Class CaPool.IssuancePolicy (2.35.0)

public static final class CaPool.IssuancePolicy extends GeneratedMessageV3 implements CaPool.IssuancePolicyOrBuilder

Defines controls over all certificate issuance within a CaPool.

Protobuf type google.cloud.security.privateca.v1.CaPool.IssuancePolicy

Static Fields

ALLOWED_ISSUANCE_MODES_FIELD_NUMBER

public static final int ALLOWED_ISSUANCE_MODES_FIELD_NUMBER
Field Value
TypeDescription
int

ALLOWED_KEY_TYPES_FIELD_NUMBER

public static final int ALLOWED_KEY_TYPES_FIELD_NUMBER
Field Value
TypeDescription
int

BASELINE_VALUES_FIELD_NUMBER

public static final int BASELINE_VALUES_FIELD_NUMBER
Field Value
TypeDescription
int

IDENTITY_CONSTRAINTS_FIELD_NUMBER

public static final int IDENTITY_CONSTRAINTS_FIELD_NUMBER
Field Value
TypeDescription
int

MAXIMUM_LIFETIME_FIELD_NUMBER

public static final int MAXIMUM_LIFETIME_FIELD_NUMBER
Field Value
TypeDescription
int

PASSTHROUGH_EXTENSIONS_FIELD_NUMBER

public static final int PASSTHROUGH_EXTENSIONS_FIELD_NUMBER
Field Value
TypeDescription
int

Static Methods

getDefaultInstance()

public static CaPool.IssuancePolicy getDefaultInstance()
Returns
TypeDescription
CaPool.IssuancePolicy

getDescriptor()

public static final Descriptors.Descriptor getDescriptor()
Returns
TypeDescription
Descriptor

newBuilder()

public static CaPool.IssuancePolicy.Builder newBuilder()
Returns
TypeDescription
CaPool.IssuancePolicy.Builder

newBuilder(CaPool.IssuancePolicy prototype)

public static CaPool.IssuancePolicy.Builder newBuilder(CaPool.IssuancePolicy prototype)
Parameter
NameDescription
prototypeCaPool.IssuancePolicy
Returns
TypeDescription
CaPool.IssuancePolicy.Builder

parseDelimitedFrom(InputStream input)

public static CaPool.IssuancePolicy parseDelimitedFrom(InputStream input)
Parameter
NameDescription
inputInputStream
Returns
TypeDescription
CaPool.IssuancePolicy
Exceptions
TypeDescription
IOException

parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)

public static CaPool.IssuancePolicy parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
CaPool.IssuancePolicy
Exceptions
TypeDescription
IOException

parseFrom(byte[] data)

public static CaPool.IssuancePolicy parseFrom(byte[] data)
Parameter
NameDescription
databyte[]
Returns
TypeDescription
CaPool.IssuancePolicy
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)

public static CaPool.IssuancePolicy parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
databyte[]
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
CaPool.IssuancePolicy
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteString data)

public static CaPool.IssuancePolicy parseFrom(ByteString data)
Parameter
NameDescription
dataByteString
Returns
TypeDescription
CaPool.IssuancePolicy
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)

public static CaPool.IssuancePolicy parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
dataByteString
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
CaPool.IssuancePolicy
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(CodedInputStream input)

public static CaPool.IssuancePolicy parseFrom(CodedInputStream input)
Parameter
NameDescription
inputCodedInputStream
Returns
TypeDescription
CaPool.IssuancePolicy
Exceptions
TypeDescription
IOException

parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)

public static CaPool.IssuancePolicy parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputCodedInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
CaPool.IssuancePolicy
Exceptions
TypeDescription
IOException

parseFrom(InputStream input)

public static CaPool.IssuancePolicy parseFrom(InputStream input)
Parameter
NameDescription
inputInputStream
Returns
TypeDescription
CaPool.IssuancePolicy
Exceptions
TypeDescription
IOException

parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)

public static CaPool.IssuancePolicy parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
CaPool.IssuancePolicy
Exceptions
TypeDescription
IOException

parseFrom(ByteBuffer data)

public static CaPool.IssuancePolicy parseFrom(ByteBuffer data)
Parameter
NameDescription
dataByteBuffer
Returns
TypeDescription
CaPool.IssuancePolicy
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)

public static CaPool.IssuancePolicy parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
dataByteBuffer
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
CaPool.IssuancePolicy
Exceptions
TypeDescription
InvalidProtocolBufferException

parser()

public static Parser<CaPool.IssuancePolicy> parser()
Returns
TypeDescription
Parser<IssuancePolicy>

Methods

equals(Object obj)

public boolean equals(Object obj)
Parameter
NameDescription
objObject
Returns
TypeDescription
boolean
Overrides

getAllowedIssuanceModes()

public CaPool.IssuancePolicy.IssuanceModes getAllowedIssuanceModes()

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes allowed_issuance_modes = 3 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
CaPool.IssuancePolicy.IssuanceModes

The allowedIssuanceModes.

getAllowedIssuanceModesOrBuilder()

public CaPool.IssuancePolicy.IssuanceModesOrBuilder getAllowedIssuanceModesOrBuilder()

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes allowed_issuance_modes = 3 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
CaPool.IssuancePolicy.IssuanceModesOrBuilder

getAllowedKeyTypes(int index)

public CaPool.IssuancePolicy.AllowedKeyType getAllowedKeyTypes(int index)

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
indexint
Returns
TypeDescription
CaPool.IssuancePolicy.AllowedKeyType

getAllowedKeyTypesCount()

public int getAllowedKeyTypesCount()

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
int

getAllowedKeyTypesList()

public List<CaPool.IssuancePolicy.AllowedKeyType> getAllowedKeyTypesList()

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
List<AllowedKeyType>

getAllowedKeyTypesOrBuilder(int index)

public CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder getAllowedKeyTypesOrBuilder(int index)

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

Parameter
NameDescription
indexint
Returns
TypeDescription
CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder

getAllowedKeyTypesOrBuilderList()

public List<? extends CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder> getAllowedKeyTypesOrBuilderList()

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.

repeated .google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType allowed_key_types = 1 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
List<? extends com.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyTypeOrBuilder>

getBaselineValues()

public X509Parameters getBaselineValues()

Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.

.google.cloud.security.privateca.v1.X509Parameters baseline_values = 4 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
X509Parameters

The baselineValues.

getBaselineValuesOrBuilder()

public X509ParametersOrBuilder getBaselineValuesOrBuilder()

Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.

.google.cloud.security.privateca.v1.X509Parameters baseline_values = 4 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
X509ParametersOrBuilder

getDefaultInstanceForType()

public CaPool.IssuancePolicy getDefaultInstanceForType()
Returns
TypeDescription
CaPool.IssuancePolicy

getIdentityConstraints()

public CertificateIdentityConstraints getIdentityConstraints()

Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.

.google.cloud.security.privateca.v1.CertificateIdentityConstraints identity_constraints = 5 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
CertificateIdentityConstraints

The identityConstraints.

getIdentityConstraintsOrBuilder()

public CertificateIdentityConstraintsOrBuilder getIdentityConstraintsOrBuilder()

Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.

.google.cloud.security.privateca.v1.CertificateIdentityConstraints identity_constraints = 5 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
CertificateIdentityConstraintsOrBuilder

getMaximumLifetime()

public Duration getMaximumLifetime()

Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.

.google.protobuf.Duration maximum_lifetime = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
Duration

The maximumLifetime.

getMaximumLifetimeOrBuilder()

public DurationOrBuilder getMaximumLifetimeOrBuilder()

Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.

.google.protobuf.Duration maximum_lifetime = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
DurationOrBuilder

getParserForType()

public Parser<CaPool.IssuancePolicy> getParserForType()
Returns
TypeDescription
Parser<IssuancePolicy>
Overrides

getPassthroughExtensions()

public CertificateExtensionConstraints getPassthroughExtensions()

Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.

.google.cloud.security.privateca.v1.CertificateExtensionConstraints passthrough_extensions = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
CertificateExtensionConstraints

The passthroughExtensions.

getPassthroughExtensionsOrBuilder()

public CertificateExtensionConstraintsOrBuilder getPassthroughExtensionsOrBuilder()

Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.

.google.cloud.security.privateca.v1.CertificateExtensionConstraints passthrough_extensions = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
CertificateExtensionConstraintsOrBuilder

getSerializedSize()

public int getSerializedSize()
Returns
TypeDescription
int
Overrides

hasAllowedIssuanceModes()

public boolean hasAllowedIssuanceModes()

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

.google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes allowed_issuance_modes = 3 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
boolean

Whether the allowedIssuanceModes field is set.

hasBaselineValues()

public boolean hasBaselineValues()

Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.

.google.cloud.security.privateca.v1.X509Parameters baseline_values = 4 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
boolean

Whether the baselineValues field is set.

hasIdentityConstraints()

public boolean hasIdentityConstraints()

Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.

.google.cloud.security.privateca.v1.CertificateIdentityConstraints identity_constraints = 5 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
boolean

Whether the identityConstraints field is set.

hasMaximumLifetime()

public boolean hasMaximumLifetime()

Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.

.google.protobuf.Duration maximum_lifetime = 2 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
boolean

Whether the maximumLifetime field is set.

hasPassthroughExtensions()

public boolean hasPassthroughExtensions()

Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.

.google.cloud.security.privateca.v1.CertificateExtensionConstraints passthrough_extensions = 6 [(.google.api.field_behavior) = OPTIONAL];

Returns
TypeDescription
boolean

Whether the passthroughExtensions field is set.

hashCode()

public int hashCode()
Returns
TypeDescription
int
Overrides

internalGetFieldAccessorTable()

protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
TypeDescription
FieldAccessorTable
Overrides

isInitialized()

public final boolean isInitialized()
Returns
TypeDescription
boolean
Overrides

newBuilderForType()

public CaPool.IssuancePolicy.Builder newBuilderForType()
Returns
TypeDescription
CaPool.IssuancePolicy.Builder

newBuilderForType(GeneratedMessageV3.BuilderParent parent)

protected CaPool.IssuancePolicy.Builder newBuilderForType(GeneratedMessageV3.BuilderParent parent)
Parameter
NameDescription
parentBuilderParent
Returns
TypeDescription
CaPool.IssuancePolicy.Builder
Overrides

newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)

protected Object newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
Parameter
NameDescription
unusedUnusedPrivateParameter
Returns
TypeDescription
Object
Overrides

toBuilder()

public CaPool.IssuancePolicy.Builder toBuilder()
Returns
TypeDescription
CaPool.IssuancePolicy.Builder

writeTo(CodedOutputStream output)

public void writeTo(CodedOutputStream output)
Parameter
NameDescription
outputCodedOutputStream
Overrides
Exceptions
TypeDescription
IOException