[BindServiceMethod(typeof(KeyManagementService), "BindService")]
public abstract class KeyManagementService.KeyManagementServiceBase
Reference documentation and code samples for the Google Cloud Key Management Service v1 API class KeyManagementService.KeyManagementServiceBase.
Base class for server-side implementations of KeyManagementService
Namespace
Google.Cloud.Kms.V1Assembly
Google.Cloud.Kms.V1.dll
Methods
AsymmetricDecrypt(AsymmetricDecryptRequest, ServerCallContext)
public virtual Task<AsymmetricDecryptResponse> AsymmetricDecrypt(AsymmetricDecryptRequest request, ServerCallContext context)
Decrypts data that was encrypted with a public key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT.
Parameters | |
---|---|
Name | Description |
request |
AsymmetricDecryptRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskAsymmetricDecryptResponse |
The response to send back to the client (wrapped by a task). |
AsymmetricSign(AsymmetricSignRequest, ServerCallContext)
public virtual Task<AsymmetricSignResponse> AsymmetricSign(AsymmetricSignRequest request, ServerCallContext context)
Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
Parameters | |
---|---|
Name | Description |
request |
AsymmetricSignRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskAsymmetricSignResponse |
The response to send back to the client (wrapped by a task). |
CreateCryptoKey(CreateCryptoKeyRequest, ServerCallContext)
public virtual Task<CryptoKey> CreateCryptoKey(CreateCryptoKeyRequest request, ServerCallContext context)
Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a [KeyRing][google.cloud.kms.v1.KeyRing].
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm] are required.
Parameters | |
---|---|
Name | Description |
request |
CreateCryptoKeyRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskCryptoKey |
The response to send back to the client (wrapped by a task). |
CreateCryptoKeyVersion(CreateCryptoKeyVersionRequest, ServerCallContext)
public virtual Task<CryptoKeyVersion> CreateCryptoKeyVersion(CreateCryptoKeyVersionRequest request, ServerCallContext context)
Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a [CryptoKey][google.cloud.kms.v1.CryptoKey].
The server will assign the next sequential id. If unset, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
Parameters | |
---|---|
Name | Description |
request |
CreateCryptoKeyVersionRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskCryptoKeyVersion |
The response to send back to the client (wrapped by a task). |
CreateImportJob(CreateImportJobRequest, ServerCallContext)
public virtual Task<ImportJob> CreateImportJob(CreateImportJobRequest request, ServerCallContext context)
Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a [KeyRing][google.cloud.kms.v1.KeyRing].
[ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is required.
Parameters | |
---|---|
Name | Description |
request |
CreateImportJobRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskImportJob |
The response to send back to the client (wrapped by a task). |
CreateKeyRing(CreateKeyRingRequest, ServerCallContext)
public virtual Task<KeyRing> CreateKeyRing(CreateKeyRingRequest request, ServerCallContext context)
Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location.
Parameters | |
---|---|
Name | Description |
request |
CreateKeyRingRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskKeyRing |
The response to send back to the client (wrapped by a task). |
Decrypt(DecryptRequest, ServerCallContext)
public virtual Task<DecryptResponse> Decrypt(DecryptRequest request, ServerCallContext context)
Decrypts data that was protected by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
Parameters | |
---|---|
Name | Description |
request |
DecryptRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskDecryptResponse |
The response to send back to the client (wrapped by a task). |
DestroyCryptoKeyVersion(DestroyCryptoKeyVersionRequest, ServerCallContext)
public virtual Task<CryptoKeyVersion> DestroyCryptoKeyVersion(DestroyCryptoKeyVersionRequest request, ServerCallContext context)
Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction.
Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED], and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be set to the time [destroy_scheduled_duration][google.cloud.kms.v1.CryptoKey.destroy_scheduled_duration] in the future. At that time, the [state][google.cloud.kms.v1.CryptoKeyVersion.state] will automatically change to [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED], and the key material will be irrevocably destroyed.
Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached, [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process.
Parameters | |
---|---|
Name | Description |
request |
DestroyCryptoKeyVersionRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskCryptoKeyVersion |
The response to send back to the client (wrapped by a task). |
Encrypt(EncryptRequest, ServerCallContext)
public virtual Task<EncryptResponse> Encrypt(EncryptRequest request, ServerCallContext context)
Encrypts data, so that it can only be recovered by a call to [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
Parameters | |
---|---|
Name | Description |
request |
EncryptRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskEncryptResponse |
The response to send back to the client (wrapped by a task). |
GenerateRandomBytes(GenerateRandomBytesRequest, ServerCallContext)
public virtual Task<GenerateRandomBytesResponse> GenerateRandomBytes(GenerateRandomBytesRequest request, ServerCallContext context)
Generate random bytes using the Cloud KMS randomness source in the provided location.
Parameters | |
---|---|
Name | Description |
request |
GenerateRandomBytesRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskGenerateRandomBytesResponse |
The response to send back to the client (wrapped by a task). |
GetCryptoKey(GetCryptoKeyRequest, ServerCallContext)
public virtual Task<CryptoKey> GetCryptoKey(GetCryptoKeyRequest request, ServerCallContext context)
Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its [primary][google.cloud.kms.v1.CryptoKey.primary] [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
Parameters | |
---|---|
Name | Description |
request |
GetCryptoKeyRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskCryptoKey |
The response to send back to the client (wrapped by a task). |
GetCryptoKeyVersion(GetCryptoKeyVersionRequest, ServerCallContext)
public virtual Task<CryptoKeyVersion> GetCryptoKeyVersion(GetCryptoKeyVersionRequest request, ServerCallContext context)
Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
Parameters | |
---|---|
Name | Description |
request |
GetCryptoKeyVersionRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskCryptoKeyVersion |
The response to send back to the client (wrapped by a task). |
GetImportJob(GetImportJobRequest, ServerCallContext)
public virtual Task<ImportJob> GetImportJob(GetImportJobRequest request, ServerCallContext context)
Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].
Parameters | |
---|---|
Name | Description |
request |
GetImportJobRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskImportJob |
The response to send back to the client (wrapped by a task). |
GetKeyRing(GetKeyRingRequest, ServerCallContext)
public virtual Task<KeyRing> GetKeyRing(GetKeyRingRequest request, ServerCallContext context)
Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
Parameters | |
---|---|
Name | Description |
request |
GetKeyRingRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskKeyRing |
The response to send back to the client (wrapped by a task). |
GetPublicKey(GetPublicKeyRequest, ServerCallContext)
public virtual Task<PublicKey> GetPublicKey(GetPublicKeyRequest request, ServerCallContext context)
Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN] or [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].
Parameters | |
---|---|
Name | Description |
request |
GetPublicKeyRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskPublicKey |
The response to send back to the client (wrapped by a task). |
ImportCryptoKeyVersion(ImportCryptoKeyVersionRequest, ServerCallContext)
public virtual Task<CryptoKeyVersion> ImportCryptoKeyVersion(ImportCryptoKeyVersionRequest request, ServerCallContext context)
Import wrapped key material into a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
All requests must specify a [CryptoKey][google.cloud.kms.v1.CryptoKey]. If a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the [CryptoKey][google.cloud.kms.v1.CryptoKey].
Parameters | |
---|---|
Name | Description |
request |
ImportCryptoKeyVersionRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskCryptoKeyVersion |
The response to send back to the client (wrapped by a task). |
ListCryptoKeyVersions(ListCryptoKeyVersionsRequest, ServerCallContext)
public virtual Task<ListCryptoKeyVersionsResponse> ListCryptoKeyVersions(ListCryptoKeyVersionsRequest request, ServerCallContext context)
Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
Parameters | |
---|---|
Name | Description |
request |
ListCryptoKeyVersionsRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskListCryptoKeyVersionsResponse |
The response to send back to the client (wrapped by a task). |
ListCryptoKeys(ListCryptoKeysRequest, ServerCallContext)
public virtual Task<ListCryptoKeysResponse> ListCryptoKeys(ListCryptoKeysRequest request, ServerCallContext context)
Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
Parameters | |
---|---|
Name | Description |
request |
ListCryptoKeysRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskListCryptoKeysResponse |
The response to send back to the client (wrapped by a task). |
ListImportJobs(ListImportJobsRequest, ServerCallContext)
public virtual Task<ListImportJobsResponse> ListImportJobs(ListImportJobsRequest request, ServerCallContext context)
Lists [ImportJobs][google.cloud.kms.v1.ImportJob].
Parameters | |
---|---|
Name | Description |
request |
ListImportJobsRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskListImportJobsResponse |
The response to send back to the client (wrapped by a task). |
ListKeyRings(ListKeyRingsRequest, ServerCallContext)
public virtual Task<ListKeyRingsResponse> ListKeyRings(ListKeyRingsRequest request, ServerCallContext context)
Lists [KeyRings][google.cloud.kms.v1.KeyRing].
Parameters | |
---|---|
Name | Description |
request |
ListKeyRingsRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskListKeyRingsResponse |
The response to send back to the client (wrapped by a task). |
MacSign(MacSignRequest, ServerCallContext)
public virtual Task<MacSignResponse> MacSign(MacSignRequest request, ServerCallContext context)
Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC, producing a tag that can be verified by another source with the same key.
Parameters | |
---|---|
Name | Description |
request |
MacSignRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskMacSignResponse |
The response to send back to the client (wrapped by a task). |
MacVerify(MacVerifyRequest, ServerCallContext)
public virtual Task<MacVerifyResponse> MacVerify(MacVerifyRequest request, ServerCallContext context)
Verifies MAC tag using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC, and returns a response that indicates whether or not the verification was successful.
Parameters | |
---|---|
Name | Description |
request |
MacVerifyRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskMacVerifyResponse |
The response to send back to the client (wrapped by a task). |
RawDecrypt(RawDecryptRequest, ServerCallContext)
public virtual Task<RawDecryptResponse> RawDecrypt(RawDecryptRequest request, ServerCallContext context)
Decrypts data that was originally encrypted using a raw cryptographic mechanism. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
Parameters | |
---|---|
Name | Description |
request |
RawDecryptRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskRawDecryptResponse |
The response to send back to the client (wrapped by a task). |
RawEncrypt(RawEncryptRequest, ServerCallContext)
public virtual Task<RawEncryptResponse> RawEncrypt(RawEncryptRequest request, ServerCallContext context)
Encrypts data using portable cryptographic primitives. Most users should choose [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than their raw counterparts. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
Parameters | |
---|---|
Name | Description |
request |
RawEncryptRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskRawEncryptResponse |
The response to send back to the client (wrapped by a task). |
RestoreCryptoKeyVersion(RestoreCryptoKeyVersionRequest, ServerCallContext)
public virtual Task<CryptoKeyVersion> RestoreCryptoKeyVersion(RestoreCryptoKeyVersionRequest request, ServerCallContext context)
Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] state.
Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED], and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared.
Parameters | |
---|---|
Name | Description |
request |
RestoreCryptoKeyVersionRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskCryptoKeyVersion |
The response to send back to the client (wrapped by a task). |
UpdateCryptoKey(UpdateCryptoKeyRequest, ServerCallContext)
public virtual Task<CryptoKey> UpdateCryptoKey(UpdateCryptoKeyRequest request, ServerCallContext context)
Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
Parameters | |
---|---|
Name | Description |
request |
UpdateCryptoKeyRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskCryptoKey |
The response to send back to the client (wrapped by a task). |
UpdateCryptoKeyPrimaryVersion(UpdateCryptoKeyPrimaryVersionRequest, ServerCallContext)
public virtual Task<CryptoKey> UpdateCryptoKeyPrimaryVersion(UpdateCryptoKeyPrimaryVersionRequest request, ServerCallContext context)
Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
Returns an error if called on a key whose purpose is not [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
Parameters | |
---|---|
Name | Description |
request |
UpdateCryptoKeyPrimaryVersionRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskCryptoKey |
The response to send back to the client (wrapped by a task). |
UpdateCryptoKeyVersion(UpdateCryptoKeyVersionRequest, ServerCallContext)
public virtual Task<CryptoKeyVersion> UpdateCryptoKeyVersion(UpdateCryptoKeyVersionRequest request, ServerCallContext context)
Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s metadata.
[state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] and [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to move between other states.
Parameters | |
---|---|
Name | Description |
request |
UpdateCryptoKeyVersionRequest The request received from the client. |
context |
ServerCallContext The context of the server-side call handler being invoked. |
Returns | |
---|---|
Type | Description |
TaskCryptoKeyVersion |
The response to send back to the client (wrapped by a task). |