Google Cloud Key Management Service v1 API - Class KeyManagementService.KeyManagementServiceBase (3.4.0)

[BindServiceMethod(typeof(KeyManagementService), "BindService")]
public abstract class KeyManagementService.KeyManagementServiceBase

Reference documentation and code samples for the Google Cloud Key Management Service v1 API class KeyManagementService.KeyManagementServiceBase.

Base class for server-side implementations of KeyManagementService

Inheritance

object > KeyManagementService.KeyManagementServiceBase

Namespace

GoogleGoogle.CloudGoogle.Cloud.KmsV1

Assembly

Google.Cloud.Kms.V1.dll

Methods

AsymmetricDecrypt(AsymmetricDecryptRequest, ServerCallContext)

public virtual Task<AsymmetricDecryptResponse> AsymmetricDecrypt(AsymmetricDecryptRequest request, ServerCallContext context)

Decrypts data that was encrypted with a public key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT.

Parameters
NameDescription
requestAsymmetricDecryptRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskAsymmetricDecryptResponse

The response to send back to the client (wrapped by a task).

AsymmetricSign(AsymmetricSignRequest, ServerCallContext)

public virtual Task<AsymmetricSignResponse> AsymmetricSign(AsymmetricSignRequest request, ServerCallContext context)

Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].

Parameters
NameDescription
requestAsymmetricSignRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskAsymmetricSignResponse

The response to send back to the client (wrapped by a task).

CreateCryptoKey(CreateCryptoKeyRequest, ServerCallContext)

public virtual Task<CryptoKey> CreateCryptoKey(CreateCryptoKeyRequest request, ServerCallContext context)

Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a [KeyRing][google.cloud.kms.v1.KeyRing].

[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm] are required.

Parameters
NameDescription
requestCreateCryptoKeyRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskCryptoKey

The response to send back to the client (wrapped by a task).

CreateCryptoKeyVersion(CreateCryptoKeyVersionRequest, ServerCallContext)

public virtual Task<CryptoKeyVersion> CreateCryptoKeyVersion(CreateCryptoKeyVersionRequest request, ServerCallContext context)

Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a [CryptoKey][google.cloud.kms.v1.CryptoKey].

The server will assign the next sequential id. If unset, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].

Parameters
NameDescription
requestCreateCryptoKeyVersionRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskCryptoKeyVersion

The response to send back to the client (wrapped by a task).

CreateImportJob(CreateImportJobRequest, ServerCallContext)

public virtual Task<ImportJob> CreateImportJob(CreateImportJobRequest request, ServerCallContext context)

Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a [KeyRing][google.cloud.kms.v1.KeyRing].

[ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is required.

Parameters
NameDescription
requestCreateImportJobRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskImportJob

The response to send back to the client (wrapped by a task).

CreateKeyRing(CreateKeyRingRequest, ServerCallContext)

public virtual Task<KeyRing> CreateKeyRing(CreateKeyRingRequest request, ServerCallContext context)

Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location.

Parameters
NameDescription
requestCreateKeyRingRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskKeyRing

The response to send back to the client (wrapped by a task).

Decrypt(DecryptRequest, ServerCallContext)

public virtual Task<DecryptResponse> Decrypt(DecryptRequest request, ServerCallContext context)

Decrypts data that was protected by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].

Parameters
NameDescription
requestDecryptRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskDecryptResponse

The response to send back to the client (wrapped by a task).

DestroyCryptoKeyVersion(DestroyCryptoKeyVersionRequest, ServerCallContext)

public virtual Task<CryptoKeyVersion> DestroyCryptoKeyVersion(DestroyCryptoKeyVersionRequest request, ServerCallContext context)

Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction.

Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED], and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be set to the time [destroy_scheduled_duration][google.cloud.kms.v1.CryptoKey.destroy_scheduled_duration] in the future. At that time, the [state][google.cloud.kms.v1.CryptoKeyVersion.state] will automatically change to [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED], and the key material will be irrevocably destroyed.

Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached, [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process.

Parameters
NameDescription
requestDestroyCryptoKeyVersionRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskCryptoKeyVersion

The response to send back to the client (wrapped by a task).

Encrypt(EncryptRequest, ServerCallContext)

public virtual Task<EncryptResponse> Encrypt(EncryptRequest request, ServerCallContext context)

Encrypts data, so that it can only be recovered by a call to [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].

Parameters
NameDescription
requestEncryptRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskEncryptResponse

The response to send back to the client (wrapped by a task).

GenerateRandomBytes(GenerateRandomBytesRequest, ServerCallContext)

public virtual Task<GenerateRandomBytesResponse> GenerateRandomBytes(GenerateRandomBytesRequest request, ServerCallContext context)

Generate random bytes using the Cloud KMS randomness source in the provided location.

Parameters
NameDescription
requestGenerateRandomBytesRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskGenerateRandomBytesResponse

The response to send back to the client (wrapped by a task).

GetCryptoKey(GetCryptoKeyRequest, ServerCallContext)

public virtual Task<CryptoKey> GetCryptoKey(GetCryptoKeyRequest request, ServerCallContext context)

Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its [primary][google.cloud.kms.v1.CryptoKey.primary] [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].

Parameters
NameDescription
requestGetCryptoKeyRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskCryptoKey

The response to send back to the client (wrapped by a task).

GetCryptoKeyVersion(GetCryptoKeyVersionRequest, ServerCallContext)

public virtual Task<CryptoKeyVersion> GetCryptoKeyVersion(GetCryptoKeyVersionRequest request, ServerCallContext context)

Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].

Parameters
NameDescription
requestGetCryptoKeyVersionRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskCryptoKeyVersion

The response to send back to the client (wrapped by a task).

GetImportJob(GetImportJobRequest, ServerCallContext)

public virtual Task<ImportJob> GetImportJob(GetImportJobRequest request, ServerCallContext context)

Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].

Parameters
NameDescription
requestGetImportJobRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskImportJob

The response to send back to the client (wrapped by a task).

GetKeyRing(GetKeyRingRequest, ServerCallContext)

public virtual Task<KeyRing> GetKeyRing(GetKeyRingRequest request, ServerCallContext context)

Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].

Parameters
NameDescription
requestGetKeyRingRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskKeyRing

The response to send back to the client (wrapped by a task).

GetPublicKey(GetPublicKeyRequest, ServerCallContext)

public virtual Task<PublicKey> GetPublicKey(GetPublicKeyRequest request, ServerCallContext context)

Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN] or [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].

Parameters
NameDescription
requestGetPublicKeyRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskPublicKey

The response to send back to the client (wrapped by a task).

ImportCryptoKeyVersion(ImportCryptoKeyVersionRequest, ServerCallContext)

public virtual Task<CryptoKeyVersion> ImportCryptoKeyVersion(ImportCryptoKeyVersionRequest request, ServerCallContext context)

Import wrapped key material into a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].

All requests must specify a [CryptoKey][google.cloud.kms.v1.CryptoKey]. If a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the [CryptoKey][google.cloud.kms.v1.CryptoKey].

Parameters
NameDescription
requestImportCryptoKeyVersionRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskCryptoKeyVersion

The response to send back to the client (wrapped by a task).

ListCryptoKeys(ListCryptoKeysRequest, ServerCallContext)

public virtual Task<ListCryptoKeysResponse> ListCryptoKeys(ListCryptoKeysRequest request, ServerCallContext context)

Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].

Parameters
NameDescription
requestListCryptoKeysRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskListCryptoKeysResponse

The response to send back to the client (wrapped by a task).

ListCryptoKeyVersions(ListCryptoKeyVersionsRequest, ServerCallContext)

public virtual Task<ListCryptoKeyVersionsResponse> ListCryptoKeyVersions(ListCryptoKeyVersionsRequest request, ServerCallContext context)

Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].

Parameters
NameDescription
requestListCryptoKeyVersionsRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskListCryptoKeyVersionsResponse

The response to send back to the client (wrapped by a task).

ListImportJobs(ListImportJobsRequest, ServerCallContext)

public virtual Task<ListImportJobsResponse> ListImportJobs(ListImportJobsRequest request, ServerCallContext context)

Lists [ImportJobs][google.cloud.kms.v1.ImportJob].

Parameters
NameDescription
requestListImportJobsRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskListImportJobsResponse

The response to send back to the client (wrapped by a task).

ListKeyRings(ListKeyRingsRequest, ServerCallContext)

public virtual Task<ListKeyRingsResponse> ListKeyRings(ListKeyRingsRequest request, ServerCallContext context)

Lists [KeyRings][google.cloud.kms.v1.KeyRing].

Parameters
NameDescription
requestListKeyRingsRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskListKeyRingsResponse

The response to send back to the client (wrapped by a task).

MacSign(MacSignRequest, ServerCallContext)

public virtual Task<MacSignResponse> MacSign(MacSignRequest request, ServerCallContext context)

Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC, producing a tag that can be verified by another source with the same key.

Parameters
NameDescription
requestMacSignRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskMacSignResponse

The response to send back to the client (wrapped by a task).

MacVerify(MacVerifyRequest, ServerCallContext)

public virtual Task<MacVerifyResponse> MacVerify(MacVerifyRequest request, ServerCallContext context)

Verifies MAC tag using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC, and returns a response that indicates whether or not the verification was successful.

Parameters
NameDescription
requestMacVerifyRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskMacVerifyResponse

The response to send back to the client (wrapped by a task).

RestoreCryptoKeyVersion(RestoreCryptoKeyVersionRequest, ServerCallContext)

public virtual Task<CryptoKeyVersion> RestoreCryptoKeyVersion(RestoreCryptoKeyVersionRequest request, ServerCallContext context)

Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] state.

Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED], and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared.

Parameters
NameDescription
requestRestoreCryptoKeyVersionRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskCryptoKeyVersion

The response to send back to the client (wrapped by a task).

UpdateCryptoKey(UpdateCryptoKeyRequest, ServerCallContext)

public virtual Task<CryptoKey> UpdateCryptoKey(UpdateCryptoKeyRequest request, ServerCallContext context)

Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].

Parameters
NameDescription
requestUpdateCryptoKeyRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskCryptoKey

The response to send back to the client (wrapped by a task).

UpdateCryptoKeyPrimaryVersion(UpdateCryptoKeyPrimaryVersionRequest, ServerCallContext)

public virtual Task<CryptoKey> UpdateCryptoKeyPrimaryVersion(UpdateCryptoKeyPrimaryVersionRequest request, ServerCallContext context)

Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].

Returns an error if called on a key whose purpose is not [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].

Parameters
NameDescription
requestUpdateCryptoKeyPrimaryVersionRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskCryptoKey

The response to send back to the client (wrapped by a task).

UpdateCryptoKeyVersion(UpdateCryptoKeyVersionRequest, ServerCallContext)

public virtual Task<CryptoKeyVersion> UpdateCryptoKeyVersion(UpdateCryptoKeyVersionRequest request, ServerCallContext context)

Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s metadata.

[state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] and [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to move between other states.

Parameters
NameDescription
requestUpdateCryptoKeyVersionRequest

The request received from the client.

contextServerCallContext

The context of the server-side call handler being invoked.

Returns
TypeDescription
TaskCryptoKeyVersion

The response to send back to the client (wrapped by a task).