Method: locations.generateRandomBytes

HTTP request
Path parameters
Request body
- JSON representation
Response body
- JSON representation
Authorization Scopes
Try it!

Full name: projects.locations.generateRandomBytes

Generate random bytes using the Cloud KMS randomness source in the provided location.

HTTP request

POST https://cloudkms.googleapis.com/v1/{location=projects/*/locations/*}:generateRandomBytes

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters

Parameters
`location`	`string` The project-specific location in which to generate random bytes. For example, "projects/my-project/locations/us-central1".

location

string

The project-specific location in which to generate random bytes. For example, "projects/my-project/locations/us-central1".

Request body

The request body contains data with the following structure:

JSON representation
{ "lengthBytes": integer, "protectionLevel": enum (`ProtectionLevel`) }

Fields

Fields
`lengthBytes`	`integer` The length in bytes of the amount of randomness to retrieve. Minimum 8 bytes, maximum 1024 bytes.
`protectionLevel`	`enum (ProtectionLevel)` The `ProtectionLevel` to use when generating the random data. Currently, only `HSM` protection level is supported.

lengthBytes

integer

The length in bytes of the amount of randomness to retrieve. Minimum 8 bytes, maximum 1024 bytes.

protectionLevel

enum (ProtectionLevel)

The ProtectionLevel to use when generating the random data. Currently, only HSM protection level is supported.

Response body

If successful, the response body contains data with the following structure:

Response message for KeyManagementService.GenerateRandomBytes.

JSON representation
{ "data": string, "dataCrc32c": string }

Fields

Fields
`data`	`string (bytes format)` The generated data. A base64-encoded string.
`dataCrc32c`	`string (Int64Value format)` Integrity verification field. A CRC32C checksum of the returned `GenerateRandomBytesResponse.data`. An integrity check of `GenerateRandomBytesResponse.data` can be performed by computing the CRC32C checksum of `GenerateRandomBytesResponse.data` and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.

data

string (bytes format)

The generated data.

A base64-encoded string.

dataCrc32c

string (Int64Value format)

Integrity verification field. A CRC32C checksum of the returned GenerateRandomBytesResponse.data. An integrity check of GenerateRandomBytesResponse.data can be performed by computing the CRC32C checksum of GenerateRandomBytesResponse.data and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.

Authorization Scopes

Requires one of the following OAuth scopes:

https://www.googleapis.com/auth/cloudkms
https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.