- 2.58.0 (latest)
- 2.57.0
- 2.56.0
- 2.55.0
- 2.54.0
- 2.52.0
- 2.51.0
- 2.50.0
- 2.49.0
- 2.48.0
- 2.47.0
- 2.46.0
- 2.45.0
- 2.44.0
- 2.43.0
- 2.42.0
- 2.40.0
- 2.39.0
- 2.38.0
- 2.37.0
- 2.36.0
- 2.35.0
- 2.34.0
- 2.33.0
- 2.32.0
- 2.31.0
- 2.30.0
- 2.27.0
- 2.26.0
- 2.25.0
- 2.24.0
- 2.23.0
- 2.22.0
- 2.21.0
- 2.20.0
- 2.19.0
- 2.18.0
- 2.17.0
- 2.16.0
- 2.15.0
- 2.14.0
- 2.12.0
- 2.11.0
- 2.10.0
- 2.9.0
- 2.8.0
- 2.7.0
- 2.6.8
- 2.5.3
- 2.4.4
- 2.3.1
public enum CryptoKeyVersion.CryptoKeyVersionAlgorithm extends Enum<CryptoKeyVersion.CryptoKeyVersionAlgorithm> implements ProtocolMessageEnum
The algorithm of the CryptoKeyVersion, indicating what parameters must be used for each cryptographic operation.
The GOOGLE_SYMMETRIC_ENCRYPTION algorithm is usable with CryptoKey.purpose ENCRYPT_DECRYPT.
Algorithms beginning with RSA_SIGN_
are usable with
CryptoKey.purpose
ASYMMETRIC_SIGN.
The fields in the name after RSA_SIGN_
correspond to the following
parameters: padding algorithm, modulus bit length, and digest algorithm.
For PSS, the salt length used is equal to the length of digest algorithm. For example, RSA_SIGN_PSS_2048_SHA256 will use PSS with a salt length of 256 bits or 32 bytes.
Algorithms beginning with RSA_DECRYPT_
are usable with
CryptoKey.purpose
ASYMMETRIC_DECRYPT.
The fields in the name after RSA_DECRYPT_
correspond to the following
parameters: padding algorithm, modulus bit length, and digest algorithm.
Algorithms beginning with EC_SIGN_
are usable with
CryptoKey.purpose
ASYMMETRIC_SIGN.
The fields in the name after EC_SIGN_
correspond to the following
parameters: elliptic curve, digest algorithm.
Algorithms beginning with HMAC_
are usable with
CryptoKey.purpose
MAC.
The suffix following HMAC_
corresponds to the hash algorithm being used
(eg. SHA256).
For more information, see Key purposes and algorithms.
Protobuf enum google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm
Implements
ProtocolMessageEnumStatic Fields |
|
---|---|
Name | Description |
AES_128_CBC |
AES-CBC (Cipher Block Chaining Mode) using 128-bit keys. |
AES_128_CBC_VALUE |
AES-CBC (Cipher Block Chaining Mode) using 128-bit keys. |
AES_128_CTR |
AES-CTR (Counter Mode) using 128-bit keys. |
AES_128_CTR_VALUE |
AES-CTR (Counter Mode) using 128-bit keys. |
AES_128_GCM |
AES-GCM (Galois Counter Mode) using 128-bit keys. |
AES_128_GCM_VALUE |
AES-GCM (Galois Counter Mode) using 128-bit keys. |
AES_256_CBC |
AES-CBC (Cipher Block Chaining Mode) using 256-bit keys. |
AES_256_CBC_VALUE |
AES-CBC (Cipher Block Chaining Mode) using 256-bit keys. |
AES_256_CTR |
AES-CTR (Counter Mode) using 256-bit keys. |
AES_256_CTR_VALUE |
AES-CTR (Counter Mode) using 256-bit keys. |
AES_256_GCM |
AES-GCM (Galois Counter Mode) using 256-bit keys. |
AES_256_GCM_VALUE |
AES-GCM (Galois Counter Mode) using 256-bit keys. |
CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED |
Not specified. |
CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED_VALUE |
Not specified. |
EC_SIGN_ED25519 |
EdDSA on the Curve25519 in pure mode (taking data as input). |
EC_SIGN_ED25519_VALUE |
EdDSA on the Curve25519 in pure mode (taking data as input). |
EC_SIGN_P256_SHA256 |
ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms |
EC_SIGN_P256_SHA256_VALUE |
ECDSA on the NIST P-256 curve with a SHA256 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms |
EC_SIGN_P384_SHA384 |
ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms |
EC_SIGN_P384_SHA384_VALUE |
ECDSA on the NIST P-384 curve with a SHA384 digest. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms |
EC_SIGN_SECP256K1_SHA256 |
ECDSA on the non-NIST secp256k1 curve. This curve is only supported for HSM protection level. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms |
EC_SIGN_SECP256K1_SHA256_VALUE |
ECDSA on the non-NIST secp256k1 curve. This curve is only supported for HSM protection level. Other hash functions can also be used: https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms |
EXTERNAL_SYMMETRIC_ENCRYPTION |
Algorithm representing symmetric encryption by an external key manager. |
EXTERNAL_SYMMETRIC_ENCRYPTION_VALUE |
Algorithm representing symmetric encryption by an external key manager. |
GOOGLE_SYMMETRIC_ENCRYPTION |
Creates symmetric encryption keys. |
GOOGLE_SYMMETRIC_ENCRYPTION_VALUE |
Creates symmetric encryption keys. |
HMAC_SHA1 |
HMAC-SHA1 signing with a 160 bit key. |
HMAC_SHA1_VALUE |
HMAC-SHA1 signing with a 160 bit key. |
HMAC_SHA224 |
HMAC-SHA224 signing with a 224 bit key. |
HMAC_SHA224_VALUE |
HMAC-SHA224 signing with a 224 bit key. |
HMAC_SHA256 |
HMAC-SHA256 signing with a 256 bit key. |
HMAC_SHA256_VALUE |
HMAC-SHA256 signing with a 256 bit key. |
HMAC_SHA384 |
HMAC-SHA384 signing with a 384 bit key. |
HMAC_SHA384_VALUE |
HMAC-SHA384 signing with a 384 bit key. |
HMAC_SHA512 |
HMAC-SHA512 signing with a 512 bit key. |
HMAC_SHA512_VALUE |
HMAC-SHA512 signing with a 512 bit key. |
RSA_DECRYPT_OAEP_2048_SHA1 |
RSAES-OAEP 2048 bit key with a SHA1 digest. |
RSA_DECRYPT_OAEP_2048_SHA1_VALUE |
RSAES-OAEP 2048 bit key with a SHA1 digest. |
RSA_DECRYPT_OAEP_2048_SHA256 |
RSAES-OAEP 2048 bit key with a SHA256 digest. |
RSA_DECRYPT_OAEP_2048_SHA256_VALUE |
RSAES-OAEP 2048 bit key with a SHA256 digest. |
RSA_DECRYPT_OAEP_3072_SHA1 |
RSAES-OAEP 3072 bit key with a SHA1 digest. |
RSA_DECRYPT_OAEP_3072_SHA1_VALUE |
RSAES-OAEP 3072 bit key with a SHA1 digest. |
RSA_DECRYPT_OAEP_3072_SHA256 |
RSAES-OAEP 3072 bit key with a SHA256 digest. |
RSA_DECRYPT_OAEP_3072_SHA256_VALUE |
RSAES-OAEP 3072 bit key with a SHA256 digest. |
RSA_DECRYPT_OAEP_4096_SHA1 |
RSAES-OAEP 4096 bit key with a SHA1 digest. |
RSA_DECRYPT_OAEP_4096_SHA1_VALUE |
RSAES-OAEP 4096 bit key with a SHA1 digest. |
RSA_DECRYPT_OAEP_4096_SHA256 |
RSAES-OAEP 4096 bit key with a SHA256 digest. |
RSA_DECRYPT_OAEP_4096_SHA256_VALUE |
RSAES-OAEP 4096 bit key with a SHA256 digest. |
RSA_DECRYPT_OAEP_4096_SHA512 |
RSAES-OAEP 4096 bit key with a SHA512 digest. |
RSA_DECRYPT_OAEP_4096_SHA512_VALUE |
RSAES-OAEP 4096 bit key with a SHA512 digest. |
RSA_SIGN_PKCS1_2048_SHA256 |
RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. |
RSA_SIGN_PKCS1_2048_SHA256_VALUE |
RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. |
RSA_SIGN_PKCS1_3072_SHA256 |
RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. |
RSA_SIGN_PKCS1_3072_SHA256_VALUE |
RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. |
RSA_SIGN_PKCS1_4096_SHA256 |
RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. |
RSA_SIGN_PKCS1_4096_SHA256_VALUE |
RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. |
RSA_SIGN_PKCS1_4096_SHA512 |
RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. |
RSA_SIGN_PKCS1_4096_SHA512_VALUE |
RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. |
RSA_SIGN_PSS_2048_SHA256 |
RSASSA-PSS 2048 bit key with a SHA256 digest. |
RSA_SIGN_PSS_2048_SHA256_VALUE |
RSASSA-PSS 2048 bit key with a SHA256 digest. |
RSA_SIGN_PSS_3072_SHA256 |
RSASSA-PSS 3072 bit key with a SHA256 digest. |
RSA_SIGN_PSS_3072_SHA256_VALUE |
RSASSA-PSS 3072 bit key with a SHA256 digest. |
RSA_SIGN_PSS_4096_SHA256 |
RSASSA-PSS 4096 bit key with a SHA256 digest. |
RSA_SIGN_PSS_4096_SHA256_VALUE |
RSASSA-PSS 4096 bit key with a SHA256 digest. |
RSA_SIGN_PSS_4096_SHA512 |
RSASSA-PSS 4096 bit key with a SHA512 digest. |
RSA_SIGN_PSS_4096_SHA512_VALUE |
RSASSA-PSS 4096 bit key with a SHA512 digest. |
RSA_SIGN_RAW_PKCS1_2048 |
RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key. |
RSA_SIGN_RAW_PKCS1_2048_VALUE |
RSASSA-PKCS1-v1_5 signing without encoding, with a 2048 bit key. |
RSA_SIGN_RAW_PKCS1_3072 |
RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key. |
RSA_SIGN_RAW_PKCS1_3072_VALUE |
RSASSA-PKCS1-v1_5 signing without encoding, with a 3072 bit key. |
RSA_SIGN_RAW_PKCS1_4096 |
RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key. |
RSA_SIGN_RAW_PKCS1_4096_VALUE |
RSASSA-PKCS1-v1_5 signing without encoding, with a 4096 bit key. |
UNRECOGNIZED |
Static Methods |
|
---|---|
Name | Description |
forNumber(int value) |
|
getDescriptor() |
|
internalGetValueMap() |
|
valueOf(Descriptors.EnumValueDescriptor desc) |
|
valueOf(int value) |
Deprecated. Use #forNumber(int) instead. |
valueOf(String name) |
|
values() |
Methods |
|
---|---|
Name | Description |
getDescriptorForType() |
|
getNumber() |
|
getValueDescriptor() |