Package cloud.google.com/go/kms/apiv1/kmspb (v1.14.0)

var (
	EkmConnection_KeyManagementMode_name = map[int32]string{
		0: "KEY_MANAGEMENT_MODE_UNSPECIFIED",
		1: "MANUAL",
		2: "CLOUD_KMS",
	}
	EkmConnection_KeyManagementMode_value = map[string]int32{
		"KEY_MANAGEMENT_MODE_UNSPECIFIED": 0,
		"MANUAL":                          1,
		"CLOUD_KMS":                       2,
	}
)

var (
	ProtectionLevel_name = map[int32]string{
		0: "PROTECTION_LEVEL_UNSPECIFIED",
		1: "SOFTWARE",
		2: "HSM",
		3: "EXTERNAL",
		4: "EXTERNAL_VPC",
	}
	ProtectionLevel_value = map[string]int32{
		"PROTECTION_LEVEL_UNSPECIFIED": 0,
		"SOFTWARE":                     1,
		"HSM":                          2,
		"EXTERNAL":                     3,
		"EXTERNAL_VPC":                 4,
	}
)

var (
	CryptoKey_CryptoKeyPurpose_name = map[int32]string{
		0: "CRYPTO_KEY_PURPOSE_UNSPECIFIED",
		1: "ENCRYPT_DECRYPT",
		5: "ASYMMETRIC_SIGN",
		6: "ASYMMETRIC_DECRYPT",
		7: "RAW_ENCRYPT_DECRYPT",
		9: "MAC",
	}
	CryptoKey_CryptoKeyPurpose_value = map[string]int32{
		"CRYPTO_KEY_PURPOSE_UNSPECIFIED": 0,
		"ENCRYPT_DECRYPT":                1,
		"ASYMMETRIC_SIGN":                5,
		"ASYMMETRIC_DECRYPT":             6,
		"RAW_ENCRYPT_DECRYPT":            7,
		"MAC":                            9,
	}
)

var (
	KeyOperationAttestation_AttestationFormat_name = map[int32]string{
		0: "ATTESTATION_FORMAT_UNSPECIFIED",
		3: "CAVIUM_V1_COMPRESSED",
		4: "CAVIUM_V2_COMPRESSED",
	}
	KeyOperationAttestation_AttestationFormat_value = map[string]int32{
		"ATTESTATION_FORMAT_UNSPECIFIED": 0,
		"CAVIUM_V1_COMPRESSED":           3,
		"CAVIUM_V2_COMPRESSED":           4,
	}
)

var (
	CryptoKeyVersion_CryptoKeyVersionAlgorithm_name = map[int32]string{
		0:  "CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED",
		1:  "GOOGLE_SYMMETRIC_ENCRYPTION",
		41: "AES_128_GCM",
		19: "AES_256_GCM",
		2:  "RSA_SIGN_PSS_2048_SHA256",
		3:  "RSA_SIGN_PSS_3072_SHA256",
		4:  "RSA_SIGN_PSS_4096_SHA256",
		15: "RSA_SIGN_PSS_4096_SHA512",
		5:  "RSA_SIGN_PKCS1_2048_SHA256",
		6:  "RSA_SIGN_PKCS1_3072_SHA256",
		7:  "RSA_SIGN_PKCS1_4096_SHA256",
		16: "RSA_SIGN_PKCS1_4096_SHA512",
		28: "RSA_SIGN_RAW_PKCS1_2048",
		29: "RSA_SIGN_RAW_PKCS1_3072",
		30: "RSA_SIGN_RAW_PKCS1_4096",
		8:  "RSA_DECRYPT_OAEP_2048_SHA256",
		9:  "RSA_DECRYPT_OAEP_3072_SHA256",
		10: "RSA_DECRYPT_OAEP_4096_SHA256",
		17: "RSA_DECRYPT_OAEP_4096_SHA512",
		37: "RSA_DECRYPT_OAEP_2048_SHA1",
		38: "RSA_DECRYPT_OAEP_3072_SHA1",
		39: "RSA_DECRYPT_OAEP_4096_SHA1",
		12: "EC_SIGN_P256_SHA256",
		13: "EC_SIGN_P384_SHA384",
		31: "EC_SIGN_SECP256K1_SHA256",
		32: "HMAC_SHA256",
		33: "HMAC_SHA1",
		34: "HMAC_SHA384",
		35: "HMAC_SHA512",
		36: "HMAC_SHA224",
		18: "EXTERNAL_SYMMETRIC_ENCRYPTION",
	}
	CryptoKeyVersion_CryptoKeyVersionAlgorithm_value = map[string]int32{
		"CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED": 0,
		"GOOGLE_SYMMETRIC_ENCRYPTION":              1,
		"AES_128_GCM":                              41,
		"AES_256_GCM":                              19,
		"RSA_SIGN_PSS_2048_SHA256":                 2,
		"RSA_SIGN_PSS_3072_SHA256":                 3,
		"RSA_SIGN_PSS_4096_SHA256":                 4,
		"RSA_SIGN_PSS_4096_SHA512":                 15,
		"RSA_SIGN_PKCS1_2048_SHA256":               5,
		"RSA_SIGN_PKCS1_3072_SHA256":               6,
		"RSA_SIGN_PKCS1_4096_SHA256":               7,
		"RSA_SIGN_PKCS1_4096_SHA512":               16,
		"RSA_SIGN_RAW_PKCS1_2048":                  28,
		"RSA_SIGN_RAW_PKCS1_3072":                  29,
		"RSA_SIGN_RAW_PKCS1_4096":                  30,
		"RSA_DECRYPT_OAEP_2048_SHA256":             8,
		"RSA_DECRYPT_OAEP_3072_SHA256":             9,
		"RSA_DECRYPT_OAEP_4096_SHA256":             10,
		"RSA_DECRYPT_OAEP_4096_SHA512":             17,
		"RSA_DECRYPT_OAEP_2048_SHA1":               37,
		"RSA_DECRYPT_OAEP_3072_SHA1":               38,
		"RSA_DECRYPT_OAEP_4096_SHA1":               39,
		"EC_SIGN_P256_SHA256":                      12,
		"EC_SIGN_P384_SHA384":                      13,
		"EC_SIGN_SECP256K1_SHA256":                 31,
		"HMAC_SHA256":                              32,
		"HMAC_SHA1":                                33,
		"HMAC_SHA384":                              34,
		"HMAC_SHA512":                              35,
		"HMAC_SHA224":                              36,
		"EXTERNAL_SYMMETRIC_ENCRYPTION":            18,
	}
)

var (
	CryptoKeyVersion_CryptoKeyVersionState_name = map[int32]string{
		0:  "CRYPTO_KEY_VERSION_STATE_UNSPECIFIED",
		5:  "PENDING_GENERATION",
		1:  "ENABLED",
		2:  "DISABLED",
		3:  "DESTROYED",
		4:  "DESTROY_SCHEDULED",
		6:  "PENDING_IMPORT",
		7:  "IMPORT_FAILED",
		8:  "GENERATION_FAILED",
		9:  "PENDING_EXTERNAL_DESTRUCTION",
		10: "EXTERNAL_DESTRUCTION_FAILED",
	}
	CryptoKeyVersion_CryptoKeyVersionState_value = map[string]int32{
		"CRYPTO_KEY_VERSION_STATE_UNSPECIFIED": 0,
		"PENDING_GENERATION":                   5,
		"ENABLED":                              1,
		"DISABLED":                             2,
		"DESTROYED":                            3,
		"DESTROY_SCHEDULED":                    4,
		"PENDING_IMPORT":                       6,
		"IMPORT_FAILED":                        7,
		"GENERATION_FAILED":                    8,
		"PENDING_EXTERNAL_DESTRUCTION":         9,
		"EXTERNAL_DESTRUCTION_FAILED":          10,
	}
)

var (
	CryptoKeyVersion_CryptoKeyVersionView_name = map[int32]string{
		0: "CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED",
		1: "FULL",
	}
	CryptoKeyVersion_CryptoKeyVersionView_value = map[string]int32{
		"CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED": 0,
		"FULL":                                1,
	}
)

var (
	ImportJob_ImportMethod_name = map[int32]string{
		0: "IMPORT_METHOD_UNSPECIFIED",
		1: "RSA_OAEP_3072_SHA1_AES_256",
		2: "RSA_OAEP_4096_SHA1_AES_256",
		3: "RSA_OAEP_3072_SHA256_AES_256",
		4: "RSA_OAEP_4096_SHA256_AES_256",
		5: "RSA_OAEP_3072_SHA256",
		6: "RSA_OAEP_4096_SHA256",
	}
	ImportJob_ImportMethod_value = map[string]int32{
		"IMPORT_METHOD_UNSPECIFIED":    0,
		"RSA_OAEP_3072_SHA1_AES_256":   1,
		"RSA_OAEP_4096_SHA1_AES_256":   2,
		"RSA_OAEP_3072_SHA256_AES_256": 3,
		"RSA_OAEP_4096_SHA256_AES_256": 4,
		"RSA_OAEP_3072_SHA256":         5,
		"RSA_OAEP_4096_SHA256":         6,
	}
)

var (
	ImportJob_ImportJobState_name = map[int32]string{
		0: "IMPORT_JOB_STATE_UNSPECIFIED",
		1: "PENDING_GENERATION",
		2: "ACTIVE",
		3: "EXPIRED",
	}
	ImportJob_ImportJobState_value = map[string]int32{
		"IMPORT_JOB_STATE_UNSPECIFIED": 0,
		"PENDING_GENERATION":           1,
		"ACTIVE":                       2,
		"EXPIRED":                      3,
	}
)

var File_google_cloud_kms_v1_ekm_service_proto protoreflect.FileDescriptor

var File_google_cloud_kms_v1_resources_proto protoreflect.FileDescriptor

var File_google_cloud_kms_v1_service_proto protoreflect.FileDescriptor

func RegisterEkmServiceServer(s *grpc.Server, srv EkmServiceServer)

func RegisterKeyManagementServiceServer(s *grpc.Server, srv KeyManagementServiceServer)

type AsymmetricDecryptRequest struct {

	// Required. The resource name of the
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for
	// decryption.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Required. The data encrypted with the named
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s public key using
	// OAEP.
	Ciphertext []byte `protobuf:"bytes,3,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`
	// Optional. An optional CRC32C checksum of the
	// [AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext].
	// If specified,
	// [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
	// verify the integrity of the received
	// [AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext]
	// using this checksum.
	// [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
	// report an error if the checksum verification fails. If you receive a
	// checksum error, your client should verify that
	// CRC32C([AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext])
	// is equal to
	// [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c],
	// and if so, perform a limited number of retries. A persistent mismatch may
	// indicate an issue in your computation of the CRC32C checksum. Note: This
	// field is defined as int64 for reasons of compatibility across different
	// languages. However, it is a non-negative integer, which will never exceed
	// 2^32-1, and can be safely downconverted to uint32 in languages that support
	// this type.
	CiphertextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,4,opt,name=ciphertext_crc32c,json=ciphertextCrc32c,proto3" json:"ciphertext_crc32c,omitempty"`
	// contains filtered or unexported fields
}

func (*AsymmetricDecryptRequest) Descriptor() ([]byte, []int)

func (x *AsymmetricDecryptRequest) GetCiphertext() []byte

func (x *AsymmetricDecryptRequest) GetCiphertextCrc32C() *wrapperspb.Int64Value

func (x *AsymmetricDecryptRequest) GetName() string

func (*AsymmetricDecryptRequest) ProtoMessage()

func (x *AsymmetricDecryptRequest) ProtoReflect() protoreflect.Message

func (x *AsymmetricDecryptRequest) Reset()

func (x *AsymmetricDecryptRequest) String() string

type AsymmetricDecryptResponse struct {
	Plaintext []byte `protobuf:"bytes,1,opt,name=plaintext,proto3" json:"plaintext,omitempty"`

	PlaintextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,2,opt,name=plaintext_crc32c,json=plaintextCrc32c,proto3" json:"plaintext_crc32c,omitempty"`

	VerifiedCiphertextCrc32C bool "" /* 136 byte string literal not displayed */

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

}

func (*AsymmetricDecryptResponse) Descriptor() ([]byte, []int)

func (x *AsymmetricDecryptResponse) GetPlaintext() []byte

func (x *AsymmetricDecryptResponse) GetPlaintextCrc32C() *wrapperspb.Int64Value

func (x *AsymmetricDecryptResponse) GetProtectionLevel() ProtectionLevel

func (x *AsymmetricDecryptResponse) GetVerifiedCiphertextCrc32C() bool

func (*AsymmetricDecryptResponse) ProtoMessage()

func (x *AsymmetricDecryptResponse) ProtoReflect() protoreflect.Message

func (x *AsymmetricDecryptResponse) Reset()

func (x *AsymmetricDecryptResponse) String() string

type AsymmetricSignRequest struct {

	// Required. The resource name of the
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for
	// signing.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. The digest of the data to sign. The digest must be produced with
	// the same digest algorithm as specified by the key version's
	// [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm].
	//
	// This field may not be supplied if
	// [AsymmetricSignRequest.data][google.cloud.kms.v1.AsymmetricSignRequest.data]
	// is supplied.
	Digest *Digest `protobuf:"bytes,3,opt,name=digest,proto3" json:"digest,omitempty"`
	// Optional. An optional CRC32C checksum of the
	// [AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest].
	// If specified,
	// [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
	// verify the integrity of the received
	// [AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest]
	// using this checksum.
	// [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
	// report an error if the checksum verification fails. If you receive a
	// checksum error, your client should verify that
	// CRC32C([AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest])
	// is equal to
	// [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c],
	// and if so, perform a limited number of retries. A persistent mismatch may
	// indicate an issue in your computation of the CRC32C checksum. Note: This
	// field is defined as int64 for reasons of compatibility across different
	// languages. However, it is a non-negative integer, which will never exceed
	// 2^32-1, and can be safely downconverted to uint32 in languages that support
	// this type.
	DigestCrc32C *wrapperspb.Int64Value `protobuf:"bytes,4,opt,name=digest_crc32c,json=digestCrc32c,proto3" json:"digest_crc32c,omitempty"`
	// Optional. The data to sign.
	// It can't be supplied if
	// [AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest]
	// is supplied.
	Data []byte `protobuf:"bytes,6,opt,name=data,proto3" json:"data,omitempty"`
	// Optional. An optional CRC32C checksum of the
	// [AsymmetricSignRequest.data][google.cloud.kms.v1.AsymmetricSignRequest.data].
	// If specified,
	// [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
	// verify the integrity of the received
	// [AsymmetricSignRequest.data][google.cloud.kms.v1.AsymmetricSignRequest.data]
	// using this checksum.
	// [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
	// report an error if the checksum verification fails. If you receive a
	// checksum error, your client should verify that
	// CRC32C([AsymmetricSignRequest.data][google.cloud.kms.v1.AsymmetricSignRequest.data])
	// is equal to
	// [AsymmetricSignRequest.data_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.data_crc32c],
	// and if so, perform a limited number of retries. A persistent mismatch may
	// indicate an issue in your computation of the CRC32C checksum. Note: This
	// field is defined as int64 for reasons of compatibility across different
	// languages. However, it is a non-negative integer, which will never exceed
	// 2^32-1, and can be safely downconverted to uint32 in languages that support
	// this type.
	DataCrc32C *wrapperspb.Int64Value `protobuf:"bytes,7,opt,name=data_crc32c,json=dataCrc32c,proto3" json:"data_crc32c,omitempty"`
	// contains filtered or unexported fields
}

func (*AsymmetricSignRequest) Descriptor() ([]byte, []int)

func (x *AsymmetricSignRequest) GetData() []byte

func (x *AsymmetricSignRequest) GetDataCrc32C() *wrapperspb.Int64Value

func (x *AsymmetricSignRequest) GetDigest() *Digest

func (x *AsymmetricSignRequest) GetDigestCrc32C() *wrapperspb.Int64Value

func (x *AsymmetricSignRequest) GetName() string

func (*AsymmetricSignRequest) ProtoMessage()

func (x *AsymmetricSignRequest) ProtoReflect() protoreflect.Message

func (x *AsymmetricSignRequest) Reset()

func (x *AsymmetricSignRequest) String() string

type AsymmetricSignResponse struct {
	Signature []byte `protobuf:"bytes,1,opt,name=signature,proto3" json:"signature,omitempty"`

	SignatureCrc32C *wrapperspb.Int64Value `protobuf:"bytes,2,opt,name=signature_crc32c,json=signatureCrc32c,proto3" json:"signature_crc32c,omitempty"`

	VerifiedDigestCrc32C bool `protobuf:"varint,3,opt,name=verified_digest_crc32c,json=verifiedDigestCrc32c,proto3" json:"verified_digest_crc32c,omitempty"`

	Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"`

	VerifiedDataCrc32C bool `protobuf:"varint,5,opt,name=verified_data_crc32c,json=verifiedDataCrc32c,proto3" json:"verified_data_crc32c,omitempty"`

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

}

func (*AsymmetricSignResponse) Descriptor() ([]byte, []int)

func (x *AsymmetricSignResponse) GetName() string

func (x *AsymmetricSignResponse) GetProtectionLevel() ProtectionLevel

func (x *AsymmetricSignResponse) GetSignature() []byte

func (x *AsymmetricSignResponse) GetSignatureCrc32C() *wrapperspb.Int64Value

func (x *AsymmetricSignResponse) GetVerifiedDataCrc32C() bool

func (x *AsymmetricSignResponse) GetVerifiedDigestCrc32C() bool

func (*AsymmetricSignResponse) ProtoMessage()

func (x *AsymmetricSignResponse) ProtoReflect() protoreflect.Message

func (x *AsymmetricSignResponse) Reset()

func (x *AsymmetricSignResponse) String() string

type Certificate struct {
	RawDer []byte `protobuf:"bytes,1,opt,name=raw_der,json=rawDer,proto3" json:"raw_der,omitempty"`

	Parsed bool `protobuf:"varint,2,opt,name=parsed,proto3" json:"parsed,omitempty"`

	Issuer string `protobuf:"bytes,3,opt,name=issuer,proto3" json:"issuer,omitempty"`

	Subject string `protobuf:"bytes,4,opt,name=subject,proto3" json:"subject,omitempty"`

	SubjectAlternativeDnsNames []string "" /* 143 byte string literal not displayed */

	NotBeforeTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=not_before_time,json=notBeforeTime,proto3" json:"not_before_time,omitempty"`

	NotAfterTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=not_after_time,json=notAfterTime,proto3" json:"not_after_time,omitempty"`

	SerialNumber string `protobuf:"bytes,8,opt,name=serial_number,json=serialNumber,proto3" json:"serial_number,omitempty"`

	Sha256Fingerprint string `protobuf:"bytes,9,opt,name=sha256_fingerprint,json=sha256Fingerprint,proto3" json:"sha256_fingerprint,omitempty"`

}

func (*Certificate) Descriptor() ([]byte, []int)

func (x *Certificate) GetIssuer() string

func (x *Certificate) GetNotAfterTime() *timestamppb.Timestamp

func (x *Certificate) GetNotBeforeTime() *timestamppb.Timestamp

func (x *Certificate) GetParsed() bool

func (x *Certificate) GetRawDer() []byte

func (x *Certificate) GetSerialNumber() string

func (x *Certificate) GetSha256Fingerprint() string

func (x *Certificate) GetSubject() string

func (x *Certificate) GetSubjectAlternativeDnsNames() []string

func (*Certificate) ProtoMessage()

func (x *Certificate) ProtoReflect() protoreflect.Message

func (x *Certificate) Reset()

func (x *Certificate) String() string

type CreateCryptoKeyRequest struct {
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`

	CryptoKeyId string `protobuf:"bytes,2,opt,name=crypto_key_id,json=cryptoKeyId,proto3" json:"crypto_key_id,omitempty"`

	CryptoKey *CryptoKey `protobuf:"bytes,3,opt,name=crypto_key,json=cryptoKey,proto3" json:"crypto_key,omitempty"`

	SkipInitialVersionCreation bool "" /* 144 byte string literal not displayed */

}

func (*CreateCryptoKeyRequest) Descriptor() ([]byte, []int)

func (x *CreateCryptoKeyRequest) GetCryptoKey() *CryptoKey

func (x *CreateCryptoKeyRequest) GetCryptoKeyId() string

func (x *CreateCryptoKeyRequest) GetParent() string

func (x *CreateCryptoKeyRequest) GetSkipInitialVersionCreation() bool

func (*CreateCryptoKeyRequest) ProtoMessage()

func (x *CreateCryptoKeyRequest) ProtoReflect() protoreflect.Message

func (x *CreateCryptoKeyRequest) Reset()

func (x *CreateCryptoKeyRequest) String() string

type CreateCryptoKeyVersionRequest struct {

	// Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the
	// [CryptoKey][google.cloud.kms.v1.CryptoKey] associated with the
	// [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. A [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
	// initial field values.
	CryptoKeyVersion *CryptoKeyVersion `protobuf:"bytes,2,opt,name=crypto_key_version,json=cryptoKeyVersion,proto3" json:"crypto_key_version,omitempty"`
	// contains filtered or unexported fields
}

func (*CreateCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

func (x *CreateCryptoKeyVersionRequest) GetCryptoKeyVersion() *CryptoKeyVersion

func (x *CreateCryptoKeyVersionRequest) GetParent() string

func (*CreateCryptoKeyVersionRequest) ProtoMessage()

func (x *CreateCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (x *CreateCryptoKeyVersionRequest) Reset()

func (x *CreateCryptoKeyVersionRequest) String() string

type CreateEkmConnectionRequest struct {

	// Required. The resource name of the location associated with the
	// [EkmConnection][google.cloud.kms.v1.EkmConnection], in the format
	// `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. It must be unique within a location and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`.
	EkmConnectionId string `protobuf:"bytes,2,opt,name=ekm_connection_id,json=ekmConnectionId,proto3" json:"ekm_connection_id,omitempty"`
	// Required. An [EkmConnection][google.cloud.kms.v1.EkmConnection] with
	// initial field values.
	EkmConnection *EkmConnection `protobuf:"bytes,3,opt,name=ekm_connection,json=ekmConnection,proto3" json:"ekm_connection,omitempty"`
	// contains filtered or unexported fields
}

func (*CreateEkmConnectionRequest) Descriptor() ([]byte, []int)

func (x *CreateEkmConnectionRequest) GetEkmConnection() *EkmConnection

func (x *CreateEkmConnectionRequest) GetEkmConnectionId() string

func (x *CreateEkmConnectionRequest) GetParent() string

func (*CreateEkmConnectionRequest) ProtoMessage()

func (x *CreateEkmConnectionRequest) ProtoReflect() protoreflect.Message

func (x *CreateEkmConnectionRequest) Reset()

func (x *CreateEkmConnectionRequest) String() string

type CreateImportJobRequest struct {

	// Required. The [name][google.cloud.kms.v1.KeyRing.name] of the
	// [KeyRing][google.cloud.kms.v1.KeyRing] associated with the
	// [ImportJobs][google.cloud.kms.v1.ImportJob].
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. It must be unique within a KeyRing and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`
	ImportJobId string `protobuf:"bytes,2,opt,name=import_job_id,json=importJobId,proto3" json:"import_job_id,omitempty"`
	// Required. An [ImportJob][google.cloud.kms.v1.ImportJob] with initial field
	// values.
	ImportJob *ImportJob `protobuf:"bytes,3,opt,name=import_job,json=importJob,proto3" json:"import_job,omitempty"`
	// contains filtered or unexported fields
}

func (*CreateImportJobRequest) Descriptor() ([]byte, []int)

func (x *CreateImportJobRequest) GetImportJob() *ImportJob

func (x *CreateImportJobRequest) GetImportJobId() string

func (x *CreateImportJobRequest) GetParent() string

func (*CreateImportJobRequest) ProtoMessage()

func (x *CreateImportJobRequest) ProtoReflect() protoreflect.Message

func (x *CreateImportJobRequest) Reset()

func (x *CreateImportJobRequest) String() string

type CreateKeyRingRequest struct {

	// Required. The resource name of the location associated with the
	// [KeyRings][google.cloud.kms.v1.KeyRing], in the format
	// `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. It must be unique within a location and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`
	KeyRingId string `protobuf:"bytes,2,opt,name=key_ring_id,json=keyRingId,proto3" json:"key_ring_id,omitempty"`
	// Required. A [KeyRing][google.cloud.kms.v1.KeyRing] with initial field
	// values.
	KeyRing *KeyRing `protobuf:"bytes,3,opt,name=key_ring,json=keyRing,proto3" json:"key_ring,omitempty"`
	// contains filtered or unexported fields
}

func (*CreateKeyRingRequest) Descriptor() ([]byte, []int)

func (x *CreateKeyRingRequest) GetKeyRing() *KeyRing

func (x *CreateKeyRingRequest) GetKeyRingId() string

func (x *CreateKeyRingRequest) GetParent() string

func (*CreateKeyRingRequest) ProtoMessage()

func (x *CreateKeyRingRequest) ProtoReflect() protoreflect.Message

func (x *CreateKeyRingRequest) Reset()

func (x *CreateKeyRingRequest) String() string

type CryptoKey struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Primary *CryptoKeyVersion `protobuf:"bytes,2,opt,name=primary,proto3" json:"primary,omitempty"`

	Purpose CryptoKey_CryptoKeyPurpose `protobuf:"varint,3,opt,name=purpose,proto3,enum=google.cloud.kms.v1.CryptoKey_CryptoKeyPurpose" json:"purpose,omitempty"`

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	NextRotationTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=next_rotation_time,json=nextRotationTime,proto3" json:"next_rotation_time,omitempty"`

	RotationSchedule isCryptoKey_RotationSchedule `protobuf_oneof:"rotation_schedule"`

	VersionTemplate *CryptoKeyVersionTemplate `protobuf:"bytes,11,opt,name=version_template,json=versionTemplate,proto3" json:"version_template,omitempty"`

	Labels map[string]string "" /* 154 byte string literal not displayed */

	ImportOnly bool `protobuf:"varint,13,opt,name=import_only,json=importOnly,proto3" json:"import_only,omitempty"`

	DestroyScheduledDuration *durationpb.Duration "" /* 136 byte string literal not displayed */

	CryptoKeyBackend string `protobuf:"bytes,15,opt,name=crypto_key_backend,json=cryptoKeyBackend,proto3" json:"crypto_key_backend,omitempty"`

}

func (*CryptoKey) Descriptor() ([]byte, []int)

func (x *CryptoKey) GetCreateTime() *timestamppb.Timestamp

func (x *CryptoKey) GetCryptoKeyBackend() string

func (x *CryptoKey) GetDestroyScheduledDuration() *durationpb.Duration

func (x *CryptoKey) GetImportOnly() bool

func (x *CryptoKey) GetLabels() map[string]string

func (x *CryptoKey) GetName() string

func (x *CryptoKey) GetNextRotationTime() *timestamppb.Timestamp

func (x *CryptoKey) GetPrimary() *CryptoKeyVersion

func (x *CryptoKey) GetPurpose() CryptoKey_CryptoKeyPurpose

func (x *CryptoKey) GetRotationPeriod() *durationpb.Duration

func (m *CryptoKey) GetRotationSchedule() isCryptoKey_RotationSchedule

func (x *CryptoKey) GetVersionTemplate() *CryptoKeyVersionTemplate

func (*CryptoKey) ProtoMessage()

func (x *CryptoKey) ProtoReflect() protoreflect.Message

func (x *CryptoKey) Reset()

func (x *CryptoKey) String() string

type CryptoKeyVersion struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	State CryptoKeyVersion_CryptoKeyVersionState "" /* 128 byte string literal not displayed */

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

	Algorithm CryptoKeyVersion_CryptoKeyVersionAlgorithm "" /* 141 byte string literal not displayed */

	Attestation *KeyOperationAttestation `protobuf:"bytes,8,opt,name=attestation,proto3" json:"attestation,omitempty"`

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	GenerateTime *timestamppb.Timestamp `protobuf:"bytes,11,opt,name=generate_time,json=generateTime,proto3" json:"generate_time,omitempty"`

	DestroyTime *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=destroy_time,json=destroyTime,proto3" json:"destroy_time,omitempty"`

	DestroyEventTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=destroy_event_time,json=destroyEventTime,proto3" json:"destroy_event_time,omitempty"`

	ImportJob string `protobuf:"bytes,14,opt,name=import_job,json=importJob,proto3" json:"import_job,omitempty"`

	ImportTime *timestamppb.Timestamp `protobuf:"bytes,15,opt,name=import_time,json=importTime,proto3" json:"import_time,omitempty"`

	ImportFailureReason string `protobuf:"bytes,16,opt,name=import_failure_reason,json=importFailureReason,proto3" json:"import_failure_reason,omitempty"`

	GenerationFailureReason string "" /* 133 byte string literal not displayed */

	ExternalDestructionFailureReason string "" /* 162 byte string literal not displayed */

	ExternalProtectionLevelOptions *ExternalProtectionLevelOptions "" /* 156 byte string literal not displayed */

	ReimportEligible bool `protobuf:"varint,18,opt,name=reimport_eligible,json=reimportEligible,proto3" json:"reimport_eligible,omitempty"`

}

func (*CryptoKeyVersion) Descriptor() ([]byte, []int)

func (x *CryptoKeyVersion) GetAlgorithm() CryptoKeyVersion_CryptoKeyVersionAlgorithm

func (x *CryptoKeyVersion) GetAttestation() *KeyOperationAttestation

func (x *CryptoKeyVersion) GetCreateTime() *timestamppb.Timestamp

func (x *CryptoKeyVersion) GetDestroyEventTime() *timestamppb.Timestamp

func (x *CryptoKeyVersion) GetDestroyTime() *timestamppb.Timestamp

func (x *CryptoKeyVersion) GetExternalDestructionFailureReason() string

func (x *CryptoKeyVersion) GetExternalProtectionLevelOptions() *ExternalProtectionLevelOptions

func (x *CryptoKeyVersion) GetGenerateTime() *timestamppb.Timestamp

func (x *CryptoKeyVersion) GetGenerationFailureReason() string

func (x *CryptoKeyVersion) GetImportFailureReason() string

func (x *CryptoKeyVersion) GetImportJob() string

func (x *CryptoKeyVersion) GetImportTime() *timestamppb.Timestamp

func (x *CryptoKeyVersion) GetName() string

func (x *CryptoKeyVersion) GetProtectionLevel() ProtectionLevel

func (x *CryptoKeyVersion) GetReimportEligible() bool

func (x *CryptoKeyVersion) GetState() CryptoKeyVersion_CryptoKeyVersionState

func (*CryptoKeyVersion) ProtoMessage()

func (x *CryptoKeyVersion) ProtoReflect() protoreflect.Message

func (x *CryptoKeyVersion) Reset()

func (x *CryptoKeyVersion) String() string

type CryptoKeyVersionTemplate struct {
	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

	Algorithm CryptoKeyVersion_CryptoKeyVersionAlgorithm "" /* 140 byte string literal not displayed */

}

func (*CryptoKeyVersionTemplate) Descriptor() ([]byte, []int)

func (x *CryptoKeyVersionTemplate) GetAlgorithm() CryptoKeyVersion_CryptoKeyVersionAlgorithm

func (x *CryptoKeyVersionTemplate) GetProtectionLevel() ProtectionLevel

func (*CryptoKeyVersionTemplate) ProtoMessage()

func (x *CryptoKeyVersionTemplate) ProtoReflect() protoreflect.Message

func (x *CryptoKeyVersionTemplate) Reset()

func (x *CryptoKeyVersionTemplate) String() string

type CryptoKeyVersion_CryptoKeyVersionAlgorithm int32

const (
	// Not specified.
	CryptoKeyVersion_CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED CryptoKeyVersion_CryptoKeyVersionAlgorithm = 0
	// Creates symmetric encryption keys.
	CryptoKeyVersion_GOOGLE_SYMMETRIC_ENCRYPTION CryptoKeyVersion_CryptoKeyVersionAlgorithm = 1
	// AES-GCM (Galois Counter Mode) using 128-bit keys.
	CryptoKeyVersion_AES_128_GCM CryptoKeyVersion_CryptoKeyVersionAlgorithm = 41
	// AES-GCM (Galois Counter Mode) using 256-bit keys.
	CryptoKeyVersion_AES_256_GCM CryptoKeyVersion_CryptoKeyVersionAlgorithm = 19
	// RSASSA-PSS 2048 bit key with a SHA256 digest.
	CryptoKeyVersion_RSA_SIGN_PSS_2048_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 2
	// RSASSA-PSS 3072 bit key with a SHA256 digest.
	CryptoKeyVersion_RSA_SIGN_PSS_3072_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 3
	// RSASSA-PSS 4096 bit key with a SHA256 digest.
	CryptoKeyVersion_RSA_SIGN_PSS_4096_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 4
	// RSASSA-PSS 4096 bit key with a SHA512 digest.
	CryptoKeyVersion_RSA_SIGN_PSS_4096_SHA512 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 15
	// RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest.
	CryptoKeyVersion_RSA_SIGN_PKCS1_2048_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 5
	// RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest.
	CryptoKeyVersion_RSA_SIGN_PKCS1_3072_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 6
	// RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest.
	CryptoKeyVersion_RSA_SIGN_PKCS1_4096_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 7
	// RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest.
	CryptoKeyVersion_RSA_SIGN_PKCS1_4096_SHA512 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 16
	// RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key.
	CryptoKeyVersion_RSA_SIGN_RAW_PKCS1_2048 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 28
	// RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key.
	CryptoKeyVersion_RSA_SIGN_RAW_PKCS1_3072 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 29
	// RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key.
	CryptoKeyVersion_RSA_SIGN_RAW_PKCS1_4096 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 30
	// RSAES-OAEP 2048 bit key with a SHA256 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_2048_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 8
	// RSAES-OAEP 3072 bit key with a SHA256 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_3072_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 9
	// RSAES-OAEP 4096 bit key with a SHA256 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_4096_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 10
	// RSAES-OAEP 4096 bit key with a SHA512 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_4096_SHA512 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 17
	// RSAES-OAEP 2048 bit key with a SHA1 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_2048_SHA1 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 37
	// RSAES-OAEP 3072 bit key with a SHA1 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_3072_SHA1 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 38
	// RSAES-OAEP 4096 bit key with a SHA1 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_4096_SHA1 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 39
	// ECDSA on the NIST P-256 curve with a SHA256 digest.
	// Other hash functions can also be used:
	// https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms
	CryptoKeyVersion_EC_SIGN_P256_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 12
	// ECDSA on the NIST P-384 curve with a SHA384 digest.
	// Other hash functions can also be used:
	// https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms
	CryptoKeyVersion_EC_SIGN_P384_SHA384 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 13
	// ECDSA on the non-NIST secp256k1 curve. This curve is only supported for
	// HSM protection level.
	// Other hash functions can also be used:
	// https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms
	CryptoKeyVersion_EC_SIGN_SECP256K1_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 31
	// HMAC-SHA256 signing with a 256 bit key.
	CryptoKeyVersion_HMAC_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 32
	// HMAC-SHA1 signing with a 160 bit key.
	CryptoKeyVersion_HMAC_SHA1 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 33
	// HMAC-SHA384 signing with a 384 bit key.
	CryptoKeyVersion_HMAC_SHA384 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 34
	// HMAC-SHA512 signing with a 512 bit key.
	CryptoKeyVersion_HMAC_SHA512 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 35
	// HMAC-SHA224 signing with a 224 bit key.
	CryptoKeyVersion_HMAC_SHA224 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 36
	// Algorithm representing symmetric encryption by an external key manager.
	CryptoKeyVersion_EXTERNAL_SYMMETRIC_ENCRYPTION CryptoKeyVersion_CryptoKeyVersionAlgorithm = 18
)

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) Descriptor() protoreflect.EnumDescriptor

func (x CryptoKeyVersion_CryptoKeyVersionAlgorithm) Enum() *CryptoKeyVersion_CryptoKeyVersionAlgorithm

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) EnumDescriptor() ([]byte, []int)

func (x CryptoKeyVersion_CryptoKeyVersionAlgorithm) Number() protoreflect.EnumNumber

func (x CryptoKeyVersion_CryptoKeyVersionAlgorithm) String() string

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) Type() protoreflect.EnumType

type CryptoKeyVersion_CryptoKeyVersionState int32

const (
	// Not specified.
	CryptoKeyVersion_CRYPTO_KEY_VERSION_STATE_UNSPECIFIED CryptoKeyVersion_CryptoKeyVersionState = 0
	// This version is still being generated. It may not be used, enabled,
	// disabled, or destroyed yet. Cloud KMS will automatically mark this
	// version
	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
	// as soon as the version is ready.
	CryptoKeyVersion_PENDING_GENERATION CryptoKeyVersion_CryptoKeyVersionState = 5
	// This version may be used for cryptographic operations.
	CryptoKeyVersion_ENABLED CryptoKeyVersion_CryptoKeyVersionState = 1
	// This version may not be used, but the key material is still available,
	// and the version can be placed back into the
	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
	// state.
	CryptoKeyVersion_DISABLED CryptoKeyVersion_CryptoKeyVersionState = 2
	// This version is destroyed, and the key material is no longer stored.
	// This version may only become
	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
	// again if this version is
	// [reimport_eligible][google.cloud.kms.v1.CryptoKeyVersion.reimport_eligible]
	// and the original key material is reimported with a call to
	// [KeyManagementService.ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion].
	CryptoKeyVersion_DESTROYED CryptoKeyVersion_CryptoKeyVersionState = 3
	// This version is scheduled for destruction, and will be destroyed soon.
	// Call
	// [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]
	// to put it back into the
	// [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED]
	// state.
	CryptoKeyVersion_DESTROY_SCHEDULED CryptoKeyVersion_CryptoKeyVersionState = 4
	// This version is still being imported. It may not be used, enabled,
	// disabled, or destroyed yet. Cloud KMS will automatically mark this
	// version
	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
	// as soon as the version is ready.
	CryptoKeyVersion_PENDING_IMPORT CryptoKeyVersion_CryptoKeyVersionState = 6
	// This version was not imported successfully. It may not be used, enabled,
	// disabled, or destroyed. The submitted key material has been discarded.
	// Additional details can be found in
	// [CryptoKeyVersion.import_failure_reason][google.cloud.kms.v1.CryptoKeyVersion.import_failure_reason].
	CryptoKeyVersion_IMPORT_FAILED CryptoKeyVersion_CryptoKeyVersionState = 7
	// This version was not generated successfully. It may not be used, enabled,
	// disabled, or destroyed. Additional details can be found in
	// [CryptoKeyVersion.generation_failure_reason][google.cloud.kms.v1.CryptoKeyVersion.generation_failure_reason].
	CryptoKeyVersion_GENERATION_FAILED CryptoKeyVersion_CryptoKeyVersionState = 8
	// This version was destroyed, and it may not be used or enabled again.
	// Cloud KMS is waiting for the corresponding key material residing in an
	// external key manager to be destroyed.
	CryptoKeyVersion_PENDING_EXTERNAL_DESTRUCTION CryptoKeyVersion_CryptoKeyVersionState = 9
	// This version was destroyed, and it may not be used or enabled again.
	// However, Cloud KMS could not confirm that the corresponding key material
	// residing in an external key manager was destroyed. Additional details can
	// be found in
	// [CryptoKeyVersion.external_destruction_failure_reason][google.cloud.kms.v1.CryptoKeyVersion.external_destruction_failure_reason].
	CryptoKeyVersion_EXTERNAL_DESTRUCTION_FAILED CryptoKeyVersion_CryptoKeyVersionState = 10
)

func (CryptoKeyVersion_CryptoKeyVersionState) Descriptor() protoreflect.EnumDescriptor

func (x CryptoKeyVersion_CryptoKeyVersionState) Enum() *CryptoKeyVersion_CryptoKeyVersionState

func (CryptoKeyVersion_CryptoKeyVersionState) EnumDescriptor() ([]byte, []int)

func (x CryptoKeyVersion_CryptoKeyVersionState) Number() protoreflect.EnumNumber

func (x CryptoKeyVersion_CryptoKeyVersionState) String() string

func (CryptoKeyVersion_CryptoKeyVersionState) Type() protoreflect.EnumType

type CryptoKeyVersion_CryptoKeyVersionView int32

const (
	// Default view for each
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Does not
	// include the
	// [attestation][google.cloud.kms.v1.CryptoKeyVersion.attestation] field.
	CryptoKeyVersion_CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED CryptoKeyVersion_CryptoKeyVersionView = 0
	// Provides all fields in each
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], including the
	// [attestation][google.cloud.kms.v1.CryptoKeyVersion.attestation].
	CryptoKeyVersion_FULL CryptoKeyVersion_CryptoKeyVersionView = 1
)

func (CryptoKeyVersion_CryptoKeyVersionView) Descriptor() protoreflect.EnumDescriptor

func (x CryptoKeyVersion_CryptoKeyVersionView) Enum() *CryptoKeyVersion_CryptoKeyVersionView

func (CryptoKeyVersion_CryptoKeyVersionView) EnumDescriptor() ([]byte, []int)

func (x CryptoKeyVersion_CryptoKeyVersionView) Number() protoreflect.EnumNumber

func (x CryptoKeyVersion_CryptoKeyVersionView) String() string

func (CryptoKeyVersion_CryptoKeyVersionView) Type() protoreflect.EnumType

type CryptoKey_CryptoKeyPurpose int32

const (
	// Not specified.
	CryptoKey_CRYPTO_KEY_PURPOSE_UNSPECIFIED CryptoKey_CryptoKeyPurpose = 0
	// [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used
	// with [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and
	// [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
	CryptoKey_ENCRYPT_DECRYPT CryptoKey_CryptoKeyPurpose = 1
	// [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used
	// with
	// [AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign]
	// and
	// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
	CryptoKey_ASYMMETRIC_SIGN CryptoKey_CryptoKeyPurpose = 5
	// [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used
	// with
	// [AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt]
	// and
	// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
	CryptoKey_ASYMMETRIC_DECRYPT CryptoKey_CryptoKeyPurpose = 6
	// [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used
	// with [RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt]
	// and [RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt].
	// This purpose is meant to be used for interoperable symmetric
	// encryption and does not support automatic CryptoKey rotation.
	CryptoKey_RAW_ENCRYPT_DECRYPT CryptoKey_CryptoKeyPurpose = 7
	// [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used
	// with [MacSign][google.cloud.kms.v1.KeyManagementService.MacSign].
	CryptoKey_MAC CryptoKey_CryptoKeyPurpose = 9
)

func (CryptoKey_CryptoKeyPurpose) Descriptor() protoreflect.EnumDescriptor

func (x CryptoKey_CryptoKeyPurpose) Enum() *CryptoKey_CryptoKeyPurpose

func (CryptoKey_CryptoKeyPurpose) EnumDescriptor() ([]byte, []int)

func (x CryptoKey_CryptoKeyPurpose) Number() protoreflect.EnumNumber

func (x CryptoKey_CryptoKeyPurpose) String() string

func (CryptoKey_CryptoKeyPurpose) Type() protoreflect.EnumType

type CryptoKey_RotationPeriod struct {
	// [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time]
	// will be advanced by this period when the service automatically rotates a
	// key. Must be at least 24 hours and at most 876,000 hours.
	//
	// If [rotation_period][google.cloud.kms.v1.CryptoKey.rotation_period] is
	// set,
	// [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time]
	// must also be set.
	//
	// Keys with [purpose][google.cloud.kms.v1.CryptoKey.purpose]
	// [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]
	// support automatic rotation. For other keys, this field must be omitted.
	RotationPeriod *durationpb.Duration `protobuf:"bytes,8,opt,name=rotation_period,json=rotationPeriod,proto3,oneof"`
}

type DecryptRequest struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Ciphertext []byte `protobuf:"bytes,2,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`

	AdditionalAuthenticatedData []byte "" /* 144 byte string literal not displayed */

	CiphertextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,5,opt,name=ciphertext_crc32c,json=ciphertextCrc32c,proto3" json:"ciphertext_crc32c,omitempty"`

	AdditionalAuthenticatedDataCrc32C *wrapperspb.Int64Value "" /* 164 byte string literal not displayed */

}

func (*DecryptRequest) Descriptor() ([]byte, []int)

func (x *DecryptRequest) GetAdditionalAuthenticatedData() []byte

func (x *DecryptRequest) GetAdditionalAuthenticatedDataCrc32C() *wrapperspb.Int64Value

func (x *DecryptRequest) GetCiphertext() []byte

func (x *DecryptRequest) GetCiphertextCrc32C() *wrapperspb.Int64Value

func (x *DecryptRequest) GetName() string

func (*DecryptRequest) ProtoMessage()

func (x *DecryptRequest) ProtoReflect() protoreflect.Message

func (x *DecryptRequest) Reset()

func (x *DecryptRequest) String() string

type DecryptResponse struct {
	Plaintext []byte `protobuf:"bytes,1,opt,name=plaintext,proto3" json:"plaintext,omitempty"`

	PlaintextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,2,opt,name=plaintext_crc32c,json=plaintextCrc32c,proto3" json:"plaintext_crc32c,omitempty"`

	UsedPrimary bool `protobuf:"varint,3,opt,name=used_primary,json=usedPrimary,proto3" json:"used_primary,omitempty"`

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

}

func (*DecryptResponse) Descriptor() ([]byte, []int)

func (x *DecryptResponse) GetPlaintext() []byte

func (x *DecryptResponse) GetPlaintextCrc32C() *wrapperspb.Int64Value

func (x *DecryptResponse) GetProtectionLevel() ProtectionLevel

func (x *DecryptResponse) GetUsedPrimary() bool

func (*DecryptResponse) ProtoMessage()

func (x *DecryptResponse) ProtoReflect() protoreflect.Message

func (x *DecryptResponse) Reset()

func (x *DecryptResponse) String() string

type DestroyCryptoKeyVersionRequest struct {

	// Required. The resource name of the
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to destroy.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*DestroyCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

func (x *DestroyCryptoKeyVersionRequest) GetName() string

func (*DestroyCryptoKeyVersionRequest) ProtoMessage()

func (x *DestroyCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (x *DestroyCryptoKeyVersionRequest) Reset()

func (x *DestroyCryptoKeyVersionRequest) String() string

type Digest struct {

	// Required. The message digest.
	//
	// Types that are assignable to Digest:
	//	*Digest_Sha256
	//	*Digest_Sha384
	//	*Digest_Sha512
	Digest isDigest_Digest `protobuf_oneof:"digest"`
	// contains filtered or unexported fields
}

func (*Digest) Descriptor() ([]byte, []int)

func (m *Digest) GetDigest() isDigest_Digest

func (x *Digest) GetSha256() []byte