RawEncryptResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Response message for KeyManagementService.RawEncrypt.
Attributes | |
---|---|
Name | Description |
ciphertext |
bytes
The encrypted data. In the case of AES-GCM, the authentication tag is the tag_length bytes at the end of this field. |
initialization_vector |
bytes
The initialization vector (IV) generated by the service during encryption. This value must be stored and provided in RawDecryptRequest.initialization_vector at decryption time. |
tag_length |
int
The length of the authentication tag that is appended to the end of the ciphertext. |
ciphertext_crc32c |
google.protobuf.wrappers_pb2.Int64Value
Integrity verification field. A CRC32C checksum of the returned RawEncryptResponse.ciphertext. An integrity check of ciphertext can be performed by computing the CRC32C checksum of ciphertext and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type. |
initialization_vector_crc32c |
google.protobuf.wrappers_pb2.Int64Value
Integrity verification field. A CRC32C checksum of the returned RawEncryptResponse.initialization_vector. An integrity check of initialization_vector can be performed by computing the CRC32C checksum of initialization_vector and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type. |
verified_plaintext_crc32c |
bool
Integrity verification field. A flag indicating whether RawEncryptRequest.plaintext_crc32c was received by KeyManagementService and used for the integrity verification of the plaintext. A false value of this field indicates either that RawEncryptRequest.plaintext_crc32c was left unset or that it was not delivered to KeyManagementService. If you've set RawEncryptRequest.plaintext_crc32c but this field is still false, discard the response and perform a limited number of retries. |
verified_additional_authenticated_data_crc32c |
bool
Integrity verification field. A flag indicating whether RawEncryptRequest.additional_authenticated_data_crc32c was received by KeyManagementService and used for the integrity verification of additional_authenticated_data. A false value of this field indicates either that // RawEncryptRequest.additional_authenticated_data_crc32c was left unset or that it was not delivered to KeyManagementService. If you've set RawEncryptRequest.additional_authenticated_data_crc32c but this field is still false, discard the response and perform a limited number of retries. |
verified_initialization_vector_crc32c |
bool
Integrity verification field. A flag indicating whether RawEncryptRequest.initialization_vector_crc32c was received by KeyManagementService and used for the integrity verification of initialization_vector. A false value of this field indicates either that RawEncryptRequest.initialization_vector_crc32c was left unset or that it was not delivered to KeyManagementService. If you've set RawEncryptRequest.initialization_vector_crc32c but this field is still false, discard the response and perform a limited number of retries. |
name |
str
The resource name of the CryptoKeyVersion used in encryption. Check this field to verify that the intended resource was used for encryption. |
protection_level |
google.cloud.kms_v1.types.ProtectionLevel
The ProtectionLevel of the CryptoKeyVersion used in encryption. |