Class CryptoKey (2.37.0)

public final class CryptoKey extends GeneratedMessageV3 implements CryptoKeyOrBuilder

A CryptoKey represents a logical key that can be used for cryptographic operations.

A CryptoKey is made up of zero or more versions, which represent the actual key material used in cryptographic operations.

Protobuf type google.cloud.kms.v1.CryptoKey

Implements

CryptoKeyOrBuilder

Static Fields

CREATE_TIME_FIELD_NUMBER

public static final int CREATE_TIME_FIELD_NUMBER
Field Value
TypeDescription
int

CRYPTO_KEY_BACKEND_FIELD_NUMBER

public static final int CRYPTO_KEY_BACKEND_FIELD_NUMBER
Field Value
TypeDescription
int

DESTROY_SCHEDULED_DURATION_FIELD_NUMBER

public static final int DESTROY_SCHEDULED_DURATION_FIELD_NUMBER
Field Value
TypeDescription
int

IMPORT_ONLY_FIELD_NUMBER

public static final int IMPORT_ONLY_FIELD_NUMBER
Field Value
TypeDescription
int

LABELS_FIELD_NUMBER

public static final int LABELS_FIELD_NUMBER
Field Value
TypeDescription
int

NAME_FIELD_NUMBER

public static final int NAME_FIELD_NUMBER
Field Value
TypeDescription
int

NEXT_ROTATION_TIME_FIELD_NUMBER

public static final int NEXT_ROTATION_TIME_FIELD_NUMBER
Field Value
TypeDescription
int

PRIMARY_FIELD_NUMBER

public static final int PRIMARY_FIELD_NUMBER
Field Value
TypeDescription
int

PURPOSE_FIELD_NUMBER

public static final int PURPOSE_FIELD_NUMBER
Field Value
TypeDescription
int

ROTATION_PERIOD_FIELD_NUMBER

public static final int ROTATION_PERIOD_FIELD_NUMBER
Field Value
TypeDescription
int

VERSION_TEMPLATE_FIELD_NUMBER

public static final int VERSION_TEMPLATE_FIELD_NUMBER
Field Value
TypeDescription
int

Static Methods

getDefaultInstance()

public static CryptoKey getDefaultInstance()
Returns
TypeDescription
CryptoKey

getDescriptor()

public static final Descriptors.Descriptor getDescriptor()
Returns
TypeDescription
Descriptor

newBuilder()

public static CryptoKey.Builder newBuilder()
Returns
TypeDescription
CryptoKey.Builder

newBuilder(CryptoKey prototype)

public static CryptoKey.Builder newBuilder(CryptoKey prototype)
Parameter
NameDescription
prototypeCryptoKey
Returns
TypeDescription
CryptoKey.Builder

parseDelimitedFrom(InputStream input)

public static CryptoKey parseDelimitedFrom(InputStream input)
Parameter
NameDescription
inputInputStream
Returns
TypeDescription
CryptoKey
Exceptions
TypeDescription
IOException

parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)

public static CryptoKey parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
CryptoKey
Exceptions
TypeDescription
IOException

parseFrom(byte[] data)

public static CryptoKey parseFrom(byte[] data)
Parameter
NameDescription
databyte[]
Returns
TypeDescription
CryptoKey
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)

public static CryptoKey parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
databyte[]
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
CryptoKey
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteString data)

public static CryptoKey parseFrom(ByteString data)
Parameter
NameDescription
dataByteString
Returns
TypeDescription
CryptoKey
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)

public static CryptoKey parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
dataByteString
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
CryptoKey
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(CodedInputStream input)

public static CryptoKey parseFrom(CodedInputStream input)
Parameter
NameDescription
inputCodedInputStream
Returns
TypeDescription
CryptoKey
Exceptions
TypeDescription
IOException

parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)

public static CryptoKey parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputCodedInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
CryptoKey
Exceptions
TypeDescription
IOException

parseFrom(InputStream input)

public static CryptoKey parseFrom(InputStream input)
Parameter
NameDescription
inputInputStream
Returns
TypeDescription
CryptoKey
Exceptions
TypeDescription
IOException

parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)

public static CryptoKey parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
CryptoKey
Exceptions
TypeDescription
IOException

parseFrom(ByteBuffer data)

public static CryptoKey parseFrom(ByteBuffer data)
Parameter
NameDescription
dataByteBuffer
Returns
TypeDescription
CryptoKey
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)

public static CryptoKey parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
dataByteBuffer
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
CryptoKey
Exceptions
TypeDescription
InvalidProtocolBufferException

parser()

public static Parser<CryptoKey> parser()
Returns
TypeDescription
Parser<CryptoKey>

Methods

containsLabels(String key)

public boolean containsLabels(String key)

Labels with user-defined metadata. For more information, see Labeling Keys.

map<string, string> labels = 10;

Parameter
NameDescription
keyString
Returns
TypeDescription
boolean

equals(Object obj)

public boolean equals(Object obj)
Parameter
NameDescription
objObject
Returns
TypeDescription
boolean
Overrides

getCreateTime()

public Timestamp getCreateTime()

Output only. The time at which this CryptoKey was created.

.google.protobuf.Timestamp create_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
Timestamp

The createTime.

getCreateTimeOrBuilder()

public TimestampOrBuilder getCreateTimeOrBuilder()

Output only. The time at which this CryptoKey was created.

.google.protobuf.Timestamp create_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
TimestampOrBuilder

getCryptoKeyBackend()

public String getCryptoKeyBackend()

Immutable. The resource name of the backend environment where the key material for all CryptoKeyVersions associated with this CryptoKey reside and where all related cryptographic operations are performed. Only applicable if CryptoKeyVersions have a ProtectionLevel of EXTERNAL_VPC, with the resource name in the format projects/*/locations/*/ekmConnections/*. Note, this list is non-exhaustive and may apply to additional ProtectionLevels in the future.

string crypto_key_backend = 15 [(.google.api.field_behavior) = IMMUTABLE, (.google.api.resource_reference) = { ... }

Returns
TypeDescription
String

The cryptoKeyBackend.

getCryptoKeyBackendBytes()

public ByteString getCryptoKeyBackendBytes()

Immutable. The resource name of the backend environment where the key material for all CryptoKeyVersions associated with this CryptoKey reside and where all related cryptographic operations are performed. Only applicable if CryptoKeyVersions have a ProtectionLevel of EXTERNAL_VPC, with the resource name in the format projects/*/locations/*/ekmConnections/*. Note, this list is non-exhaustive and may apply to additional ProtectionLevels in the future.

string crypto_key_backend = 15 [(.google.api.field_behavior) = IMMUTABLE, (.google.api.resource_reference) = { ... }

Returns
TypeDescription
ByteString

The bytes for cryptoKeyBackend.

getDefaultInstanceForType()

public CryptoKey getDefaultInstanceForType()
Returns
TypeDescription
CryptoKey

getDestroyScheduledDuration()

public Duration getDestroyScheduledDuration()

Immutable. The period of time that versions of this key spend in the DESTROY_SCHEDULED state before transitioning to DESTROYED. If not specified at creation time, the default duration is 24 hours.

.google.protobuf.Duration destroy_scheduled_duration = 14 [(.google.api.field_behavior) = IMMUTABLE];

Returns
TypeDescription
Duration

The destroyScheduledDuration.

getDestroyScheduledDurationOrBuilder()

public DurationOrBuilder getDestroyScheduledDurationOrBuilder()

Immutable. The period of time that versions of this key spend in the DESTROY_SCHEDULED state before transitioning to DESTROYED. If not specified at creation time, the default duration is 24 hours.

.google.protobuf.Duration destroy_scheduled_duration = 14 [(.google.api.field_behavior) = IMMUTABLE];

Returns
TypeDescription
DurationOrBuilder

getImportOnly()

public boolean getImportOnly()

Immutable. Whether this key may contain imported versions only.

bool import_only = 13 [(.google.api.field_behavior) = IMMUTABLE];

Returns
TypeDescription
boolean

The importOnly.

getLabels() (deprecated)

public Map<String,String> getLabels()

Use #getLabelsMap() instead.

Returns
TypeDescription
Map<String,String>

getLabelsCount()

public int getLabelsCount()

Labels with user-defined metadata. For more information, see Labeling Keys.

map<string, string> labels = 10;

Returns
TypeDescription
int

getLabelsMap()

public Map<String,String> getLabelsMap()

Labels with user-defined metadata. For more information, see Labeling Keys.

map<string, string> labels = 10;

Returns
TypeDescription
Map<String,String>

getLabelsOrDefault(String key, String defaultValue)

public String getLabelsOrDefault(String key, String defaultValue)

Labels with user-defined metadata. For more information, see Labeling Keys.

map<string, string> labels = 10;

Parameters
NameDescription
keyString
defaultValueString
Returns
TypeDescription
String

getLabelsOrThrow(String key)

public String getLabelsOrThrow(String key)

Labels with user-defined metadata. For more information, see Labeling Keys.

map<string, string> labels = 10;

Parameter
NameDescription
keyString
Returns
TypeDescription
String

getName()

public String getName()

Output only. The resource name for this CryptoKey in the format projects/*/locations/*/keyRings/*/cryptoKeys/*.

string name = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
String

The name.

getNameBytes()

public ByteString getNameBytes()

Output only. The resource name for this CryptoKey in the format projects/*/locations/*/keyRings/*/cryptoKeys/*.

string name = 1 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
ByteString

The bytes for name.

getNextRotationTime()

public Timestamp getNextRotationTime()

At next_rotation_time, the Key Management Service will automatically:

  1. Create a new version of this CryptoKey.
  2. Mark the new version as primary.

    Key rotations performed manually via CreateCryptoKeyVersion and UpdateCryptoKeyPrimaryVersion do not affect next_rotation_time.

    Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

.google.protobuf.Timestamp next_rotation_time = 7;

Returns
TypeDescription
Timestamp

The nextRotationTime.

getNextRotationTimeOrBuilder()

public TimestampOrBuilder getNextRotationTimeOrBuilder()

At next_rotation_time, the Key Management Service will automatically:

  1. Create a new version of this CryptoKey.
  2. Mark the new version as primary.

    Key rotations performed manually via CreateCryptoKeyVersion and UpdateCryptoKeyPrimaryVersion do not affect next_rotation_time.

    Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

.google.protobuf.Timestamp next_rotation_time = 7;

Returns
TypeDescription
TimestampOrBuilder

getParserForType()

public Parser<CryptoKey> getParserForType()
Returns
TypeDescription
Parser<CryptoKey>
Overrides

getPrimary()

public CryptoKeyVersion getPrimary()

Output only. A copy of the "primary" CryptoKeyVersion that will be used by Encrypt when this CryptoKey is given in EncryptRequest.name.

The CryptoKey's primary version can be updated via UpdateCryptoKeyPrimaryVersion.

Keys with purpose ENCRYPT_DECRYPT may have a primary. For other keys, this field will be omitted.

.google.cloud.kms.v1.CryptoKeyVersion primary = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
CryptoKeyVersion

The primary.

getPrimaryOrBuilder()

public CryptoKeyVersionOrBuilder getPrimaryOrBuilder()

Output only. A copy of the "primary" CryptoKeyVersion that will be used by Encrypt when this CryptoKey is given in EncryptRequest.name.

The CryptoKey's primary version can be updated via UpdateCryptoKeyPrimaryVersion.

Keys with purpose ENCRYPT_DECRYPT may have a primary. For other keys, this field will be omitted.

.google.cloud.kms.v1.CryptoKeyVersion primary = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
CryptoKeyVersionOrBuilder

getPurpose()

public CryptoKey.CryptoKeyPurpose getPurpose()

Immutable. The immutable purpose of this CryptoKey.

.google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose purpose = 3 [(.google.api.field_behavior) = IMMUTABLE];

Returns
TypeDescription
CryptoKey.CryptoKeyPurpose

The purpose.

getPurposeValue()

public int getPurposeValue()

Immutable. The immutable purpose of this CryptoKey.

.google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose purpose = 3 [(.google.api.field_behavior) = IMMUTABLE];

Returns
TypeDescription
int

The enum numeric value on the wire for purpose.

getRotationPeriod()

public Duration getRotationPeriod()

next_rotation_time will be advanced by this period when the service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

If rotation_period is set, next_rotation_time must also be set.

Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

.google.protobuf.Duration rotation_period = 8;

Returns
TypeDescription
Duration

The rotationPeriod.

getRotationPeriodOrBuilder()

public DurationOrBuilder getRotationPeriodOrBuilder()

next_rotation_time will be advanced by this period when the service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

If rotation_period is set, next_rotation_time must also be set.

Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

.google.protobuf.Duration rotation_period = 8;

Returns
TypeDescription
DurationOrBuilder

getRotationScheduleCase()

public CryptoKey.RotationScheduleCase getRotationScheduleCase()
Returns
TypeDescription
CryptoKey.RotationScheduleCase

getSerializedSize()

public int getSerializedSize()
Returns
TypeDescription
int
Overrides

getVersionTemplate()

public CryptoKeyVersionTemplate getVersionTemplate()

A template describing settings for new CryptoKeyVersion instances. The properties of new CryptoKeyVersion instances created by either CreateCryptoKeyVersion or auto-rotation are controlled by this template.

.google.cloud.kms.v1.CryptoKeyVersionTemplate version_template = 11;

Returns
TypeDescription
CryptoKeyVersionTemplate

The versionTemplate.

getVersionTemplateOrBuilder()

public CryptoKeyVersionTemplateOrBuilder getVersionTemplateOrBuilder()

A template describing settings for new CryptoKeyVersion instances. The properties of new CryptoKeyVersion instances created by either CreateCryptoKeyVersion or auto-rotation are controlled by this template.

.google.cloud.kms.v1.CryptoKeyVersionTemplate version_template = 11;

Returns
TypeDescription
CryptoKeyVersionTemplateOrBuilder

hasCreateTime()

public boolean hasCreateTime()

Output only. The time at which this CryptoKey was created.

.google.protobuf.Timestamp create_time = 5 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
boolean

Whether the createTime field is set.

hasDestroyScheduledDuration()

public boolean hasDestroyScheduledDuration()

Immutable. The period of time that versions of this key spend in the DESTROY_SCHEDULED state before transitioning to DESTROYED. If not specified at creation time, the default duration is 24 hours.

.google.protobuf.Duration destroy_scheduled_duration = 14 [(.google.api.field_behavior) = IMMUTABLE];

Returns
TypeDescription
boolean

Whether the destroyScheduledDuration field is set.

hasNextRotationTime()

public boolean hasNextRotationTime()

At next_rotation_time, the Key Management Service will automatically:

  1. Create a new version of this CryptoKey.
  2. Mark the new version as primary.

    Key rotations performed manually via CreateCryptoKeyVersion and UpdateCryptoKeyPrimaryVersion do not affect next_rotation_time.

    Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

.google.protobuf.Timestamp next_rotation_time = 7;

Returns
TypeDescription
boolean

Whether the nextRotationTime field is set.

hasPrimary()

public boolean hasPrimary()

Output only. A copy of the "primary" CryptoKeyVersion that will be used by Encrypt when this CryptoKey is given in EncryptRequest.name.

The CryptoKey's primary version can be updated via UpdateCryptoKeyPrimaryVersion.

Keys with purpose ENCRYPT_DECRYPT may have a primary. For other keys, this field will be omitted.

.google.cloud.kms.v1.CryptoKeyVersion primary = 2 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
boolean

Whether the primary field is set.

hasRotationPeriod()

public boolean hasRotationPeriod()

next_rotation_time will be advanced by this period when the service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

If rotation_period is set, next_rotation_time must also be set.

Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

.google.protobuf.Duration rotation_period = 8;

Returns
TypeDescription
boolean

Whether the rotationPeriod field is set.

hasVersionTemplate()

public boolean hasVersionTemplate()

A template describing settings for new CryptoKeyVersion instances. The properties of new CryptoKeyVersion instances created by either CreateCryptoKeyVersion or auto-rotation are controlled by this template.

.google.cloud.kms.v1.CryptoKeyVersionTemplate version_template = 11;

Returns
TypeDescription
boolean

Whether the versionTemplate field is set.

hashCode()

public int hashCode()
Returns
TypeDescription
int
Overrides

internalGetFieldAccessorTable()

protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
TypeDescription
FieldAccessorTable
Overrides

internalGetMapField(int number)

protected MapField internalGetMapField(int number)
Parameter
NameDescription
numberint
Returns
TypeDescription
MapField
Overrides

isInitialized()

public final boolean isInitialized()
Returns
TypeDescription
boolean
Overrides

newBuilderForType()

public CryptoKey.Builder newBuilderForType()
Returns
TypeDescription
CryptoKey.Builder

newBuilderForType(GeneratedMessageV3.BuilderParent parent)

protected CryptoKey.Builder newBuilderForType(GeneratedMessageV3.BuilderParent parent)
Parameter
NameDescription
parentBuilderParent
Returns
TypeDescription
CryptoKey.Builder
Overrides

newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)

protected Object newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
Parameter
NameDescription
unusedUnusedPrivateParameter
Returns
TypeDescription
Object
Overrides

toBuilder()

public CryptoKey.Builder toBuilder()
Returns
TypeDescription
CryptoKey.Builder

writeTo(CodedOutputStream output)

public void writeTo(CodedOutputStream output)
Parameter
NameDescription
outputCodedOutputStream
Overrides
Exceptions
TypeDescription
IOException