Package cloud.google.com/go/kms/apiv1/kmspb (v1.15.7)

var (
	EkmConnection_KeyManagementMode_name = map[int32]string{
		0: "KEY_MANAGEMENT_MODE_UNSPECIFIED",
		1: "MANUAL",
		2: "CLOUD_KMS",
	}
	EkmConnection_KeyManagementMode_value = map[string]int32{
		"KEY_MANAGEMENT_MODE_UNSPECIFIED": 0,
		"MANUAL":                          1,
		"CLOUD_KMS":                       2,
	}
)

var (
	ProtectionLevel_name = map[int32]string{
		0: "PROTECTION_LEVEL_UNSPECIFIED",
		1: "SOFTWARE",
		2: "HSM",
		3: "EXTERNAL",
		4: "EXTERNAL_VPC",
	}
	ProtectionLevel_value = map[string]int32{
		"PROTECTION_LEVEL_UNSPECIFIED": 0,
		"SOFTWARE":                     1,
		"HSM":                          2,
		"EXTERNAL":                     3,
		"EXTERNAL_VPC":                 4,
	}
)

var (
	CryptoKey_CryptoKeyPurpose_name = map[int32]string{
		0: "CRYPTO_KEY_PURPOSE_UNSPECIFIED",
		1: "ENCRYPT_DECRYPT",
		5: "ASYMMETRIC_SIGN",
		6: "ASYMMETRIC_DECRYPT",
		7: "RAW_ENCRYPT_DECRYPT",
		9: "MAC",
	}
	CryptoKey_CryptoKeyPurpose_value = map[string]int32{
		"CRYPTO_KEY_PURPOSE_UNSPECIFIED": 0,
		"ENCRYPT_DECRYPT":                1,
		"ASYMMETRIC_SIGN":                5,
		"ASYMMETRIC_DECRYPT":             6,
		"RAW_ENCRYPT_DECRYPT":            7,
		"MAC":                            9,
	}
)

var (
	KeyOperationAttestation_AttestationFormat_name = map[int32]string{
		0: "ATTESTATION_FORMAT_UNSPECIFIED",
		3: "CAVIUM_V1_COMPRESSED",
		4: "CAVIUM_V2_COMPRESSED",
	}
	KeyOperationAttestation_AttestationFormat_value = map[string]int32{
		"ATTESTATION_FORMAT_UNSPECIFIED": 0,
		"CAVIUM_V1_COMPRESSED":           3,
		"CAVIUM_V2_COMPRESSED":           4,
	}
)

var (
	CryptoKeyVersion_CryptoKeyVersionAlgorithm_name = map[int32]string{
		0:  "CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED",
		1:  "GOOGLE_SYMMETRIC_ENCRYPTION",
		41: "AES_128_GCM",
		19: "AES_256_GCM",
		42: "AES_128_CBC",
		43: "AES_256_CBC",
		44: "AES_128_CTR",
		45: "AES_256_CTR",
		2:  "RSA_SIGN_PSS_2048_SHA256",
		3:  "RSA_SIGN_PSS_3072_SHA256",
		4:  "RSA_SIGN_PSS_4096_SHA256",
		15: "RSA_SIGN_PSS_4096_SHA512",
		5:  "RSA_SIGN_PKCS1_2048_SHA256",
		6:  "RSA_SIGN_PKCS1_3072_SHA256",
		7:  "RSA_SIGN_PKCS1_4096_SHA256",
		16: "RSA_SIGN_PKCS1_4096_SHA512",
		28: "RSA_SIGN_RAW_PKCS1_2048",
		29: "RSA_SIGN_RAW_PKCS1_3072",
		30: "RSA_SIGN_RAW_PKCS1_4096",
		8:  "RSA_DECRYPT_OAEP_2048_SHA256",
		9:  "RSA_DECRYPT_OAEP_3072_SHA256",
		10: "RSA_DECRYPT_OAEP_4096_SHA256",
		17: "RSA_DECRYPT_OAEP_4096_SHA512",
		37: "RSA_DECRYPT_OAEP_2048_SHA1",
		38: "RSA_DECRYPT_OAEP_3072_SHA1",
		39: "RSA_DECRYPT_OAEP_4096_SHA1",
		12: "EC_SIGN_P256_SHA256",
		13: "EC_SIGN_P384_SHA384",
		31: "EC_SIGN_SECP256K1_SHA256",
		32: "HMAC_SHA256",
		33: "HMAC_SHA1",
		34: "HMAC_SHA384",
		35: "HMAC_SHA512",
		36: "HMAC_SHA224",
		18: "EXTERNAL_SYMMETRIC_ENCRYPTION",
	}
	CryptoKeyVersion_CryptoKeyVersionAlgorithm_value = map[string]int32{
		"CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED": 0,
		"GOOGLE_SYMMETRIC_ENCRYPTION":              1,
		"AES_128_GCM":                              41,
		"AES_256_GCM":                              19,
		"AES_128_CBC":                              42,
		"AES_256_CBC":                              43,
		"AES_128_CTR":                              44,
		"AES_256_CTR":                              45,
		"RSA_SIGN_PSS_2048_SHA256":                 2,
		"RSA_SIGN_PSS_3072_SHA256":                 3,
		"RSA_SIGN_PSS_4096_SHA256":                 4,
		"RSA_SIGN_PSS_4096_SHA512":                 15,
		"RSA_SIGN_PKCS1_2048_SHA256":               5,
		"RSA_SIGN_PKCS1_3072_SHA256":               6,
		"RSA_SIGN_PKCS1_4096_SHA256":               7,
		"RSA_SIGN_PKCS1_4096_SHA512":               16,
		"RSA_SIGN_RAW_PKCS1_2048":                  28,
		"RSA_SIGN_RAW_PKCS1_3072":                  29,
		"RSA_SIGN_RAW_PKCS1_4096":                  30,
		"RSA_DECRYPT_OAEP_2048_SHA256":             8,
		"RSA_DECRYPT_OAEP_3072_SHA256":             9,
		"RSA_DECRYPT_OAEP_4096_SHA256":             10,
		"RSA_DECRYPT_OAEP_4096_SHA512":             17,
		"RSA_DECRYPT_OAEP_2048_SHA1":               37,
		"RSA_DECRYPT_OAEP_3072_SHA1":               38,
		"RSA_DECRYPT_OAEP_4096_SHA1":               39,
		"EC_SIGN_P256_SHA256":                      12,
		"EC_SIGN_P384_SHA384":                      13,
		"EC_SIGN_SECP256K1_SHA256":                 31,
		"HMAC_SHA256":                              32,
		"HMAC_SHA1":                                33,
		"HMAC_SHA384":                              34,
		"HMAC_SHA512":                              35,
		"HMAC_SHA224":                              36,
		"EXTERNAL_SYMMETRIC_ENCRYPTION":            18,
	}
)

var (
	CryptoKeyVersion_CryptoKeyVersionState_name = map[int32]string{
		0:  "CRYPTO_KEY_VERSION_STATE_UNSPECIFIED",
		5:  "PENDING_GENERATION",
		1:  "ENABLED",
		2:  "DISABLED",
		3:  "DESTROYED",
		4:  "DESTROY_SCHEDULED",
		6:  "PENDING_IMPORT",
		7:  "IMPORT_FAILED",
		8:  "GENERATION_FAILED",
		9:  "PENDING_EXTERNAL_DESTRUCTION",
		10: "EXTERNAL_DESTRUCTION_FAILED",
	}
	CryptoKeyVersion_CryptoKeyVersionState_value = map[string]int32{
		"CRYPTO_KEY_VERSION_STATE_UNSPECIFIED": 0,
		"PENDING_GENERATION":                   5,
		"ENABLED":                              1,
		"DISABLED":                             2,
		"DESTROYED":                            3,
		"DESTROY_SCHEDULED":                    4,
		"PENDING_IMPORT":                       6,
		"IMPORT_FAILED":                        7,
		"GENERATION_FAILED":                    8,
		"PENDING_EXTERNAL_DESTRUCTION":         9,
		"EXTERNAL_DESTRUCTION_FAILED":          10,
	}
)

var (
	CryptoKeyVersion_CryptoKeyVersionView_name = map[int32]string{
		0: "CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED",
		1: "FULL",
	}
	CryptoKeyVersion_CryptoKeyVersionView_value = map[string]int32{
		"CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED": 0,
		"FULL":                                1,
	}
)

var (
	ImportJob_ImportMethod_name = map[int32]string{
		0: "IMPORT_METHOD_UNSPECIFIED",
		1: "RSA_OAEP_3072_SHA1_AES_256",
		2: "RSA_OAEP_4096_SHA1_AES_256",
		3: "RSA_OAEP_3072_SHA256_AES_256",
		4: "RSA_OAEP_4096_SHA256_AES_256",
		5: "RSA_OAEP_3072_SHA256",
		6: "RSA_OAEP_4096_SHA256",
	}
	ImportJob_ImportMethod_value = map[string]int32{
		"IMPORT_METHOD_UNSPECIFIED":    0,
		"RSA_OAEP_3072_SHA1_AES_256":   1,
		"RSA_OAEP_4096_SHA1_AES_256":   2,
		"RSA_OAEP_3072_SHA256_AES_256": 3,
		"RSA_OAEP_4096_SHA256_AES_256": 4,
		"RSA_OAEP_3072_SHA256":         5,
		"RSA_OAEP_4096_SHA256":         6,
	}
)

var (
	ImportJob_ImportJobState_name = map[int32]string{
		0: "IMPORT_JOB_STATE_UNSPECIFIED",
		1: "PENDING_GENERATION",
		2: "ACTIVE",
		3: "EXPIRED",
	}
	ImportJob_ImportJobState_value = map[string]int32{
		"IMPORT_JOB_STATE_UNSPECIFIED": 0,
		"PENDING_GENERATION":           1,
		"ACTIVE":                       2,
		"EXPIRED":                      3,
	}
)

var File_google_cloud_kms_v1_ekm_service_proto protoreflect.FileDescriptor

var File_google_cloud_kms_v1_resources_proto protoreflect.FileDescriptor

var File_google_cloud_kms_v1_service_proto protoreflect.FileDescriptor

func RegisterEkmServiceServer(s *grpc.Server, srv EkmServiceServer)

func RegisterKeyManagementServiceServer(s *grpc.Server, srv KeyManagementServiceServer)

type AsymmetricDecryptRequest struct {

	// Required. The resource name of the
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for
	// decryption.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Required. The data encrypted with the named
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s public key using
	// OAEP.
	Ciphertext []byte `protobuf:"bytes,3,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`
	// Optional. An optional CRC32C checksum of the
	// [AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext].
	// If specified,
	// [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
	// verify the integrity of the received
	// [AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext]
	// using this checksum.
	// [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
	// report an error if the checksum verification fails. If you receive a
	// checksum error, your client should verify that
	// CRC32C([AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext])
	// is equal to
	// [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c],
	// and if so, perform a limited number of retries. A persistent mismatch may
	// indicate an issue in your computation of the CRC32C checksum. Note: This
	// field is defined as int64 for reasons of compatibility across different
	// languages. However, it is a non-negative integer, which will never exceed
	// 2^32-1, and can be safely downconverted to uint32 in languages that support
	// this type.
	CiphertextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,4,opt,name=ciphertext_crc32c,json=ciphertextCrc32c,proto3" json:"ciphertext_crc32c,omitempty"`
	// contains filtered or unexported fields
}

func (*AsymmetricDecryptRequest) Descriptor() ([]byte, []int)

func (x *AsymmetricDecryptRequest) GetCiphertext() []byte

func (x *AsymmetricDecryptRequest) GetCiphertextCrc32C() *wrapperspb.Int64Value

func (x *AsymmetricDecryptRequest) GetName() string

func (*AsymmetricDecryptRequest) ProtoMessage()

func (x *AsymmetricDecryptRequest) ProtoReflect() protoreflect.Message

func (x *AsymmetricDecryptRequest) Reset()

func (x *AsymmetricDecryptRequest) String() string

type AsymmetricDecryptResponse struct {
	Plaintext []byte `protobuf:"bytes,1,opt,name=plaintext,proto3" json:"plaintext,omitempty"`

	PlaintextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,2,opt,name=plaintext_crc32c,json=plaintextCrc32c,proto3" json:"plaintext_crc32c,omitempty"`

	VerifiedCiphertextCrc32C bool "" /* 136 byte string literal not displayed */

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

}

func (*AsymmetricDecryptResponse) Descriptor() ([]byte, []int)

func (x *AsymmetricDecryptResponse) GetPlaintext() []byte

func (x *AsymmetricDecryptResponse) GetPlaintextCrc32C() *wrapperspb.Int64Value

func (x *AsymmetricDecryptResponse) GetProtectionLevel() ProtectionLevel

func (x *AsymmetricDecryptResponse) GetVerifiedCiphertextCrc32C() bool

func (*AsymmetricDecryptResponse) ProtoMessage()

func (x *AsymmetricDecryptResponse) ProtoReflect() protoreflect.Message

func (x *AsymmetricDecryptResponse) Reset()

func (x *AsymmetricDecryptResponse) String() string

type AsymmetricSignRequest struct {

	// Required. The resource name of the
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for
	// signing.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. The digest of the data to sign. The digest must be produced with
	// the same digest algorithm as specified by the key version's
	// [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm].
	//
	// This field may not be supplied if
	// [AsymmetricSignRequest.data][google.cloud.kms.v1.AsymmetricSignRequest.data]
	// is supplied.
	Digest *Digest `protobuf:"bytes,3,opt,name=digest,proto3" json:"digest,omitempty"`
	// Optional. An optional CRC32C checksum of the
	// [AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest].
	// If specified,
	// [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
	// verify the integrity of the received
	// [AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest]
	// using this checksum.
	// [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
	// report an error if the checksum verification fails. If you receive a
	// checksum error, your client should verify that
	// CRC32C([AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest])
	// is equal to
	// [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c],
	// and if so, perform a limited number of retries. A persistent mismatch may
	// indicate an issue in your computation of the CRC32C checksum. Note: This
	// field is defined as int64 for reasons of compatibility across different
	// languages. However, it is a non-negative integer, which will never exceed
	// 2^32-1, and can be safely downconverted to uint32 in languages that support
	// this type.
	DigestCrc32C *wrapperspb.Int64Value `protobuf:"bytes,4,opt,name=digest_crc32c,json=digestCrc32c,proto3" json:"digest_crc32c,omitempty"`
	// Optional. The data to sign.
	// It can't be supplied if
	// [AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest]
	// is supplied.
	Data []byte `protobuf:"bytes,6,opt,name=data,proto3" json:"data,omitempty"`
	// Optional. An optional CRC32C checksum of the
	// [AsymmetricSignRequest.data][google.cloud.kms.v1.AsymmetricSignRequest.data].
	// If specified,
	// [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
	// verify the integrity of the received
	// [AsymmetricSignRequest.data][google.cloud.kms.v1.AsymmetricSignRequest.data]
	// using this checksum.
	// [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
	// report an error if the checksum verification fails. If you receive a
	// checksum error, your client should verify that
	// CRC32C([AsymmetricSignRequest.data][google.cloud.kms.v1.AsymmetricSignRequest.data])
	// is equal to
	// [AsymmetricSignRequest.data_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.data_crc32c],
	// and if so, perform a limited number of retries. A persistent mismatch may
	// indicate an issue in your computation of the CRC32C checksum. Note: This
	// field is defined as int64 for reasons of compatibility across different
	// languages. However, it is a non-negative integer, which will never exceed
	// 2^32-1, and can be safely downconverted to uint32 in languages that support
	// this type.
	DataCrc32C *wrapperspb.Int64Value `protobuf:"bytes,7,opt,name=data_crc32c,json=dataCrc32c,proto3" json:"data_crc32c,omitempty"`
	// contains filtered or unexported fields
}

func (*AsymmetricSignRequest) Descriptor() ([]byte, []int)

func (x *AsymmetricSignRequest) GetData() []byte

func (x *AsymmetricSignRequest) GetDataCrc32C() *wrapperspb.Int64Value

func (x *AsymmetricSignRequest) GetDigest() *Digest

func (x *AsymmetricSignRequest) GetDigestCrc32C() *wrapperspb.Int64Value

func (x *AsymmetricSignRequest) GetName() string

func (*AsymmetricSignRequest) ProtoMessage()

func (x *AsymmetricSignRequest) ProtoReflect() protoreflect.Message

func (x *AsymmetricSignRequest) Reset()

func (x *AsymmetricSignRequest) String() string

type AsymmetricSignResponse struct {
	Signature []byte `protobuf:"bytes,1,opt,name=signature,proto3" json:"signature,omitempty"`

	SignatureCrc32C *wrapperspb.Int64Value `protobuf:"bytes,2,opt,name=signature_crc32c,json=signatureCrc32c,proto3" json:"signature_crc32c,omitempty"`

	VerifiedDigestCrc32C bool `protobuf:"varint,3,opt,name=verified_digest_crc32c,json=verifiedDigestCrc32c,proto3" json:"verified_digest_crc32c,omitempty"`

	Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"`

	VerifiedDataCrc32C bool `protobuf:"varint,5,opt,name=verified_data_crc32c,json=verifiedDataCrc32c,proto3" json:"verified_data_crc32c,omitempty"`

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

}

func (*AsymmetricSignResponse) Descriptor() ([]byte, []int)

func (x *AsymmetricSignResponse) GetName() string

func (x *AsymmetricSignResponse) GetProtectionLevel() ProtectionLevel

func (x *AsymmetricSignResponse) GetSignature() []byte

func (x *AsymmetricSignResponse) GetSignatureCrc32C() *wrapperspb.Int64Value

func (x *AsymmetricSignResponse) GetVerifiedDataCrc32C() bool

func (x *AsymmetricSignResponse) GetVerifiedDigestCrc32C() bool

func (*AsymmetricSignResponse) ProtoMessage()

func (x *AsymmetricSignResponse) ProtoReflect() protoreflect.Message

func (x *AsymmetricSignResponse) Reset()

func (x *AsymmetricSignResponse) String() string

type Certificate struct {
	RawDer []byte `protobuf:"bytes,1,opt,name=raw_der,json=rawDer,proto3" json:"raw_der,omitempty"`

	Parsed bool `protobuf:"varint,2,opt,name=parsed,proto3" json:"parsed,omitempty"`

	Issuer string `protobuf:"bytes,3,opt,name=issuer,proto3" json:"issuer,omitempty"`

	Subject string `protobuf:"bytes,4,opt,name=subject,proto3" json:"subject,omitempty"`

	SubjectAlternativeDnsNames []string "" /* 143 byte string literal not displayed */

	NotBeforeTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=not_before_time,json=notBeforeTime,proto3" json:"not_before_time,omitempty"`

	NotAfterTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=not_after_time,json=notAfterTime,proto3" json:"not_after_time,omitempty"`

	SerialNumber string `protobuf:"bytes,8,opt,name=serial_number,json=serialNumber,proto3" json:"serial_number,omitempty"`

	Sha256Fingerprint string `protobuf:"bytes,9,opt,name=sha256_fingerprint,json=sha256Fingerprint,proto3" json:"sha256_fingerprint,omitempty"`

}

func (*Certificate) Descriptor() ([]byte, []int)

func (x *Certificate) GetIssuer() string

func (x *Certificate) GetNotAfterTime() *timestamppb.Timestamp

func (x *Certificate) GetNotBeforeTime() *timestamppb.Timestamp

func (x *Certificate) GetParsed() bool

func (x *Certificate) GetRawDer() []byte

func (x *Certificate) GetSerialNumber() string

func (x *Certificate) GetSha256Fingerprint() string

func (x *Certificate) GetSubject() string

func (x *Certificate) GetSubjectAlternativeDnsNames() []string

func (*Certificate) ProtoMessage()

func (x *Certificate) ProtoReflect() protoreflect.Message

func (x *Certificate) Reset()

func (x *Certificate) String() string

type CreateCryptoKeyRequest struct {
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`

	CryptoKeyId string `protobuf:"bytes,2,opt,name=crypto_key_id,json=cryptoKeyId,proto3" json:"crypto_key_id,omitempty"`

	CryptoKey *CryptoKey `protobuf:"bytes,3,opt,name=crypto_key,json=cryptoKey,proto3" json:"crypto_key,omitempty"`

	SkipInitialVersionCreation bool "" /* 144 byte string literal not displayed */

}

func (*CreateCryptoKeyRequest) Descriptor() ([]byte, []int)

func (x *CreateCryptoKeyRequest) GetCryptoKey() *CryptoKey

func (x *CreateCryptoKeyRequest) GetCryptoKeyId() string

func (x *CreateCryptoKeyRequest) GetParent() string

func (x *CreateCryptoKeyRequest) GetSkipInitialVersionCreation() bool

func (*CreateCryptoKeyRequest) ProtoMessage()

func (x *CreateCryptoKeyRequest) ProtoReflect() protoreflect.Message

func (x *CreateCryptoKeyRequest) Reset()

func (x *CreateCryptoKeyRequest) String() string

type CreateCryptoKeyVersionRequest struct {

	// Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the
	// [CryptoKey][google.cloud.kms.v1.CryptoKey] associated with the
	// [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. A [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
	// initial field values.
	CryptoKeyVersion *CryptoKeyVersion `protobuf:"bytes,2,opt,name=crypto_key_version,json=cryptoKeyVersion,proto3" json:"crypto_key_version,omitempty"`
	// contains filtered or unexported fields
}

func (*CreateCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

func (x *CreateCryptoKeyVersionRequest) GetCryptoKeyVersion() *CryptoKeyVersion

func (x *CreateCryptoKeyVersionRequest) GetParent() string

func (*CreateCryptoKeyVersionRequest) ProtoMessage()

func (x *CreateCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (x *CreateCryptoKeyVersionRequest) Reset()

func (x *CreateCryptoKeyVersionRequest) String() string

type CreateEkmConnectionRequest struct {

	// Required. The resource name of the location associated with the
	// [EkmConnection][google.cloud.kms.v1.EkmConnection], in the format
	// `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. It must be unique within a location and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`.
	EkmConnectionId string `protobuf:"bytes,2,opt,name=ekm_connection_id,json=ekmConnectionId,proto3" json:"ekm_connection_id,omitempty"`
	// Required. An [EkmConnection][google.cloud.kms.v1.EkmConnection] with
	// initial field values.
	EkmConnection *EkmConnection `protobuf:"bytes,3,opt,name=ekm_connection,json=ekmConnection,proto3" json:"ekm_connection,omitempty"`
	// contains filtered or unexported fields
}

func (*CreateEkmConnectionRequest) Descriptor() ([]byte, []int)

func (x *CreateEkmConnectionRequest) GetEkmConnection() *EkmConnection

func (x *CreateEkmConnectionRequest) GetEkmConnectionId() string

func (x *CreateEkmConnectionRequest) GetParent() string

func (*CreateEkmConnectionRequest) ProtoMessage()

func (x *CreateEkmConnectionRequest) ProtoReflect() protoreflect.Message

func (x *CreateEkmConnectionRequest) Reset()

func (x *CreateEkmConnectionRequest) String() string

type CreateImportJobRequest struct {

	// Required. The [name][google.cloud.kms.v1.KeyRing.name] of the
	// [KeyRing][google.cloud.kms.v1.KeyRing] associated with the
	// [ImportJobs][google.cloud.kms.v1.ImportJob].
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. It must be unique within a KeyRing and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`
	ImportJobId string `protobuf:"bytes,2,opt,name=import_job_id,json=importJobId,proto3" json:"import_job_id,omitempty"`
	// Required. An [ImportJob][google.cloud.kms.v1.ImportJob] with initial field
	// values.
	ImportJob *ImportJob `protobuf:"bytes,3,opt,name=import_job,json=importJob,proto3" json:"import_job,omitempty"`
	// contains filtered or unexported fields
}

func (*CreateImportJobRequest) Descriptor() ([]byte, []int)

func (x *CreateImportJobRequest) GetImportJob() *ImportJob

func (x *CreateImportJobRequest) GetImportJobId() string

func (x *CreateImportJobRequest) GetParent() string

func (*CreateImportJobRequest) ProtoMessage()

func (x *CreateImportJobRequest) ProtoReflect() protoreflect.Message

func (x *CreateImportJobRequest) Reset()

func (x *CreateImportJobRequest) String() string

type CreateKeyRingRequest struct {

	// Required. The resource name of the location associated with the
	// [KeyRings][google.cloud.kms.v1.KeyRing], in the format
	// `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Required. It must be unique within a location and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`
	KeyRingId string `protobuf:"bytes,2,opt,name=key_ring_id,json=keyRingId,proto3" json:"key_ring_id,omitempty"`
	// Required. A [KeyRing][google.cloud.kms.v1.KeyRing] with initial field
	// values.
	KeyRing *KeyRing `protobuf:"bytes,3,opt,name=key_ring,json=keyRing,proto3" json:"key_ring,omitempty"`
	// contains filtered or unexported fields
}

func (*CreateKeyRingRequest) Descriptor() ([]byte, []int)

func (x *CreateKeyRingRequest) GetKeyRing() *KeyRing

func (x *CreateKeyRingRequest) GetKeyRingId() string

func (x *CreateKeyRingRequest) GetParent() string

func (*CreateKeyRingRequest) ProtoMessage()

func (x *CreateKeyRingRequest) ProtoReflect() protoreflect.Message

func (x *CreateKeyRingRequest) Reset()

func (x *CreateKeyRingRequest) String() string

type CryptoKey struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Primary *CryptoKeyVersion `protobuf:"bytes,2,opt,name=primary,proto3" json:"primary,omitempty"`

	Purpose CryptoKey_CryptoKeyPurpose `protobuf:"varint,3,opt,name=purpose,proto3,enum=google.cloud.kms.v1.CryptoKey_CryptoKeyPurpose" json:"purpose,omitempty"`

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	NextRotationTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=next_rotation_time,json=nextRotationTime,proto3" json:"next_rotation_time,omitempty"`

	RotationSchedule isCryptoKey_RotationSchedule `protobuf_oneof:"rotation_schedule"`

	VersionTemplate *CryptoKeyVersionTemplate `protobuf:"bytes,11,opt,name=version_template,json=versionTemplate,proto3" json:"version_template,omitempty"`

	Labels map[string]string "" /* 154 byte string literal not displayed */

	ImportOnly bool `protobuf:"varint,13,opt,name=import_only,json=importOnly,proto3" json:"import_only,omitempty"`

	DestroyScheduledDuration *durationpb.Duration "" /* 136 byte string literal not displayed */

	CryptoKeyBackend string `protobuf:"bytes,15,opt,name=crypto_key_backend,json=cryptoKeyBackend,proto3" json:"crypto_key_backend,omitempty"`

}

func (*CryptoKey) Descriptor() ([]byte, []int)

func (x *CryptoKey) GetCreateTime() *timestamppb.Timestamp

func (x *CryptoKey) GetCryptoKeyBackend() string

func (x *CryptoKey) GetDestroyScheduledDuration() *durationpb.Duration

func (x *CryptoKey) GetImportOnly() bool

func (x *CryptoKey) GetLabels() map[string]string

func (x *CryptoKey) GetName() string

func (x *CryptoKey) GetNextRotationTime() *timestamppb.Timestamp

func (x *CryptoKey) GetPrimary() *CryptoKeyVersion

func (x *CryptoKey) GetPurpose() CryptoKey_CryptoKeyPurpose

func (x *CryptoKey) GetRotationPeriod() *durationpb.Duration

func (m *CryptoKey) GetRotationSchedule() isCryptoKey_RotationSchedule

func (x *CryptoKey) GetVersionTemplate() *CryptoKeyVersionTemplate

func (*CryptoKey) ProtoMessage()

func (x *CryptoKey) ProtoReflect() protoreflect.Message

func (x *CryptoKey) Reset()

func (x *CryptoKey) String() string

type CryptoKeyVersion struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	State CryptoKeyVersion_CryptoKeyVersionState "" /* 128 byte string literal not displayed */

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

	Algorithm CryptoKeyVersion_CryptoKeyVersionAlgorithm "" /* 141 byte string literal not displayed */

	Attestation *KeyOperationAttestation `protobuf:"bytes,8,opt,name=attestation,proto3" json:"attestation,omitempty"`

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	GenerateTime *timestamppb.Timestamp `protobuf:"bytes,11,opt,name=generate_time,json=generateTime,proto3" json:"generate_time,omitempty"`

	DestroyTime *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=destroy_time,json=destroyTime,proto3" json:"destroy_time,omitempty"`

	DestroyEventTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=destroy_event_time,json=destroyEventTime,proto3" json:"destroy_event_time,omitempty"`

	ImportJob string `protobuf:"bytes,14,opt,name=import_job,json=importJob,proto3" json:"import_job,omitempty"`

	ImportTime *timestamppb.Timestamp `protobuf:"bytes,15,opt,name=import_time,json=importTime,proto3" json:"import_time,omitempty"`

	ImportFailureReason string `protobuf:"bytes,16,opt,name=import_failure_reason,json=importFailureReason,proto3" json:"import_failure_reason,omitempty"`

	GenerationFailureReason string "" /* 133 byte string literal not displayed */

	ExternalDestructionFailureReason string "" /* 162 byte string literal not displayed */

	ExternalProtectionLevelOptions *ExternalProtectionLevelOptions "" /* 156 byte string literal not displayed */

	ReimportEligible bool `protobuf:"varint,18,opt,name=reimport_eligible,json=reimportEligible,proto3" json:"reimport_eligible,omitempty"`

}

func (*CryptoKeyVersion) Descriptor() ([]byte, []int)

func (x *CryptoKeyVersion) GetAlgorithm() CryptoKeyVersion_CryptoKeyVersionAlgorithm

func (x *CryptoKeyVersion) GetAttestation() *KeyOperationAttestation

func (x *CryptoKeyVersion) GetCreateTime() *timestamppb.Timestamp

func (x *CryptoKeyVersion) GetDestroyEventTime() *timestamppb.Timestamp

func (x *CryptoKeyVersion) GetDestroyTime() *timestamppb.Timestamp

func (x *CryptoKeyVersion) GetExternalDestructionFailureReason() string

func (x *CryptoKeyVersion) GetExternalProtectionLevelOptions() *ExternalProtectionLevelOptions

func (x *CryptoKeyVersion) GetGenerateTime() *timestamppb.Timestamp

func (x *CryptoKeyVersion) GetGenerationFailureReason() string

func (x *CryptoKeyVersion) GetImportFailureReason() string

func (x *CryptoKeyVersion) GetImportJob() string

func (x *CryptoKeyVersion) GetImportTime() *timestamppb.Timestamp

func (x *CryptoKeyVersion) GetName() string

func (x *CryptoKeyVersion) GetProtectionLevel() ProtectionLevel

func (x *CryptoKeyVersion) GetReimportEligible() bool

func (x *CryptoKeyVersion) GetState() CryptoKeyVersion_CryptoKeyVersionState

func (*CryptoKeyVersion) ProtoMessage()

func (x *CryptoKeyVersion) ProtoReflect() protoreflect.Message

func (x *CryptoKeyVersion) Reset()

func (x *CryptoKeyVersion) String() string

type CryptoKeyVersionTemplate struct {
	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

	Algorithm CryptoKeyVersion_CryptoKeyVersionAlgorithm "" /* 140 byte string literal not displayed */

}

func (*CryptoKeyVersionTemplate) Descriptor() ([]byte, []int)

func (x *CryptoKeyVersionTemplate) GetAlgorithm() CryptoKeyVersion_CryptoKeyVersionAlgorithm

func (x *CryptoKeyVersionTemplate) GetProtectionLevel() ProtectionLevel

func (*CryptoKeyVersionTemplate) ProtoMessage()

func (x *CryptoKeyVersionTemplate) ProtoReflect() protoreflect.Message

func (x *CryptoKeyVersionTemplate) Reset()

func (x *CryptoKeyVersionTemplate) String() string

type CryptoKeyVersion_CryptoKeyVersionAlgorithm int32

const (
	// Not specified.
	CryptoKeyVersion_CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED CryptoKeyVersion_CryptoKeyVersionAlgorithm = 0
	// Creates symmetric encryption keys.
	CryptoKeyVersion_GOOGLE_SYMMETRIC_ENCRYPTION CryptoKeyVersion_CryptoKeyVersionAlgorithm = 1
	// AES-GCM (Galois Counter Mode) using 128-bit keys.
	CryptoKeyVersion_AES_128_GCM CryptoKeyVersion_CryptoKeyVersionAlgorithm = 41
	// AES-GCM (Galois Counter Mode) using 256-bit keys.
	CryptoKeyVersion_AES_256_GCM CryptoKeyVersion_CryptoKeyVersionAlgorithm = 19
	// AES-CBC (Cipher Block Chaining Mode) using 128-bit keys.
	CryptoKeyVersion_AES_128_CBC CryptoKeyVersion_CryptoKeyVersionAlgorithm = 42
	// AES-CBC (Cipher Block Chaining Mode) using 256-bit keys.
	CryptoKeyVersion_AES_256_CBC CryptoKeyVersion_CryptoKeyVersionAlgorithm = 43
	// AES-CTR (Counter Mode) using 128-bit keys.
	CryptoKeyVersion_AES_128_CTR CryptoKeyVersion_CryptoKeyVersionAlgorithm = 44
	// AES-CTR (Counter Mode) using 256-bit keys.
	CryptoKeyVersion_AES_256_CTR CryptoKeyVersion_CryptoKeyVersionAlgorithm = 45
	// RSASSA-PSS 2048 bit key with a SHA256 digest.
	CryptoKeyVersion_RSA_SIGN_PSS_2048_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 2
	// RSASSA-PSS 3072 bit key with a SHA256 digest.
	CryptoKeyVersion_RSA_SIGN_PSS_3072_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 3
	// RSASSA-PSS 4096 bit key with a SHA256 digest.
	CryptoKeyVersion_RSA_SIGN_PSS_4096_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 4
	// RSASSA-PSS 4096 bit key with a SHA512 digest.
	CryptoKeyVersion_RSA_SIGN_PSS_4096_SHA512 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 15
	// RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest.
	CryptoKeyVersion_RSA_SIGN_PKCS1_2048_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 5
	// RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest.
	CryptoKeyVersion_RSA_SIGN_PKCS1_3072_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 6
	// RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest.
	CryptoKeyVersion_RSA_SIGN_PKCS1_4096_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 7
	// RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest.
	CryptoKeyVersion_RSA_SIGN_PKCS1_4096_SHA512 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 16
	// RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key.
	CryptoKeyVersion_RSA_SIGN_RAW_PKCS1_2048 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 28
	// RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key.
	CryptoKeyVersion_RSA_SIGN_RAW_PKCS1_3072 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 29
	// RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key.
	CryptoKeyVersion_RSA_SIGN_RAW_PKCS1_4096 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 30
	// RSAES-OAEP 2048 bit key with a SHA256 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_2048_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 8
	// RSAES-OAEP 3072 bit key with a SHA256 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_3072_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 9
	// RSAES-OAEP 4096 bit key with a SHA256 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_4096_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 10
	// RSAES-OAEP 4096 bit key with a SHA512 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_4096_SHA512 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 17
	// RSAES-OAEP 2048 bit key with a SHA1 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_2048_SHA1 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 37
	// RSAES-OAEP 3072 bit key with a SHA1 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_3072_SHA1 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 38
	// RSAES-OAEP 4096 bit key with a SHA1 digest.
	CryptoKeyVersion_RSA_DECRYPT_OAEP_4096_SHA1 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 39
	// ECDSA on the NIST P-256 curve with a SHA256 digest.
	// Other hash functions can also be used:
	// https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms
	CryptoKeyVersion_EC_SIGN_P256_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 12
	// ECDSA on the NIST P-384 curve with a SHA384 digest.
	// Other hash functions can also be used:
	// https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms
	CryptoKeyVersion_EC_SIGN_P384_SHA384 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 13
	// ECDSA on the non-NIST secp256k1 curve. This curve is only supported for
	// HSM protection level.
	// Other hash functions can also be used:
	// https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms
	CryptoKeyVersion_EC_SIGN_SECP256K1_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 31
	// HMAC-SHA256 signing with a 256 bit key.
	CryptoKeyVersion_HMAC_SHA256 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 32
	// HMAC-SHA1 signing with a 160 bit key.
	CryptoKeyVersion_HMAC_SHA1 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 33
	// HMAC-SHA384 signing with a 384 bit key.
	CryptoKeyVersion_HMAC_SHA384 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 34
	// HMAC-SHA512 signing with a 512 bit key.
	CryptoKeyVersion_HMAC_SHA512 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 35
	// HMAC-SHA224 signing with a 224 bit key.
	CryptoKeyVersion_HMAC_SHA224 CryptoKeyVersion_CryptoKeyVersionAlgorithm = 36
	// Algorithm representing symmetric encryption by an external key manager.
	CryptoKeyVersion_EXTERNAL_SYMMETRIC_ENCRYPTION CryptoKeyVersion_CryptoKeyVersionAlgorithm = 18
)

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) Descriptor() protoreflect.EnumDescriptor

func (x CryptoKeyVersion_CryptoKeyVersionAlgorithm) Enum() *CryptoKeyVersion_CryptoKeyVersionAlgorithm

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) EnumDescriptor() ([]byte, []int)

func (x CryptoKeyVersion_CryptoKeyVersionAlgorithm) Number() protoreflect.EnumNumber

func (x CryptoKeyVersion_CryptoKeyVersionAlgorithm) String() string

func (CryptoKeyVersion_CryptoKeyVersionAlgorithm) Type() protoreflect.EnumType

type CryptoKeyVersion_CryptoKeyVersionState int32

const (
	// Not specified.
	CryptoKeyVersion_CRYPTO_KEY_VERSION_STATE_UNSPECIFIED CryptoKeyVersion_CryptoKeyVersionState = 0
	// This version is still being generated. It may not be used, enabled,
	// disabled, or destroyed yet. Cloud KMS will automatically mark this
	// version
	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
	// as soon as the version is ready.
	CryptoKeyVersion_PENDING_GENERATION CryptoKeyVersion_CryptoKeyVersionState = 5
	// This version may be used for cryptographic operations.
	CryptoKeyVersion_ENABLED CryptoKeyVersion_CryptoKeyVersionState = 1
	// This version may not be used, but the key material is still available,
	// and the version can be placed back into the
	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
	// state.
	CryptoKeyVersion_DISABLED CryptoKeyVersion_CryptoKeyVersionState = 2
	// This version is destroyed, and the key material is no longer stored.
	// This version may only become
	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
	// again if this version is
	// [reimport_eligible][google.cloud.kms.v1.CryptoKeyVersion.reimport_eligible]
	// and the original key material is reimported with a call to
	// [KeyManagementService.ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion].
	CryptoKeyVersion_DESTROYED CryptoKeyVersion_CryptoKeyVersionState = 3
	// This version is scheduled for destruction, and will be destroyed soon.
	// Call
	// [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]
	// to put it back into the
	// [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED]
	// state.
	CryptoKeyVersion_DESTROY_SCHEDULED CryptoKeyVersion_CryptoKeyVersionState = 4
	// This version is still being imported. It may not be used, enabled,
	// disabled, or destroyed yet. Cloud KMS will automatically mark this
	// version
	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
	// as soon as the version is ready.
	CryptoKeyVersion_PENDING_IMPORT CryptoKeyVersion_CryptoKeyVersionState = 6
	// This version was not imported successfully. It may not be used, enabled,
	// disabled, or destroyed. The submitted key material has been discarded.
	// Additional details can be found in
	// [CryptoKeyVersion.import_failure_reason][google.cloud.kms.v1.CryptoKeyVersion.import_failure_reason].
	CryptoKeyVersion_IMPORT_FAILED CryptoKeyVersion_CryptoKeyVersionState = 7
	// This version was not generated successfully. It may not be used, enabled,
	// disabled, or destroyed. Additional details can be found in
	// [CryptoKeyVersion.generation_failure_reason][google.cloud.kms.v1.CryptoKeyVersion.generation_failure_reason].
	CryptoKeyVersion_GENERATION_FAILED CryptoKeyVersion_CryptoKeyVersionState = 8
	// This version was destroyed, and it may not be used or enabled again.
	// Cloud KMS is waiting for the corresponding key material residing in an
	// external key manager to be destroyed.
	CryptoKeyVersion_PENDING_EXTERNAL_DESTRUCTION CryptoKeyVersion_CryptoKeyVersionState = 9
	// This version was destroyed, and it may not be used or enabled again.
	// However, Cloud KMS could not confirm that the corresponding key material
	// residing in an external key manager was destroyed. Additional details can
	// be found in
	// [CryptoKeyVersion.external_destruction_failure_reason][google.cloud.kms.v1.CryptoKeyVersion.external_destruction_failure_reason].
	CryptoKeyVersion_EXTERNAL_DESTRUCTION_FAILED CryptoKeyVersion_CryptoKeyVersionState = 10
)

func (CryptoKeyVersion_CryptoKeyVersionState) Descriptor() protoreflect.EnumDescriptor

func (x CryptoKeyVersion_CryptoKeyVersionState) Enum() *CryptoKeyVersion_CryptoKeyVersionState

func (CryptoKeyVersion_CryptoKeyVersionState) EnumDescriptor() ([]byte, []int)

func (x CryptoKeyVersion_CryptoKeyVersionState) Number() protoreflect.EnumNumber

func (x CryptoKeyVersion_CryptoKeyVersionState) String() string

func (CryptoKeyVersion_CryptoKeyVersionState) Type() protoreflect.EnumType

type CryptoKeyVersion_CryptoKeyVersionView int32

const (
	// Default view for each
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Does not
	// include the
	// [attestation][google.cloud.kms.v1.CryptoKeyVersion.attestation] field.
	CryptoKeyVersion_CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED CryptoKeyVersion_CryptoKeyVersionView = 0
	// Provides all fields in each
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], including the
	// [attestation][google.cloud.kms.v1.CryptoKeyVersion.attestation].
	CryptoKeyVersion_FULL CryptoKeyVersion_CryptoKeyVersionView = 1
)

func (CryptoKeyVersion_CryptoKeyVersionView) Descriptor() protoreflect.EnumDescriptor

func (x CryptoKeyVersion_CryptoKeyVersionView) Enum() *CryptoKeyVersion_CryptoKeyVersionView

func (CryptoKeyVersion_CryptoKeyVersionView) EnumDescriptor() ([]byte, []int)

func (x CryptoKeyVersion_CryptoKeyVersionView) Number() protoreflect.EnumNumber

func (x CryptoKeyVersion_CryptoKeyVersionView) String() string

func (CryptoKeyVersion_CryptoKeyVersionView) Type() protoreflect.EnumType

type CryptoKey_CryptoKeyPurpose int32

const (
	// Not specified.
	CryptoKey_CRYPTO_KEY_PURPOSE_UNSPECIFIED CryptoKey_CryptoKeyPurpose = 0
	// [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used
	// with [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and
	// [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
	CryptoKey_ENCRYPT_DECRYPT CryptoKey_CryptoKeyPurpose = 1
	// [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used
	// with
	// [AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign]
	// and
	// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
	CryptoKey_ASYMMETRIC_SIGN CryptoKey_CryptoKeyPurpose = 5
	// [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used
	// with
	// [AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt]
	// and
	// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
	CryptoKey_ASYMMETRIC_DECRYPT CryptoKey_CryptoKeyPurpose = 6
	// [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used
	// with [RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt]
	// and [RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt].
	// This purpose is meant to be used for interoperable symmetric
	// encryption and does not support automatic CryptoKey rotation.
	CryptoKey_RAW_ENCRYPT_DECRYPT CryptoKey_CryptoKeyPurpose = 7
	// [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used
	// with [MacSign][google.cloud.kms.v1.KeyManagementService.MacSign].
	CryptoKey_MAC CryptoKey_CryptoKeyPurpose = 9
)

func (CryptoKey_CryptoKeyPurpose) Descriptor() protoreflect.EnumDescriptor

func (x CryptoKey_CryptoKeyPurpose) Enum() *CryptoKey_CryptoKeyPurpose

func (CryptoKey_CryptoKeyPurpose) EnumDescriptor() ([]byte, []int)

func (x CryptoKey_CryptoKeyPurpose) Number() protoreflect.EnumNumber

func (x CryptoKey_CryptoKeyPurpose) String() string

func (CryptoKey_CryptoKeyPurpose) Type() protoreflect.EnumType

type CryptoKey_RotationPeriod struct {
	// [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time]
	// will be advanced by this period when the service automatically rotates a
	// key. Must be at least 24 hours and at most 876,000 hours.
	//
	// If [rotation_period][google.cloud.kms.v1.CryptoKey.rotation_period] is
	// set,
	// [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time]
	// must also be set.
	//
	// Keys with [purpose][google.cloud.kms.v1.CryptoKey.purpose]
	// [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]
	// support automatic rotation. For other keys, this field must be omitted.
	RotationPeriod *durationpb.Duration `protobuf:"bytes,8,opt,name=rotation_period,json=rotationPeriod,proto3,oneof"`
}

type DecryptRequest struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Ciphertext []byte `protobuf:"bytes,2,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`

	AdditionalAuthenticatedData []byte "" /* 144 byte string literal not displayed */

	CiphertextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,5,opt,name=ciphertext_crc32c,json=ciphertextCrc32c,proto3" json:"ciphertext_crc32c,omitempty"`

	AdditionalAuthenticatedDataCrc32C *wrapperspb.Int64Value "" /* 164 byte string literal not displayed */

}

func (*DecryptRequest) Descriptor() ([]byte, []int)

func (x *DecryptRequest) GetAdditionalAuthenticatedData() []byte

func (x *DecryptRequest) GetAdditionalAuthenticatedDataCrc32C() *wrapperspb.Int64Value

func (x *DecryptRequest) GetCiphertext() []byte

func (x *DecryptRequest) GetCiphertextCrc32C() *wrapperspb.Int64Value

func (x *DecryptRequest) GetName() string

func (*DecryptRequest) ProtoMessage()

func (x *DecryptRequest) ProtoReflect() protoreflect.Message

func (x *DecryptRequest) Reset()

func (x *DecryptRequest) String() string

type DecryptResponse struct {
	Plaintext []byte `protobuf:"bytes,1,opt,name=plaintext,proto3" json:"plaintext,omitempty"`

	PlaintextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,2,opt,name=plaintext_crc32c,json=plaintextCrc32c,proto3" json:"plaintext_crc32c,omitempty"`

	UsedPrimary bool `protobuf:"varint,3,opt,name=used_primary,json=usedPrimary,proto3" json:"used_primary,omitempty"`

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

}

func (*DecryptResponse) Descriptor() ([]byte, []int)

func (x *DecryptResponse) GetPlaintext() []byte

func (x *DecryptResponse) GetPlaintextCrc32C() *wrapperspb.Int64Value

func (x *DecryptResponse) GetProtectionLevel() ProtectionLevel

func (x *DecryptResponse) GetUsedPrimary() bool

func (*DecryptResponse) ProtoMessage()

func (x *DecryptResponse) ProtoReflect() protoreflect.Message

func (x *DecryptResponse) Reset()

func (x *DecryptResponse) String() string

type DestroyCryptoKeyVersionRequest struct {

	// Required. The resource name of the
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to destroy.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*DestroyCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

func (x *DestroyCryptoKeyVersionRequest) GetName() string

func (*DestroyCryptoKeyVersionRequest) ProtoMessage()

func (x *DestroyCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (x *DestroyCryptoKeyVersionRequest) Reset()

func (x *DestroyCryptoKeyVersionRequest) String() string

type Digest struct {

	// Required. The message digest.
	//
	// Types that are assignable to Digest:
	//
	//	*Digest_Sha256
	//	*Digest_Sha384
	//	*Digest_Sha512
	Digest isDigest_Digest `protobuf_oneof:"digest"`
	// contains filtered or unexported fields
}

func (*Digest) Descriptor() ([]byte, []int)

func (m *Digest) GetDigest() isDigest_Digest

func (x *Digest) GetSha256() []byte

func (x *Digest) GetSha384() []byte

func (x *Digest) GetSha512() []byte

func (*Digest) ProtoMessage()

func (x *Digest) ProtoReflect() protoreflect.Message

func (x *Digest) Reset()

func (x *Digest) String() string

type Digest_Sha256 struct {
	// A message digest produced with the SHA-256 algorithm.
	Sha256 []byte `protobuf:"bytes,1,opt,name=sha256,proto3,oneof"`
}

type Digest_Sha384 struct {
	// A message digest produced with the SHA-384 algorithm.
	Sha384 []byte `protobuf:"bytes,2,opt,name=sha384,proto3,oneof"`
}

type Digest_Sha512 struct {
	// A message digest produced with the SHA-512 algorithm.
	Sha512 []byte `protobuf:"bytes,3,opt,name=sha512,proto3,oneof"`
}

type EkmConfig struct {

	// Output only. The resource name for the
	// [EkmConfig][google.cloud.kms.v1.EkmConfig] in the format
	// `projects/*/locations/*/ekmConfig`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Optional. Resource name of the default
	// [EkmConnection][google.cloud.kms.v1.EkmConnection]. Setting this field to
	// the empty string removes the default.
	DefaultEkmConnection string `protobuf:"bytes,2,opt,name=default_ekm_connection,json=defaultEkmConnection,proto3" json:"default_ekm_connection,omitempty"`
	// contains filtered or unexported fields
}

func (*EkmConfig) Descriptor() ([]byte, []int)

func (x *EkmConfig) GetDefaultEkmConnection() string

func (x *EkmConfig) GetName() string

func (*EkmConfig) ProtoMessage()

func (x *EkmConfig) ProtoReflect() protoreflect.Message

func (x *EkmConfig) Reset()

func (x *EkmConfig) String() string

type EkmConnection struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	ServiceResolvers []*EkmConnection_ServiceResolver `protobuf:"bytes,3,rep,name=service_resolvers,json=serviceResolvers,proto3" json:"service_resolvers,omitempty"`

	Etag string `protobuf:"bytes,5,opt,name=etag,proto3" json:"etag,omitempty"`

	KeyManagementMode EkmConnection_KeyManagementMode "" /* 172 byte string literal not displayed */

	CryptoSpacePath string `protobuf:"bytes,7,opt,name=crypto_space_path,json=cryptoSpacePath,proto3" json:"crypto_space_path,omitempty"`

}

func (*EkmConnection) Descriptor() ([]byte, []int)

func (x *EkmConnection) GetCreateTime() *timestamppb.Timestamp

func (x *EkmConnection) GetCryptoSpacePath() string

func (x *EkmConnection) GetEtag() string

func (x *EkmConnection) GetKeyManagementMode() EkmConnection_KeyManagementMode

func (x *EkmConnection) GetName() string

func (x *EkmConnection) GetServiceResolvers() []*EkmConnection_ServiceResolver

func (*EkmConnection) ProtoMessage()

func (x *EkmConnection) ProtoReflect() protoreflect.Message

func (x *EkmConnection) Reset()

func (x *EkmConnection) String() string

type EkmConnection_KeyManagementMode int32

const (
	// Not specified.
	EkmConnection_KEY_MANAGEMENT_MODE_UNSPECIFIED EkmConnection_KeyManagementMode = 0
	// EKM-side key management operations on
	// [CryptoKeys][google.cloud.kms.v1.CryptoKey] created with this
	// [EkmConnection][google.cloud.kms.v1.EkmConnection] must be initiated from
	// the EKM directly and cannot be performed from Cloud KMS. This means that:
	// * When creating a
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] associated with
	// this
	//
	//	[EkmConnection][google.cloud.kms.v1.EkmConnection], the caller must
	//	supply the key path of pre-existing external key material that will be
	//	linked to the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
	//   - Destruction of external key material cannot be requested via the
	//     Cloud KMS API and must be performed directly in the EKM.
	//   - Automatic rotation of key material is not supported.
	EkmConnection_MANUAL EkmConnection_KeyManagementMode = 1
	// All [CryptoKeys][google.cloud.kms.v1.CryptoKey] created with this
	// [EkmConnection][google.cloud.kms.v1.EkmConnection] use EKM-side key
	// management operations initiated from Cloud KMS. This means that:
	// * When a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
	// associated with this [EkmConnection][google.cloud.kms.v1.EkmConnection]
	// is
	//
	//	created, the EKM automatically generates new key material and a new
	//	key path. The caller cannot supply the key path of pre-existing
	//	external key material.
	//   - Destruction of external key material associated with this
	//     [EkmConnection][google.cloud.kms.v1.EkmConnection] can be requested by
	//     calling [DestroyCryptoKeyVersion][EkmService.DestroyCryptoKeyVersion].
	//   - Automatic rotation of key material is supported.
	EkmConnection_CLOUD_KMS EkmConnection_KeyManagementMode = 2
)

func (EkmConnection_KeyManagementMode) Descriptor() protoreflect.EnumDescriptor

func (x EkmConnection_KeyManagementMode) Enum() *EkmConnection_KeyManagementMode

func (EkmConnection_KeyManagementMode) EnumDescriptor() ([]byte, []int)

func (x EkmConnection_KeyManagementMode) Number() protoreflect.EnumNumber

func (x EkmConnection_KeyManagementMode) String() string

func (EkmConnection_KeyManagementMode) Type() protoreflect.EnumType

type EkmConnection_ServiceResolver struct {
	ServiceDirectoryService string "" /* 132 byte string literal not displayed */

	EndpointFilter string `protobuf:"bytes,2,opt,name=endpoint_filter,json=endpointFilter,proto3" json:"endpoint_filter,omitempty"`

	Hostname string `protobuf:"bytes,3,opt,name=hostname,proto3" json:"hostname,omitempty"`

	ServerCertificates []*Certificate `protobuf:"bytes,4,rep,name=server_certificates,json=serverCertificates,proto3" json:"server_certificates,omitempty"`

}

func (*EkmConnection_ServiceResolver) Descriptor() ([]byte, []int)

func (x *EkmConnection_ServiceResolver) GetEndpointFilter() string

func (x *EkmConnection_ServiceResolver) GetHostname() string

func (x *EkmConnection_ServiceResolver) GetServerCertificates() []*Certificate

func (x *EkmConnection_ServiceResolver) GetServiceDirectoryService() string

func (*EkmConnection_ServiceResolver) ProtoMessage()

func (x *EkmConnection_ServiceResolver) ProtoReflect() protoreflect.Message

func (x *EkmConnection_ServiceResolver) Reset()

func (x *EkmConnection_ServiceResolver) String() string

type EkmServiceClient interface {
	// Lists [EkmConnections][google.cloud.kms.v1.EkmConnection].
	ListEkmConnections(ctx context.Context, in *ListEkmConnectionsRequest, opts ...grpc.CallOption) (*ListEkmConnectionsResponse, error)
	// Returns metadata for a given
	// [EkmConnection][google.cloud.kms.v1.EkmConnection].
	GetEkmConnection(ctx context.Context, in *GetEkmConnectionRequest, opts ...grpc.CallOption) (*EkmConnection, error)
	// Creates a new [EkmConnection][google.cloud.kms.v1.EkmConnection] in a given
	// Project and Location.
	CreateEkmConnection(ctx context.Context, in *CreateEkmConnectionRequest, opts ...grpc.CallOption) (*EkmConnection, error)
	// Updates an [EkmConnection][google.cloud.kms.v1.EkmConnection]'s metadata.
	UpdateEkmConnection(ctx context.Context, in *UpdateEkmConnectionRequest, opts ...grpc.CallOption) (*EkmConnection, error)
	// Returns the [EkmConfig][google.cloud.kms.v1.EkmConfig] singleton resource
	// for a given project and location.
	GetEkmConfig(ctx context.Context, in *GetEkmConfigRequest, opts ...grpc.CallOption) (*EkmConfig, error)
	// Updates the [EkmConfig][google.cloud.kms.v1.EkmConfig] singleton resource
	// for a given project and location.
	UpdateEkmConfig(ctx context.Context, in *UpdateEkmConfigRequest, opts ...grpc.CallOption) (*EkmConfig, error)
	// Verifies that Cloud KMS can successfully connect to the external key
	// manager specified by an [EkmConnection][google.cloud.kms.v1.EkmConnection].
	// If there is an error connecting to the EKM, this method returns a
	// FAILED_PRECONDITION status containing structured information as described
	// at https://cloud.google.com/kms/docs/reference/ekm_errors.
	VerifyConnectivity(ctx context.Context, in *VerifyConnectivityRequest, opts ...grpc.CallOption) (*VerifyConnectivityResponse, error)
}

func NewEkmServiceClient(cc grpc.ClientConnInterface) EkmServiceClient

type EkmServiceServer interface {
	// Lists [EkmConnections][google.cloud.kms.v1.EkmConnection].
	ListEkmConnections(context.Context, *ListEkmConnectionsRequest) (*ListEkmConnectionsResponse, error)
	// Returns metadata for a given
	// [EkmConnection][google.cloud.kms.v1.EkmConnection].
	GetEkmConnection(context.Context, *GetEkmConnectionRequest) (*EkmConnection, error)
	// Creates a new [EkmConnection][google.cloud.kms.v1.EkmConnection] in a given
	// Project and Location.
	CreateEkmConnection(context.Context, *CreateEkmConnectionRequest) (*EkmConnection, error)
	// Updates an [EkmConnection][google.cloud.kms.v1.EkmConnection]'s metadata.
	UpdateEkmConnection(context.Context, *UpdateEkmConnectionRequest) (*EkmConnection, error)
	// Returns the [EkmConfig][google.cloud.kms.v1.EkmConfig] singleton resource
	// for a given project and location.
	GetEkmConfig(context.Context, *GetEkmConfigRequest) (*EkmConfig, error)
	// Updates the [EkmConfig][google.cloud.kms.v1.EkmConfig] singleton resource
	// for a given project and location.
	UpdateEkmConfig(context.Context, *UpdateEkmConfigRequest) (*EkmConfig, error)
	// Verifies that Cloud KMS can successfully connect to the external key
	// manager specified by an [EkmConnection][google.cloud.kms.v1.EkmConnection].
	// If there is an error connecting to the EKM, this method returns a
	// FAILED_PRECONDITION status containing structured information as described
	// at https://cloud.google.com/kms/docs/reference/ekm_errors.
	VerifyConnectivity(context.Context, *VerifyConnectivityRequest) (*VerifyConnectivityResponse, error)
}

type EncryptRequest struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Plaintext []byte `protobuf:"bytes,2,opt,name=plaintext,proto3" json:"plaintext,omitempty"`

	AdditionalAuthenticatedData []byte "" /* 144 byte string literal not displayed */

	PlaintextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,7,opt,name=plaintext_crc32c,json=plaintextCrc32c,proto3" json:"plaintext_crc32c,omitempty"`

	AdditionalAuthenticatedDataCrc32C *wrapperspb.Int64Value "" /* 164 byte string literal not displayed */

}

func (*EncryptRequest) Descriptor() ([]byte, []int)

func (x *EncryptRequest) GetAdditionalAuthenticatedData() []byte

func (x *EncryptRequest) GetAdditionalAuthenticatedDataCrc32C() *wrapperspb.Int64Value

func (x *EncryptRequest) GetName() string

func (x *EncryptRequest) GetPlaintext() []byte

func (x *EncryptRequest) GetPlaintextCrc32C() *wrapperspb.Int64Value

func (*EncryptRequest) ProtoMessage()

func (x *EncryptRequest) ProtoReflect() protoreflect.Message

func (x *EncryptRequest) Reset()

func (x *EncryptRequest) String() string

type EncryptResponse struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Ciphertext []byte `protobuf:"bytes,2,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`

	CiphertextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,4,opt,name=ciphertext_crc32c,json=ciphertextCrc32c,proto3" json:"ciphertext_crc32c,omitempty"`

	VerifiedPlaintextCrc32C bool "" /* 133 byte string literal not displayed */

	VerifiedAdditionalAuthenticatedDataCrc32C bool "" /* 191 byte string literal not displayed */

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

}

func (*EncryptResponse) Descriptor() ([]byte, []int)

func (x *EncryptResponse) GetCiphertext() []byte

func (x *EncryptResponse) GetCiphertextCrc32C() *wrapperspb.Int64Value

func (x *EncryptResponse) GetName() string

func (x *EncryptResponse) GetProtectionLevel() ProtectionLevel

func (x *EncryptResponse) GetVerifiedAdditionalAuthenticatedDataCrc32C() bool

func (x *EncryptResponse) GetVerifiedPlaintextCrc32C() bool

func (*EncryptResponse) ProtoMessage()

func (x *EncryptResponse) ProtoReflect() protoreflect.Message

func (x *EncryptResponse) Reset()

func (x *EncryptResponse) String() string

type ExternalProtectionLevelOptions struct {

	// The URI for an external resource that this
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] represents.
	ExternalKeyUri string `protobuf:"bytes,1,opt,name=external_key_uri,json=externalKeyUri,proto3" json:"external_key_uri,omitempty"`
	// The path to the external key material on the EKM when using
	// [EkmConnection][google.cloud.kms.v1.EkmConnection] e.g., "v0/my/key". Set
	// this field instead of external_key_uri when using an
	// [EkmConnection][google.cloud.kms.v1.EkmConnection].
	EkmConnectionKeyPath string `protobuf:"bytes,2,opt,name=ekm_connection_key_path,json=ekmConnectionKeyPath,proto3" json:"ekm_connection_key_path,omitempty"`
	// contains filtered or unexported fields
}

func (*ExternalProtectionLevelOptions) Descriptor() ([]byte, []int)

func (x *ExternalProtectionLevelOptions) GetEkmConnectionKeyPath() string

func (x *ExternalProtectionLevelOptions) GetExternalKeyUri() string

func (*ExternalProtectionLevelOptions) ProtoMessage()

func (x *ExternalProtectionLevelOptions) ProtoReflect() protoreflect.Message

func (x *ExternalProtectionLevelOptions) Reset()

func (x *ExternalProtectionLevelOptions) String() string

type GenerateRandomBytesRequest struct {
	Location string `protobuf:"bytes,1,opt,name=location,proto3" json:"location,omitempty"`

	LengthBytes int32 `protobuf:"varint,2,opt,name=length_bytes,json=lengthBytes,proto3" json:"length_bytes,omitempty"`

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

}

func (*GenerateRandomBytesRequest) Descriptor() ([]byte, []int)

func (x *GenerateRandomBytesRequest) GetLengthBytes() int32

func (x *GenerateRandomBytesRequest) GetLocation() string

func (x *GenerateRandomBytesRequest) GetProtectionLevel() ProtectionLevel

func (*GenerateRandomBytesRequest) ProtoMessage()

func (x *GenerateRandomBytesRequest) ProtoReflect() protoreflect.Message

func (x *GenerateRandomBytesRequest) Reset()

func (x *GenerateRandomBytesRequest) String() string

type GenerateRandomBytesResponse struct {

	// The generated data.
	Data []byte `protobuf:"bytes,1,opt,name=data,proto3" json:"data,omitempty"`
	// Integrity verification field. A CRC32C checksum of the returned
	// [GenerateRandomBytesResponse.data][google.cloud.kms.v1.GenerateRandomBytesResponse.data].
	// An integrity check of
	// [GenerateRandomBytesResponse.data][google.cloud.kms.v1.GenerateRandomBytesResponse.data]
	// can be performed by computing the CRC32C checksum of
	// [GenerateRandomBytesResponse.data][google.cloud.kms.v1.GenerateRandomBytesResponse.data]
	// and comparing your results to this field. Discard the response in case of
	// non-matching checksum values, and perform a limited number of retries. A
	// persistent mismatch may indicate an issue in your computation of the CRC32C
	// checksum. Note: This field is defined as int64 for reasons of compatibility
	// across different languages. However, it is a non-negative integer, which
	// will never exceed 2^32-1, and can be safely downconverted to uint32 in
	// languages that support this type.
	DataCrc32C *wrapperspb.Int64Value `protobuf:"bytes,3,opt,name=data_crc32c,json=dataCrc32c,proto3" json:"data_crc32c,omitempty"`
	// contains filtered or unexported fields
}

func (*GenerateRandomBytesResponse) Descriptor() ([]byte, []int)

func (x *GenerateRandomBytesResponse) GetData() []byte

func (x *GenerateRandomBytesResponse) GetDataCrc32C() *wrapperspb.Int64Value

func (*GenerateRandomBytesResponse) ProtoMessage()

func (x *GenerateRandomBytesResponse) ProtoReflect() protoreflect.Message

func (x *GenerateRandomBytesResponse) Reset()

func (x *GenerateRandomBytesResponse) String() string

type GetCryptoKeyRequest struct {

	// Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the
	// [CryptoKey][google.cloud.kms.v1.CryptoKey] to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*GetCryptoKeyRequest) Descriptor() ([]byte, []int)

func (x *GetCryptoKeyRequest) GetName() string

func (*GetCryptoKeyRequest) ProtoMessage()

func (x *GetCryptoKeyRequest) ProtoReflect() protoreflect.Message

func (x *GetCryptoKeyRequest) Reset()

func (x *GetCryptoKeyRequest) String() string

type GetCryptoKeyVersionRequest struct {

	// Required. The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*GetCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

func (x *GetCryptoKeyVersionRequest) GetName() string

func (*GetCryptoKeyVersionRequest) ProtoMessage()

func (x *GetCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (x *GetCryptoKeyVersionRequest) Reset()

func (x *GetCryptoKeyVersionRequest) String() string

type GetEkmConfigRequest struct {

	// Required. The [name][google.cloud.kms.v1.EkmConfig.name] of the
	// [EkmConfig][google.cloud.kms.v1.EkmConfig] to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*GetEkmConfigRequest) Descriptor() ([]byte, []int)

func (x *GetEkmConfigRequest) GetName() string

func (*GetEkmConfigRequest) ProtoMessage()

func (x *GetEkmConfigRequest) ProtoReflect() protoreflect.Message

func (x *GetEkmConfigRequest) Reset()

func (x *GetEkmConfigRequest) String() string

type GetEkmConnectionRequest struct {

	// Required. The [name][google.cloud.kms.v1.EkmConnection.name] of the
	// [EkmConnection][google.cloud.kms.v1.EkmConnection] to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*GetEkmConnectionRequest) Descriptor() ([]byte, []int)

func (x *GetEkmConnectionRequest) GetName() string

func (*GetEkmConnectionRequest) ProtoMessage()

func (x *GetEkmConnectionRequest) ProtoReflect() protoreflect.Message

func (x *GetEkmConnectionRequest) Reset()

func (x *GetEkmConnectionRequest) String() string

type GetImportJobRequest struct {

	// Required. The [name][google.cloud.kms.v1.ImportJob.name] of the
	// [ImportJob][google.cloud.kms.v1.ImportJob] to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*GetImportJobRequest) Descriptor() ([]byte, []int)

func (x *GetImportJobRequest) GetName() string

func (*GetImportJobRequest) ProtoMessage()

func (x *GetImportJobRequest) ProtoReflect() protoreflect.Message

func (x *GetImportJobRequest) Reset()

func (x *GetImportJobRequest) String() string

type GetKeyRingRequest struct {

	// Required. The [name][google.cloud.kms.v1.KeyRing.name] of the
	// [KeyRing][google.cloud.kms.v1.KeyRing] to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*GetKeyRingRequest) Descriptor() ([]byte, []int)

func (x *GetKeyRingRequest) GetName() string

func (*GetKeyRingRequest) ProtoMessage()

func (x *GetKeyRingRequest) ProtoReflect() protoreflect.Message

func (x *GetKeyRingRequest) Reset()

func (x *GetKeyRingRequest) String() string

type GetPublicKeyRequest struct {

	// Required. The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] public key to get.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*GetPublicKeyRequest) Descriptor() ([]byte, []int)

func (x *GetPublicKeyRequest) GetName() string

func (*GetPublicKeyRequest) ProtoMessage()

func (x *GetPublicKeyRequest) ProtoReflect() protoreflect.Message

func (x *GetPublicKeyRequest) Reset()

func (x *GetPublicKeyRequest) String() string

type ImportCryptoKeyVersionRequest struct {
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`

	CryptoKeyVersion string `protobuf:"bytes,6,opt,name=crypto_key_version,json=cryptoKeyVersion,proto3" json:"crypto_key_version,omitempty"`

	Algorithm CryptoKeyVersion_CryptoKeyVersionAlgorithm "" /* 140 byte string literal not displayed */

	ImportJob string `protobuf:"bytes,4,opt,name=import_job,json=importJob,proto3" json:"import_job,omitempty"`

	WrappedKey []byte `protobuf:"bytes,8,opt,name=wrapped_key,json=wrappedKey,proto3" json:"wrapped_key,omitempty"`

	WrappedKeyMaterial isImportCryptoKeyVersionRequest_WrappedKeyMaterial `protobuf_oneof:"wrapped_key_material"`

}

func (*ImportCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

func (x *ImportCryptoKeyVersionRequest) GetAlgorithm() CryptoKeyVersion_CryptoKeyVersionAlgorithm

func (x *ImportCryptoKeyVersionRequest) GetCryptoKeyVersion() string

func (x *ImportCryptoKeyVersionRequest) GetImportJob() string

func (x *ImportCryptoKeyVersionRequest) GetParent() string

func (x *ImportCryptoKeyVersionRequest) GetRsaAesWrappedKey() []byte

func (x *ImportCryptoKeyVersionRequest) GetWrappedKey() []byte

func (m *ImportCryptoKeyVersionRequest) GetWrappedKeyMaterial() isImportCryptoKeyVersionRequest_WrappedKeyMaterial

func (*ImportCryptoKeyVersionRequest) ProtoMessage()

func (x *ImportCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (x *ImportCryptoKeyVersionRequest) Reset()

func (x *ImportCryptoKeyVersionRequest) String() string

type ImportCryptoKeyVersionRequest_RsaAesWrappedKey struct {
	// Optional. This field has the same meaning as
	// [wrapped_key][google.cloud.kms.v1.ImportCryptoKeyVersionRequest.wrapped_key].
	// Prefer to use that field in new work. Either that field or this field
	// (but not both) must be specified.
	RsaAesWrappedKey []byte `protobuf:"bytes,5,opt,name=rsa_aes_wrapped_key,json=rsaAesWrappedKey,proto3,oneof"`
}

type ImportJob struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	ImportMethod ImportJob_ImportMethod "" /* 146 byte string literal not displayed */

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	GenerateTime *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=generate_time,json=generateTime,proto3" json:"generate_time,omitempty"`

	ExpireTime *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=expire_time,json=expireTime,proto3" json:"expire_time,omitempty"`

	ExpireEventTime *timestamppb.Timestamp `protobuf:"bytes,10,opt,name=expire_event_time,json=expireEventTime,proto3" json:"expire_event_time,omitempty"`

	State ImportJob_ImportJobState `protobuf:"varint,6,opt,name=state,proto3,enum=google.cloud.kms.v1.ImportJob_ImportJobState" json:"state,omitempty"`

	PublicKey *ImportJob_WrappingPublicKey `protobuf:"bytes,7,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`

	Attestation *KeyOperationAttestation `protobuf:"bytes,8,opt,name=attestation,proto3" json:"attestation,omitempty"`

}

func (*ImportJob) Descriptor() ([]byte, []int)

func (x *ImportJob) GetAttestation() *KeyOperationAttestation

func (x *ImportJob) GetCreateTime() *timestamppb.Timestamp

func (x *ImportJob) GetExpireEventTime() *timestamppb.Timestamp

func (x *ImportJob) GetExpireTime() *timestamppb.Timestamp

func (x *ImportJob) GetGenerateTime() *timestamppb.Timestamp

func (x *ImportJob) GetImportMethod() ImportJob_ImportMethod

func (x *ImportJob) GetName() string

func (x *ImportJob) GetProtectionLevel() ProtectionLevel

func (x *ImportJob) GetPublicKey() *ImportJob_WrappingPublicKey

func (x *ImportJob) GetState() ImportJob_ImportJobState

func (*ImportJob) ProtoMessage()

func (x *ImportJob) ProtoReflect() protoreflect.Message

func (x *ImportJob) Reset()

func (x *ImportJob) String() string

type ImportJob_ImportJobState int32

const (
	// Not specified.
	ImportJob_IMPORT_JOB_STATE_UNSPECIFIED ImportJob_ImportJobState = 0
	// The wrapping key for this job is still being generated. It may not be
	// used. Cloud KMS will automatically mark this job as
	// [ACTIVE][google.cloud.kms.v1.ImportJob.ImportJobState.ACTIVE] as soon as
	// the wrapping key is generated.
	ImportJob_PENDING_GENERATION ImportJob_ImportJobState = 1
	// This job may be used in
	// [CreateCryptoKey][google.cloud.kms.v1.KeyManagementService.CreateCryptoKey]
	// and
	// [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion]
	// requests.
	ImportJob_ACTIVE ImportJob_ImportJobState = 2
	// This job can no longer be used and may not leave this state once entered.
	ImportJob_EXPIRED ImportJob_ImportJobState = 3
)

func (ImportJob_ImportJobState) Descriptor() protoreflect.EnumDescriptor

func (x ImportJob_ImportJobState) Enum() *ImportJob_ImportJobState

func (ImportJob_ImportJobState) EnumDescriptor() ([]byte, []int)

func (x ImportJob_ImportJobState) Number() protoreflect.EnumNumber

func (x ImportJob_ImportJobState) String() string

func (ImportJob_ImportJobState) Type() protoreflect.EnumType

type ImportJob_ImportMethod int32

const (
	// Not specified.
	ImportJob_IMPORT_METHOD_UNSPECIFIED ImportJob_ImportMethod = 0
	// This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping
	// scheme defined in the PKCS #11 standard. In summary, this involves
	// wrapping the raw key with an ephemeral AES key, and wrapping the
	// ephemeral AES key with a 3072 bit RSA key. For more details, see
	// [RSA AES key wrap
	// mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908).
	ImportJob_RSA_OAEP_3072_SHA1_AES_256 ImportJob_ImportMethod = 1
	// This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping
	// scheme defined in the PKCS #11 standard. In summary, this involves
	// wrapping the raw key with an ephemeral AES key, and wrapping the
	// ephemeral AES key with a 4096 bit RSA key. For more details, see
	// [RSA AES key wrap
	// mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908).
	ImportJob_RSA_OAEP_4096_SHA1_AES_256 ImportJob_ImportMethod = 2
	// This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping
	// scheme defined in the PKCS #11 standard. In summary, this involves
	// wrapping the raw key with an ephemeral AES key, and wrapping the
	// ephemeral AES key with a 3072 bit RSA key. For more details, see
	// [RSA AES key wrap
	// mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908).
	ImportJob_RSA_OAEP_3072_SHA256_AES_256 ImportJob_ImportMethod = 3
	// This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping
	// scheme defined in the PKCS #11 standard. In summary, this involves
	// wrapping the raw key with an ephemeral AES key, and wrapping the
	// ephemeral AES key with a 4096 bit RSA key. For more details, see
	// [RSA AES key wrap
	// mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908).
	ImportJob_RSA_OAEP_4096_SHA256_AES_256 ImportJob_ImportMethod = 4
	// This ImportMethod represents RSAES-OAEP with a 3072 bit RSA key. The
	// key material to be imported is wrapped directly with the RSA key. Due
	// to technical limitations of RSA wrapping, this method cannot be used to
	// wrap RSA keys for import.
	ImportJob_RSA_OAEP_3072_SHA256 ImportJob_ImportMethod = 5
	// This ImportMethod represents RSAES-OAEP with a 4096 bit RSA key. The
	// key material to be imported is wrapped directly with the RSA key. Due
	// to technical limitations of RSA wrapping, this method cannot be used to
	// wrap RSA keys for import.
	ImportJob_RSA_OAEP_4096_SHA256 ImportJob_ImportMethod = 6
)

func (ImportJob_ImportMethod) Descriptor() protoreflect.EnumDescriptor

func (x ImportJob_ImportMethod) Enum() *ImportJob_ImportMethod

func (ImportJob_ImportMethod) EnumDescriptor() ([]byte, []int)

func (x ImportJob_ImportMethod) Number() protoreflect.EnumNumber

func (x ImportJob_ImportMethod) String() string

func (ImportJob_ImportMethod) Type() protoreflect.EnumType

type ImportJob_WrappingPublicKey struct {

	// The public key, encoded in PEM format. For more information, see the [RFC
	// 7468](https://tools.ietf.org/html/rfc7468) sections for [General
	// Considerations](https://tools.ietf.org/html/rfc7468#section-2) and
	// [Textual Encoding of Subject Public Key Info]
	// (https://tools.ietf.org/html/rfc7468#section-13).
	Pem string `protobuf:"bytes,1,opt,name=pem,proto3" json:"pem,omitempty"`
	// contains filtered or unexported fields
}

func (*ImportJob_WrappingPublicKey) Descriptor() ([]byte, []int)

func (x *ImportJob_WrappingPublicKey) GetPem() string

func (*ImportJob_WrappingPublicKey) ProtoMessage()

func (x *ImportJob_WrappingPublicKey) ProtoReflect() protoreflect.Message

func (x *ImportJob_WrappingPublicKey) Reset()

func (x *ImportJob_WrappingPublicKey) String() string

type KeyManagementServiceClient interface {
	// Lists [KeyRings][google.cloud.kms.v1.KeyRing].
	ListKeyRings(ctx context.Context, in *ListKeyRingsRequest, opts ...grpc.CallOption) (*ListKeyRingsResponse, error)
	// Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
	ListCryptoKeys(ctx context.Context, in *ListCryptoKeysRequest, opts ...grpc.CallOption) (*ListCryptoKeysResponse, error)
	// Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
	ListCryptoKeyVersions(ctx context.Context, in *ListCryptoKeyVersionsRequest, opts ...grpc.CallOption) (*ListCryptoKeyVersionsResponse, error)
	// Lists [ImportJobs][google.cloud.kms.v1.ImportJob].
	ListImportJobs(ctx context.Context, in *ListImportJobsRequest, opts ...grpc.CallOption) (*ListImportJobsResponse, error)
	// Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
	GetKeyRing(ctx context.Context, in *GetKeyRingRequest, opts ...grpc.CallOption) (*KeyRing, error)
	// Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as
	// well as its [primary][google.cloud.kms.v1.CryptoKey.primary]
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
	GetCryptoKey(ctx context.Context, in *GetCryptoKeyRequest, opts ...grpc.CallOption) (*CryptoKey, error)
	// Returns metadata for a given
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
	GetCryptoKeyVersion(ctx context.Context, in *GetCryptoKeyVersionRequest, opts ...grpc.CallOption) (*CryptoKeyVersion, error)
	// Returns the public key for the given
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The
	// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
	// [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN]
	// or
	// [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].
	GetPublicKey(ctx context.Context, in *GetPublicKeyRequest, opts ...grpc.CallOption) (*PublicKey, error)
	// Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].
	GetImportJob(ctx context.Context, in *GetImportJobRequest, opts ...grpc.CallOption) (*ImportJob, error)
	// Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and
	// Location.
	CreateKeyRing(ctx context.Context, in *CreateKeyRingRequest, opts ...grpc.CallOption) (*KeyRing, error)
	// Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a
	// [KeyRing][google.cloud.kms.v1.KeyRing].
	//
	// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and
	// [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm]
	// are required.
	CreateCryptoKey(ctx context.Context, in *CreateCryptoKeyRequest, opts ...grpc.CallOption) (*CryptoKey, error)
	// Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a
	// [CryptoKey][google.cloud.kms.v1.CryptoKey].
	//
	// The server will assign the next sequential id. If unset,
	// [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
	CreateCryptoKeyVersion(ctx context.Context, in *CreateCryptoKeyVersionRequest, opts ...grpc.CallOption) (*CryptoKeyVersion, error)
	// Import wrapped key material into a
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
	//
	// All requests must specify a [CryptoKey][google.cloud.kms.v1.CryptoKey]. If
	// a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] is additionally
	// specified in the request, key material will be reimported into that
	// version. Otherwise, a new version will be created, and will be assigned the
	// next sequential id within the [CryptoKey][google.cloud.kms.v1.CryptoKey].
	ImportCryptoKeyVersion(ctx context.Context, in *ImportCryptoKeyVersionRequest, opts ...grpc.CallOption) (*CryptoKeyVersion, error)
	// Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a
	// [KeyRing][google.cloud.kms.v1.KeyRing].
	//
	// [ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is
	// required.
	CreateImportJob(ctx context.Context, in *CreateImportJobRequest, opts ...grpc.CallOption) (*ImportJob, error)
	// Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
	UpdateCryptoKey(ctx context.Context, in *UpdateCryptoKeyRequest, opts ...grpc.CallOption) (*CryptoKey, error)
	// Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s
	// metadata.
	//
	// [state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between
	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
	// and
	// [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED]
	// using this method. See
	// [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion]
	// and
	// [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]
	// to move between other states.
	UpdateCryptoKeyVersion(ctx context.Context, in *UpdateCryptoKeyVersionRequest, opts ...grpc.CallOption) (*CryptoKeyVersion, error)
	// Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that
	// will be used in
	// [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
	//
	// Returns an error if called on a key whose purpose is not
	// [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
	UpdateCryptoKeyPrimaryVersion(ctx context.Context, in *UpdateCryptoKeyPrimaryVersionRequest, opts ...grpc.CallOption) (*CryptoKey, error)
	// Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for
	// destruction.
	//
	// Upon calling this method,
	// [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will
	// be set to
	// [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED],
	// and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will
	// be set to the time
	// [destroy_scheduled_duration][google.cloud.kms.v1.CryptoKey.destroy_scheduled_duration]
	// in the future. At that time, the
	// [state][google.cloud.kms.v1.CryptoKeyVersion.state] will automatically
	// change to
	// [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED],
	// and the key material will be irrevocably destroyed.
	//
	// Before the
	// [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is
	// reached,
	// [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]
	// may be called to reverse the process.
	DestroyCryptoKeyVersion(ctx context.Context, in *DestroyCryptoKeyVersionRequest, opts ...grpc.CallOption) (*CryptoKeyVersion, error)
	// Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
	// [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
	// state.
	//
	// Upon restoration of the CryptoKeyVersion,
	// [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
	// [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED],
	// and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will
	// be cleared.
	RestoreCryptoKeyVersion(ctx context.Context, in *RestoreCryptoKeyVersionRequest, opts ...grpc.CallOption) (*CryptoKeyVersion, error)
	// Encrypts data, so that it can only be recovered by a call to
	// [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. The
	// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
	// [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
	Encrypt(ctx context.Context, in *EncryptRequest, opts ...grpc.CallOption) (*EncryptResponse, error)
	// Decrypts data that was protected by
	// [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The
	// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
	// [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
	Decrypt(ctx context.Context, in *DecryptRequest, opts ...grpc.CallOption) (*DecryptResponse, error)
	// Encrypts data using portable cryptographic primitives. Most users should
	// choose [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and
	// [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than
	// their raw counterparts. The
	// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
	// [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
	RawEncrypt(ctx context.Context, in *RawEncryptRequest, opts ...grpc.CallOption) (*RawEncryptResponse, error)
	// Decrypts data that was originally encrypted using a raw cryptographic
	// mechanism. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
	// must be
	// [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
	RawDecrypt(ctx context.Context, in *RawDecryptRequest, opts ...grpc.CallOption) (*RawDecryptResponse, error)
	// Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
	// with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
	// ASYMMETRIC_SIGN, producing a signature that can be verified with the public
	// key retrieved from
	// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
	AsymmetricSign(ctx context.Context, in *AsymmetricSignRequest, opts ...grpc.CallOption) (*AsymmetricSignResponse, error)
	// Decrypts data that was encrypted with a public key retrieved from
	// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]
	// corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
	// with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
	// ASYMMETRIC_DECRYPT.
	AsymmetricDecrypt(ctx context.Context, in *AsymmetricDecryptRequest, opts ...grpc.CallOption) (*AsymmetricDecryptResponse, error)
	// Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
	// with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC,
	// producing a tag that can be verified by another source with the same key.
	MacSign(ctx context.Context, in *MacSignRequest, opts ...grpc.CallOption) (*MacSignResponse, error)
	// Verifies MAC tag using a
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
	// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC, and returns
	// a response that indicates whether or not the verification was successful.
	MacVerify(ctx context.Context, in *MacVerifyRequest, opts ...grpc.CallOption) (*MacVerifyResponse, error)
	// Generate random bytes using the Cloud KMS randomness source in the provided
	// location.
	GenerateRandomBytes(ctx context.Context, in *GenerateRandomBytesRequest, opts ...grpc.CallOption) (*GenerateRandomBytesResponse, error)
}

func NewKeyManagementServiceClient(cc grpc.ClientConnInterface) KeyManagementServiceClient

type KeyManagementServiceServer interface {
	// Lists [KeyRings][google.cloud.kms.v1.KeyRing].
	ListKeyRings(context.Context, *ListKeyRingsRequest) (*ListKeyRingsResponse, error)
	// Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
	ListCryptoKeys(context.Context, *ListCryptoKeysRequest) (*ListCryptoKeysResponse, error)
	// Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
	ListCryptoKeyVersions(context.Context, *ListCryptoKeyVersionsRequest) (*ListCryptoKeyVersionsResponse, error)
	// Lists [ImportJobs][google.cloud.kms.v1.ImportJob].
	ListImportJobs(context.Context, *ListImportJobsRequest) (*ListImportJobsResponse, error)
	// Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
	GetKeyRing(context.Context, *GetKeyRingRequest) (*KeyRing, error)
	// Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as
	// well as its [primary][google.cloud.kms.v1.CryptoKey.primary]
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
	GetCryptoKey(context.Context, *GetCryptoKeyRequest) (*CryptoKey, error)
	// Returns metadata for a given
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
	GetCryptoKeyVersion(context.Context, *GetCryptoKeyVersionRequest) (*CryptoKeyVersion, error)
	// Returns the public key for the given
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The
	// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
	// [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN]
	// or
	// [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].
	GetPublicKey(context.Context, *GetPublicKeyRequest) (*PublicKey, error)
	// Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].
	GetImportJob(context.Context, *GetImportJobRequest) (*ImportJob, error)
	// Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and
	// Location.
	CreateKeyRing(context.Context, *CreateKeyRingRequest) (*KeyRing, error)
	// Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a
	// [KeyRing][google.cloud.kms.v1.KeyRing].
	//
	// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and
	// [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm]
	// are required.
	CreateCryptoKey(context.Context, *CreateCryptoKeyRequest) (*CryptoKey, error)
	// Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a
	// [CryptoKey][google.cloud.kms.v1.CryptoKey].
	//
	// The server will assign the next sequential id. If unset,
	// [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
	CreateCryptoKeyVersion(context.Context, *CreateCryptoKeyVersionRequest) (*CryptoKeyVersion, error)
	// Import wrapped key material into a
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
	//
	// All requests must specify a [CryptoKey][google.cloud.kms.v1.CryptoKey]. If
	// a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] is additionally
	// specified in the request, key material will be reimported into that
	// version. Otherwise, a new version will be created, and will be assigned the
	// next sequential id within the [CryptoKey][google.cloud.kms.v1.CryptoKey].
	ImportCryptoKeyVersion(context.Context, *ImportCryptoKeyVersionRequest) (*CryptoKeyVersion, error)
	// Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a
	// [KeyRing][google.cloud.kms.v1.KeyRing].
	//
	// [ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is
	// required.
	CreateImportJob(context.Context, *CreateImportJobRequest) (*ImportJob, error)
	// Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
	UpdateCryptoKey(context.Context, *UpdateCryptoKeyRequest) (*CryptoKey, error)
	// Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s
	// metadata.
	//
	// [state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between
	// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
	// and
	// [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED]
	// using this method. See
	// [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion]
	// and
	// [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]
	// to move between other states.
	UpdateCryptoKeyVersion(context.Context, *UpdateCryptoKeyVersionRequest) (*CryptoKeyVersion, error)
	// Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that
	// will be used in
	// [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
	//
	// Returns an error if called on a key whose purpose is not
	// [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
	UpdateCryptoKeyPrimaryVersion(context.Context, *UpdateCryptoKeyPrimaryVersionRequest) (*CryptoKey, error)
	// Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for
	// destruction.
	//
	// Upon calling this method,
	// [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will
	// be set to
	// [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED],
	// and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will
	// be set to the time
	// [destroy_scheduled_duration][google.cloud.kms.v1.CryptoKey.destroy_scheduled_duration]
	// in the future. At that time, the
	// [state][google.cloud.kms.v1.CryptoKeyVersion.state] will automatically
	// change to
	// [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED],
	// and the key material will be irrevocably destroyed.
	//
	// Before the
	// [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is
	// reached,
	// [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]
	// may be called to reverse the process.
	DestroyCryptoKeyVersion(context.Context, *DestroyCryptoKeyVersionRequest) (*CryptoKeyVersion, error)
	// Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
	// [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
	// state.
	//
	// Upon restoration of the CryptoKeyVersion,
	// [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
	// [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED],
	// and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will
	// be cleared.
	RestoreCryptoKeyVersion(context.Context, *RestoreCryptoKeyVersionRequest) (*CryptoKeyVersion, error)
	// Encrypts data, so that it can only be recovered by a call to
	// [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. The
	// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
	// [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
	Encrypt(context.Context, *EncryptRequest) (*EncryptResponse, error)
	// Decrypts data that was protected by
	// [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The
	// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
	// [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
	Decrypt(context.Context, *DecryptRequest) (*DecryptResponse, error)
	// Encrypts data using portable cryptographic primitives. Most users should
	// choose [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and
	// [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than
	// their raw counterparts. The
	// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
	// [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
	RawEncrypt(context.Context, *RawEncryptRequest) (*RawEncryptResponse, error)
	// Decrypts data that was originally encrypted using a raw cryptographic
	// mechanism. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
	// must be
	// [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
	RawDecrypt(context.Context, *RawDecryptRequest) (*RawDecryptResponse, error)
	// Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
	// with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
	// ASYMMETRIC_SIGN, producing a signature that can be verified with the public
	// key retrieved from
	// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
	AsymmetricSign(context.Context, *AsymmetricSignRequest) (*AsymmetricSignResponse, error)
	// Decrypts data that was encrypted with a public key retrieved from
	// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]
	// corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
	// with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
	// ASYMMETRIC_DECRYPT.
	AsymmetricDecrypt(context.Context, *AsymmetricDecryptRequest) (*AsymmetricDecryptResponse, error)
	// Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
	// with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC,
	// producing a tag that can be verified by another source with the same key.
	MacSign(context.Context, *MacSignRequest) (*MacSignResponse, error)
	// Verifies MAC tag using a
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
	// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC, and returns
	// a response that indicates whether or not the verification was successful.
	MacVerify(context.Context, *MacVerifyRequest) (*MacVerifyResponse, error)
	// Generate random bytes using the Cloud KMS randomness source in the provided
	// location.
	GenerateRandomBytes(context.Context, *GenerateRandomBytesRequest) (*GenerateRandomBytesResponse, error)
}

type KeyOperationAttestation struct {
	Format KeyOperationAttestation_AttestationFormat "" /* 133 byte string literal not displayed */

	Content []byte `protobuf:"bytes,5,opt,name=content,proto3" json:"content,omitempty"`

	CertChains *KeyOperationAttestation_CertificateChains `protobuf:"bytes,6,opt,name=cert_chains,json=certChains,proto3" json:"cert_chains,omitempty"`

}

func (*KeyOperationAttestation) Descriptor() ([]byte, []int)

func (x *KeyOperationAttestation) GetCertChains() *KeyOperationAttestation_CertificateChains

func (x *KeyOperationAttestation) GetContent() []byte

func (x *KeyOperationAttestation) GetFormat() KeyOperationAttestation_AttestationFormat

func (*KeyOperationAttestation) ProtoMessage()

func (x *KeyOperationAttestation) ProtoReflect() protoreflect.Message

func (x *KeyOperationAttestation) Reset()

func (x *KeyOperationAttestation) String() string

type KeyOperationAttestation_AttestationFormat int32

const (
	// Not specified.
	KeyOperationAttestation_ATTESTATION_FORMAT_UNSPECIFIED KeyOperationAttestation_AttestationFormat = 0
	// Cavium HSM attestation compressed with gzip. Note that this format is
	// defined by Cavium and subject to change at any time.
	//
	// See
	// https://www.marvell.com/products/security-solutions/nitrox-hs-adapters/software-key-attestation.html.
	KeyOperationAttestation_CAVIUM_V1_COMPRESSED KeyOperationAttestation_AttestationFormat = 3
	// Cavium HSM attestation V2 compressed with gzip. This is a new format
	// introduced in Cavium's version 3.2-08.
	KeyOperationAttestation_CAVIUM_V2_COMPRESSED KeyOperationAttestation_AttestationFormat = 4
)

func (KeyOperationAttestation_AttestationFormat) Descriptor() protoreflect.EnumDescriptor

func (x KeyOperationAttestation_AttestationFormat) Enum() *KeyOperationAttestation_AttestationFormat

func (KeyOperationAttestation_AttestationFormat) EnumDescriptor() ([]byte, []int)

func (x KeyOperationAttestation_AttestationFormat) Number() protoreflect.EnumNumber

func (x KeyOperationAttestation_AttestationFormat) String() string

func (KeyOperationAttestation_AttestationFormat) Type() protoreflect.EnumType

type KeyOperationAttestation_CertificateChains struct {

	// Cavium certificate chain corresponding to the attestation.
	CaviumCerts []string `protobuf:"bytes,1,rep,name=cavium_certs,json=caviumCerts,proto3" json:"cavium_certs,omitempty"`
	// Google card certificate chain corresponding to the attestation.
	GoogleCardCerts []string `protobuf:"bytes,2,rep,name=google_card_certs,json=googleCardCerts,proto3" json:"google_card_certs,omitempty"`
	// Google partition certificate chain corresponding to the attestation.
	GooglePartitionCerts []string `protobuf:"bytes,3,rep,name=google_partition_certs,json=googlePartitionCerts,proto3" json:"google_partition_certs,omitempty"`
	// contains filtered or unexported fields
}

func (*KeyOperationAttestation_CertificateChains) Descriptor() ([]byte, []int)

func (x *KeyOperationAttestation_CertificateChains) GetCaviumCerts() []string

func (x *KeyOperationAttestation_CertificateChains) GetGoogleCardCerts() []string

func (x *KeyOperationAttestation_CertificateChains) GetGooglePartitionCerts() []string

func (*KeyOperationAttestation_CertificateChains) ProtoMessage()

func (x *KeyOperationAttestation_CertificateChains) ProtoReflect() protoreflect.Message

func (x *KeyOperationAttestation_CertificateChains) Reset()

func (x *KeyOperationAttestation_CertificateChains) String() string

type KeyRing struct {

	// Output only. The resource name for the
	// [KeyRing][google.cloud.kms.v1.KeyRing] in the format
	// `projects/*/locations/*/keyRings/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Output only. The time at which this [KeyRing][google.cloud.kms.v1.KeyRing]
	// was created.
	CreateTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
	// contains filtered or unexported fields
}

func (*KeyRing) Descriptor() ([]byte, []int)

func (x *KeyRing) GetCreateTime() *timestamppb.Timestamp

func (x *KeyRing) GetName() string

func (*KeyRing) ProtoMessage()

func (x *KeyRing) ProtoReflect() protoreflect.Message

func (x *KeyRing) Reset()

func (x *KeyRing) String() string

type ListCryptoKeyVersionsRequest struct {

	// Required. The resource name of the
	// [CryptoKey][google.cloud.kms.v1.CryptoKey] to list, in the format
	// `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. Optional limit on the number of
	// [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] to include in the
	// response. Further [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion]
	// can subsequently be obtained by including the
	// [ListCryptoKeyVersionsResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token]
	// in a subsequent request. If unspecified, the server will pick an
	// appropriate default.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. Optional pagination token, returned earlier via
	// [ListCryptoKeyVersionsResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token].
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// The fields to include in the response.
	View CryptoKeyVersion_CryptoKeyVersionView `protobuf:"varint,4,opt,name=view,proto3,enum=google.cloud.kms.v1.CryptoKeyVersion_CryptoKeyVersionView" json:"view,omitempty"`
	// Optional. Only include resources that match the filter in the response. For
	// more information, see
	// [Sorting and filtering list
	// results](https://cloud.google.com/kms/docs/sorting-and-filtering).
	Filter string `protobuf:"bytes,5,opt,name=filter,proto3" json:"filter,omitempty"`
	// Optional. Specify how the results should be sorted. If not specified, the
	// results will be sorted in the default order. For more information, see
	// [Sorting and filtering list
	// results](https://cloud.google.com/kms/docs/sorting-and-filtering).
	OrderBy string `protobuf:"bytes,6,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
	// contains filtered or unexported fields
}

func (*ListCryptoKeyVersionsRequest) Descriptor() ([]byte, []int)

func (x *ListCryptoKeyVersionsRequest) GetFilter() string

func (x *ListCryptoKeyVersionsRequest) GetOrderBy() string

func (x *ListCryptoKeyVersionsRequest) GetPageSize() int32

func (x *ListCryptoKeyVersionsRequest) GetPageToken() string

func (x *ListCryptoKeyVersionsRequest) GetParent() string

func (x *ListCryptoKeyVersionsRequest) GetView() CryptoKeyVersion_CryptoKeyVersionView

func (*ListCryptoKeyVersionsRequest) ProtoMessage()

func (x *ListCryptoKeyVersionsRequest) ProtoReflect() protoreflect.Message

func (x *ListCryptoKeyVersionsRequest) Reset()

func (x *ListCryptoKeyVersionsRequest) String() string

type ListCryptoKeyVersionsResponse struct {

	// The list of [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
	CryptoKeyVersions []*CryptoKeyVersion `protobuf:"bytes,1,rep,name=crypto_key_versions,json=cryptoKeyVersions,proto3" json:"crypto_key_versions,omitempty"`
	// A token to retrieve next page of results. Pass this value in
	// [ListCryptoKeyVersionsRequest.page_token][google.cloud.kms.v1.ListCryptoKeyVersionsRequest.page_token]
	// to retrieve the next page of results.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// The total number of
	// [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] that matched the
	// query.
	TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
	// contains filtered or unexported fields
}

func (*ListCryptoKeyVersionsResponse) Descriptor() ([]byte, []int)

func (x *ListCryptoKeyVersionsResponse) GetCryptoKeyVersions() []*CryptoKeyVersion

func (x *ListCryptoKeyVersionsResponse) GetNextPageToken() string

func (x *ListCryptoKeyVersionsResponse) GetTotalSize() int32

func (*ListCryptoKeyVersionsResponse) ProtoMessage()

func (x *ListCryptoKeyVersionsResponse) ProtoReflect() protoreflect.Message

func (x *ListCryptoKeyVersionsResponse) Reset()

func (x *ListCryptoKeyVersionsResponse) String() string

type ListCryptoKeysRequest struct {
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`

	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`

	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`

	VersionView CryptoKeyVersion_CryptoKeyVersionView "" /* 158 byte string literal not displayed */

	Filter string `protobuf:"bytes,5,opt,name=filter,proto3" json:"filter,omitempty"`

	OrderBy string `protobuf:"bytes,6,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`

}

func (*ListCryptoKeysRequest) Descriptor() ([]byte, []int)

func (x *ListCryptoKeysRequest) GetFilter() string

func (x *ListCryptoKeysRequest) GetOrderBy() string

func (x *ListCryptoKeysRequest) GetPageSize() int32

func (x *ListCryptoKeysRequest) GetPageToken() string

func (x *ListCryptoKeysRequest) GetParent() string

func (x *ListCryptoKeysRequest) GetVersionView() CryptoKeyVersion_CryptoKeyVersionView

func (*ListCryptoKeysRequest) ProtoMessage()

func (x *ListCryptoKeysRequest) ProtoReflect() protoreflect.Message

func (x *ListCryptoKeysRequest) Reset()

func (x *ListCryptoKeysRequest) String() string

type ListCryptoKeysResponse struct {

	// The list of [CryptoKeys][google.cloud.kms.v1.CryptoKey].
	CryptoKeys []*CryptoKey `protobuf:"bytes,1,rep,name=crypto_keys,json=cryptoKeys,proto3" json:"crypto_keys,omitempty"`
	// A token to retrieve next page of results. Pass this value in
	// [ListCryptoKeysRequest.page_token][google.cloud.kms.v1.ListCryptoKeysRequest.page_token]
	// to retrieve the next page of results.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// The total number of [CryptoKeys][google.cloud.kms.v1.CryptoKey] that
	// matched the query.
	TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
	// contains filtered or unexported fields
}

func (*ListCryptoKeysResponse) Descriptor() ([]byte, []int)

func (x *ListCryptoKeysResponse) GetCryptoKeys() []*CryptoKey

func (x *ListCryptoKeysResponse) GetNextPageToken() string

func (x *ListCryptoKeysResponse) GetTotalSize() int32

func (*ListCryptoKeysResponse) ProtoMessage()

func (x *ListCryptoKeysResponse) ProtoReflect() protoreflect.Message

func (x *ListCryptoKeysResponse) Reset()

func (x *ListCryptoKeysResponse) String() string

type ListEkmConnectionsRequest struct {

	// Required. The resource name of the location associated with the
	// [EkmConnections][google.cloud.kms.v1.EkmConnection] to list, in the format
	// `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. Optional limit on the number of
	// [EkmConnections][google.cloud.kms.v1.EkmConnection] to include in the
	// response. Further [EkmConnections][google.cloud.kms.v1.EkmConnection] can
	// subsequently be obtained by including the
	// [ListEkmConnectionsResponse.next_page_token][google.cloud.kms.v1.ListEkmConnectionsResponse.next_page_token]
	// in a subsequent request. If unspecified, the server will pick an
	// appropriate default.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. Optional pagination token, returned earlier via
	// [ListEkmConnectionsResponse.next_page_token][google.cloud.kms.v1.ListEkmConnectionsResponse.next_page_token].
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Optional. Only include resources that match the filter in the response. For
	// more information, see
	// [Sorting and filtering list
	// results](https://cloud.google.com/kms/docs/sorting-and-filtering).
	Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
	// Optional. Specify how the results should be sorted. If not specified, the
	// results will be sorted in the default order.  For more information, see
	// [Sorting and filtering list
	// results](https://cloud.google.com/kms/docs/sorting-and-filtering).
	OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
	// contains filtered or unexported fields
}

func (*ListEkmConnectionsRequest) Descriptor() ([]byte, []int)

func (x *ListEkmConnectionsRequest) GetFilter() string

func (x *ListEkmConnectionsRequest) GetOrderBy() string

func (x *ListEkmConnectionsRequest) GetPageSize() int32

func (x *ListEkmConnectionsRequest) GetPageToken() string

func (x *ListEkmConnectionsRequest) GetParent() string

func (*ListEkmConnectionsRequest) ProtoMessage()

func (x *ListEkmConnectionsRequest) ProtoReflect() protoreflect.Message

func (x *ListEkmConnectionsRequest) Reset()

func (x *ListEkmConnectionsRequest) String() string

type ListEkmConnectionsResponse struct {

	// The list of [EkmConnections][google.cloud.kms.v1.EkmConnection].
	EkmConnections []*EkmConnection `protobuf:"bytes,1,rep,name=ekm_connections,json=ekmConnections,proto3" json:"ekm_connections,omitempty"`
	// A token to retrieve next page of results. Pass this value in
	// [ListEkmConnectionsRequest.page_token][google.cloud.kms.v1.ListEkmConnectionsRequest.page_token]
	// to retrieve the next page of results.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// The total number of [EkmConnections][google.cloud.kms.v1.EkmConnection]
	// that matched the query.
	TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
	// contains filtered or unexported fields
}

func (*ListEkmConnectionsResponse) Descriptor() ([]byte, []int)

func (x *ListEkmConnectionsResponse) GetEkmConnections() []*EkmConnection

func (x *ListEkmConnectionsResponse) GetNextPageToken() string

func (x *ListEkmConnectionsResponse) GetTotalSize() int32

func (*ListEkmConnectionsResponse) ProtoMessage()

func (x *ListEkmConnectionsResponse) ProtoReflect() protoreflect.Message

func (x *ListEkmConnectionsResponse) Reset()

func (x *ListEkmConnectionsResponse) String() string

type ListImportJobsRequest struct {

	// Required. The resource name of the [KeyRing][google.cloud.kms.v1.KeyRing]
	// to list, in the format `projects/*/locations/*/keyRings/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. Optional limit on the number of
	// [ImportJobs][google.cloud.kms.v1.ImportJob] to include in the response.
	// Further [ImportJobs][google.cloud.kms.v1.ImportJob] can subsequently be
	// obtained by including the
	// [ListImportJobsResponse.next_page_token][google.cloud.kms.v1.ListImportJobsResponse.next_page_token]
	// in a subsequent request. If unspecified, the server will pick an
	// appropriate default.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. Optional pagination token, returned earlier via
	// [ListImportJobsResponse.next_page_token][google.cloud.kms.v1.ListImportJobsResponse.next_page_token].
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Optional. Only include resources that match the filter in the response. For
	// more information, see
	// [Sorting and filtering list
	// results](https://cloud.google.com/kms/docs/sorting-and-filtering).
	Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
	// Optional. Specify how the results should be sorted. If not specified, the
	// results will be sorted in the default order. For more information, see
	// [Sorting and filtering list
	// results](https://cloud.google.com/kms/docs/sorting-and-filtering).
	OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
	// contains filtered or unexported fields
}

func (*ListImportJobsRequest) Descriptor() ([]byte, []int)

func (x *ListImportJobsRequest) GetFilter() string

func (x *ListImportJobsRequest) GetOrderBy() string

func (x *ListImportJobsRequest) GetPageSize() int32

func (x *ListImportJobsRequest) GetPageToken() string

func (x *ListImportJobsRequest) GetParent() string

func (*ListImportJobsRequest) ProtoMessage()

func (x *ListImportJobsRequest) ProtoReflect() protoreflect.Message

func (x *ListImportJobsRequest) Reset()

func (x *ListImportJobsRequest) String() string

type ListImportJobsResponse struct {

	// The list of [ImportJobs][google.cloud.kms.v1.ImportJob].
	ImportJobs []*ImportJob `protobuf:"bytes,1,rep,name=import_jobs,json=importJobs,proto3" json:"import_jobs,omitempty"`
	// A token to retrieve next page of results. Pass this value in
	// [ListImportJobsRequest.page_token][google.cloud.kms.v1.ListImportJobsRequest.page_token]
	// to retrieve the next page of results.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// The total number of [ImportJobs][google.cloud.kms.v1.ImportJob] that
	// matched the query.
	TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
	// contains filtered or unexported fields
}

func (*ListImportJobsResponse) Descriptor() ([]byte, []int)

func (x *ListImportJobsResponse) GetImportJobs() []*ImportJob

func (x *ListImportJobsResponse) GetNextPageToken() string

func (x *ListImportJobsResponse) GetTotalSize() int32

func (*ListImportJobsResponse) ProtoMessage()

func (x *ListImportJobsResponse) ProtoReflect() protoreflect.Message

func (x *ListImportJobsResponse) Reset()

func (x *ListImportJobsResponse) String() string

type ListKeyRingsRequest struct {

	// Required. The resource name of the location associated with the
	// [KeyRings][google.cloud.kms.v1.KeyRing], in the format
	// `projects/*/locations/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. Optional limit on the number of
	// [KeyRings][google.cloud.kms.v1.KeyRing] to include in the response. Further
	// [KeyRings][google.cloud.kms.v1.KeyRing] can subsequently be obtained by
	// including the
	// [ListKeyRingsResponse.next_page_token][google.cloud.kms.v1.ListKeyRingsResponse.next_page_token]
	// in a subsequent request.  If unspecified, the server will pick an
	// appropriate default.
	PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
	// Optional. Optional pagination token, returned earlier via
	// [ListKeyRingsResponse.next_page_token][google.cloud.kms.v1.ListKeyRingsResponse.next_page_token].
	PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
	// Optional. Only include resources that match the filter in the response. For
	// more information, see
	// [Sorting and filtering list
	// results](https://cloud.google.com/kms/docs/sorting-and-filtering).
	Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
	// Optional. Specify how the results should be sorted. If not specified, the
	// results will be sorted in the default order.  For more information, see
	// [Sorting and filtering list
	// results](https://cloud.google.com/kms/docs/sorting-and-filtering).
	OrderBy string `protobuf:"bytes,5,opt,name=order_by,json=orderBy,proto3" json:"order_by,omitempty"`
	// contains filtered or unexported fields
}

func (*ListKeyRingsRequest) Descriptor() ([]byte, []int)

func (x *ListKeyRingsRequest) GetFilter() string

func (x *ListKeyRingsRequest) GetOrderBy() string

func (x *ListKeyRingsRequest) GetPageSize() int32

func (x *ListKeyRingsRequest) GetPageToken() string

func (x *ListKeyRingsRequest) GetParent() string

func (*ListKeyRingsRequest) ProtoMessage()

func (x *ListKeyRingsRequest) ProtoReflect() protoreflect.Message

func (x *ListKeyRingsRequest) Reset()

func (x *ListKeyRingsRequest) String() string

type ListKeyRingsResponse struct {

	// The list of [KeyRings][google.cloud.kms.v1.KeyRing].
	KeyRings []*KeyRing `protobuf:"bytes,1,rep,name=key_rings,json=keyRings,proto3" json:"key_rings,omitempty"`
	// A token to retrieve next page of results. Pass this value in
	// [ListKeyRingsRequest.page_token][google.cloud.kms.v1.ListKeyRingsRequest.page_token]
	// to retrieve the next page of results.
	NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
	// The total number of [KeyRings][google.cloud.kms.v1.KeyRing] that matched
	// the query.
	TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
	// contains filtered or unexported fields
}

func (*ListKeyRingsResponse) Descriptor() ([]byte, []int)

func (x *ListKeyRingsResponse) GetKeyRings() []*KeyRing

func (x *ListKeyRingsResponse) GetNextPageToken() string

func (x *ListKeyRingsResponse) GetTotalSize() int32

func (*ListKeyRingsResponse) ProtoMessage()

func (x *ListKeyRingsResponse) ProtoReflect() protoreflect.Message

func (x *ListKeyRingsResponse) Reset()

func (x *ListKeyRingsResponse) String() string

type LocationMetadata struct {

	// Indicates whether [CryptoKeys][google.cloud.kms.v1.CryptoKey] with
	// [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]
	// [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] can be created in this
	// location.
	HsmAvailable bool `protobuf:"varint,1,opt,name=hsm_available,json=hsmAvailable,proto3" json:"hsm_available,omitempty"`
	// Indicates whether [CryptoKeys][google.cloud.kms.v1.CryptoKey] with
	// [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]
	// [EXTERNAL][google.cloud.kms.v1.ProtectionLevel.EXTERNAL] can be created in
	// this location.
	EkmAvailable bool `protobuf:"varint,2,opt,name=ekm_available,json=ekmAvailable,proto3" json:"ekm_available,omitempty"`
	// contains filtered or unexported fields
}

func (*LocationMetadata) Descriptor() ([]byte, []int)

func (x *LocationMetadata) GetEkmAvailable() bool

func (x *LocationMetadata) GetHsmAvailable() bool

func (*LocationMetadata) ProtoMessage()

func (x *LocationMetadata) ProtoReflect() protoreflect.Message

func (x *LocationMetadata) Reset()

func (x *LocationMetadata) String() string

type MacSignRequest struct {

	// Required. The resource name of the
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for
	// signing.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Required. The data to sign. The MAC tag is computed over this data field
	// based on the specific algorithm.
	Data []byte `protobuf:"bytes,2,opt,name=data,proto3" json:"data,omitempty"`
	// Optional. An optional CRC32C checksum of the
	// [MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data]. If
	// specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService]
	// will verify the integrity of the received
	// [MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data] using this
	// checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService]
	// will report an error if the checksum verification fails. If you receive a
	// checksum error, your client should verify that
	// CRC32C([MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data]) is
	// equal to
	// [MacSignRequest.data_crc32c][google.cloud.kms.v1.MacSignRequest.data_crc32c],
	// and if so, perform a limited number of retries. A persistent mismatch may
	// indicate an issue in your computation of the CRC32C checksum. Note: This
	// field is defined as int64 for reasons of compatibility across different
	// languages. However, it is a non-negative integer, which will never exceed
	// 2^32-1, and can be safely downconverted to uint32 in languages that support
	// this type.
	DataCrc32C *wrapperspb.Int64Value `protobuf:"bytes,3,opt,name=data_crc32c,json=dataCrc32c,proto3" json:"data_crc32c,omitempty"`
	// contains filtered or unexported fields
}

func (*MacSignRequest) Descriptor() ([]byte, []int)

func (x *MacSignRequest) GetData() []byte

func (x *MacSignRequest) GetDataCrc32C() *wrapperspb.Int64Value

func (x *MacSignRequest) GetName() string

func (*MacSignRequest) ProtoMessage()

func (x *MacSignRequest) ProtoReflect() protoreflect.Message

func (x *MacSignRequest) Reset()

func (x *MacSignRequest) String() string

type MacSignResponse struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Mac []byte `protobuf:"bytes,2,opt,name=mac,proto3" json:"mac,omitempty"`

	MacCrc32C *wrapperspb.Int64Value `protobuf:"bytes,3,opt,name=mac_crc32c,json=macCrc32c,proto3" json:"mac_crc32c,omitempty"`

	VerifiedDataCrc32C bool `protobuf:"varint,4,opt,name=verified_data_crc32c,json=verifiedDataCrc32c,proto3" json:"verified_data_crc32c,omitempty"`

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

}

func (*MacSignResponse) Descriptor() ([]byte, []int)

func (x *MacSignResponse) GetMac() []byte

func (x *MacSignResponse) GetMacCrc32C() *wrapperspb.Int64Value

func (x *MacSignResponse) GetName() string

func (x *MacSignResponse) GetProtectionLevel() ProtectionLevel

func (x *MacSignResponse) GetVerifiedDataCrc32C() bool

func (*MacSignResponse) ProtoMessage()

func (x *MacSignResponse) ProtoReflect() protoreflect.Message

func (x *MacSignResponse) Reset()

func (x *MacSignResponse) String() string

type MacVerifyRequest struct {

	// Required. The resource name of the
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for
	// verification.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Required. The data used previously as a
	// [MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data] to generate
	// the MAC tag.
	Data []byte `protobuf:"bytes,2,opt,name=data,proto3" json:"data,omitempty"`
	// Optional. An optional CRC32C checksum of the
	// [MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data]. If
	// specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService]
	// will verify the integrity of the received
	// [MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data] using
	// this checksum.
	// [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
	// report an error if the checksum verification fails. If you receive a
	// checksum error, your client should verify that
	// CRC32C([MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data])
	// is equal to
	// [MacVerifyRequest.data_crc32c][google.cloud.kms.v1.MacVerifyRequest.data_crc32c],
	// and if so, perform a limited number of retries. A persistent mismatch may
	// indicate an issue in your computation of the CRC32C checksum. Note: This
	// field is defined as int64 for reasons of compatibility across different
	// languages. However, it is a non-negative integer, which will never exceed
	// 2^32-1, and can be safely downconverted to uint32 in languages that support
	// this type.
	DataCrc32C *wrapperspb.Int64Value `protobuf:"bytes,3,opt,name=data_crc32c,json=dataCrc32c,proto3" json:"data_crc32c,omitempty"`
	// Required. The signature to verify.
	Mac []byte `protobuf:"bytes,4,opt,name=mac,proto3" json:"mac,omitempty"`
	// Optional. An optional CRC32C checksum of the
	// [MacVerifyRequest.mac][google.cloud.kms.v1.MacVerifyRequest.mac]. If
	// specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService]
	// will verify the integrity of the received
	// [MacVerifyRequest.mac][google.cloud.kms.v1.MacVerifyRequest.mac] using this
	// checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService]
	// will report an error if the checksum verification fails. If you receive a
	// checksum error, your client should verify that
	// CRC32C([MacVerifyRequest.tag][]) is equal to
	// [MacVerifyRequest.mac_crc32c][google.cloud.kms.v1.MacVerifyRequest.mac_crc32c],
	// and if so, perform a limited number of retries. A persistent mismatch may
	// indicate an issue in your computation of the CRC32C checksum. Note: This
	// field is defined as int64 for reasons of compatibility across different
	// languages. However, it is a non-negative integer, which will never exceed
	// 2^32-1, and can be safely downconverted to uint32 in languages that support
	// this type.
	MacCrc32C *wrapperspb.Int64Value `protobuf:"bytes,5,opt,name=mac_crc32c,json=macCrc32c,proto3" json:"mac_crc32c,omitempty"`
	// contains filtered or unexported fields
}

func (*MacVerifyRequest) Descriptor() ([]byte, []int)

func (x *MacVerifyRequest) GetData() []byte

func (x *MacVerifyRequest) GetDataCrc32C() *wrapperspb.Int64Value

func (x *MacVerifyRequest) GetMac() []byte

func (x *MacVerifyRequest) GetMacCrc32C() *wrapperspb.Int64Value

func (x *MacVerifyRequest) GetName() string

func (*MacVerifyRequest) ProtoMessage()

func (x *MacVerifyRequest) ProtoReflect() protoreflect.Message

func (x *MacVerifyRequest) Reset()

func (x *MacVerifyRequest) String() string

type MacVerifyResponse struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Success bool `protobuf:"varint,2,opt,name=success,proto3" json:"success,omitempty"`

	VerifiedDataCrc32C bool `protobuf:"varint,3,opt,name=verified_data_crc32c,json=verifiedDataCrc32c,proto3" json:"verified_data_crc32c,omitempty"`

	VerifiedMacCrc32C bool `protobuf:"varint,4,opt,name=verified_mac_crc32c,json=verifiedMacCrc32c,proto3" json:"verified_mac_crc32c,omitempty"`

	VerifiedSuccessIntegrity bool "" /* 136 byte string literal not displayed */

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

}

func (*MacVerifyResponse) Descriptor() ([]byte, []int)

func (x *MacVerifyResponse) GetName() string

func (x *MacVerifyResponse) GetProtectionLevel() ProtectionLevel

func (x *MacVerifyResponse) GetSuccess() bool

func (x *MacVerifyResponse) GetVerifiedDataCrc32C() bool

func (x *MacVerifyResponse) GetVerifiedMacCrc32C() bool

func (x *MacVerifyResponse) GetVerifiedSuccessIntegrity() bool

func (*MacVerifyResponse) ProtoMessage()

func (x *MacVerifyResponse) ProtoReflect() protoreflect.Message

func (x *MacVerifyResponse) Reset()

func (x *MacVerifyResponse) String() string

type ProtectionLevel int32

const (
	// Not specified.
	ProtectionLevel_PROTECTION_LEVEL_UNSPECIFIED ProtectionLevel = 0
	// Crypto operations are performed in software.
	ProtectionLevel_SOFTWARE ProtectionLevel = 1
	// Crypto operations are performed in a Hardware Security Module.
	ProtectionLevel_HSM ProtectionLevel = 2
	// Crypto operations are performed by an external key manager.
	ProtectionLevel_EXTERNAL ProtectionLevel = 3
	// Crypto operations are performed in an EKM-over-VPC backend.
	ProtectionLevel_EXTERNAL_VPC ProtectionLevel = 4
)

func (ProtectionLevel) Descriptor() protoreflect.EnumDescriptor

func (x ProtectionLevel) Enum() *ProtectionLevel

func (ProtectionLevel) EnumDescriptor() ([]byte, []int)

func (x ProtectionLevel) Number() protoreflect.EnumNumber

func (x ProtectionLevel) String() string

func (ProtectionLevel) Type() protoreflect.EnumType

type PublicKey struct {
	Pem string `protobuf:"bytes,1,opt,name=pem,proto3" json:"pem,omitempty"`

	Algorithm CryptoKeyVersion_CryptoKeyVersionAlgorithm "" /* 140 byte string literal not displayed */

	PemCrc32C *wrapperspb.Int64Value `protobuf:"bytes,3,opt,name=pem_crc32c,json=pemCrc32c,proto3" json:"pem_crc32c,omitempty"`

	Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"`

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

}

func (*PublicKey) Descriptor() ([]byte, []int)

func (x *PublicKey) GetAlgorithm() CryptoKeyVersion_CryptoKeyVersionAlgorithm

func (x *PublicKey) GetName() string

func (x *PublicKey) GetPem() string

func (x *PublicKey) GetPemCrc32C() *wrapperspb.Int64Value

func (x *PublicKey) GetProtectionLevel() ProtectionLevel

func (*PublicKey) ProtoMessage()

func (x *PublicKey) ProtoReflect() protoreflect.Message

func (x *PublicKey) Reset()

func (x *PublicKey) String() string

type RawDecryptRequest struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Ciphertext []byte `protobuf:"bytes,2,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`

	AdditionalAuthenticatedData []byte "" /* 144 byte string literal not displayed */

	InitializationVector []byte `protobuf:"bytes,4,opt,name=initialization_vector,json=initializationVector,proto3" json:"initialization_vector,omitempty"`

	TagLength int32 `protobuf:"varint,5,opt,name=tag_length,json=tagLength,proto3" json:"tag_length,omitempty"`

	CiphertextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,6,opt,name=ciphertext_crc32c,json=ciphertextCrc32c,proto3" json:"ciphertext_crc32c,omitempty"`

	AdditionalAuthenticatedDataCrc32C *wrapperspb.Int64Value "" /* 164 byte string literal not displayed */

	InitializationVectorCrc32C *wrapperspb.Int64Value "" /* 141 byte string literal not displayed */

}

func (*RawDecryptRequest) Descriptor() ([]byte, []int)

func (x *RawDecryptRequest) GetAdditionalAuthenticatedData() []byte

func (x *RawDecryptRequest) GetAdditionalAuthenticatedDataCrc32C() *wrapperspb.Int64Value

func (x *RawDecryptRequest) GetCiphertext() []byte

func (x *RawDecryptRequest) GetCiphertextCrc32C() *wrapperspb.Int64Value

func (x *RawDecryptRequest) GetInitializationVector() []byte

func (x *RawDecryptRequest) GetInitializationVectorCrc32C() *wrapperspb.Int64Value

func (x *RawDecryptRequest) GetName() string

func (x *RawDecryptRequest) GetTagLength() int32

func (*RawDecryptRequest) ProtoMessage()

func (x *RawDecryptRequest) ProtoReflect() protoreflect.Message

func (x *RawDecryptRequest) Reset()

func (x *RawDecryptRequest) String() string

type RawDecryptResponse struct {
	Plaintext []byte `protobuf:"bytes,1,opt,name=plaintext,proto3" json:"plaintext,omitempty"`

	PlaintextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,2,opt,name=plaintext_crc32c,json=plaintextCrc32c,proto3" json:"plaintext_crc32c,omitempty"`

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

	VerifiedCiphertextCrc32C bool "" /* 136 byte string literal not displayed */

	VerifiedAdditionalAuthenticatedDataCrc32C bool "" /* 191 byte string literal not displayed */

	VerifiedInitializationVectorCrc32C bool "" /* 168 byte string literal not displayed */

}

func (*RawDecryptResponse) Descriptor() ([]byte, []int)

func (x *RawDecryptResponse) GetPlaintext() []byte

func (x *RawDecryptResponse) GetPlaintextCrc32C() *wrapperspb.Int64Value

func (x *RawDecryptResponse) GetProtectionLevel() ProtectionLevel

func (x *RawDecryptResponse) GetVerifiedAdditionalAuthenticatedDataCrc32C() bool

func (x *RawDecryptResponse) GetVerifiedCiphertextCrc32C() bool

func (x *RawDecryptResponse) GetVerifiedInitializationVectorCrc32C() bool

func (*RawDecryptResponse) ProtoMessage()

func (x *RawDecryptResponse) ProtoReflect() protoreflect.Message

func (x *RawDecryptResponse) Reset()

func (x *RawDecryptResponse) String() string

type RawEncryptRequest struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Plaintext []byte `protobuf:"bytes,2,opt,name=plaintext,proto3" json:"plaintext,omitempty"`

	AdditionalAuthenticatedData []byte "" /* 144 byte string literal not displayed */

	PlaintextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,4,opt,name=plaintext_crc32c,json=plaintextCrc32c,proto3" json:"plaintext_crc32c,omitempty"`

	AdditionalAuthenticatedDataCrc32C *wrapperspb.Int64Value "" /* 164 byte string literal not displayed */

	InitializationVector []byte `protobuf:"bytes,6,opt,name=initialization_vector,json=initializationVector,proto3" json:"initialization_vector,omitempty"`

	InitializationVectorCrc32C *wrapperspb.Int64Value "" /* 141 byte string literal not displayed */

}

func (*RawEncryptRequest) Descriptor() ([]byte, []int)

func (x *RawEncryptRequest) GetAdditionalAuthenticatedData() []byte

func (x *RawEncryptRequest) GetAdditionalAuthenticatedDataCrc32C() *wrapperspb.Int64Value

func (x *RawEncryptRequest) GetInitializationVector() []byte

func (x *RawEncryptRequest) GetInitializationVectorCrc32C() *wrapperspb.Int64Value

func (x *RawEncryptRequest) GetName() string

func (x *RawEncryptRequest) GetPlaintext() []byte

func (x *RawEncryptRequest) GetPlaintextCrc32C() *wrapperspb.Int64Value

func (*RawEncryptRequest) ProtoMessage()

func (x *RawEncryptRequest) ProtoReflect() protoreflect.Message

func (x *RawEncryptRequest) Reset()

func (x *RawEncryptRequest) String() string

type RawEncryptResponse struct {
	Ciphertext []byte `protobuf:"bytes,1,opt,name=ciphertext,proto3" json:"ciphertext,omitempty"`

	InitializationVector []byte `protobuf:"bytes,2,opt,name=initialization_vector,json=initializationVector,proto3" json:"initialization_vector,omitempty"`

	TagLength int32 `protobuf:"varint,3,opt,name=tag_length,json=tagLength,proto3" json:"tag_length,omitempty"`

	CiphertextCrc32C *wrapperspb.Int64Value `protobuf:"bytes,4,opt,name=ciphertext_crc32c,json=ciphertextCrc32c,proto3" json:"ciphertext_crc32c,omitempty"`

	InitializationVectorCrc32C *wrapperspb.Int64Value "" /* 141 byte string literal not displayed */

	VerifiedPlaintextCrc32C bool "" /* 133 byte string literal not displayed */

	VerifiedAdditionalAuthenticatedDataCrc32C bool "" /* 191 byte string literal not displayed */

	VerifiedInitializationVectorCrc32C bool "" /* 169 byte string literal not displayed */

	Name string `protobuf:"bytes,8,opt,name=name,proto3" json:"name,omitempty"`

	ProtectionLevel ProtectionLevel "" /* 148 byte string literal not displayed */

}

func (*RawEncryptResponse) Descriptor() ([]byte, []int)

func (x *RawEncryptResponse) GetCiphertext() []byte

func (x *RawEncryptResponse) GetCiphertextCrc32C() *wrapperspb.Int64Value

func (x *RawEncryptResponse) GetInitializationVector() []byte

func (x *RawEncryptResponse) GetInitializationVectorCrc32C() *wrapperspb.Int64Value

func (x *RawEncryptResponse) GetName() string

func (x *RawEncryptResponse) GetProtectionLevel() ProtectionLevel

func (x *RawEncryptResponse) GetTagLength() int32

func (x *RawEncryptResponse) GetVerifiedAdditionalAuthenticatedDataCrc32C() bool

func (x *RawEncryptResponse) GetVerifiedInitializationVectorCrc32C() bool

func (x *RawEncryptResponse) GetVerifiedPlaintextCrc32C() bool

func (*RawEncryptResponse) ProtoMessage()

func (x *RawEncryptResponse) ProtoReflect() protoreflect.Message

func (x *RawEncryptResponse) Reset()

func (x *RawEncryptResponse) String() string

type RestoreCryptoKeyVersionRequest struct {

	// Required. The resource name of the
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to restore.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*RestoreCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

func (x *RestoreCryptoKeyVersionRequest) GetName() string

func (*RestoreCryptoKeyVersionRequest) ProtoMessage()

func (x *RestoreCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (x *RestoreCryptoKeyVersionRequest) Reset()

func (x *RestoreCryptoKeyVersionRequest) String() string

type UnimplementedEkmServiceServer struct {
}

func (*UnimplementedEkmServiceServer) CreateEkmConnection(context.Context, *CreateEkmConnectionRequest) (*EkmConnection, error)

func (*UnimplementedEkmServiceServer) GetEkmConfig(context.Context, *GetEkmConfigRequest) (*EkmConfig, error)

func (*UnimplementedEkmServiceServer) GetEkmConnection(context.Context, *GetEkmConnectionRequest) (*EkmConnection, error)

func (*UnimplementedEkmServiceServer) ListEkmConnections(context.Context, *ListEkmConnectionsRequest) (*ListEkmConnectionsResponse, error)

func (*UnimplementedEkmServiceServer) UpdateEkmConfig(context.Context, *UpdateEkmConfigRequest) (*EkmConfig, error)

func (*UnimplementedEkmServiceServer) UpdateEkmConnection(context.Context, *UpdateEkmConnectionRequest) (*EkmConnection, error)

func (*UnimplementedEkmServiceServer) VerifyConnectivity(context.Context, *VerifyConnectivityRequest) (*VerifyConnectivityResponse, error)

type UnimplementedKeyManagementServiceServer struct {
}

func (*UnimplementedKeyManagementServiceServer) AsymmetricDecrypt(context.Context, *AsymmetricDecryptRequest) (*AsymmetricDecryptResponse, error)

func (*UnimplementedKeyManagementServiceServer) AsymmetricSign(context.Context, *AsymmetricSignRequest) (*AsymmetricSignResponse, error)

func (*UnimplementedKeyManagementServiceServer) CreateCryptoKey(context.Context, *CreateCryptoKeyRequest) (*CryptoKey, error)

func (*UnimplementedKeyManagementServiceServer) CreateCryptoKeyVersion(context.Context, *CreateCryptoKeyVersionRequest) (*CryptoKeyVersion, error)

func (*UnimplementedKeyManagementServiceServer) CreateImportJob(context.Context, *CreateImportJobRequest) (*ImportJob, error)

func (*UnimplementedKeyManagementServiceServer) CreateKeyRing(context.Context, *CreateKeyRingRequest) (*KeyRing, error)

func (*UnimplementedKeyManagementServiceServer) Decrypt(context.Context, *DecryptRequest) (*DecryptResponse, error)

func (*UnimplementedKeyManagementServiceServer) DestroyCryptoKeyVersion(context.Context, *DestroyCryptoKeyVersionRequest) (*CryptoKeyVersion, error)

func (*UnimplementedKeyManagementServiceServer) Encrypt(context.Context, *EncryptRequest) (*EncryptResponse, error)

func (*UnimplementedKeyManagementServiceServer) GenerateRandomBytes(context.Context, *GenerateRandomBytesRequest) (*GenerateRandomBytesResponse, error)

func (*UnimplementedKeyManagementServiceServer) GetCryptoKey(context.Context, *GetCryptoKeyRequest) (*CryptoKey, error)

func (*UnimplementedKeyManagementServiceServer) GetCryptoKeyVersion(context.Context, *GetCryptoKeyVersionRequest) (*CryptoKeyVersion, error)

func (*UnimplementedKeyManagementServiceServer) GetImportJob(context.Context, *GetImportJobRequest) (*ImportJob, error)

func (*UnimplementedKeyManagementServiceServer) GetKeyRing(context.Context, *GetKeyRingRequest) (*KeyRing, error)

func (*UnimplementedKeyManagementServiceServer) GetPublicKey(context.Context, *GetPublicKeyRequest) (*PublicKey, error)

func (*UnimplementedKeyManagementServiceServer) ImportCryptoKeyVersion(context.Context, *ImportCryptoKeyVersionRequest) (*CryptoKeyVersion, error)

func (*UnimplementedKeyManagementServiceServer) ListCryptoKeyVersions(context.Context, *ListCryptoKeyVersionsRequest) (*ListCryptoKeyVersionsResponse, error)

func (*UnimplementedKeyManagementServiceServer) ListCryptoKeys(context.Context, *ListCryptoKeysRequest) (*ListCryptoKeysResponse, error)

func (*UnimplementedKeyManagementServiceServer) ListImportJobs(context.Context, *ListImportJobsRequest) (*ListImportJobsResponse, error)

func (*UnimplementedKeyManagementServiceServer) ListKeyRings(context.Context, *ListKeyRingsRequest) (*ListKeyRingsResponse, error)

func (*UnimplementedKeyManagementServiceServer) MacSign(context.Context, *MacSignRequest) (*MacSignResponse, error)

func (*UnimplementedKeyManagementServiceServer) MacVerify(context.Context, *MacVerifyRequest) (*MacVerifyResponse, error)

func (*UnimplementedKeyManagementServiceServer) RawDecrypt(context.Context, *RawDecryptRequest) (*RawDecryptResponse, error)

func (*UnimplementedKeyManagementServiceServer) RawEncrypt(context.Context, *RawEncryptRequest) (*RawEncryptResponse, error)

func (*UnimplementedKeyManagementServiceServer) RestoreCryptoKeyVersion(context.Context, *RestoreCryptoKeyVersionRequest) (*CryptoKeyVersion, error)

func (*UnimplementedKeyManagementServiceServer) UpdateCryptoKey(context.Context, *UpdateCryptoKeyRequest) (*CryptoKey, error)

func (*UnimplementedKeyManagementServiceServer) UpdateCryptoKeyPrimaryVersion(context.Context, *UpdateCryptoKeyPrimaryVersionRequest) (*CryptoKey, error)

func (*UnimplementedKeyManagementServiceServer) UpdateCryptoKeyVersion(context.Context, *UpdateCryptoKeyVersionRequest) (*CryptoKeyVersion, error)

type UpdateCryptoKeyPrimaryVersionRequest struct {

	// Required. The resource name of the
	// [CryptoKey][google.cloud.kms.v1.CryptoKey] to update.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Required. The id of the child
	// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use as primary.
	CryptoKeyVersionId string `protobuf:"bytes,2,opt,name=crypto_key_version_id,json=cryptoKeyVersionId,proto3" json:"crypto_key_version_id,omitempty"`
	// contains filtered or unexported fields
}

func (*UpdateCryptoKeyPrimaryVersionRequest) Descriptor() ([]byte, []int)

func (x *UpdateCryptoKeyPrimaryVersionRequest) GetCryptoKeyVersionId() string

func (x *UpdateCryptoKeyPrimaryVersionRequest) GetName() string

func (*UpdateCryptoKeyPrimaryVersionRequest) ProtoMessage()

func (x *UpdateCryptoKeyPrimaryVersionRequest) ProtoReflect() protoreflect.Message

func (x *UpdateCryptoKeyPrimaryVersionRequest) Reset()

func (x *UpdateCryptoKeyPrimaryVersionRequest) String() string

type UpdateCryptoKeyRequest struct {

	// Required. [CryptoKey][google.cloud.kms.v1.CryptoKey] with updated values.
	CryptoKey *CryptoKey `protobuf:"bytes,1,opt,name=crypto_key,json=cryptoKey,proto3" json:"crypto_key,omitempty"`
	// Required. List of fields to be updated in this request.
	UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
	// contains filtered or unexported fields
}

func (*UpdateCryptoKeyRequest) Descriptor() ([]byte, []int)

func (x *UpdateCryptoKeyRequest) GetCryptoKey() *CryptoKey

func (x *UpdateCryptoKeyRequest) GetUpdateMask() *fieldmaskpb.FieldMask

func (*UpdateCryptoKeyRequest) ProtoMessage()

func (x *UpdateCryptoKeyRequest) ProtoReflect() protoreflect.Message

func (x *UpdateCryptoKeyRequest) Reset()

func (x *UpdateCryptoKeyRequest) String() string

type UpdateCryptoKeyVersionRequest struct {

	// Required. [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
	// updated values.
	CryptoKeyVersion *CryptoKeyVersion `protobuf:"bytes,1,opt,name=crypto_key_version,json=cryptoKeyVersion,proto3" json:"crypto_key_version,omitempty"`
	// Required. List of fields to be updated in this request.
	UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
	// contains filtered or unexported fields
}

func (*UpdateCryptoKeyVersionRequest) Descriptor() ([]byte, []int)

func (x *UpdateCryptoKeyVersionRequest) GetCryptoKeyVersion() *CryptoKeyVersion

func (x *UpdateCryptoKeyVersionRequest) GetUpdateMask() *fieldmaskpb.FieldMask

func (*UpdateCryptoKeyVersionRequest) ProtoMessage()

func (x *UpdateCryptoKeyVersionRequest) ProtoReflect() protoreflect.Message

func (x *UpdateCryptoKeyVersionRequest) Reset()

func (x *UpdateCryptoKeyVersionRequest) String() string

type UpdateEkmConfigRequest struct {

	// Required. [EkmConfig][google.cloud.kms.v1.EkmConfig] with updated values.
	EkmConfig *EkmConfig `protobuf:"bytes,1,opt,name=ekm_config,json=ekmConfig,proto3" json:"ekm_config,omitempty"`
	// Required. List of fields to be updated in this request.
	UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
	// contains filtered or unexported fields
}

func (*UpdateEkmConfigRequest) Descriptor() ([]byte, []int)

func (x *UpdateEkmConfigRequest) GetEkmConfig() *EkmConfig

func (x *UpdateEkmConfigRequest) GetUpdateMask() *fieldmaskpb.FieldMask

func (*UpdateEkmConfigRequest) ProtoMessage()

func (x *UpdateEkmConfigRequest) ProtoReflect() protoreflect.Message

func (x *UpdateEkmConfigRequest) Reset()

func (x *UpdateEkmConfigRequest) String() string

type UpdateEkmConnectionRequest struct {

	// Required. [EkmConnection][google.cloud.kms.v1.EkmConnection] with updated
	// values.
	EkmConnection *EkmConnection `protobuf:"bytes,1,opt,name=ekm_connection,json=ekmConnection,proto3" json:"ekm_connection,omitempty"`
	// Required. List of fields to be updated in this request.
	UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
	// contains filtered or unexported fields
}

func (*UpdateEkmConnectionRequest) Descriptor() ([]byte, []int)

func (x *UpdateEkmConnectionRequest) GetEkmConnection() *EkmConnection

func (x *UpdateEkmConnectionRequest) GetUpdateMask() *fieldmaskpb.FieldMask

func (*UpdateEkmConnectionRequest) ProtoMessage()

func (x *UpdateEkmConnectionRequest) ProtoReflect() protoreflect.Message

func (x *UpdateEkmConnectionRequest) Reset()

func (x *UpdateEkmConnectionRequest) String() string

type VerifyConnectivityRequest struct {

	// Required. The [name][google.cloud.kms.v1.EkmConnection.name] of the
	// [EkmConnection][google.cloud.kms.v1.EkmConnection] to verify.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// contains filtered or unexported fields
}

func (*VerifyConnectivityRequest) Descriptor() ([]byte, []int)

func (x *VerifyConnectivityRequest) GetName() string

func (*VerifyConnectivityRequest) ProtoMessage()

func (x *VerifyConnectivityRequest) ProtoReflect() protoreflect.Message

func (x *VerifyConnectivityRequest) Reset()

func (x *VerifyConnectivityRequest) String() string

type VerifyConnectivityResponse struct {
	// contains filtered or unexported fields
}

func (*VerifyConnectivityResponse) Descriptor() ([]byte, []int)

func (*VerifyConnectivityResponse) ProtoMessage()

func (x *VerifyConnectivityResponse) ProtoReflect() protoreflect.Message

func (x *VerifyConnectivityResponse) Reset()

func (x *VerifyConnectivityResponse) String() string