.ProtoReflect.Descriptor instead.

func (*KeyOperationAttestation) GetContent Uses

func (x *KeyOperationAttestation) GetContent() []byte

func (*KeyOperationAttestation) GetFormat Uses

func (x *KeyOperationAttestation) GetFormat() KeyOperationAttestation_AttestationFormat

func (*KeyOperationAttestation) ProtoMessage Uses

func (*KeyOperationAttestation) ProtoMessage()

func (*KeyOperationAttestation) ProtoReflect Uses

func (x *KeyOperationAttestation) ProtoReflect() protoreflect.Message

func (*KeyOperationAttestation) Reset Uses

func (x *KeyOperationAttestation) Reset()

func (*KeyOperationAttestation) String Uses

func (x *KeyOperationAttestation) String() string

type KeyOperationAttestation_AttestationFormat Uses

type KeyOperationAttestation_AttestationFormat int32

Attestation formats provided by the HSM.

const (
    // Not specified.
    KeyOperationAttestation_ATTESTATION_FORMAT_UNSPECIFIED KeyOperationAttestation_AttestationFormat = 0
    // Cavium HSM attestation compressed with gzip. Note that this format is
    // defined by Cavium and subject to change at any time.
    KeyOperationAttestation_CAVIUM_V1_COMPRESSED KeyOperationAttestation_AttestationFormat = 3
    // Cavium HSM attestation V2 compressed with gzip. This is a new format
    // introduced in Cavium's version 3.2-08.
    KeyOperationAttestation_CAVIUM_V2_COMPRESSED KeyOperationAttestation_AttestationFormat = 4
)

func (KeyOperationAttestation_AttestationFormat) Descriptor Uses

func (KeyOperationAttestation_AttestationFormat) Descriptor() protoreflect.EnumDescriptor

func (KeyOperationAttestation_AttestationFormat) Enum Uses

func (x KeyOperationAttestation_AttestationFormat) Enum() *KeyOperationAttestation_AttestationFormat

func (KeyOperationAttestation_AttestationFormat) EnumDescriptor Uses

func (KeyOperationAttestation_AttestationFormat) EnumDescriptor() ([]byte, []int)

Deprecated: Use KeyOperationAttestation_AttestationFormat.Descriptor instead.

func (KeyOperationAttestation_AttestationFormat) Number Uses

func (x KeyOperationAttestation_AttestationFormat) Number() protoreflect.EnumNumber

func (KeyOperationAttestation_AttestationFormat) String Uses

func (x KeyOperationAttestation_AttestationFormat) String() string

func (KeyOperationAttestation_AttestationFormat) Type Uses

func (KeyOperationAttestation_AttestationFormat) Type() protoreflect.EnumType

type KeyRing Uses

type KeyRing struct {

    // Output only. The resource name for the [KeyRing][google.cloud.kms.v1.KeyRing] in the format
    // `projects/*/locations/*/keyRings/*`.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // Output only. The time at which this [KeyRing][google.cloud.kms.v1.KeyRing] was created.
    CreateTime *timestamp.Timestamp `protobuf:"bytes,2,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
    // contains filtered or unexported fields
}

A [KeyRing][google.cloud.kms.v1.KeyRing] is a toplevel logical grouping of [CryptoKeys][google.cloud.kms.v1.CryptoKey].

func (*KeyRing) Descriptor Uses

func (*KeyRing) Descriptor() ([]byte, []int)

Deprecated: Use KeyRing.ProtoReflect.Descriptor instead.

func (*KeyRing) GetCreateTime Uses

func (x *KeyRing) GetCreateTime() *timestamp.Timestamp

func (*KeyRing) GetName Uses

func (x *KeyRing) GetName() string

func (*KeyRing) ProtoMessage Uses

func (*KeyRing) ProtoMessage()

func (*KeyRing) ProtoReflect Uses

func (x *KeyRing) ProtoReflect() protoreflect.Message

func (*KeyRing) Reset Uses

func (x *KeyRing) Reset()

func (*KeyRing) String Uses

func (x *KeyRing) String() string

type ListCryptoKeyVersionsRequest Uses

type ListCryptoKeyVersionsRequest struct {

    // Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to list, in the format
    // `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
    Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
    // Optional. Optional limit on the number of [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] to
    // include in the response. Further [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] can
    // subsequently be obtained by including the
    // [ListCryptoKeyVersionsResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token] in a subsequent request.
    // If unspecified, the server will pick an appropriate default.
    PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
    // Optional. Optional pagination token, returned earlier via
    // [ListCryptoKeyVersionsResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token].
    PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
    // The fields to include in the response.
    View CryptoKeyVersion_CryptoKeyVersionView `protobuf:"varint,4,opt,name=view,proto3,enum=google.cloud.kms.v1.CryptoKeyVersion_CryptoKeyVersionView" json:"view,omitempty"`
    // Optional. Only include resources that match the filter in the response. For
    // more information, see
    // [Sorting and filtering list
    // results](https://cloud.google.com/kms/docs/sorting-and-filtering).
    Filter string `protobuf:"bytes,5,opt,name=filter,proto3" json:"filter,omitempty"`
    // Optional. Specify how the results should be sorted. If not specified, the
    // results will be sorted in the default order. For more information, see
    // [Sorting and filtering list
    // results](https://cloud.google.com/kms/docs/sorting-and-filtering).
    OrderBy string `protobuf:"bytes,6,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.ListCryptoKeyVersions][google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions].

func (*ListCryptoKeyVersionsRequest) Descriptor Uses

func (*ListCryptoKeyVersionsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListCryptoKeyVersionsRequest.ProtoReflect.Descriptor instead.

func (*ListCryptoKeyVersionsRequest) GetFilter Uses

func (x *ListCryptoKeyVersionsRequest) GetFilter() string

func (*ListCryptoKeyVersionsRequest) GetOrderBy Uses

func (x *ListCryptoKeyVersionsRequest) GetOrderBy() string

func (*ListCryptoKeyVersionsRequest) GetPageSize Uses

func (x *ListCryptoKeyVersionsRequest) GetPageSize() int32

func (*ListCryptoKeyVersionsRequest) GetPageToken Uses

func (x *ListCryptoKeyVersionsRequest) GetPageToken() string

func (*ListCryptoKeyVersionsRequest) GetParent Uses

func (x *ListCryptoKeyVersionsRequest) GetParent() string

func (*ListCryptoKeyVersionsRequest) GetView Uses

func (x *ListCryptoKeyVersionsRequest) GetView() CryptoKeyVersion_CryptoKeyVersionView

func (*ListCryptoKeyVersionsRequest) ProtoMessage Uses

func (*ListCryptoKeyVersionsRequest) ProtoMessage()

func (*ListCryptoKeyVersionsRequest) ProtoReflect Uses

func (x *ListCryptoKeyVersionsRequest) ProtoReflect() protoreflect.Message

func (*ListCryptoKeyVersionsRequest) Reset Uses

func (x *ListCryptoKeyVersionsRequest) Reset()

func (*ListCryptoKeyVersionsRequest) String Uses

func (x *ListCryptoKeyVersionsRequest) String() string

type ListCryptoKeyVersionsResponse Uses

type ListCryptoKeyVersionsResponse struct {

    // The list of [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
    CryptoKeyVersions []*CryptoKeyVersion `protobuf:"bytes,1,rep,name=crypto_key_versions,json=cryptoKeyVersions,proto3" json:"crypto_key_versions,omitempty"`
    // A token to retrieve next page of results. Pass this value in
    // [ListCryptoKeyVersionsRequest.page_token][google.cloud.kms.v1.ListCryptoKeyVersionsRequest.page_token] to retrieve the next page of
    // results.
    NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
    // The total number of [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] that matched the
    // query.
    TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
    // contains filtered or unexported fields
}

Response message for [KeyManagementService.ListCryptoKeyVersions][google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions].

func (*ListCryptoKeyVersionsResponse) Descriptor Uses

func (*ListCryptoKeyVersionsResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListCryptoKeyVersionsResponse.ProtoReflect.Descriptor instead.

func (*ListCryptoKeyVersionsResponse) GetCryptoKeyVersions Uses

func (x *ListCryptoKeyVersionsResponse) GetCryptoKeyVersions() []*CryptoKeyVersion

func (*ListCryptoKeyVersionsResponse) GetNextPageToken Uses

func (x *ListCryptoKeyVersionsResponse) GetNextPageToken() string

func (*ListCryptoKeyVersionsResponse) GetTotalSize Uses

func (x *ListCryptoKeyVersionsResponse) GetTotalSize() int32

func (*ListCryptoKeyVersionsResponse) ProtoMessage Uses

func (*ListCryptoKeyVersionsResponse) ProtoMessage()

func (*ListCryptoKeyVersionsResponse) ProtoReflect Uses

func (x *ListCryptoKeyVersionsResponse) ProtoReflect() protoreflect.Message

func (*ListCryptoKeyVersionsResponse) Reset Uses

func (x *ListCryptoKeyVersionsResponse) Reset()

func (*ListCryptoKeyVersionsResponse) String Uses

func (x *ListCryptoKeyVersionsResponse) String() string

type ListCryptoKeysRequest Uses

type ListCryptoKeysRequest struct {

    // Required. The resource name of the [KeyRing][google.cloud.kms.v1.KeyRing] to list, in the format
    // `projects/*/locations/*/keyRings/*`.
    Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
    // Optional. Optional limit on the number of [CryptoKeys][google.cloud.kms.v1.CryptoKey] to include in the
    // response.  Further [CryptoKeys][google.cloud.kms.v1.CryptoKey] can subsequently be obtained by
    // including the [ListCryptoKeysResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token] in a subsequent
    // request.  If unspecified, the server will pick an appropriate default.
    PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
    // Optional. Optional pagination token, returned earlier via
    // [ListCryptoKeysResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token].
    PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
    // The fields of the primary version to include in the response.
    VersionView CryptoKeyVersion_CryptoKeyVersionView `protobuf:"varint,4,opt,name=version_view,json=versionView,proto3,enum=google.cloud.kms.v1.CryptoKeyVersion_CryptoKeyVersionView" json:"version_view,omitempty"`
    // Optional. Only include resources that match the filter in the response. For
    // more information, see
    // [Sorting and filtering list
    // results](https://cloud.google.com/kms/docs/sorting-and-filtering).
    Filter string `protobuf:"bytes,5,opt,name=filter,proto3" json:"filter,omitempty"`
    // Optional. Specify how the results should be sorted. If not specified, the
    // results will be sorted in the default order. For more information, see
    // [Sorting and filtering list
    // results](https://cloud.google.com/kms/docs/sorting-and-filtering).
    OrderBy string `protobuf:"bytes,6,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.ListCryptoKeys][google.cloud.kms.v1.KeyManagementService.ListCryptoKeys].

func (*ListCryptoKeysRequest) Descriptor Uses

func (*ListCryptoKeysRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListCryptoKeysRequest.ProtoReflect.Descriptor instead.

func (*ListCryptoKeysRequest) GetFilter Uses

func (x *ListCryptoKeysRequest) GetFilter() string

func (*ListCryptoKeysRequest) GetOrderBy Uses

func (x *ListCryptoKeysRequest) GetOrderBy() string

func (*ListCryptoKeysRequest) GetPageSize Uses

func (x *ListCryptoKeysRequest) GetPageSize() int32

func (*ListCryptoKeysRequest) GetPageToken Uses

func (x *ListCryptoKeysRequest) GetPageToken() string

func (*ListCryptoKeysRequest) GetParent Uses

func (x *ListCryptoKeysRequest) GetParent() string

func (*ListCryptoKeysRequest) GetVersionView Uses

func (x *ListCryptoKeysRequest) GetVersionView() CryptoKeyVersion_CryptoKeyVersionView

func (*ListCryptoKeysRequest) ProtoMessage Uses

func (*ListCryptoKeysRequest) ProtoMessage()

func (*ListCryptoKeysRequest) ProtoReflect Uses

func (x *ListCryptoKeysRequest) ProtoReflect() protoreflect.Message

func (*ListCryptoKeysRequest) Reset Uses

func (x *ListCryptoKeysRequest) Reset()

func (*ListCryptoKeysRequest) String Uses

func (x *ListCryptoKeysRequest) String() string

type ListCryptoKeysResponse Uses

type ListCryptoKeysResponse struct {

    // The list of [CryptoKeys][google.cloud.kms.v1.CryptoKey].
    CryptoKeys []*CryptoKey `protobuf:"bytes,1,rep,name=crypto_keys,json=cryptoKeys,proto3" json:"crypto_keys,omitempty"`
    // A token to retrieve next page of results. Pass this value in
    // [ListCryptoKeysRequest.page_token][google.cloud.kms.v1.ListCryptoKeysRequest.page_token] to retrieve the next page of results.
    NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
    // The total number of [CryptoKeys][google.cloud.kms.v1.CryptoKey] that matched the query.
    TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
    // contains filtered or unexported fields
}

Response message for [KeyManagementService.ListCryptoKeys][google.cloud.kms.v1.KeyManagementService.ListCryptoKeys].

func (*ListCryptoKeysResponse) Descriptor Uses

func (*ListCryptoKeysResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListCryptoKeysResponse.ProtoReflect.Descriptor instead.

func (*ListCryptoKeysResponse) GetCryptoKeys Uses

func (x *ListCryptoKeysResponse) GetCryptoKeys() []*CryptoKey

func (*ListCryptoKeysResponse) GetNextPageToken Uses

func (x *ListCryptoKeysResponse) GetNextPageToken() string

func (*ListCryptoKeysResponse) GetTotalSize Uses

func (x *ListCryptoKeysResponse) GetTotalSize() int32

func (*ListCryptoKeysResponse) ProtoMessage Uses

func (*ListCryptoKeysResponse) ProtoMessage()

func (*ListCryptoKeysResponse) ProtoReflect Uses

func (x *ListCryptoKeysResponse) ProtoReflect() protoreflect.Message

func (*ListCryptoKeysResponse) Reset Uses

func (x *ListCryptoKeysResponse) Reset()

func (*ListCryptoKeysResponse) String Uses

func (x *ListCryptoKeysResponse) String() string

type ListImportJobsRequest Uses

type ListImportJobsRequest struct {

    // Required. The resource name of the [KeyRing][google.cloud.kms.v1.KeyRing] to list, in the format
    // `projects/*/locations/*/keyRings/*`.
    Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
    // Optional. Optional limit on the number of [ImportJobs][google.cloud.kms.v1.ImportJob] to include in the
    // response. Further [ImportJobs][google.cloud.kms.v1.ImportJob] can subsequently be obtained by
    // including the [ListImportJobsResponse.next_page_token][google.cloud.kms.v1.ListImportJobsResponse.next_page_token] in a subsequent
    // request. If unspecified, the server will pick an appropriate default.
    PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
    // Optional. Optional pagination token, returned earlier via
    // [ListImportJobsResponse.next_page_token][google.cloud.kms.v1.ListImportJobsResponse.next_page_token].
    PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
    // Optional. Only include resources that match the filter in the response. For
    // more information, see
    // [Sorting and filtering list
    // results](https://cloud.google.com/kms/docs/sorting-and-filtering).
    Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
    // Optional. Specify how the results should be sorted. If not specified, the
    // results will be sorted in the default order. For more information, see
    // [Sorting and filtering list
    // results](https://cloud.google.com/kms/docs/sorting-and-filtering).
    OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.ListImportJobs][google.cloud.kms.v1.KeyManagementService.ListImportJobs].

func (*ListImportJobsRequest) Descriptor Uses

func (*ListImportJobsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListImportJobsRequest.ProtoReflect.Descriptor instead.

func (*ListImportJobsRequest) GetFilter Uses

func (x *ListImportJobsRequest) GetFilter() string

func (*ListImportJobsRequest) GetOrderBy Uses

func (x *ListImportJobsRequest) GetOrderBy() string

func (*ListImportJobsRequest) GetPageSize Uses

func (x *ListImportJobsRequest) GetPageSize() int32

func (*ListImportJobsRequest) GetPageToken Uses

func (x *ListImportJobsRequest) GetPageToken() string

func (*ListImportJobsRequest) GetParent Uses

func (x *ListImportJobsRequest) GetParent() string

func (*ListImportJobsRequest) ProtoMessage Uses

func (*ListImportJobsRequest) ProtoMessage()

func (*ListImportJobsRequest) ProtoReflect Uses

func (x *ListImportJobsRequest) ProtoReflect() protoreflect.Message

func (*ListImportJobsRequest) Reset Uses

func (x *ListImportJobsRequest) Reset()

func (*ListImportJobsRequest) String Uses

func (x *ListImportJobsRequest) String() string

type ListImportJobsResponse Uses

type ListImportJobsResponse struct {

    // The list of [ImportJobs][google.cloud.kms.v1.ImportJob].
    ImportJobs []*ImportJob `protobuf:"bytes,1,rep,name=import_jobs,json=importJobs,proto3" json:"import_jobs,omitempty"`
    // A token to retrieve next page of results. Pass this value in
    // [ListImportJobsRequest.page_token][google.cloud.kms.v1.ListImportJobsRequest.page_token] to retrieve the next page of results.
    NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
    // The total number of [ImportJobs][google.cloud.kms.v1.ImportJob] that matched the query.
    TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
    // contains filtered or unexported fields
}

Response message for [KeyManagementService.ListImportJobs][google.cloud.kms.v1.KeyManagementService.ListImportJobs].

func (*ListImportJobsResponse) Descriptor Uses

func (*ListImportJobsResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListImportJobsResponse.ProtoReflect.Descriptor instead.

func (*ListImportJobsResponse) GetImportJobs Uses

func (x *ListImportJobsResponse) GetImportJobs() []*ImportJob

func (*ListImportJobsResponse) GetNextPageToken Uses

func (x *ListImportJobsResponse) GetNextPageToken() string

func (*ListImportJobsResponse) GetTotalSize Uses

func (x *ListImportJobsResponse) GetTotalSize() int32

func (*ListImportJobsResponse) ProtoMessage Uses

func (*ListImportJobsResponse) ProtoMessage()

func (*ListImportJobsResponse) ProtoReflect Uses

func (x *ListImportJobsResponse) ProtoReflect() protoreflect.Message

func (*ListImportJobsResponse) Reset Uses

func (x *ListImportJobsResponse) Reset()

func (*ListImportJobsResponse) String Uses

func (x *ListImportJobsResponse) String() string

type ListKeyRingsRequest Uses

type ListKeyRingsRequest struct {

    // Required. The resource name of the location associated with the
    // [KeyRings][google.cloud.kms.v1.KeyRing], in the format `projects/*/locations/*`.
    Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
    // Optional. Optional limit on the number of [KeyRings][google.cloud.kms.v1.KeyRing] to include in the
    // response.  Further [KeyRings][google.cloud.kms.v1.KeyRing] can subsequently be obtained by
    // including the [ListKeyRingsResponse.next_page_token][google.cloud.kms.v1.ListKeyRingsResponse.next_page_token] in a subsequent
    // request.  If unspecified, the server will pick an appropriate default.
    PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
    // Optional. Optional pagination token, returned earlier via
    // [ListKeyRingsResponse.next_page_token][google.cloud.kms.v1.ListKeyRingsResponse.next_page_token].
    PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
    // Optional. Only include resources that match the filter in the response. For
    // more information, see
    // [Sorting and filtering list
    // results](https://cloud.google.com/kms/docs/sorting-and-filtering).
    Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
    // Optional. Specify how the results should be sorted. If not specified, the
    // results will be sorted in the default order.  For more information, see
    // [Sorting and filtering list
    // results](https://cloud.google.com/kms/docs/sorting-and-filtering).
    OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.ListKeyRings][google.cloud.kms.v1.KeyManagementService.ListKeyRings].

func (*ListKeyRingsRequest) Descriptor Uses

func (*ListKeyRingsRequest) Descriptor() ([]byte, []int)

Deprecated: Use ListKeyRingsRequest.ProtoReflect.Descriptor instead.

func (*ListKeyRingsRequest) GetFilter Uses

func (x *ListKeyRingsRequest) GetFilter() string

func (*ListKeyRingsRequest) GetOrderBy Uses

func (x *ListKeyRingsRequest) GetOrderBy() string

func (*ListKeyRingsRequest) GetPageSize Uses

func (x *ListKeyRingsRequest) GetPageSize() int32

func (*ListKeyRingsRequest) GetPageToken Uses

func (x *ListKeyRingsRequest) GetPageToken() string

func (*ListKeyRingsRequest) GetParent Uses

func (x *ListKeyRingsRequest) GetParent() string

func (*ListKeyRingsRequest) ProtoMessage Uses

func (*ListKeyRingsRequest) ProtoMessage()

func (*ListKeyRingsRequest) ProtoReflect Uses

func (x *ListKeyRingsRequest) ProtoReflect() protoreflect.Message

func (*ListKeyRingsRequest) Reset Uses

func (x *ListKeyRingsRequest) Reset()

func (*ListKeyRingsRequest) String Uses

func (x *ListKeyRingsRequest) String() string

type ListKeyRingsResponse Uses

type ListKeyRingsResponse struct {

    // The list of [KeyRings][google.cloud.kms.v1.KeyRing].
    KeyRings []*KeyRing `protobuf:"bytes,1,rep,name=key_rings,json=keyRings,proto3" json:"key_rings,omitempty"`
    // A token to retrieve next page of results. Pass this value in
    // [ListKeyRingsRequest.page_token][google.cloud.kms.v1.ListKeyRingsRequest.page_token] to retrieve the next page of results.
    NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
    // The total number of [KeyRings][google.cloud.kms.v1.KeyRing] that matched the query.
    TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
    // contains filtered or unexported fields
}

Response message for [KeyManagementService.ListKeyRings][google.cloud.kms.v1.KeyManagementService.ListKeyRings].

func (*ListKeyRingsResponse) Descriptor Uses

func (*ListKeyRingsResponse) Descriptor() ([]byte, []int)

Deprecated: Use ListKeyRingsResponse.ProtoReflect.Descriptor instead.

func (*ListKeyRingsResponse) GetKeyRings Uses

func (x *ListKeyRingsResponse) GetKeyRings() []*KeyRing

func (*ListKeyRingsResponse) GetNextPageToken Uses

func (x *ListKeyRingsResponse) GetNextPageToken() string

func (*ListKeyRingsResponse) GetTotalSize Uses

func (x *ListKeyRingsResponse) GetTotalSize() int32

func (*ListKeyRingsResponse) ProtoMessage Uses

func (*ListKeyRingsResponse) ProtoMessage()

func (*ListKeyRingsResponse) ProtoReflect Uses

func (x *ListKeyRingsResponse) ProtoReflect() protoreflect.Message

func (*ListKeyRingsResponse) Reset Uses

func (x *ListKeyRingsResponse) Reset()

func (*ListKeyRingsResponse) String Uses

func (x *ListKeyRingsResponse) String() string

type LocationMetadata Uses

type LocationMetadata struct {

    // Indicates whether [CryptoKeys][google.cloud.kms.v1.CryptoKey] with
    // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]
    // [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] can be created in this location.
    HsmAvailable bool `protobuf:"varint,1,opt,name=hsm_available,json=hsmAvailable,proto3" json:"hsm_available,omitempty"`
    // Indicates whether [CryptoKeys][google.cloud.kms.v1.CryptoKey] with
    // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]
    // [EXTERNAL][google.cloud.kms.v1.ProtectionLevel.EXTERNAL] can be created in this location.
    EkmAvailable bool `protobuf:"varint,2,opt,name=ekm_available,json=ekmAvailable,proto3" json:"ekm_available,omitempty"`
    // contains filtered or unexported fields
}

Cloud KMS metadata for the given [google.cloud.location.Location][google.cloud.location.Location].

func (*LocationMetadata) Descriptor Uses

func (*LocationMetadata) Descriptor() ([]byte, []int)

Deprecated: Use LocationMetadata.ProtoReflect.Descriptor instead.

func (*LocationMetadata) GetEkmAvailable Uses

func (x *LocationMetadata) GetEkmAvailable() bool

func (*LocationMetadata) GetHsmAvailable Uses

func (x *LocationMetadata) GetHsmAvailable() bool

func (*LocationMetadata) ProtoMessage Uses

func (*LocationMetadata) ProtoMessage()

func (*LocationMetadata) ProtoReflect Uses

func (x *LocationMetadata) ProtoReflect() protoreflect.Message

func (*LocationMetadata) Reset Uses

func (x *LocationMetadata) Reset()

func (*LocationMetadata) String Uses

func (x *LocationMetadata) String() string

type ProtectionLevel Uses

type ProtectionLevel int32

[ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] specifies how cryptographic operations are performed. For more information, see [Protection levels] (https://cloud.google.com/kms/docs/algorithms#protection_levels).

const (
    // Not specified.
    ProtectionLevel_PROTECTION_LEVEL_UNSPECIFIED ProtectionLevel = 0
    // Crypto operations are performed in software.
    ProtectionLevel_SOFTWARE ProtectionLevel = 1
    // Crypto operations are performed in a Hardware Security Module.
    ProtectionLevel_HSM ProtectionLevel = 2
    // Crypto operations are performed by an external key manager.
    ProtectionLevel_EXTERNAL ProtectionLevel = 3
)

func (ProtectionLevel) Descriptor Uses

func (ProtectionLevel) Descriptor() protoreflect.EnumDescriptor

func (ProtectionLevel) Enum Uses

func (x ProtectionLevel) Enum() *ProtectionLevel

func (ProtectionLevel) EnumDescriptor Uses

func (ProtectionLevel) EnumDescriptor() ([]byte, []int)

Deprecated: Use ProtectionLevel.Descriptor instead.

func (ProtectionLevel) Number Uses

func (x ProtectionLevel) Number() protoreflect.EnumNumber

func (ProtectionLevel) String Uses

func (x ProtectionLevel) String() string

func (ProtectionLevel) Type Uses

func (ProtectionLevel) Type() protoreflect.EnumType

type PublicKey Uses

type PublicKey struct {

    // The public key, encoded in PEM format. For more information, see the
    // [RFC 7468](https://tools.ietf.org/html/rfc7468) sections for
    // [General Considerations](https://tools.ietf.org/html/rfc7468#section-2) and
    // [Textual Encoding of Subject Public Key Info]
    // (https://tools.ietf.org/html/rfc7468#section-13).
    Pem string `protobuf:"bytes,1,opt,name=pem,proto3" json:"pem,omitempty"`
    // The [Algorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] associated
    // with this key.
    Algorithm CryptoKeyVersion_CryptoKeyVersionAlgorithm `protobuf:"varint,2,opt,name=algorithm,proto3,enum=google.cloud.kms.v1.CryptoKeyVersion_CryptoKeyVersionAlgorithm" json:"algorithm,omitempty"`
    // contains filtered or unexported fields
}

The public key for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Obtained via [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].

func (*PublicKey) Descriptor Uses

func (*PublicKey) Descriptor() ([]byte, []int)

Deprecated: Use PublicKey.ProtoReflect.Descriptor instead.

func (*PublicKey) GetAlgorithm Uses

func (x *PublicKey) GetAlgorithm() CryptoKeyVersion_CryptoKeyVersionAlgorithm

func (*PublicKey) GetPem Uses

func (x *PublicKey) GetPem() string

func (*PublicKey) ProtoMessage Uses

func (*PublicKey) ProtoMessage()

func (*PublicKey) ProtoReflect Uses

func (x *PublicKey) ProtoReflect() protoreflect.Message

func (*PublicKey) Reset Uses

func (x *PublicKey) Reset()

func (*PublicKey) String Uses

func (x *PublicKey) String() string

type RestoreCryptoKeyVersionRequest Uses

type RestoreCryptoKeyVersionRequest struct {

    // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to restore.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion].

func (*RestoreCryptoKeyVersionRequest) Descriptor Uses

func (*RestoreCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

Deprecated: Use RestoreCryptoKeyVersionRequest.ProtoReflect.Descriptor instead.

func (*RestoreCryptoKeyVersionRequest) GetName Uses

func (x *RestoreCryptoKeyVersionRequest) GetName() string

func (*RestoreCryptoKeyVersionRequest) ProtoMessage Uses

func (*RestoreCryptoKeyVersionRequest) ProtoMessage()

func (*RestoreCryptoKeyVersionRequest) ProtoReflect Uses

func (x *RestoreCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (*RestoreCryptoKeyVersionRequest) Reset Uses

func (x *RestoreCryptoKeyVersionRequest) Reset()

func (*RestoreCryptoKeyVersionRequest) String Uses

func (x *RestoreCryptoKeyVersionRequest) String() string

type UnimplementedKeyManagementServiceServer Uses

type UnimplementedKeyManagementServiceServer struct {
}

UnimplementedKeyManagementServiceServer can be embedded to have forward compatible implementations.

func (*UnimplementedKeyManagementServiceServer) AsymmetricDecrypt Uses

func (*UnimplementedKeyManagementServiceServer) AsymmetricDecrypt(context.Context, *AsymmetricDecryptRequest) (*AsymmetricDecryptResponse, error)

func (*UnimplementedKeyManagementServiceServer) AsymmetricSign Uses

func (*UnimplementedKeyManagementServiceServer) AsymmetricSign(context.Context, *AsymmetricSignRequest) (*AsymmetricSignResponse, error)

func (*UnimplementedKeyManagementServiceServer) CreateCryptoKey Uses

func (*UnimplementedKeyManagementServiceServer) CreateCryptoKey(context.Context, *CreateCryptoKeyRequest) (*CryptoKey, error)

func (*UnimplementedKeyManagementServiceServer) CreateCryptoKeyVersion Uses

func (*UnimplementedKeyManagementServiceServer) CreateCryptoKeyVersion(context.Context, *CreateCryptoKeyVersionRequest) (*CryptoKeyVersion, error)

func (*UnimplementedKeyManagementServiceServer) CreateImportJob Uses

func (*UnimplementedKeyManagementServiceServer) CreateImportJob(context.Context, *CreateImportJobRequest) (*ImportJob, error)

func (*UnimplementedKeyManagementServiceServer) CreateKeyRing Uses

func (*UnimplementedKeyManagementServiceServer) CreateKeyRing(context.Context, *CreateKeyRingRequest) (*KeyRing, error)

func (*UnimplementedKeyManagementServiceServer) Decrypt Uses

func (*UnimplementedKeyManagementServiceServer) Decrypt(context.Context, *DecryptRequest) (*DecryptResponse, error)

func (*UnimplementedKeyManagementServiceServer) DestroyCryptoKeyVersion Uses

func (*UnimplementedKeyManagementServiceServer) DestroyCryptoKeyVersion(context.Context, *DestroyCryptoKeyVersionRequest) (*CryptoKeyVersion, error)

func (*UnimplementedKeyManagementServiceServer) Encrypt Uses

func (*UnimplementedKeyManagementServiceServer) Encrypt(context.Context, *EncryptRequest) (*EncryptResponse, error)

func (*UnimplementedKeyManagementServiceServer) GetCryptoKey Uses

func (*UnimplementedKeyManagementServiceServer) GetCryptoKey(context.Context, *GetCryptoKeyRequest) (*CryptoKey, error)

func (*UnimplementedKeyManagementServiceServer) GetCryptoKeyVersion Uses

func (*UnimplementedKeyManagementServiceServer) GetCryptoKeyVersion(context.Context, *GetCryptoKeyVersionRequest) (*CryptoKeyVersion, error)

func (*UnimplementedKeyManagementServiceServer) GetImportJob Uses

func (*UnimplementedKeyManagementServiceServer) GetImportJob(context.Context, *GetImportJobRequest) (*ImportJob, error)

func (*UnimplementedKeyManagementServiceServer) GetKeyRing Uses

func (*UnimplementedKeyManagementServiceServer) GetKeyRing(context.Context, *GetKeyRingRequest) (*KeyRing, error)

func (*UnimplementedKeyManagementServiceServer) GetPublicKey Uses

func (*UnimplementedKeyManagementServiceServer) GetPublicKey(context.Context, *GetPublicKeyRequest) (*PublicKey, error)

func (*UnimplementedKeyManagementServiceServer) ImportCryptoKeyVersion Uses

func (*UnimplementedKeyManagementServiceServer) ImportCryptoKeyVersion(context.Context, *ImportCryptoKeyVersionRequest) (*CryptoKeyVersion, error)

func (*UnimplementedKeyManagementServiceServer) ListCryptoKeyVersions Uses

func (*UnimplementedKeyManagementServiceServer) ListCryptoKeyVersions(context.Context, *ListCryptoKeyVersionsRequest) (*ListCryptoKeyVersionsResponse, error)

func (*UnimplementedKeyManagementServiceServer) ListCryptoKeys Uses

func (*UnimplementedKeyManagementServiceServer) ListCryptoKeys(context.Context, *ListCryptoKeysRequest) (*ListCryptoKeysResponse, error)

func (*UnimplementedKeyManagementServiceServer) ListImportJobs Uses

func (*UnimplementedKeyManagementServiceServer) ListImportJobs(context.Context, *ListImportJobsRequest) (*ListImportJobsResponse, error)

func (*UnimplementedKeyManagementServiceServer) ListKeyRings Uses

func (*UnimplementedKeyManagementServiceServer) ListKeyRings(context.Context, *ListKeyRingsRequest) (*ListKeyRingsResponse, error)

func (*UnimplementedKeyManagementServiceServer) RestoreCryptoKeyVersion Uses

func (*UnimplementedKeyManagementServiceServer) RestoreCryptoKeyVersion(context.Context, *RestoreCryptoKeyVersionRequest) (*CryptoKeyVersion, error)

func (*UnimplementedKeyManagementServiceServer) UpdateCryptoKey Uses

func (*UnimplementedKeyManagementServiceServer) UpdateCryptoKey(context.Context, *UpdateCryptoKeyRequest) (*CryptoKey, error)

func (*UnimplementedKeyManagementServiceServer) UpdateCryptoKeyPrimaryVersion Uses

func (*UnimplementedKeyManagementServiceServer) UpdateCryptoKeyPrimaryVersion(context.Context, *UpdateCryptoKeyPrimaryVersionRequest) (*CryptoKey, error)

func (*UnimplementedKeyManagementServiceServer) UpdateCryptoKeyVersion Uses

func (*UnimplementedKeyManagementServiceServer) UpdateCryptoKeyVersion(context.Context, *UpdateCryptoKeyVersionRequest) (*CryptoKeyVersion, error)

type UpdateCryptoKeyPrimaryVersionRequest Uses

type UpdateCryptoKeyPrimaryVersionRequest struct {

    // Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to update.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // Required. The id of the child [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use as primary.
    CryptoKeyVersionId string `protobuf:"bytes,2,opt,name=crypto_key_version_id,json=cryptoKeyVersionId,proto3" json:"crypto_key_version_id,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.UpdateCryptoKeyPrimaryVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVersion].

func (*UpdateCryptoKeyPrimaryVersionRequest) Descriptor Uses

func (*UpdateCryptoKeyPrimaryVersionRequest) Descriptor() ([]byte, []int)

Deprecated: Use UpdateCryptoKeyPrimaryVersionRequest.ProtoReflect.Descriptor instead.

func (*UpdateCryptoKeyPrimaryVersionRequest) GetCryptoKeyVersionId Uses

func (x *UpdateCryptoKeyPrimaryVersionRequest) GetCryptoKeyVersionId() string

func (*UpdateCryptoKeyPrimaryVersionRequest) GetName Uses

func (x *UpdateCryptoKeyPrimaryVersionRequest) GetName() string

func (*UpdateCryptoKeyPrimaryVersionRequest) ProtoMessage Uses

func (*UpdateCryptoKeyPrimaryVersionRequest) ProtoMessage()

func (*UpdateCryptoKeyPrimaryVersionRequest) ProtoReflect Uses

func (x *UpdateCryptoKeyPrimaryVersionRequest) ProtoReflect() protoreflect.Message

func (*UpdateCryptoKeyPrimaryVersionRequest) Reset Uses

func (x *UpdateCryptoKeyPrimaryVersionRequest) Reset()

func (*UpdateCryptoKeyPrimaryVersionRequest) String Uses

func (x *UpdateCryptoKeyPrimaryVersionRequest) String() string

type UpdateCryptoKeyRequest Uses

type UpdateCryptoKeyRequest struct {

    // Required. [CryptoKey][google.cloud.kms.v1.CryptoKey] with updated values.
    CryptoKey *CryptoKey `protobuf:"bytes,1,opt,name=crypto_key,json=cryptoKey,proto3" json:"crypto_key,omitempty"`
    // Required. List of fields to be updated in this request.
    UpdateMask *field_mask.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.UpdateCryptoKey][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKey].

func (*UpdateCryptoKeyRequest) Descriptor Uses

func (*UpdateCryptoKeyRequest) Descriptor() ([]byte, []int)

Deprecated: Use UpdateCryptoKeyRequest.ProtoReflect.Descriptor instead.

func (*UpdateCryptoKeyRequest) GetCryptoKey Uses

func (x *UpdateCryptoKeyRequest) GetCryptoKey() *CryptoKey

func (*UpdateCryptoKeyRequest) GetUpdateMask Uses

func (x *UpdateCryptoKeyRequest) GetUpdateMask() *field_mask.FieldMask

func (*UpdateCryptoKeyRequest) ProtoMessage Uses

func (*UpdateCryptoKeyRequest) ProtoMessage()

func (*UpdateCryptoKeyRequest) ProtoReflect Uses

func (x *UpdateCryptoKeyRequest) ProtoReflect() protoreflect.Message

func (*UpdateCryptoKeyRequest) Reset Uses

func (x *UpdateCryptoKeyRequest) Reset()

func (*UpdateCryptoKeyRequest) String Uses

func (x *UpdateCryptoKeyRequest) String() string

type UpdateCryptoKeyVersionRequest Uses

type UpdateCryptoKeyVersionRequest struct {

    // Required. [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with updated values.
    CryptoKeyVersion *CryptoKeyVersion `protobuf:"bytes,1,opt,name=crypto_key_version,json=cryptoKeyVersion,proto3" json:"crypto_key_version,omitempty"`
    // Required. List of fields to be updated in this request.
    UpdateMask *field_mask.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
    // contains filtered or unexported fields
}

Request message for [KeyManagementService.UpdateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyVersion].

func (*UpdateCryptoKeyVersionRequest) Descriptor Uses

func (*UpdateCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

Deprecated: Use UpdateCryptoKeyVersionRequest.ProtoReflect.Descriptor instead.

func (*UpdateCryptoKeyVersionRequest) GetCryptoKeyVersion Uses

func (x *UpdateCryptoKeyVersionRequest) GetCryptoKeyVersion() *CryptoKeyVersion

func (*UpdateCryptoKeyVersionRequest) GetUpdateMask Uses

func (x *UpdateCryptoKeyVersionRequest) GetUpdateMask() *field_mask.FieldMask

func (*UpdateCryptoKeyVersionRequest) ProtoMessage Uses

func (*UpdateCryptoKeyVersionRequest) ProtoMessage()

func (*UpdateCryptoKeyVersionRequest) ProtoReflect Uses

func (x *UpdateCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (*UpdateCryptoKeyVersionRequest) Reset Uses

func (x *UpdateCryptoKeyVersionRequest) Reset()

func (*UpdateCryptoKeyVersionRequest) String Uses

func (x *UpdateCryptoKeyVersionRequest) String() string

Package kms imports 13 packages (graph) and is imported by 28 packages. Updated 2020-06-12. Refresh now. Tools for package owners.