public final class CryptoKey extends GeneratedMessageV3 implements CryptoKeyOrBuilder
A CryptoKey represents a logical key that
can be used for cryptographic operations.
A CryptoKey is made up of zero or more
versions, which represent the actual
key material used in cryptographic operations.
Protobuf type google.cloud.kms.v1.CryptoKey
Inherited Members
com.google.protobuf.GeneratedMessageV3.<ListT>makeMutableCopy(ListT)
Static Fields
CREATE_TIME_FIELD_NUMBER
public static final int CREATE_TIME_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
CRYPTO_KEY_BACKEND_FIELD_NUMBER
public static final int CRYPTO_KEY_BACKEND_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
DESTROY_SCHEDULED_DURATION_FIELD_NUMBER
public static final int DESTROY_SCHEDULED_DURATION_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
IMPORT_ONLY_FIELD_NUMBER
public static final int IMPORT_ONLY_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
LABELS_FIELD_NUMBER
public static final int LABELS_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
NAME_FIELD_NUMBER
public static final int NAME_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
NEXT_ROTATION_TIME_FIELD_NUMBER
public static final int NEXT_ROTATION_TIME_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
PRIMARY_FIELD_NUMBER
public static final int PRIMARY_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
PURPOSE_FIELD_NUMBER
public static final int PURPOSE_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
ROTATION_PERIOD_FIELD_NUMBER
public static final int ROTATION_PERIOD_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
VERSION_TEMPLATE_FIELD_NUMBER
public static final int VERSION_TEMPLATE_FIELD_NUMBER
Field Value |
---|
Type | Description |
int | |
Static Methods
getDefaultInstance()
public static CryptoKey getDefaultInstance()
getDescriptor()
public static final Descriptors.Descriptor getDescriptor()
newBuilder()
public static CryptoKey.Builder newBuilder()
newBuilder(CryptoKey prototype)
public static CryptoKey.Builder newBuilder(CryptoKey prototype)
public static CryptoKey parseDelimitedFrom(InputStream input)
public static CryptoKey parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
parseFrom(byte[] data)
public static CryptoKey parseFrom(byte[] data)
Parameter |
---|
Name | Description |
data | byte[]
|
parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
public static CryptoKey parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
parseFrom(ByteString data)
public static CryptoKey parseFrom(ByteString data)
parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
public static CryptoKey parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
public static CryptoKey parseFrom(CodedInputStream input)
public static CryptoKey parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
public static CryptoKey parseFrom(InputStream input)
public static CryptoKey parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
parseFrom(ByteBuffer data)
public static CryptoKey parseFrom(ByteBuffer data)
parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
public static CryptoKey parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
parser()
public static Parser<CryptoKey> parser()
Methods
containsLabels(String key)
public boolean containsLabels(String key)
Labels with user-defined metadata. For more information, see
Labeling Keys.
map<string, string> labels = 10;
Parameter |
---|
Name | Description |
key | String
|
equals(Object obj)
public boolean equals(Object obj)
Parameter |
---|
Name | Description |
obj | Object
|
Overrides
getCreateTime()
public Timestamp getCreateTime()
Output only. The time at which this
CryptoKey was created.
.google.protobuf.Timestamp create_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];
Returns |
---|
Type | Description |
Timestamp | The createTime.
|
getCreateTimeOrBuilder()
public TimestampOrBuilder getCreateTimeOrBuilder()
Output only. The time at which this
CryptoKey was created.
.google.protobuf.Timestamp create_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];
getCryptoKeyBackend()
public String getCryptoKeyBackend()
Immutable. The resource name of the backend environment where the key
material for all CryptoKeyVersions
associated with this CryptoKey reside and
where all related cryptographic operations are performed. Only applicable
if CryptoKeyVersions have a
ProtectionLevel of
EXTERNAL_VPC, with the
resource name in the format projects/*/locations/*/ekmConnections/*
.
Note, this list is non-exhaustive and may apply to additional
ProtectionLevels in the future.
string crypto_key_backend = 15 [(.google.api.field_behavior) = IMMUTABLE, (.google.api.resource_reference) = { ... }
Returns |
---|
Type | Description |
String | The cryptoKeyBackend.
|
getCryptoKeyBackendBytes()
public ByteString getCryptoKeyBackendBytes()
Immutable. The resource name of the backend environment where the key
material for all CryptoKeyVersions
associated with this CryptoKey reside and
where all related cryptographic operations are performed. Only applicable
if CryptoKeyVersions have a
ProtectionLevel of
EXTERNAL_VPC, with the
resource name in the format projects/*/locations/*/ekmConnections/*
.
Note, this list is non-exhaustive and may apply to additional
ProtectionLevels in the future.
string crypto_key_backend = 15 [(.google.api.field_behavior) = IMMUTABLE, (.google.api.resource_reference) = { ... }
Returns |
---|
Type | Description |
ByteString | The bytes for cryptoKeyBackend.
|
getDefaultInstanceForType()
public CryptoKey getDefaultInstanceForType()
getDestroyScheduledDuration()
public Duration getDestroyScheduledDuration()
Immutable. The period of time that versions of this key spend in the
DESTROY_SCHEDULED
state before transitioning to
DESTROYED.
If not specified at creation time, the default duration is 24 hours.
.google.protobuf.Duration destroy_scheduled_duration = 14 [(.google.api.field_behavior) = IMMUTABLE];
Returns |
---|
Type | Description |
Duration | The destroyScheduledDuration.
|
getDestroyScheduledDurationOrBuilder()
public DurationOrBuilder getDestroyScheduledDurationOrBuilder()
Immutable. The period of time that versions of this key spend in the
DESTROY_SCHEDULED
state before transitioning to
DESTROYED.
If not specified at creation time, the default duration is 24 hours.
.google.protobuf.Duration destroy_scheduled_duration = 14 [(.google.api.field_behavior) = IMMUTABLE];
getImportOnly()
public boolean getImportOnly()
Immutable. Whether this key may contain imported versions only.
bool import_only = 13 [(.google.api.field_behavior) = IMMUTABLE];
Returns |
---|
Type | Description |
boolean | The importOnly.
|
getLabels()
public Map<String,String> getLabels()
getLabelsCount()
public int getLabelsCount()
Labels with user-defined metadata. For more information, see
Labeling Keys.
map<string, string> labels = 10;
Returns |
---|
Type | Description |
int | |
getLabelsMap()
public Map<String,String> getLabelsMap()
Labels with user-defined metadata. For more information, see
Labeling Keys.
map<string, string> labels = 10;
getLabelsOrDefault(String key, String defaultValue)
public String getLabelsOrDefault(String key, String defaultValue)
Labels with user-defined metadata. For more information, see
Labeling Keys.
map<string, string> labels = 10;
getLabelsOrThrow(String key)
public String getLabelsOrThrow(String key)
Labels with user-defined metadata. For more information, see
Labeling Keys.
map<string, string> labels = 10;
Parameter |
---|
Name | Description |
key | String
|
getName()
Output only. The resource name for this
CryptoKey in the format
projects/*/locations/*/keyRings/*/cryptoKeys/*
.
string name = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
Returns |
---|
Type | Description |
String | The name.
|
getNameBytes()
public ByteString getNameBytes()
Output only. The resource name for this
CryptoKey in the format
projects/*/locations/*/keyRings/*/cryptoKeys/*
.
string name = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];
Returns |
---|
Type | Description |
ByteString | The bytes for name.
|
getNextRotationTime()
public Timestamp getNextRotationTime()
At next_rotation_time,
the Key Management Service will automatically:
- Create a new version of this CryptoKey.
Mark the new version as primary.
Key rotations performed manually via
CreateCryptoKeyVersion
and
UpdateCryptoKeyPrimaryVersion
do not affect
next_rotation_time.
Keys with purpose
ENCRYPT_DECRYPT
support automatic rotation. For other keys, this field must be omitted.
.google.protobuf.Timestamp next_rotation_time = 7;
Returns |
---|
Type | Description |
Timestamp | The nextRotationTime.
|
getNextRotationTimeOrBuilder()
public TimestampOrBuilder getNextRotationTimeOrBuilder()
At next_rotation_time,
the Key Management Service will automatically:
- Create a new version of this CryptoKey.
Mark the new version as primary.
Key rotations performed manually via
CreateCryptoKeyVersion
and
UpdateCryptoKeyPrimaryVersion
do not affect
next_rotation_time.
Keys with purpose
ENCRYPT_DECRYPT
support automatic rotation. For other keys, this field must be omitted.
.google.protobuf.Timestamp next_rotation_time = 7;
getParserForType()
public Parser<CryptoKey> getParserForType()
Overrides
getPrimary()
public CryptoKeyVersion getPrimary()
Output only. A copy of the "primary"
CryptoKeyVersion that will be used
by Encrypt when this
CryptoKey is given in
EncryptRequest.name.
The CryptoKey's primary version can be
updated via
UpdateCryptoKeyPrimaryVersion.
Keys with purpose
ENCRYPT_DECRYPT
may have a primary. For other keys, this field will be omitted.
.google.cloud.kms.v1.CryptoKeyVersion primary = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
getPrimaryOrBuilder()
public CryptoKeyVersionOrBuilder getPrimaryOrBuilder()
Output only. A copy of the "primary"
CryptoKeyVersion that will be used
by Encrypt when this
CryptoKey is given in
EncryptRequest.name.
The CryptoKey's primary version can be
updated via
UpdateCryptoKeyPrimaryVersion.
Keys with purpose
ENCRYPT_DECRYPT
may have a primary. For other keys, this field will be omitted.
.google.cloud.kms.v1.CryptoKeyVersion primary = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
getPurpose()
public CryptoKey.CryptoKeyPurpose getPurpose()
Immutable. The immutable purpose of this
CryptoKey.
.google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose purpose = 3 [(.google.api.field_behavior) = IMMUTABLE];
getPurposeValue()
public int getPurposeValue()
Immutable. The immutable purpose of this
CryptoKey.
.google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose purpose = 3 [(.google.api.field_behavior) = IMMUTABLE];
Returns |
---|
Type | Description |
int | The enum numeric value on the wire for purpose.
|
getRotationPeriod()
public Duration getRotationPeriod()
next_rotation_time
will be advanced by this period when the service automatically rotates a
key. Must be at least 24 hours and at most 876,000 hours.
If rotation_period is
set,
next_rotation_time
must also be set.
Keys with purpose
ENCRYPT_DECRYPT
support automatic rotation. For other keys, this field must be omitted.
.google.protobuf.Duration rotation_period = 8;
Returns |
---|
Type | Description |
Duration | The rotationPeriod.
|
getRotationPeriodOrBuilder()
public DurationOrBuilder getRotationPeriodOrBuilder()
next_rotation_time
will be advanced by this period when the service automatically rotates a
key. Must be at least 24 hours and at most 876,000 hours.
If rotation_period is
set,
next_rotation_time
must also be set.
Keys with purpose
ENCRYPT_DECRYPT
support automatic rotation. For other keys, this field must be omitted.
.google.protobuf.Duration rotation_period = 8;
getRotationScheduleCase()
public CryptoKey.RotationScheduleCase getRotationScheduleCase()
getSerializedSize()
public int getSerializedSize()
Returns |
---|
Type | Description |
int | |
Overrides
getVersionTemplate()
public CryptoKeyVersionTemplate getVersionTemplate()
A template describing settings for new
CryptoKeyVersion instances. The
properties of new CryptoKeyVersion
instances created by either
CreateCryptoKeyVersion
or auto-rotation are controlled by this template.
.google.cloud.kms.v1.CryptoKeyVersionTemplate version_template = 11;
getVersionTemplateOrBuilder()
public CryptoKeyVersionTemplateOrBuilder getVersionTemplateOrBuilder()
A template describing settings for new
CryptoKeyVersion instances. The
properties of new CryptoKeyVersion
instances created by either
CreateCryptoKeyVersion
or auto-rotation are controlled by this template.
.google.cloud.kms.v1.CryptoKeyVersionTemplate version_template = 11;
hasCreateTime()
public boolean hasCreateTime()
Output only. The time at which this
CryptoKey was created.
.google.protobuf.Timestamp create_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];
Returns |
---|
Type | Description |
boolean | Whether the createTime field is set.
|
hasDestroyScheduledDuration()
public boolean hasDestroyScheduledDuration()
Immutable. The period of time that versions of this key spend in the
DESTROY_SCHEDULED
state before transitioning to
DESTROYED.
If not specified at creation time, the default duration is 24 hours.
.google.protobuf.Duration destroy_scheduled_duration = 14 [(.google.api.field_behavior) = IMMUTABLE];
Returns |
---|
Type | Description |
boolean | Whether the destroyScheduledDuration field is set.
|
hasNextRotationTime()
public boolean hasNextRotationTime()
At next_rotation_time,
the Key Management Service will automatically:
- Create a new version of this CryptoKey.
Mark the new version as primary.
Key rotations performed manually via
CreateCryptoKeyVersion
and
UpdateCryptoKeyPrimaryVersion
do not affect
next_rotation_time.
Keys with purpose
ENCRYPT_DECRYPT
support automatic rotation. For other keys, this field must be omitted.
.google.protobuf.Timestamp next_rotation_time = 7;
Returns |
---|
Type | Description |
boolean | Whether the nextRotationTime field is set.
|
hasPrimary()
public boolean hasPrimary()
Output only. A copy of the "primary"
CryptoKeyVersion that will be used
by Encrypt when this
CryptoKey is given in
EncryptRequest.name.
The CryptoKey's primary version can be
updated via
UpdateCryptoKeyPrimaryVersion.
Keys with purpose
ENCRYPT_DECRYPT
may have a primary. For other keys, this field will be omitted.
.google.cloud.kms.v1.CryptoKeyVersion primary = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];
Returns |
---|
Type | Description |
boolean | Whether the primary field is set.
|
hasRotationPeriod()
public boolean hasRotationPeriod()
next_rotation_time
will be advanced by this period when the service automatically rotates a
key. Must be at least 24 hours and at most 876,000 hours.
If rotation_period is
set,
next_rotation_time
must also be set.
Keys with purpose
ENCRYPT_DECRYPT
support automatic rotation. For other keys, this field must be omitted.
.google.protobuf.Duration rotation_period = 8;
Returns |
---|
Type | Description |
boolean | Whether the rotationPeriod field is set.
|
hasVersionTemplate()
public boolean hasVersionTemplate()
A template describing settings for new
CryptoKeyVersion instances. The
properties of new CryptoKeyVersion
instances created by either
CreateCryptoKeyVersion
or auto-rotation are controlled by this template.
.google.cloud.kms.v1.CryptoKeyVersionTemplate version_template = 11;
Returns |
---|
Type | Description |
boolean | Whether the versionTemplate field is set.
|
hashCode()
Returns |
---|
Type | Description |
int | |
Overrides
internalGetFieldAccessorTable()
protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Overrides
internalGetMapField(int number)
protected MapField internalGetMapField(int number)
Parameter |
---|
Name | Description |
number | int
|
Overrides
isInitialized()
public final boolean isInitialized()
Overrides
newBuilderForType()
public CryptoKey.Builder newBuilderForType()
newBuilderForType(GeneratedMessageV3.BuilderParent parent)
protected CryptoKey.Builder newBuilderForType(GeneratedMessageV3.BuilderParent parent)
Overrides
newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
protected Object newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
Overrides
toBuilder()
public CryptoKey.Builder toBuilder()
writeTo(CodedOutputStream output)
public void writeTo(CodedOutputStream output)
Overrides