Package cloud.google.com/go/security/privateca/apiv1beta1/privatecapb (v1.7.0)

var (
	RevocationReason_name = map[int32]string{
		0: "REVOCATION_REASON_UNSPECIFIED",
		1: "KEY_COMPROMISE",
		2: "CERTIFICATE_AUTHORITY_COMPROMISE",
		3: "AFFILIATION_CHANGED",
		4: "SUPERSEDED",
		5: "CESSATION_OF_OPERATION",
		6: "CERTIFICATE_HOLD",
		7: "PRIVILEGE_WITHDRAWN",
		8: "ATTRIBUTE_AUTHORITY_COMPROMISE",
	}
	RevocationReason_value = map[string]int32{
		"REVOCATION_REASON_UNSPECIFIED":    0,
		"KEY_COMPROMISE":                   1,
		"CERTIFICATE_AUTHORITY_COMPROMISE": 2,
		"AFFILIATION_CHANGED":              3,
		"SUPERSEDED":                       4,
		"CESSATION_OF_OPERATION":           5,
		"CERTIFICATE_HOLD":                 6,
		"PRIVILEGE_WITHDRAWN":              7,
		"ATTRIBUTE_AUTHORITY_COMPROMISE":   8,
	}
)

var (
	CertificateAuthority_Type_name = map[int32]string{
		0: "TYPE_UNSPECIFIED",
		1: "SELF_SIGNED",
		2: "SUBORDINATE",
	}
	CertificateAuthority_Type_value = map[string]int32{
		"TYPE_UNSPECIFIED": 0,
		"SELF_SIGNED":      1,
		"SUBORDINATE":      2,
	}
)

var (
	CertificateAuthority_Tier_name = map[int32]string{
		0: "TIER_UNSPECIFIED",
		1: "ENTERPRISE",
		2: "DEVOPS",
	}
	CertificateAuthority_Tier_value = map[string]int32{
		"TIER_UNSPECIFIED": 0,
		"ENTERPRISE":       1,
		"DEVOPS":           2,
	}
)

var (
	CertificateAuthority_State_name = map[int32]string{
		0: "STATE_UNSPECIFIED",
		1: "ENABLED",
		2: "DISABLED",
		3: "PENDING_ACTIVATION",
		4: "PENDING_DELETION",
	}
	CertificateAuthority_State_value = map[string]int32{
		"STATE_UNSPECIFIED":  0,
		"ENABLED":            1,
		"DISABLED":           2,
		"PENDING_ACTIVATION": 3,
		"PENDING_DELETION":   4,
	}
)

var (
	CertificateAuthority_SignHashAlgorithm_name = map[int32]string{
		0: "SIGN_HASH_ALGORITHM_UNSPECIFIED",
		1: "RSA_PSS_2048_SHA256",
		2: "RSA_PSS_3072_SHA256",
		3: "RSA_PSS_4096_SHA256",
		6: "RSA_PKCS1_2048_SHA256",
		7: "RSA_PKCS1_3072_SHA256",
		8: "RSA_PKCS1_4096_SHA256",
		4: "EC_P256_SHA256",
		5: "EC_P384_SHA384",
	}
	CertificateAuthority_SignHashAlgorithm_value = map[string]int32{
		"SIGN_HASH_ALGORITHM_UNSPECIFIED": 0,
		"RSA_PSS_2048_SHA256":             1,
		"RSA_PSS_3072_SHA256":             2,
		"RSA_PSS_4096_SHA256":             3,
		"RSA_PKCS1_2048_SHA256":           6,
		"RSA_PKCS1_3072_SHA256":           7,
		"RSA_PKCS1_4096_SHA256":           8,
		"EC_P256_SHA256":                  4,
		"EC_P384_SHA384":                  5,
	}
)

var (
	CertificateRevocationList_State_name = map[int32]string{
		0: "STATE_UNSPECIFIED",
		1: "ACTIVE",
		2: "SUPERSEDED",
	}
	CertificateRevocationList_State_value = map[string]int32{
		"STATE_UNSPECIFIED": 0,
		"ACTIVE":            1,
		"SUPERSEDED":        2,
	}
)

var (
	PublicKey_KeyType_name = map[int32]string{
		0: "KEY_TYPE_UNSPECIFIED",
		1: "PEM_RSA_KEY",
		2: "PEM_EC_KEY",
	}
	PublicKey_KeyType_value = map[string]int32{
		"KEY_TYPE_UNSPECIFIED": 0,
		"PEM_RSA_KEY":          1,
		"PEM_EC_KEY":           2,
	}
)

var File_google_cloud_security_privateca_v1beta1_resources_proto protoreflect.FileDescriptor

var File_google_cloud_security_privateca_v1beta1_service_proto protoreflect.FileDescriptor

func RegisterCertificateAuthorityServiceServer(s *grpc.Server, srv CertificateAuthorityServiceServer)

type ActivateCertificateAuthorityRequest struct {

	// Required. The resource name for this [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in the
	// format `projects/*/locations/*/certificateAuthorities/*`.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// Required. The signed CA certificate issued from
	// [FetchCertificateAuthorityCsrResponse.pem_csr][google.cloud.security.privateca.v1beta1.FetchCertificateAuthorityCsrResponse.pem_csr].
	PemCaCertificate string `protobuf:"bytes,2,opt,name=pem_ca_certificate,json=pemCaCertificate,proto3" json:"pem_ca_certificate,omitempty"`
	// Required. Must include information about the issuer of 'pem_ca_certificate', and any
	// further issuers until the self-signed CA.
	SubordinateConfig *SubordinateConfig `protobuf:"bytes,3,opt,name=subordinate_config,json=subordinateConfig,proto3" json:"subordinate_config,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*ActivateCertificateAuthorityRequest) Descriptor() ([]byte, []int)

func (x *ActivateCertificateAuthorityRequest) GetName() string

func (x *ActivateCertificateAuthorityRequest) GetPemCaCertificate() string

func (x *ActivateCertificateAuthorityRequest) GetRequestId() string

func (x *ActivateCertificateAuthorityRequest) GetSubordinateConfig() *SubordinateConfig

func (*ActivateCertificateAuthorityRequest) ProtoMessage()

func (x *ActivateCertificateAuthorityRequest) ProtoReflect() protoreflect.Message

func (x *ActivateCertificateAuthorityRequest) Reset()

func (x *ActivateCertificateAuthorityRequest) String() string

type Certificate struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	CertificateConfig isCertificate_CertificateConfig `protobuf_oneof:"certificate_config"`

	Lifetime *durationpb.Duration `protobuf:"bytes,4,opt,name=lifetime,proto3" json:"lifetime,omitempty"`

	RevocationDetails *Certificate_RevocationDetails `protobuf:"bytes,5,opt,name=revocation_details,json=revocationDetails,proto3" json:"revocation_details,omitempty"`

	PemCertificate string `protobuf:"bytes,6,opt,name=pem_certificate,json=pemCertificate,proto3" json:"pem_certificate,omitempty"`

	CertificateDescription *CertificateDescription "" /* 127 byte string literal not displayed */

	PemCertificateChain []string `protobuf:"bytes,8,rep,name=pem_certificate_chain,json=pemCertificateChain,proto3" json:"pem_certificate_chain,omitempty"`

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,9,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,10,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`

	Labels map[string]string "" /* 154 byte string literal not displayed */

}

func (*Certificate) Descriptor() ([]byte, []int)

func (m *Certificate) GetCertificateConfig() isCertificate_CertificateConfig

func (x *Certificate) GetCertificateDescription() *CertificateDescription

func (x *Certificate) GetConfig() *CertificateConfig

func (x *Certificate) GetCreateTime() *timestamppb.Timestamp

func (x *Certificate) GetLabels() map[string]string

func (x *Certificate) GetLifetime() *durationpb.Duration

func (x *Certificate) GetName() string

func (x *Certificate) GetPemCertificate() string

func (x *Certificate) GetPemCertificateChain() []string

func (x *Certificate) GetPemCsr() string

func (x *Certificate) GetRevocationDetails() *Certificate_RevocationDetails

func (x *Certificate) GetUpdateTime() *timestamppb.Timestamp

func (*Certificate) ProtoMessage()

func (x *Certificate) ProtoReflect() protoreflect.Message

func (x *Certificate) Reset()

func (x *Certificate) String() string

type CertificateAuthority struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	Type CertificateAuthority_Type "" /* 133 byte string literal not displayed */

	Tier CertificateAuthority_Tier "" /* 133 byte string literal not displayed */

	Config *CertificateConfig `protobuf:"bytes,4,opt,name=config,proto3" json:"config,omitempty"`

	Lifetime *durationpb.Duration `protobuf:"bytes,5,opt,name=lifetime,proto3" json:"lifetime,omitempty"`

	KeySpec *CertificateAuthority_KeyVersionSpec `protobuf:"bytes,6,opt,name=key_spec,json=keySpec,proto3" json:"key_spec,omitempty"`

	CertificatePolicy *CertificateAuthority_CertificateAuthorityPolicy `protobuf:"bytes,7,opt,name=certificate_policy,json=certificatePolicy,proto3" json:"certificate_policy,omitempty"`

	IssuingOptions *CertificateAuthority_IssuingOptions `protobuf:"bytes,8,opt,name=issuing_options,json=issuingOptions,proto3" json:"issuing_options,omitempty"`

	SubordinateConfig *SubordinateConfig `protobuf:"bytes,19,opt,name=subordinate_config,json=subordinateConfig,proto3" json:"subordinate_config,omitempty"`

	State CertificateAuthority_State "" /* 137 byte string literal not displayed */

	PemCaCertificates []string `protobuf:"bytes,9,rep,name=pem_ca_certificates,json=pemCaCertificates,proto3" json:"pem_ca_certificates,omitempty"`

	CaCertificateDescriptions []*CertificateDescription "" /* 139 byte string literal not displayed */

	GcsBucket string `protobuf:"bytes,13,opt,name=gcs_bucket,json=gcsBucket,proto3" json:"gcs_bucket,omitempty"`

	AccessUrls *CertificateAuthority_AccessUrls `protobuf:"bytes,14,opt,name=access_urls,json=accessUrls,proto3" json:"access_urls,omitempty"`

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,15,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,16,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`

	DeleteTime *timestamppb.Timestamp `protobuf:"bytes,17,opt,name=delete_time,json=deleteTime,proto3" json:"delete_time,omitempty"`

	Labels map[string]string "" /* 154 byte string literal not displayed */

}

func (*CertificateAuthority) Descriptor() ([]byte, []int)

func (x *CertificateAuthority) GetAccessUrls() *CertificateAuthority_AccessUrls

func (x *CertificateAuthority) GetCaCertificateDescriptions() []*CertificateDescription

func (x *CertificateAuthority) GetCertificatePolicy() *CertificateAuthority_CertificateAuthorityPolicy

func (x *CertificateAuthority) GetConfig() *CertificateConfig

func (x *CertificateAuthority) GetCreateTime() *timestamppb.Timestamp

func (x *CertificateAuthority) GetDeleteTime() *timestamppb.Timestamp

func (x *CertificateAuthority) GetGcsBucket() string

func (x *CertificateAuthority) GetIssuingOptions() *CertificateAuthority_IssuingOptions

func (x *CertificateAuthority) GetKeySpec() *CertificateAuthority_KeyVersionSpec

func (x *CertificateAuthority) GetLabels() map[string]string

func (x *CertificateAuthority) GetLifetime() *durationpb.Duration

func (x *CertificateAuthority) GetName() string

func (x *CertificateAuthority) GetPemCaCertificates() []string

func (x *CertificateAuthority) GetState() CertificateAuthority_State

func (x *CertificateAuthority) GetSubordinateConfig() *SubordinateConfig

func (x *CertificateAuthority) GetTier() CertificateAuthority_Tier

func (x *CertificateAuthority) GetType() CertificateAuthority_Type

func (x *CertificateAuthority) GetUpdateTime() *timestamppb.Timestamp

func (*CertificateAuthority) ProtoMessage()

func (x *CertificateAuthority) ProtoReflect() protoreflect.Message

func (x *CertificateAuthority) Reset()

func (x *CertificateAuthority) String() string

type CertificateAuthorityServiceClient interface {
	// Create a new [Certificate][google.cloud.security.privateca.v1beta1.Certificate] in a given Project, Location from a particular
	// [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	CreateCertificate(ctx context.Context, in *CreateCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Returns a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
	GetCertificate(ctx context.Context, in *GetCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Lists [Certificates][google.cloud.security.privateca.v1beta1.Certificate].
	ListCertificates(ctx context.Context, in *ListCertificatesRequest, opts ...grpc.CallOption) (*ListCertificatesResponse, error)
	// Revoke a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
	RevokeCertificate(ctx context.Context, in *RevokeCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Update a [Certificate][google.cloud.security.privateca.v1beta1.Certificate]. Currently, the only field you can update is the
	// [labels][google.cloud.security.privateca.v1beta1.Certificate.labels] field.
	UpdateCertificate(ctx context.Context, in *UpdateCertificateRequest, opts ...grpc.CallOption) (*Certificate, error)
	// Activate a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] that is in state
	// [PENDING_ACTIVATION][google.cloud.security.privateca.v1beta1.CertificateAuthority.State.PENDING_ACTIVATION] and is
	// of type [SUBORDINATE][google.cloud.security.privateca.v1beta1.CertificateAuthority.Type.SUBORDINATE]. After the
	// parent Certificate Authority signs a certificate signing request from
	// [FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.FetchCertificateAuthorityCsr], this method can complete the activation
	// process.
	ActivateCertificateAuthority(ctx context.Context, in *ActivateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Create a new [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in a given Project and Location.
	CreateCertificateAuthority(ctx context.Context, in *CreateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Disable a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	DisableCertificateAuthority(ctx context.Context, in *DisableCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Enable a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	EnableCertificateAuthority(ctx context.Context, in *EnableCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Fetch a certificate signing request (CSR) from a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// that is in state
	// [PENDING_ACTIVATION][google.cloud.security.privateca.v1beta1.CertificateAuthority.State.PENDING_ACTIVATION] and is
	// of type [SUBORDINATE][google.cloud.security.privateca.v1beta1.CertificateAuthority.Type.SUBORDINATE]. The CSR must
	// then be signed by the desired parent Certificate Authority, which could be
	// another [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] resource, or could be an on-prem
	// certificate authority. See also [ActivateCertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.ActivateCertificateAuthority].
	FetchCertificateAuthorityCsr(ctx context.Context, in *FetchCertificateAuthorityCsrRequest, opts ...grpc.CallOption) (*FetchCertificateAuthorityCsrResponse, error)
	// Returns a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	GetCertificateAuthority(ctx context.Context, in *GetCertificateAuthorityRequest, opts ...grpc.CallOption) (*CertificateAuthority, error)
	// Lists [CertificateAuthorities][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	ListCertificateAuthorities(ctx context.Context, in *ListCertificateAuthoritiesRequest, opts ...grpc.CallOption) (*ListCertificateAuthoritiesResponse, error)
	// Restore a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] that is scheduled for deletion.
	RestoreCertificateAuthority(ctx context.Context, in *RestoreCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Schedule a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] for deletion.
	ScheduleDeleteCertificateAuthority(ctx context.Context, in *ScheduleDeleteCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Update a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	UpdateCertificateAuthority(ctx context.Context, in *UpdateCertificateAuthorityRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Returns a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
	GetCertificateRevocationList(ctx context.Context, in *GetCertificateRevocationListRequest, opts ...grpc.CallOption) (*CertificateRevocationList, error)
	// Lists [CertificateRevocationLists][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
	ListCertificateRevocationLists(ctx context.Context, in *ListCertificateRevocationListsRequest, opts ...grpc.CallOption) (*ListCertificateRevocationListsResponse, error)
	// Update a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
	UpdateCertificateRevocationList(ctx context.Context, in *UpdateCertificateRevocationListRequest, opts ...grpc.CallOption) (*longrunning.Operation, error)
	// Returns a [ReusableConfig][google.cloud.security.privateca.v1beta1.ReusableConfig].
	GetReusableConfig(ctx context.Context, in *GetReusableConfigRequest, opts ...grpc.CallOption) (*ReusableConfig, error)
	// Lists [ReusableConfigs][google.cloud.security.privateca.v1beta1.ReusableConfig].
	ListReusableConfigs(ctx context.Context, in *ListReusableConfigsRequest, opts ...grpc.CallOption) (*ListReusableConfigsResponse, error)
}

func NewCertificateAuthorityServiceClient(cc grpc.ClientConnInterface) CertificateAuthorityServiceClient

type CertificateAuthorityServiceServer interface {
	// Create a new [Certificate][google.cloud.security.privateca.v1beta1.Certificate] in a given Project, Location from a particular
	// [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	CreateCertificate(context.Context, *CreateCertificateRequest) (*Certificate, error)
	// Returns a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
	GetCertificate(context.Context, *GetCertificateRequest) (*Certificate, error)
	// Lists [Certificates][google.cloud.security.privateca.v1beta1.Certificate].
	ListCertificates(context.Context, *ListCertificatesRequest) (*ListCertificatesResponse, error)
	// Revoke a [Certificate][google.cloud.security.privateca.v1beta1.Certificate].
	RevokeCertificate(context.Context, *RevokeCertificateRequest) (*Certificate, error)
	// Update a [Certificate][google.cloud.security.privateca.v1beta1.Certificate]. Currently, the only field you can update is the
	// [labels][google.cloud.security.privateca.v1beta1.Certificate.labels] field.
	UpdateCertificate(context.Context, *UpdateCertificateRequest) (*Certificate, error)
	// Activate a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] that is in state
	// [PENDING_ACTIVATION][google.cloud.security.privateca.v1beta1.CertificateAuthority.State.PENDING_ACTIVATION] and is
	// of type [SUBORDINATE][google.cloud.security.privateca.v1beta1.CertificateAuthority.Type.SUBORDINATE]. After the
	// parent Certificate Authority signs a certificate signing request from
	// [FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.FetchCertificateAuthorityCsr], this method can complete the activation
	// process.
	ActivateCertificateAuthority(context.Context, *ActivateCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Create a new [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in a given Project and Location.
	CreateCertificateAuthority(context.Context, *CreateCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Disable a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	DisableCertificateAuthority(context.Context, *DisableCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Enable a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	EnableCertificateAuthority(context.Context, *EnableCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Fetch a certificate signing request (CSR) from a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// that is in state
	// [PENDING_ACTIVATION][google.cloud.security.privateca.v1beta1.CertificateAuthority.State.PENDING_ACTIVATION] and is
	// of type [SUBORDINATE][google.cloud.security.privateca.v1beta1.CertificateAuthority.Type.SUBORDINATE]. The CSR must
	// then be signed by the desired parent Certificate Authority, which could be
	// another [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] resource, or could be an on-prem
	// certificate authority. See also [ActivateCertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthorityService.ActivateCertificateAuthority].
	FetchCertificateAuthorityCsr(context.Context, *FetchCertificateAuthorityCsrRequest) (*FetchCertificateAuthorityCsrResponse, error)
	// Returns a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	GetCertificateAuthority(context.Context, *GetCertificateAuthorityRequest) (*CertificateAuthority, error)
	// Lists [CertificateAuthorities][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	ListCertificateAuthorities(context.Context, *ListCertificateAuthoritiesRequest) (*ListCertificateAuthoritiesResponse, error)
	// Restore a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] that is scheduled for deletion.
	RestoreCertificateAuthority(context.Context, *RestoreCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Schedule a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] for deletion.
	ScheduleDeleteCertificateAuthority(context.Context, *ScheduleDeleteCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Update a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	UpdateCertificateAuthority(context.Context, *UpdateCertificateAuthorityRequest) (*longrunning.Operation, error)
	// Returns a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
	GetCertificateRevocationList(context.Context, *GetCertificateRevocationListRequest) (*CertificateRevocationList, error)
	// Lists [CertificateRevocationLists][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
	ListCertificateRevocationLists(context.Context, *ListCertificateRevocationListsRequest) (*ListCertificateRevocationListsResponse, error)
	// Update a [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList].
	UpdateCertificateRevocationList(context.Context, *UpdateCertificateRevocationListRequest) (*longrunning.Operation, error)
	// Returns a [ReusableConfig][google.cloud.security.privateca.v1beta1.ReusableConfig].
	GetReusableConfig(context.Context, *GetReusableConfigRequest) (*ReusableConfig, error)
	// Lists [ReusableConfigs][google.cloud.security.privateca.v1beta1.ReusableConfig].
	ListReusableConfigs(context.Context, *ListReusableConfigsRequest) (*ListReusableConfigsResponse, error)
}

type CertificateAuthority_AccessUrls struct {
	CaCertificateAccessUrl string "" /* 131 byte string literal not displayed */

	CrlAccessUrl string `protobuf:"bytes,2,opt,name=crl_access_url,json=crlAccessUrl,proto3" json:"crl_access_url,omitempty"`

}

func (*CertificateAuthority_AccessUrls) Descriptor() ([]byte, []int)

func (x *CertificateAuthority_AccessUrls) GetCaCertificateAccessUrl() string

func (x *CertificateAuthority_AccessUrls) GetCrlAccessUrl() string

func (*CertificateAuthority_AccessUrls) ProtoMessage()

func (x *CertificateAuthority_AccessUrls) ProtoReflect() protoreflect.Message

func (x *CertificateAuthority_AccessUrls) Reset()

func (x *CertificateAuthority_AccessUrls) String() string

type CertificateAuthority_CertificateAuthorityPolicy struct {
	ConfigPolicy isCertificateAuthority_CertificateAuthorityPolicy_ConfigPolicy `protobuf_oneof:"config_policy"`

	AllowedLocationsAndOrganizations []*Subject "" /* 161 byte string literal not displayed */

	AllowedCommonNames []string `protobuf:"bytes,4,rep,name=allowed_common_names,json=allowedCommonNames,proto3" json:"allowed_common_names,omitempty"`

	AllowedSans *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames `protobuf:"bytes,5,opt,name=allowed_sans,json=allowedSans,proto3" json:"allowed_sans,omitempty"`

	MaximumLifetime *durationpb.Duration `protobuf:"bytes,6,opt,name=maximum_lifetime,json=maximumLifetime,proto3" json:"maximum_lifetime,omitempty"`

	AllowedIssuanceModes *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes `protobuf:"bytes,8,opt,name=allowed_issuance_modes,json=allowedIssuanceModes,proto3" json:"allowed_issuance_modes,omitempty"`

}

func (*CertificateAuthority_CertificateAuthorityPolicy) Descriptor() ([]byte, []int)

func (x *CertificateAuthority_CertificateAuthorityPolicy) GetAllowedCommonNames() []string

func (x *CertificateAuthority_CertificateAuthorityPolicy) GetAllowedConfigList() *CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList

func (x *CertificateAuthority_CertificateAuthorityPolicy) GetAllowedIssuanceModes() *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes

func (x *CertificateAuthority_CertificateAuthorityPolicy) GetAllowedLocationsAndOrganizations() []*Subject

func (x *CertificateAuthority_CertificateAuthorityPolicy) GetAllowedSans() *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames

func (m *CertificateAuthority_CertificateAuthorityPolicy) GetConfigPolicy() isCertificateAuthority_CertificateAuthorityPolicy_ConfigPolicy

func (x *CertificateAuthority_CertificateAuthorityPolicy) GetMaximumLifetime() *durationpb.Duration

func (x *CertificateAuthority_CertificateAuthorityPolicy) GetOverwriteConfigValues() *ReusableConfigWrapper

func (*CertificateAuthority_CertificateAuthorityPolicy) ProtoMessage()

func (x *CertificateAuthority_CertificateAuthorityPolicy) ProtoReflect() protoreflect.Message

func (x *CertificateAuthority_CertificateAuthorityPolicy) Reset()

func (x *CertificateAuthority_CertificateAuthorityPolicy) String() string

type CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList struct {

	// Required. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// must match at least one listed [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper]. If a
	// [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper] has an empty field, any value will be
	// allowed for that field.
	AllowedConfigValues []*ReusableConfigWrapper `protobuf:"bytes,1,rep,name=allowed_config_values,json=allowedConfigValues,proto3" json:"allowed_config_values,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) Descriptor() ([]byte, []int)

func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) GetAllowedConfigValues() []*ReusableConfigWrapper

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) ProtoMessage()

func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) ProtoReflect() protoreflect.Message

func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) Reset()

func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList) String() string

type CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList_ struct {
	// Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// must match at least one listed [ReusableConfigWrapper][google.cloud.security.privateca.v1beta1.ReusableConfigWrapper] in the list.
	AllowedConfigList *CertificateAuthority_CertificateAuthorityPolicy_AllowedConfigList `protobuf:"bytes,1,opt,name=allowed_config_list,json=allowedConfigList,proto3,oneof"`
}

type CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames struct {
	AllowedDnsNames []string `protobuf:"bytes,1,rep,name=allowed_dns_names,json=allowedDnsNames,proto3" json:"allowed_dns_names,omitempty"`

	AllowedUris []string `protobuf:"bytes,2,rep,name=allowed_uris,json=allowedUris,proto3" json:"allowed_uris,omitempty"`

	AllowedEmailAddresses []string `protobuf:"bytes,3,rep,name=allowed_email_addresses,json=allowedEmailAddresses,proto3" json:"allowed_email_addresses,omitempty"`

	AllowedIps []string `protobuf:"bytes,4,rep,name=allowed_ips,json=allowedIps,proto3" json:"allowed_ips,omitempty"`

	AllowGlobbingDnsWildcards bool "" /* 141 byte string literal not displayed */

	AllowCustomSans bool `protobuf:"varint,6,opt,name=allow_custom_sans,json=allowCustomSans,proto3" json:"allow_custom_sans,omitempty"`

}

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) Descriptor() ([]byte, []int)

func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowCustomSans() bool

func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowGlobbingDnsWildcards() bool

func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedDnsNames() []string

func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedEmailAddresses() []string

func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedIps() []string

func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) GetAllowedUris() []string

func (*CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) ProtoMessage()

func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) ProtoReflect() protoreflect.Message

func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) Reset()

func (x *CertificateAuthority_CertificateAuthorityPolicy_AllowedSubjectAltNames) String() string

type CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes struct {
	AllowCsrBasedIssuance bool "" /* 129 byte string literal not displayed */

	AllowConfigBasedIssuance bool "" /* 138 byte string literal not displayed */

}

func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) Descriptor() ([]byte, []int)

func (x *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) GetAllowConfigBasedIssuance() bool

func (x *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) GetAllowCsrBasedIssuance() bool

func (*CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) ProtoMessage()

func (x *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) ProtoReflect() protoreflect.Message

func (x *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) Reset()

func (x *CertificateAuthority_CertificateAuthorityPolicy_IssuanceModes) String() string

type CertificateAuthority_CertificateAuthorityPolicy_OverwriteConfigValues struct {
	// Optional. All [Certificates][google.cloud.security.privateca.v1beta1.Certificate] issued by the [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// will use the provided configuration values, overwriting any requested
	// configuration values.
	OverwriteConfigValues *ReusableConfigWrapper `protobuf:"bytes,2,opt,name=overwrite_config_values,json=overwriteConfigValues,proto3,oneof"`
}

type CertificateAuthority_IssuingOptions struct {

	// Required. When true, includes a URL to the issuing CA certificate in the
	// "authority information access" X.509 extension.
	IncludeCaCertUrl bool `protobuf:"varint,1,opt,name=include_ca_cert_url,json=includeCaCertUrl,proto3" json:"include_ca_cert_url,omitempty"`
	// Required. When true, includes a URL to the CRL corresponding to certificates
	// issued from a [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority].
	// CRLs will expire 7 days from their creation. However, we will rebuild
	// daily. CRLs are also rebuilt shortly after a certificate is revoked.
	IncludeCrlAccessUrl bool `protobuf:"varint,2,opt,name=include_crl_access_url,json=includeCrlAccessUrl,proto3" json:"include_crl_access_url,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateAuthority_IssuingOptions) Descriptor() ([]byte, []int)

func (x *CertificateAuthority_IssuingOptions) GetIncludeCaCertUrl() bool

func (x *CertificateAuthority_IssuingOptions) GetIncludeCrlAccessUrl() bool

func (*CertificateAuthority_IssuingOptions) ProtoMessage()

func (x *CertificateAuthority_IssuingOptions) ProtoReflect() protoreflect.Message

func (x *CertificateAuthority_IssuingOptions) Reset()

func (x *CertificateAuthority_IssuingOptions) String() string

type CertificateAuthority_KeyVersionSpec struct {

	// Types that are assignable to KeyVersion:
	//
	//	*CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion
	//	*CertificateAuthority_KeyVersionSpec_Algorithm
	KeyVersion isCertificateAuthority_KeyVersionSpec_KeyVersion `protobuf_oneof:"KeyVersion"`
	// contains filtered or unexported fields
}

func (*CertificateAuthority_KeyVersionSpec) Descriptor() ([]byte, []int)

func (x *CertificateAuthority_KeyVersionSpec) GetAlgorithm() CertificateAuthority_SignHashAlgorithm

func (x *CertificateAuthority_KeyVersionSpec) GetCloudKmsKeyVersion() string

func (m *CertificateAuthority_KeyVersionSpec) GetKeyVersion() isCertificateAuthority_KeyVersionSpec_KeyVersion

func (*CertificateAuthority_KeyVersionSpec) ProtoMessage()

func (x *CertificateAuthority_KeyVersionSpec) ProtoReflect() protoreflect.Message

func (x *CertificateAuthority_KeyVersionSpec) Reset()

func (x *CertificateAuthority_KeyVersionSpec) String() string

type CertificateAuthority_KeyVersionSpec_Algorithm struct {
	Algorithm CertificateAuthority_SignHashAlgorithm "" /* 135 byte string literal not displayed */
}

type CertificateAuthority_KeyVersionSpec_CloudKmsKeyVersion struct {
	// Required. The resource name for an existing Cloud KMS CryptoKeyVersion in the
	// format
	// `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
	// This option enables full flexibility in the key's capabilities and
	// properties.
	CloudKmsKeyVersion string `protobuf:"bytes,1,opt,name=cloud_kms_key_version,json=cloudKmsKeyVersion,proto3,oneof"`
}

type CertificateAuthority_SignHashAlgorithm int32

const (
	// Not specified.
	CertificateAuthority_SIGN_HASH_ALGORITHM_UNSPECIFIED CertificateAuthority_SignHashAlgorithm = 0
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256
	CertificateAuthority_RSA_PSS_2048_SHA256 CertificateAuthority_SignHashAlgorithm = 1
	// maps to CryptoKeyVersionAlgorithm. RSA_SIGN_PSS_3072_SHA256
	CertificateAuthority_RSA_PSS_3072_SHA256 CertificateAuthority_SignHashAlgorithm = 2
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_4096_SHA256
	CertificateAuthority_RSA_PSS_4096_SHA256 CertificateAuthority_SignHashAlgorithm = 3
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256
	CertificateAuthority_RSA_PKCS1_2048_SHA256 CertificateAuthority_SignHashAlgorithm = 6
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_3072_SHA256
	CertificateAuthority_RSA_PKCS1_3072_SHA256 CertificateAuthority_SignHashAlgorithm = 7
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_4096_SHA256
	CertificateAuthority_RSA_PKCS1_4096_SHA256 CertificateAuthority_SignHashAlgorithm = 8
	// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256
	CertificateAuthority_EC_P256_SHA256 CertificateAuthority_SignHashAlgorithm = 4
	// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P384_SHA384
	CertificateAuthority_EC_P384_SHA384 CertificateAuthority_SignHashAlgorithm = 5
)

func (CertificateAuthority_SignHashAlgorithm) Descriptor() protoreflect.EnumDescriptor

func (x CertificateAuthority_SignHashAlgorithm) Enum() *CertificateAuthority_SignHashAlgorithm

func (CertificateAuthority_SignHashAlgorithm) EnumDescriptor() ([]byte, []int)

func (x CertificateAuthority_SignHashAlgorithm) Number() protoreflect.EnumNumber

func (x CertificateAuthority_SignHashAlgorithm) String() string

func (CertificateAuthority_SignHashAlgorithm) Type() protoreflect.EnumType

type CertificateAuthority_State int32

const (
	// Not specified.
	CertificateAuthority_STATE_UNSPECIFIED CertificateAuthority_State = 0
	// Certificates can be issued from this CA. CRLs will be generated for this
	// CA.
	CertificateAuthority_ENABLED CertificateAuthority_State = 1
	// Certificates cannot be issued from this CA. CRLs will still be generated.
	CertificateAuthority_DISABLED CertificateAuthority_State = 2
	// Certificates cannot be issued from this CA. CRLs will not be generated.
	CertificateAuthority_PENDING_ACTIVATION CertificateAuthority_State = 3
	// Certificates cannot be issued from this CA. CRLs will not be generated.
	CertificateAuthority_PENDING_DELETION CertificateAuthority_State = 4
)

func (CertificateAuthority_State) Descriptor() protoreflect.EnumDescriptor

func (x CertificateAuthority_State) Enum() *CertificateAuthority_State

func (CertificateAuthority_State) EnumDescriptor() ([]byte, []int)

func (x CertificateAuthority_State) Number() protoreflect.EnumNumber

func (x CertificateAuthority_State) String() string

func (CertificateAuthority_State) Type() protoreflect.EnumType

type CertificateAuthority_Tier int32

const (
	// Not specified.
	CertificateAuthority_TIER_UNSPECIFIED CertificateAuthority_Tier = 0
	// Enterprise tier.
	CertificateAuthority_ENTERPRISE CertificateAuthority_Tier = 1
	// DevOps tier.
	CertificateAuthority_DEVOPS CertificateAuthority_Tier = 2
)

func (CertificateAuthority_Tier) Descriptor() protoreflect.EnumDescriptor

func (x CertificateAuthority_Tier) Enum() *CertificateAuthority_Tier

func (CertificateAuthority_Tier) EnumDescriptor() ([]byte, []int)

func (x CertificateAuthority_Tier) Number() protoreflect.EnumNumber

func (x CertificateAuthority_Tier) String() string

func (CertificateAuthority_Tier) Type() protoreflect.EnumType

type CertificateAuthority_Type int32

const (
	// Not specified.
	CertificateAuthority_TYPE_UNSPECIFIED CertificateAuthority_Type = 0
	// Self-signed CA.
	CertificateAuthority_SELF_SIGNED CertificateAuthority_Type = 1
	// Subordinate CA. Could be issued by a Private CA [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// or an unmanaged CA.
	CertificateAuthority_SUBORDINATE CertificateAuthority_Type = 2
)

func (CertificateAuthority_Type) Descriptor() protoreflect.EnumDescriptor

func (x CertificateAuthority_Type) Enum() *CertificateAuthority_Type

func (CertificateAuthority_Type) EnumDescriptor() ([]byte, []int)

func (x CertificateAuthority_Type) Number() protoreflect.EnumNumber

func (x CertificateAuthority_Type) String() string

func (CertificateAuthority_Type) Type() protoreflect.EnumType

type CertificateConfig struct {

	// Required. Specifies some of the values in a certificate that are related to the
	// subject.
	SubjectConfig *CertificateConfig_SubjectConfig `protobuf:"bytes,1,opt,name=subject_config,json=subjectConfig,proto3" json:"subject_config,omitempty"`
	// Required. Describes how some of the technical fields in a certificate should be
	// populated.
	ReusableConfig *ReusableConfigWrapper `protobuf:"bytes,2,opt,name=reusable_config,json=reusableConfig,proto3" json:"reusable_config,omitempty"`
	// Optional. The public key that corresponds to this config. This is, for example, used
	// when issuing [Certificates][google.cloud.security.privateca.v1beta1.Certificate], but not when creating a
	// self-signed [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] or [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] CSR.
	PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateConfig) Descriptor() ([]byte, []int)

func (x *CertificateConfig) GetPublicKey() *PublicKey

func (x *CertificateConfig) GetReusableConfig() *ReusableConfigWrapper

func (x *CertificateConfig) GetSubjectConfig() *CertificateConfig_SubjectConfig

func (*CertificateConfig) ProtoMessage()

func (x *CertificateConfig) ProtoReflect() protoreflect.Message

func (x *CertificateConfig) Reset()

func (x *CertificateConfig) String() string

type CertificateConfig_SubjectConfig struct {

	// Required. Contains distinguished name fields such as the location and organization.
	Subject *Subject `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
	// Optional. The "common name" of the distinguished name.
	CommonName string `protobuf:"bytes,2,opt,name=common_name,json=commonName,proto3" json:"common_name,omitempty"`
	// Optional. The subject alternative name fields.
	SubjectAltName *SubjectAltNames `protobuf:"bytes,3,opt,name=subject_alt_name,json=subjectAltName,proto3" json:"subject_alt_name,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateConfig_SubjectConfig) Descriptor() ([]byte, []int)

func (x *CertificateConfig_SubjectConfig) GetCommonName() string

func (x *CertificateConfig_SubjectConfig) GetSubject() *Subject

func (x *CertificateConfig_SubjectConfig) GetSubjectAltName() *SubjectAltNames

func (*CertificateConfig_SubjectConfig) ProtoMessage()

func (x *CertificateConfig_SubjectConfig) ProtoReflect() protoreflect.Message

func (x *CertificateConfig_SubjectConfig) Reset()

func (x *CertificateConfig_SubjectConfig) String() string

type CertificateDescription struct {
	SubjectDescription *CertificateDescription_SubjectDescription `protobuf:"bytes,1,opt,name=subject_description,json=subjectDescription,proto3" json:"subject_description,omitempty"`

	ConfigValues *ReusableConfigValues `protobuf:"bytes,2,opt,name=config_values,json=configValues,proto3" json:"config_values,omitempty"`

	PublicKey *PublicKey `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`

	SubjectKeyId *CertificateDescription_KeyId `protobuf:"bytes,4,opt,name=subject_key_id,json=subjectKeyId,proto3" json:"subject_key_id,omitempty"`

	AuthorityKeyId *CertificateDescription_KeyId `protobuf:"bytes,5,opt,name=authority_key_id,json=authorityKeyId,proto3" json:"authority_key_id,omitempty"`

	CrlDistributionPoints []string `protobuf:"bytes,6,rep,name=crl_distribution_points,json=crlDistributionPoints,proto3" json:"crl_distribution_points,omitempty"`

	AiaIssuingCertificateUrls []string "" /* 140 byte string literal not displayed */

	CertFingerprint *CertificateDescription_CertificateFingerprint `protobuf:"bytes,8,opt,name=cert_fingerprint,json=certFingerprint,proto3" json:"cert_fingerprint,omitempty"`

}

func (*CertificateDescription) Descriptor() ([]byte, []int)

func (x *CertificateDescription) GetAiaIssuingCertificateUrls() []string

func (x *CertificateDescription) GetAuthorityKeyId() *CertificateDescription_KeyId

func (x *CertificateDescription) GetCertFingerprint() *CertificateDescription_CertificateFingerprint

func (x *CertificateDescription) GetConfigValues() *ReusableConfigValues

func (x *CertificateDescription) GetCrlDistributionPoints() []string

func (x *CertificateDescription) GetPublicKey() *PublicKey

func (x *CertificateDescription) GetSubjectDescription() *CertificateDescription_SubjectDescription

func (x *CertificateDescription) GetSubjectKeyId() *CertificateDescription_KeyId

func (*CertificateDescription) ProtoMessage()

func (x *CertificateDescription) ProtoReflect() protoreflect.Message

func (x *CertificateDescription) Reset()

func (x *CertificateDescription) String() string

type CertificateDescription_CertificateFingerprint struct {

	// The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
	Sha256Hash string `protobuf:"bytes,1,opt,name=sha256_hash,json=sha256Hash,proto3" json:"sha256_hash,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateDescription_CertificateFingerprint) Descriptor() ([]byte, []int)

func (x *CertificateDescription_CertificateFingerprint) GetSha256Hash() string

func (*CertificateDescription_CertificateFingerprint) ProtoMessage()

func (x *CertificateDescription_CertificateFingerprint) ProtoReflect() protoreflect.Message

func (x *CertificateDescription_CertificateFingerprint) Reset()

func (x *CertificateDescription_CertificateFingerprint) String() string

type CertificateDescription_KeyId struct {

	// Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most
	// likely the 160 bit SHA-1 hash of the public key.
	KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateDescription_KeyId) Descriptor() ([]byte, []int)

func (x *CertificateDescription_KeyId) GetKeyId() string

func (*CertificateDescription_KeyId) ProtoMessage()

func (x *CertificateDescription_KeyId) ProtoReflect() protoreflect.Message

func (x *CertificateDescription_KeyId) Reset()

func (x *CertificateDescription_KeyId) String() string

type CertificateDescription_SubjectDescription struct {

	// Contains distinguished name fields such as the location and organization.
	Subject *Subject `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
	// The "common name" of the distinguished name.
	CommonName string `protobuf:"bytes,2,opt,name=common_name,json=commonName,proto3" json:"common_name,omitempty"`
	// The subject alternative name fields.
	SubjectAltName *SubjectAltNames `protobuf:"bytes,3,opt,name=subject_alt_name,json=subjectAltName,proto3" json:"subject_alt_name,omitempty"`
	// The serial number encoded in lowercase hexadecimal.
	HexSerialNumber string `protobuf:"bytes,4,opt,name=hex_serial_number,json=hexSerialNumber,proto3" json:"hex_serial_number,omitempty"`
	// For convenience, the actual lifetime of an issued certificate.
	// Corresponds to 'not_after_time' - 'not_before_time'.
	Lifetime *durationpb.Duration `protobuf:"bytes,5,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
	// The time at which the certificate becomes valid.
	NotBeforeTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=not_before_time,json=notBeforeTime,proto3" json:"not_before_time,omitempty"`
	// The time at which the certificate expires.
	NotAfterTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=not_after_time,json=notAfterTime,proto3" json:"not_after_time,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateDescription_SubjectDescription) Descriptor() ([]byte, []int)

func (x *CertificateDescription_SubjectDescription) GetCommonName() string

func (x *CertificateDescription_SubjectDescription) GetHexSerialNumber() string

func (x *CertificateDescription_SubjectDescription) GetLifetime() *durationpb.Duration

func (x *CertificateDescription_SubjectDescription) GetNotAfterTime() *timestamppb.Timestamp

func (x *CertificateDescription_SubjectDescription) GetNotBeforeTime() *timestamppb.Timestamp

func (x *CertificateDescription_SubjectDescription) GetSubject() *Subject

func (x *CertificateDescription_SubjectDescription) GetSubjectAltName() *SubjectAltNames

func (*CertificateDescription_SubjectDescription) ProtoMessage()

func (x *CertificateDescription_SubjectDescription) ProtoReflect() protoreflect.Message

func (x *CertificateDescription_SubjectDescription) Reset()

func (x *CertificateDescription_SubjectDescription) String() string

type CertificateRevocationList struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`

	SequenceNumber int64 `protobuf:"varint,2,opt,name=sequence_number,json=sequenceNumber,proto3" json:"sequence_number,omitempty"`

	RevokedCertificates []*CertificateRevocationList_RevokedCertificate `protobuf:"bytes,3,rep,name=revoked_certificates,json=revokedCertificates,proto3" json:"revoked_certificates,omitempty"`

	PemCrl string `protobuf:"bytes,4,opt,name=pem_crl,json=pemCrl,proto3" json:"pem_crl,omitempty"`

	AccessUrl string `protobuf:"bytes,5,opt,name=access_url,json=accessUrl,proto3" json:"access_url,omitempty"`

	State CertificateRevocationList_State "" /* 141 byte string literal not displayed */

	CreateTime *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`

	UpdateTime *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty"`

	Labels map[string]string "" /* 153 byte string literal not displayed */

}

func (*CertificateRevocationList) Descriptor() ([]byte, []int)

func (x *CertificateRevocationList) GetAccessUrl() string

func (x *CertificateRevocationList) GetCreateTime() *timestamppb.Timestamp

func (x *CertificateRevocationList) GetLabels() map[string]string

func (x *CertificateRevocationList) GetName() string

func (x *CertificateRevocationList) GetPemCrl() string

func (x *CertificateRevocationList) GetRevokedCertificates() []*CertificateRevocationList_RevokedCertificate

func (x *CertificateRevocationList) GetSequenceNumber() int64

func (x *CertificateRevocationList) GetState() CertificateRevocationList_State

func (x *CertificateRevocationList) GetUpdateTime() *timestamppb.Timestamp

func (*CertificateRevocationList) ProtoMessage()

func (x *CertificateRevocationList) ProtoReflect() protoreflect.Message

func (x *CertificateRevocationList) Reset()

func (x *CertificateRevocationList) String() string

type CertificateRevocationList_RevokedCertificate struct {
	Certificate string `protobuf:"bytes,1,opt,name=certificate,proto3" json:"certificate,omitempty"`

	HexSerialNumber string `protobuf:"bytes,2,opt,name=hex_serial_number,json=hexSerialNumber,proto3" json:"hex_serial_number,omitempty"`

	RevocationReason RevocationReason "" /* 172 byte string literal not displayed */

}

func (*CertificateRevocationList_RevokedCertificate) Descriptor() ([]byte, []int)

func (x *CertificateRevocationList_RevokedCertificate) GetCertificate() string

func (x *CertificateRevocationList_RevokedCertificate) GetHexSerialNumber() string

func (x *CertificateRevocationList_RevokedCertificate) GetRevocationReason() RevocationReason

func (*CertificateRevocationList_RevokedCertificate) ProtoMessage()

func (x *CertificateRevocationList_RevokedCertificate) ProtoReflect() protoreflect.Message

func (x *CertificateRevocationList_RevokedCertificate) Reset()

func (x *CertificateRevocationList_RevokedCertificate) String() string

type CertificateRevocationList_State int32

const (
	// Not specified.
	CertificateRevocationList_STATE_UNSPECIFIED CertificateRevocationList_State = 0
	// The [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList] is up to date.
	CertificateRevocationList_ACTIVE CertificateRevocationList_State = 1
	// The [CertificateRevocationList][google.cloud.security.privateca.v1beta1.CertificateRevocationList] is no longer current.
	CertificateRevocationList_SUPERSEDED CertificateRevocationList_State = 2
)

func (CertificateRevocationList_State) Descriptor() protoreflect.EnumDescriptor

func (x CertificateRevocationList_State) Enum() *CertificateRevocationList_State

func (CertificateRevocationList_State) EnumDescriptor() ([]byte, []int)

func (x CertificateRevocationList_State) Number() protoreflect.EnumNumber

func (x CertificateRevocationList_State) String() string

func (CertificateRevocationList_State) Type() protoreflect.EnumType

type Certificate_Config struct {
	// Immutable. A description of the certificate and key that does not require X.509 or
	// ASN.1.
	Config *CertificateConfig `protobuf:"bytes,3,opt,name=config,proto3,oneof"`
}

type Certificate_PemCsr struct {
	// Immutable. A pem-encoded X.509 certificate signing request (CSR).
	PemCsr string `protobuf:"bytes,2,opt,name=pem_csr,json=pemCsr,proto3,oneof"`
}

type Certificate_RevocationDetails struct {
	RevocationState RevocationReason "" /* 169 byte string literal not displayed */

	RevocationTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=revocation_time,json=revocationTime,proto3" json:"revocation_time,omitempty"`

}

func (*Certificate_RevocationDetails) Descriptor() ([]byte, []int)

func (x *Certificate_RevocationDetails) GetRevocationState() RevocationReason

func (x *Certificate_RevocationDetails) GetRevocationTime() *timestamppb.Timestamp

func (*Certificate_RevocationDetails) ProtoMessage()

func (x *Certificate_RevocationDetails) ProtoReflect() protoreflect.Message

func (x *Certificate_RevocationDetails) Reset()

func (x *Certificate_RevocationDetails) String() string

type CreateCertificateAuthorityRequest struct {
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`

	CertificateAuthorityId string "" /* 129 byte string literal not displayed */

	CertificateAuthority *CertificateAuthority `protobuf:"bytes,3,opt,name=certificate_authority,json=certificateAuthority,proto3" json:"certificate_authority,omitempty"`

	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`

}

func (*CreateCertificateAuthorityRequest) Descriptor() ([]byte, []int)

func (x *CreateCertificateAuthorityRequest) GetCertificateAuthority() *CertificateAuthority

func (x *CreateCertificateAuthorityRequest) GetCertificateAuthorityId() string

func (x *CreateCertificateAuthorityRequest) GetParent() string

func (x *CreateCertificateAuthorityRequest) GetRequestId() string

func (*CreateCertificateAuthorityRequest) ProtoMessage()

func (x *CreateCertificateAuthorityRequest) ProtoReflect() protoreflect.Message

func (x *CreateCertificateAuthorityRequest) Reset()

func (x *CreateCertificateAuthorityRequest) String() string

type CreateCertificateRequest struct {

	// Required. The resource name of the location and [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority]
	// associated with the [Certificate][google.cloud.security.privateca.v1beta1.Certificate], in the format
	// `projects/*/locations/*/certificateAuthorities/*`.
	Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
	// Optional. It must be unique within a location and match the regular
	// expression `[a-zA-Z0-9_-]{1,63}`. This field is required when using a
	// [CertificateAuthority][google.cloud.security.privateca.v1beta1.CertificateAuthority] in the Enterprise [CertificateAuthority.Tier][google.cloud.security.privateca.v1beta1.CertificateAuthority.Tier],
	// but is optional and its value is ignored otherwise.
	CertificateId string `protobuf:"bytes,2,opt,name=certificate_id,json=certificateId,proto3" json:"certificate_id,omitempty"`
	// Required. A [Certificate][google.cloud.security.privateca.v1beta1.Certificate] with initial field values.
	Certificate *Certificate `protobuf:"bytes,3,opt,name=certificate,proto3" json:"certificate,omitempty"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must
	// retry your request, the server will know to ignore the request if it has
	// already been completed. The server will guarantee that for at least 60
	// minutes since the first request.
	//
	// For example, consider a situation where you make an initial request and t
	// he request times out. If you make the request again with the same request
	// ID, the server can check if original operation with the same request ID
	// was received, and if so, will ignore the second request. This prevents
	// clients from accidentally creating duplicate commitments.
	//
	// The request ID must be a valid UUID with the exception that zero UUID is
	// not supported (00000000-0000-0000-0000-000000000000).
	RequestId string `protobuf:"bytes,4,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

func (*CreateCertificateRequest) Descriptor() ([]byte, []int)

func (x *CreateCertificateRequest) GetCertificate() *Certificate

func (x *CreateCertificateRequest) GetCertificateId() string