public abstract static class KeyManagementServiceGrpc.KeyManagementServiceImplBase extends Object implements BindableService
Google Cloud Key Management Service Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects: * [KeyRing][google.cloud.kms.v1.KeyRing] * [CryptoKey][google.cloud.kms.v1.CryptoKey] * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] * [ImportJob][google.cloud.kms.v1.ImportJob] If you are using manual gRPC libraries, see [Using gRPC with Cloud KMS](https://cloud.google.com/kms/docs/grpc).
| Constructor and Description |
|---|
KeyManagementServiceImplBase() |
| Modifier and Type | Method and Description |
|---|---|
void |
asymmetricDecrypt(AsymmetricDecryptRequest request,
StreamObserver<AsymmetricDecryptResponse> responseObserver)
Decrypts data that was encrypted with a public key retrieved from
[GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]
corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
ASYMMETRIC_DECRYPT.
|
void |
asymmetricSign(AsymmetricSignRequest request,
StreamObserver<AsymmetricSignResponse> responseObserver)
Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
ASYMMETRIC_SIGN, producing a signature that can be verified with the public
key retrieved from
[GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
|
ServerServiceDefinition |
bindService() |
void |
createCryptoKey(CreateCryptoKeyRequest request,
StreamObserver<CryptoKey> responseObserver)
Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a
[KeyRing][google.cloud.kms.v1.KeyRing].
|
void |
createCryptoKeyVersion(CreateCryptoKeyVersionRequest request,
StreamObserver<CryptoKeyVersion> responseObserver)
Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a
[CryptoKey][google.cloud.kms.v1.CryptoKey].
|
void |
createImportJob(CreateImportJobRequest request,
StreamObserver<ImportJob> responseObserver)
Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a
[KeyRing][google.cloud.kms.v1.KeyRing].
|
void |
createKeyRing(CreateKeyRingRequest request,
StreamObserver<KeyRing> responseObserver)
Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and
Location.
|
void |
decrypt(DecryptRequest request,
StreamObserver<DecryptResponse> responseObserver)
Decrypts data that was protected by
[Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
|
void |
destroyCryptoKeyVersion(DestroyCryptoKeyVersionRequest request,
StreamObserver<CryptoKeyVersion> responseObserver)
Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for
destruction.
|
void |
encrypt(EncryptRequest request,
StreamObserver<EncryptResponse> responseObserver)
Encrypts data, so that it can only be recovered by a call to
[Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
|
void |
generateRandomBytes(GenerateRandomBytesRequest request,
StreamObserver<GenerateRandomBytesResponse> responseObserver)
Generate random bytes using the Cloud KMS randomness source in the provided
location.
|
void |
getCryptoKey(GetCryptoKeyRequest request,
StreamObserver<CryptoKey> responseObserver)
Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as
well as its [primary][google.cloud.kms.v1.CryptoKey.primary]
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
void |
getCryptoKeyVersion(GetCryptoKeyVersionRequest request,
StreamObserver<CryptoKeyVersion> responseObserver)
Returns metadata for a given
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
void |
getImportJob(GetImportJobRequest request,
StreamObserver<ImportJob> responseObserver)
Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].
|
void |
getKeyRing(GetKeyRingRequest request,
StreamObserver<KeyRing> responseObserver)
Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
|
void |
getPublicKey(GetPublicKeyRequest request,
StreamObserver<PublicKey> responseObserver)
Returns the public key for the given
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
void |
importCryptoKeyVersion(ImportCryptoKeyVersionRequest request,
StreamObserver<CryptoKeyVersion> responseObserver)
Import wrapped key material into a
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
void |
listCryptoKeys(ListCryptoKeysRequest request,
StreamObserver<ListCryptoKeysResponse> responseObserver)
Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
|
void |
listCryptoKeyVersions(ListCryptoKeyVersionsRequest request,
StreamObserver<ListCryptoKeyVersionsResponse> responseObserver)
Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
|
void |
listImportJobs(ListImportJobsRequest request,
StreamObserver<ListImportJobsResponse> responseObserver)
Lists [ImportJobs][google.cloud.kms.v1.ImportJob].
|
void |
listKeyRings(ListKeyRingsRequest request,
StreamObserver<ListKeyRingsResponse> responseObserver)
Lists [KeyRings][google.cloud.kms.v1.KeyRing].
|
void |
macSign(MacSignRequest request,
StreamObserver<MacSignResponse> responseObserver)
Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC,
producing a tag that can be verified by another source with the same key.
|
void |
macVerify(MacVerifyRequest request,
StreamObserver<MacVerifyResponse> responseObserver)
Verifies MAC tag using a
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC, and returns
a response that indicates whether or not the verification was successful.
|
void |
restoreCryptoKeyVersion(RestoreCryptoKeyVersionRequest request,
StreamObserver<CryptoKeyVersion> responseObserver)
Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
[DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
state.
|
void |
updateCryptoKey(UpdateCryptoKeyRequest request,
StreamObserver<CryptoKey> responseObserver)
Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
|
void |
updateCryptoKeyPrimaryVersion(UpdateCryptoKeyPrimaryVersionRequest request,
StreamObserver<CryptoKey> responseObserver)
Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that
will be used in
[Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
|
void |
updateCryptoKeyVersion(UpdateCryptoKeyVersionRequest request,
StreamObserver<CryptoKeyVersion> responseObserver)
Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s
metadata.
|
public void listKeyRings(ListKeyRingsRequest request, StreamObserver<ListKeyRingsResponse> responseObserver)
Lists [KeyRings][google.cloud.kms.v1.KeyRing].
public void listCryptoKeys(ListCryptoKeysRequest request, StreamObserver<ListCryptoKeysResponse> responseObserver)
Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
public void listCryptoKeyVersions(ListCryptoKeyVersionsRequest request, StreamObserver<ListCryptoKeyVersionsResponse> responseObserver)
Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
public void listImportJobs(ListImportJobsRequest request, StreamObserver<ListImportJobsResponse> responseObserver)
Lists [ImportJobs][google.cloud.kms.v1.ImportJob].
public void getKeyRing(GetKeyRingRequest request, StreamObserver<KeyRing> responseObserver)
Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
public void getCryptoKey(GetCryptoKeyRequest request, StreamObserver<CryptoKey> responseObserver)
Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its [primary][google.cloud.kms.v1.CryptoKey.primary] [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
public void getCryptoKeyVersion(GetCryptoKeyVersionRequest request, StreamObserver<CryptoKeyVersion> responseObserver)
Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
public void getPublicKey(GetPublicKeyRequest request, StreamObserver<PublicKey> responseObserver)
Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN] or [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].
public void getImportJob(GetImportJobRequest request, StreamObserver<ImportJob> responseObserver)
Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].
public void createKeyRing(CreateKeyRingRequest request, StreamObserver<KeyRing> responseObserver)
Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location.
public void createCryptoKey(CreateCryptoKeyRequest request, StreamObserver<CryptoKey> responseObserver)
Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a [KeyRing][google.cloud.kms.v1.KeyRing]. [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm] are required.
public void createCryptoKeyVersion(CreateCryptoKeyVersionRequest request, StreamObserver<CryptoKeyVersion> responseObserver)
Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a [CryptoKey][google.cloud.kms.v1.CryptoKey]. The server will assign the next sequential id. If unset, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
public void importCryptoKeyVersion(ImportCryptoKeyVersionRequest request, StreamObserver<CryptoKeyVersion> responseObserver)
Import wrapped key material into a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. All requests must specify a [CryptoKey][google.cloud.kms.v1.CryptoKey]. If a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the [CryptoKey][google.cloud.kms.v1.CryptoKey].
public void createImportJob(CreateImportJobRequest request, StreamObserver<ImportJob> responseObserver)
Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a [KeyRing][google.cloud.kms.v1.KeyRing]. [ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is required.
public void updateCryptoKey(UpdateCryptoKeyRequest request, StreamObserver<CryptoKey> responseObserver)
Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
public void updateCryptoKeyVersion(UpdateCryptoKeyVersionRequest request, StreamObserver<CryptoKeyVersion> responseObserver)
Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s metadata. [state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] and [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to move between other states.
public void updateCryptoKeyPrimaryVersion(UpdateCryptoKeyPrimaryVersionRequest request, StreamObserver<CryptoKey> responseObserver)
Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. Returns an error if called on a key whose purpose is not [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
public void destroyCryptoKeyVersion(DestroyCryptoKeyVersionRequest request, StreamObserver<CryptoKeyVersion> responseObserver)
Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction. Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED], and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be set to the time [destroy_scheduled_duration][google.cloud.kms.v1.CryptoKey.destroy_scheduled_duration] in the future. At that time, the [state][google.cloud.kms.v1.CryptoKeyVersion.state] will automatically change to [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED], and the key material will be irrevocably destroyed. Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached, [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process.
public void restoreCryptoKeyVersion(RestoreCryptoKeyVersionRequest request, StreamObserver<CryptoKeyVersion> responseObserver)
Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] state. Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED], and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared.
public void encrypt(EncryptRequest request, StreamObserver<EncryptResponse> responseObserver)
Encrypts data, so that it can only be recovered by a call to [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
public void decrypt(DecryptRequest request, StreamObserver<DecryptResponse> responseObserver)
Decrypts data that was protected by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
public void asymmetricSign(AsymmetricSignRequest request, StreamObserver<AsymmetricSignResponse> responseObserver)
Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
public void asymmetricDecrypt(AsymmetricDecryptRequest request, StreamObserver<AsymmetricDecryptResponse> responseObserver)
Decrypts data that was encrypted with a public key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT.
public void macSign(MacSignRequest request, StreamObserver<MacSignResponse> responseObserver)
Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC, producing a tag that can be verified by another source with the same key.
public void macVerify(MacVerifyRequest request, StreamObserver<MacVerifyResponse> responseObserver)
Verifies MAC tag using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC, and returns a response that indicates whether or not the verification was successful.
public void generateRandomBytes(GenerateRandomBytesRequest request, StreamObserver<GenerateRandomBytesResponse> responseObserver)
Generate random bytes using the Cloud KMS randomness source in the provided location.
public final ServerServiceDefinition bindService()
bindService in interface BindableServiceCopyright © 2022 Google LLC. All rights reserved.