Sample code: + * + *
{@code
+ * // This snippet has been automatically generated and should be regarded as a code template only.
+ * // It will require modifications to work:
+ * // - It may require correct/in-range values for request initialization.
+ * // - It may require specifying regional endpoints when creating the service client as shown in
+ * // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
+ * try (KeyManagementServiceClient keyManagementServiceClient =
+ * KeyManagementServiceClient.create()) {
+ * RawEncryptRequest request =
+ * RawEncryptRequest.newBuilder()
+ * .setName("name3373707")
+ * .setPlaintext(ByteString.EMPTY)
+ * .setAdditionalAuthenticatedData(ByteString.EMPTY)
+ * .setPlaintextCrc32C(Int64Value.newBuilder().build())
+ * .setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build())
+ * .setInitializationVector(ByteString.EMPTY)
+ * .setInitializationVectorCrc32C(Int64Value.newBuilder().build())
+ * .build();
+ * RawEncryptResponse response = keyManagementServiceClient.rawEncrypt(request);
+ * }
+ * }
+ *
+ * @param request The request object containing all of the parameters for the API call.
+ * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+ */
+ public final RawEncryptResponse rawEncrypt(RawEncryptRequest request) {
+ return rawEncryptCallable().call(request);
+ }
+
+ // AUTO-GENERATED DOCUMENTATION AND METHOD.
+ /**
+ * Encrypts data using portable cryptographic primitives. Most users should choose
+ * [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and
+ * [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than their raw counterparts.
+ * The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
+ * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
+ *
+ * Sample code: + * + *
{@code
+ * // This snippet has been automatically generated and should be regarded as a code template only.
+ * // It will require modifications to work:
+ * // - It may require correct/in-range values for request initialization.
+ * // - It may require specifying regional endpoints when creating the service client as shown in
+ * // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
+ * try (KeyManagementServiceClient keyManagementServiceClient =
+ * KeyManagementServiceClient.create()) {
+ * RawEncryptRequest request =
+ * RawEncryptRequest.newBuilder()
+ * .setName("name3373707")
+ * .setPlaintext(ByteString.EMPTY)
+ * .setAdditionalAuthenticatedData(ByteString.EMPTY)
+ * .setPlaintextCrc32C(Int64Value.newBuilder().build())
+ * .setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build())
+ * .setInitializationVector(ByteString.EMPTY)
+ * .setInitializationVectorCrc32C(Int64Value.newBuilder().build())
+ * .build();
+ * ApiFuture future =
+ * keyManagementServiceClient.rawEncryptCallable().futureCall(request);
+ * // Do something.
+ * RawEncryptResponse response = future.get();
+ * }
+ * }
+ */
+ public final UnaryCallableSample code: + * + *
{@code
+ * // This snippet has been automatically generated and should be regarded as a code template only.
+ * // It will require modifications to work:
+ * // - It may require correct/in-range values for request initialization.
+ * // - It may require specifying regional endpoints when creating the service client as shown in
+ * // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
+ * try (KeyManagementServiceClient keyManagementServiceClient =
+ * KeyManagementServiceClient.create()) {
+ * RawDecryptRequest request =
+ * RawDecryptRequest.newBuilder()
+ * .setName("name3373707")
+ * .setCiphertext(ByteString.EMPTY)
+ * .setAdditionalAuthenticatedData(ByteString.EMPTY)
+ * .setInitializationVector(ByteString.EMPTY)
+ * .setTagLength(172791595)
+ * .setCiphertextCrc32C(Int64Value.newBuilder().build())
+ * .setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build())
+ * .setInitializationVectorCrc32C(Int64Value.newBuilder().build())
+ * .build();
+ * RawDecryptResponse response = keyManagementServiceClient.rawDecrypt(request);
+ * }
+ * }
+ *
+ * @param request The request object containing all of the parameters for the API call.
+ * @throws com.google.api.gax.rpc.ApiException if the remote call fails
+ */
+ public final RawDecryptResponse rawDecrypt(RawDecryptRequest request) {
+ return rawDecryptCallable().call(request);
+ }
+
+ // AUTO-GENERATED DOCUMENTATION AND METHOD.
+ /**
+ * Decrypts data that was originally encrypted using a raw cryptographic mechanism. The
+ * [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
+ * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
+ *
+ * Sample code: + * + *
{@code
+ * // This snippet has been automatically generated and should be regarded as a code template only.
+ * // It will require modifications to work:
+ * // - It may require correct/in-range values for request initialization.
+ * // - It may require specifying regional endpoints when creating the service client as shown in
+ * // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
+ * try (KeyManagementServiceClient keyManagementServiceClient =
+ * KeyManagementServiceClient.create()) {
+ * RawDecryptRequest request =
+ * RawDecryptRequest.newBuilder()
+ * .setName("name3373707")
+ * .setCiphertext(ByteString.EMPTY)
+ * .setAdditionalAuthenticatedData(ByteString.EMPTY)
+ * .setInitializationVector(ByteString.EMPTY)
+ * .setTagLength(172791595)
+ * .setCiphertextCrc32C(Int64Value.newBuilder().build())
+ * .setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build())
+ * .setInitializationVectorCrc32C(Int64Value.newBuilder().build())
+ * .build();
+ * ApiFuture future =
+ * keyManagementServiceClient.rawDecryptCallable().futureCall(request);
+ * // Do something.
+ * RawDecryptResponse response = future.get();
+ * }
+ * }
+ */
+ public final UnaryCallable+ * Encrypts data using portable cryptographic primitives. Most users should + * choose [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and + * [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than + * their raw counterparts. The + * [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be + * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT]. + *+ */ + default void rawEncrypt( + com.google.cloud.kms.v1.RawEncryptRequest request, + io.grpc.stub.StreamObserver
+ * Decrypts data that was originally encrypted using a raw cryptographic + * mechanism. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] + * must be + * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT]. + *+ */ + default void rawDecrypt( + com.google.cloud.kms.v1.RawDecryptRequest request, + io.grpc.stub.StreamObserver
+ * Encrypts data using portable cryptographic primitives. Most users should + * choose [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and + * [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than + * their raw counterparts. The + * [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be + * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT]. + *+ */ + public void rawEncrypt( + com.google.cloud.kms.v1.RawEncryptRequest request, + io.grpc.stub.StreamObserver
+ * Decrypts data that was originally encrypted using a raw cryptographic + * mechanism. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] + * must be + * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT]. + *+ */ + public void rawDecrypt( + com.google.cloud.kms.v1.RawDecryptRequest request, + io.grpc.stub.StreamObserver
+ * Encrypts data using portable cryptographic primitives. Most users should + * choose [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and + * [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than + * their raw counterparts. The + * [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be + * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT]. + *+ */ + public com.google.cloud.kms.v1.RawEncryptResponse rawEncrypt( + com.google.cloud.kms.v1.RawEncryptRequest request) { + return io.grpc.stub.ClientCalls.blockingUnaryCall( + getChannel(), getRawEncryptMethod(), getCallOptions(), request); + } + + /** + * + * + *
+ * Decrypts data that was originally encrypted using a raw cryptographic + * mechanism. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] + * must be + * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT]. + *+ */ + public com.google.cloud.kms.v1.RawDecryptResponse rawDecrypt( + com.google.cloud.kms.v1.RawDecryptRequest request) { + return io.grpc.stub.ClientCalls.blockingUnaryCall( + getChannel(), getRawDecryptMethod(), getCallOptions(), request); + } + /** * * @@ -3133,6 +3321,42 @@ protected KeyManagementServiceFutureStub build( getChannel().newCall(getDecryptMethod(), getCallOptions()), request); } + /** + * + * + *
+ * Encrypts data using portable cryptographic primitives. Most users should + * choose [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and + * [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than + * their raw counterparts. The + * [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be + * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT]. + *+ */ + public com.google.common.util.concurrent.ListenableFuture< + com.google.cloud.kms.v1.RawEncryptResponse> + rawEncrypt(com.google.cloud.kms.v1.RawEncryptRequest request) { + return io.grpc.stub.ClientCalls.futureUnaryCall( + getChannel().newCall(getRawEncryptMethod(), getCallOptions()), request); + } + + /** + * + * + *
+ * Decrypts data that was originally encrypted using a raw cryptographic + * mechanism. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] + * must be + * [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT]. + *+ */ + public com.google.common.util.concurrent.ListenableFuture< + com.google.cloud.kms.v1.RawDecryptResponse> + rawDecrypt(com.google.cloud.kms.v1.RawDecryptRequest request) { + return io.grpc.stub.ClientCalls.futureUnaryCall( + getChannel().newCall(getRawDecryptMethod(), getCallOptions()), request); + } + /** * * @@ -3239,11 +3463,13 @@ protected KeyManagementServiceFutureStub build( private static final int METHODID_RESTORE_CRYPTO_KEY_VERSION = 18; private static final int METHODID_ENCRYPT = 19; private static final int METHODID_DECRYPT = 20; - private static final int METHODID_ASYMMETRIC_SIGN = 21; - private static final int METHODID_ASYMMETRIC_DECRYPT = 22; - private static final int METHODID_MAC_SIGN = 23; - private static final int METHODID_MAC_VERIFY = 24; - private static final int METHODID_GENERATE_RANDOM_BYTES = 25; + private static final int METHODID_RAW_ENCRYPT = 21; + private static final int METHODID_RAW_DECRYPT = 22; + private static final int METHODID_ASYMMETRIC_SIGN = 23; + private static final int METHODID_ASYMMETRIC_DECRYPT = 24; + private static final int METHODID_MAC_SIGN = 25; + private static final int METHODID_MAC_VERIFY = 26; + private static final int METHODID_GENERATE_RANDOM_BYTES = 27; private static final class MethodHandlers
ASYMMETRIC_DECRYPT = 6;
*/
ASYMMETRIC_DECRYPT(6),
+ /**
+ *
+ *
+ * + * [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used + * with [RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt] + * and [RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt]. + * This purpose is meant to be used for interoperable symmetric + * encryption and does not support automatic CryptoKey rotation. + *+ * + *
RAW_ENCRYPT_DECRYPT = 7;
+ */
+ RAW_ENCRYPT_DECRYPT(7),
/**
*
*
@@ -208,6 +222,20 @@ public enum CryptoKeyPurpose implements com.google.protobuf.ProtocolMessageEnum
* ASYMMETRIC_DECRYPT = 6;
*/
public static final int ASYMMETRIC_DECRYPT_VALUE = 6;
+ /**
+ *
+ *
+ * + * [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used + * with [RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt] + * and [RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt]. + * This purpose is meant to be used for interoperable symmetric + * encryption and does not support automatic CryptoKey rotation. + *+ * + *
RAW_ENCRYPT_DECRYPT = 7;
+ */
+ public static final int RAW_ENCRYPT_DECRYPT_VALUE = 7;
/**
*
*
@@ -252,6 +280,8 @@ public static CryptoKeyPurpose forNumber(int value) {
return ASYMMETRIC_SIGN;
case 6:
return ASYMMETRIC_DECRYPT;
+ case 7:
+ return RAW_ENCRYPT_DECRYPT;
case 9:
return MAC;
default:
diff --git a/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/CryptoKeyVersion.java b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/CryptoKeyVersion.java
index f52dc33575fb..94db6643557d 100644
--- a/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/CryptoKeyVersion.java
+++ b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/CryptoKeyVersion.java
@@ -153,6 +153,26 @@ public enum CryptoKeyVersionAlgorithm implements com.google.protobuf.ProtocolMes
* GOOGLE_SYMMETRIC_ENCRYPTION = 1;
*/
GOOGLE_SYMMETRIC_ENCRYPTION(1),
+ /**
+ *
+ *
+ * + * AES-GCM (Galois Counter Mode) using 128-bit keys. + *+ * + *
AES_128_GCM = 41;
+ */
+ AES_128_GCM(41),
+ /**
+ *
+ *
+ * + * AES-GCM (Galois Counter Mode) using 256-bit keys. + *+ * + *
AES_256_GCM = 19;
+ */
+ AES_256_GCM(19),
/**
*
*
@@ -453,6 +473,26 @@ public enum CryptoKeyVersionAlgorithm implements com.google.protobuf.ProtocolMes
* GOOGLE_SYMMETRIC_ENCRYPTION = 1;
*/
public static final int GOOGLE_SYMMETRIC_ENCRYPTION_VALUE = 1;
+ /**
+ *
+ *
+ * + * AES-GCM (Galois Counter Mode) using 128-bit keys. + *+ * + *
AES_128_GCM = 41;
+ */
+ public static final int AES_128_GCM_VALUE = 41;
+ /**
+ *
+ *
+ * + * AES-GCM (Galois Counter Mode) using 256-bit keys. + *+ * + *
AES_256_GCM = 19;
+ */
+ public static final int AES_256_GCM_VALUE = 19;
/**
*
*
@@ -759,6 +799,10 @@ public static CryptoKeyVersionAlgorithm forNumber(int value) {
return CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED;
case 1:
return GOOGLE_SYMMETRIC_ENCRYPTION;
+ case 41:
+ return AES_128_GCM;
+ case 19:
+ return AES_256_GCM;
case 2:
return RSA_SIGN_PSS_2048_SHA256;
case 3:
diff --git a/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsProto.java b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsProto.java
index d7f8004e3c17..ec4a7bb24158 100644
--- a/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsProto.java
+++ b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsProto.java
@@ -127,6 +127,14 @@ public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry r
internal_static_google_cloud_kms_v1_DecryptRequest_descriptor;
static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
internal_static_google_cloud_kms_v1_DecryptRequest_fieldAccessorTable;
+ static final com.google.protobuf.Descriptors.Descriptor
+ internal_static_google_cloud_kms_v1_RawEncryptRequest_descriptor;
+ static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+ internal_static_google_cloud_kms_v1_RawEncryptRequest_fieldAccessorTable;
+ static final com.google.protobuf.Descriptors.Descriptor
+ internal_static_google_cloud_kms_v1_RawDecryptRequest_descriptor;
+ static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+ internal_static_google_cloud_kms_v1_RawDecryptRequest_fieldAccessorTable;
static final com.google.protobuf.Descriptors.Descriptor
internal_static_google_cloud_kms_v1_AsymmetricSignRequest_descriptor;
static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
@@ -155,6 +163,14 @@ public static void registerAllExtensions(com.google.protobuf.ExtensionRegistry r
internal_static_google_cloud_kms_v1_DecryptResponse_descriptor;
static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
internal_static_google_cloud_kms_v1_DecryptResponse_fieldAccessorTable;
+ static final com.google.protobuf.Descriptors.Descriptor
+ internal_static_google_cloud_kms_v1_RawEncryptResponse_descriptor;
+ static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+ internal_static_google_cloud_kms_v1_RawEncryptResponse_fieldAccessorTable;
+ static final com.google.protobuf.Descriptors.Descriptor
+ internal_static_google_cloud_kms_v1_RawDecryptResponse_descriptor;
+ static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
+ internal_static_google_cloud_kms_v1_RawDecryptResponse_fieldAccessorTable;
static final com.google.protobuf.Descriptors.Descriptor
internal_static_google_cloud_kms_v1_AsymmetricSignResponse_descriptor;
static final com.google.protobuf.GeneratedMessageV3.FieldAccessorTable
@@ -301,211 +317,258 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
+ "ertext_crc32c\030\005 \001(\0132\033.google.protobuf.In"
+ "t64ValueB\004\342A\001\001\022O\n$additional_authenticat"
+ "ed_data_crc32c\030\006 \001(\0132\033.google.protobuf.I"
- + "nt64ValueB\004\342A\001\001\"\221\002\n\025AsymmetricSignReques"
- + "t\022?\n\004name\030\001 \001(\tB1\342A\001\002\372A*\n(cloudkms.googl"
- + "eapis.com/CryptoKeyVersion\0221\n\006digest\030\003 \001"
- + "(\0132\033.google.cloud.kms.v1.DigestB\004\342A\001\001\0228\n"
- + "\rdigest_crc32c\030\004 \001(\0132\033.google.protobuf.I"
- + "nt64ValueB\004\342A\001\001\022\022\n\004data\030\006 \001(\014B\004\342A\001\001\0226\n\013d"
- + "ata_crc32c\030\007 \001(\0132\033.google.protobuf.Int64"
- + "ValueB\004\342A\001\001\"\263\001\n\030AsymmetricDecryptRequest"
- + "\022?\n\004name\030\001 \001(\tB1\342A\001\002\372A*\n(cloudkms.google"
- + "apis.com/CryptoKeyVersion\022\030\n\nciphertext\030"
- + "\003 \001(\014B\004\342A\001\002\022<\n\021ciphertext_crc32c\030\004 \001(\0132\033"
- + ".google.protobuf.Int64ValueB\004\342A\001\001\"\235\001\n\016Ma"
- + "cSignRequest\022?\n\004name\030\001 \001(\tB1\342A\001\002\372A*\n(clo"
- + "udkms.googleapis.com/CryptoKeyVersion\022\022\n"
- + "\004data\030\002 \001(\014B\004\342A\001\002\0226\n\013data_crc32c\030\003 \001(\0132\033"
- + ".google.protobuf.Int64ValueB\004\342A\001\001\"\351\001\n\020Ma"
- + "cVerifyRequest\022?\n\004name\030\001 \001(\tB1\342A\001\002\372A*\n(c"
- + "loudkms.googleapis.com/CryptoKeyVersion\022"
- + "\022\n\004data\030\002 \001(\014B\004\342A\001\002\0226\n\013data_crc32c\030\003 \001(\013"
- + "2\033.google.protobuf.Int64ValueB\004\342A\001\001\022\021\n\003m"
- + "ac\030\004 \001(\014B\004\342A\001\002\0225\n\nmac_crc32c\030\005 \001(\0132\033.goo"
- + "gle.protobuf.Int64ValueB\004\342A\001\001\"\204\001\n\032Genera"
- + "teRandomBytesRequest\022\020\n\010location\030\001 \001(\t\022\024"
- + "\n\014length_bytes\030\002 \001(\005\022>\n\020protection_level"
- + "\030\003 \001(\0162$.google.cloud.kms.v1.ProtectionL"
- + "evel\"\205\002\n\017EncryptResponse\022\014\n\004name\030\001 \001(\t\022\022"
- + "\n\nciphertext\030\002 \001(\014\0226\n\021ciphertext_crc32c\030"
- + "\004 \001(\0132\033.google.protobuf.Int64Value\022!\n\031ve"
- + "rified_plaintext_crc32c\030\005 \001(\010\0225\n-verifie"
- + "d_additional_authenticated_data_crc32c\030\006"
- + " \001(\010\022>\n\020protection_level\030\007 \001(\0162$.google."
- + "cloud.kms.v1.ProtectionLevel\"\261\001\n\017Decrypt"
- + "Response\022\021\n\tplaintext\030\001 \001(\014\0225\n\020plaintext"
- + "_crc32c\030\002 \001(\0132\033.google.protobuf.Int64Val"
- + "ue\022\024\n\014used_primary\030\003 \001(\010\022>\n\020protection_l"
- + "evel\030\004 \001(\0162$.google.cloud.kms.v1.Protect"
- + "ionLevel\"\356\001\n\026AsymmetricSignResponse\022\021\n\ts"
- + "ignature\030\001 \001(\014\0225\n\020signature_crc32c\030\002 \001(\013"
- + "2\033.google.protobuf.Int64Value\022\036\n\026verifie"
- + "d_digest_crc32c\030\003 \001(\010\022\014\n\004name\030\004 \001(\t\022\034\n\024v"
- + "erified_data_crc32c\030\005 \001(\010\022>\n\020protection_"
- + "level\030\006 \001(\0162$.google.cloud.kms.v1.Protec"
- + "tionLevel\"\311\001\n\031AsymmetricDecryptResponse\022"
- + "\021\n\tplaintext\030\001 \001(\014\0225\n\020plaintext_crc32c\030\002"
- + " \001(\0132\033.google.protobuf.Int64Value\022\"\n\032ver"
- + "ified_ciphertext_crc32c\030\003 \001(\010\022>\n\020protect"
- + "ion_level\030\004 \001(\0162$.google.cloud.kms.v1.Pr"
- + "otectionLevel\"\273\001\n\017MacSignResponse\022\014\n\004nam"
- + "e\030\001 \001(\t\022\013\n\003mac\030\002 \001(\014\022/\n\nmac_crc32c\030\003 \001(\013"
- + "2\033.google.protobuf.Int64Value\022\034\n\024verifie"
- + "d_data_crc32c\030\004 \001(\010\022>\n\020protection_level\030"
- + "\005 \001(\0162$.google.cloud.kms.v1.ProtectionLe"
- + "vel\"\321\001\n\021MacVerifyResponse\022\014\n\004name\030\001 \001(\t\022"
- + "\017\n\007success\030\002 \001(\010\022\034\n\024verified_data_crc32c"
- + "\030\003 \001(\010\022\033\n\023verified_mac_crc32c\030\004 \001(\010\022\"\n\032v"
- + "erified_success_integrity\030\005 \001(\010\022>\n\020prote"
- + "ction_level\030\006 \001(\0162$.google.cloud.kms.v1."
- + "ProtectionLevel\"]\n\033GenerateRandomBytesRe"
- + "sponse\022\014\n\004data\030\001 \001(\014\0220\n\013data_crc32c\030\003 \001("
- + "\0132\033.google.protobuf.Int64Value\"H\n\006Digest"
- + "\022\020\n\006sha256\030\001 \001(\014H\000\022\020\n\006sha384\030\002 \001(\014H\000\022\020\n\006"
- + "sha512\030\003 \001(\014H\000B\010\n\006digest\"@\n\020LocationMeta"
- + "data\022\025\n\rhsm_available\030\001 \001(\010\022\025\n\rekm_avail"
- + "able\030\002 \001(\0102\206+\n\024KeyManagementService\022\242\001\n\014"
- + "ListKeyRings\022(.google.cloud.kms.v1.ListK"
- + "eyRingsRequest\032).google.cloud.kms.v1.Lis"
- + "tKeyRingsResponse\"=\332A\006parent\202\323\344\223\002.\022,/v1/"
- + "{parent=projects/*/locations/*}/keyRings"
- + "\022\265\001\n\016ListCryptoKeys\022*.google.cloud.kms.v"
- + "1.ListCryptoKeysRequest\032+.google.cloud.k"
- + "ms.v1.ListCryptoKeysResponse\"J\332A\006parent\202"
- + "\323\344\223\002;\0229/v1/{parent=projects/*/locations/"
- + "*/keyRings/*}/cryptoKeys\022\336\001\n\025ListCryptoK"
- + "eyVersions\0221.google.cloud.kms.v1.ListCry"
- + "ptoKeyVersionsRequest\0322.google.cloud.kms"
- + ".v1.ListCryptoKeyVersionsResponse\"^\332A\006pa"
- + "rent\202\323\344\223\002O\022M/v1/{parent=projects/*/locat"
- + "ions/*/keyRings/*/cryptoKeys/*}/cryptoKe"
- + "yVersions\022\265\001\n\016ListImportJobs\022*.google.cl"
- + "oud.kms.v1.ListImportJobsRequest\032+.googl"
- + "e.cloud.kms.v1.ListImportJobsResponse\"J\332"
- + "A\006parent\202\323\344\223\002;\0229/v1/{parent=projects/*/l"
- + "ocations/*/keyRings/*}/importJobs\022\217\001\n\nGe"
- + "tKeyRing\022&.google.cloud.kms.v1.GetKeyRin"
- + "gRequest\032\034.google.cloud.kms.v1.KeyRing\";"
- + "\332A\004name\202\323\344\223\002.\022,/v1/{name=projects/*/loca"
- + "tions/*/keyRings/*}\022\242\001\n\014GetCryptoKey\022(.g"
- + "oogle.cloud.kms.v1.GetCryptoKeyRequest\032\036"
- + ".google.cloud.kms.v1.CryptoKey\"H\332A\004name\202"
- + "\323\344\223\002;\0229/v1/{name=projects/*/locations/*/"
- + "keyRings/*/cryptoKeys/*}\022\313\001\n\023GetCryptoKe"
- + "yVersion\022/.google.cloud.kms.v1.GetCrypto"
- + "KeyVersionRequest\032%.google.cloud.kms.v1."
- + "CryptoKeyVersion\"\\\332A\004name\202\323\344\223\002O\022M/v1/{na"
- + "me=projects/*/locations/*/keyRings/*/cry"
- + "ptoKeys/*/cryptoKeyVersions/*}\022\300\001\n\014GetPu"
- + "blicKey\022(.google.cloud.kms.v1.GetPublicK"
- + "eyRequest\032\036.google.cloud.kms.v1.PublicKe"
- + "y\"f\332A\004name\202\323\344\223\002Y\022W/v1/{name=projects/*/l"
- + "ocations/*/keyRings/*/cryptoKeys/*/crypt"
- + "oKeyVersions/*}/publicKey\022\242\001\n\014GetImportJ"
- + "ob\022(.google.cloud.kms.v1.GetImportJobReq"
- + "uest\032\036.google.cloud.kms.v1.ImportJob\"H\332A"
- + "\004name\202\323\344\223\002;\0229/v1/{name=projects/*/locati"
- + "ons/*/keyRings/*/importJobs/*}\022\266\001\n\rCreat"
- + "eKeyRing\022).google.cloud.kms.v1.CreateKey"
- + "RingRequest\032\034.google.cloud.kms.v1.KeyRin"
- + "g\"\\\332A\033parent,key_ring_id,key_ring\202\323\344\223\0028\""
- + ",/v1/{parent=projects/*/locations/*}/key"
- + "Rings:\010key_ring\022\317\001\n\017CreateCryptoKey\022+.go"
- + "ogle.cloud.kms.v1.CreateCryptoKeyRequest"
- + "\032\036.google.cloud.kms.v1.CryptoKey\"o\332A\037par"
- + "ent,crypto_key_id,crypto_key\202\323\344\223\002G\"9/v1/"
+ + "nt64ValueB\004\342A\001\001\"\351\002\n\021RawEncryptRequest\022\022\n"
+ + "\004name\030\001 \001(\tB\004\342A\001\002\022\027\n\tplaintext\030\002 \001(\014B\004\342A"
+ + "\001\002\022+\n\035additional_authenticated_data\030\003 \001("
+ + "\014B\004\342A\001\001\022;\n\020plaintext_crc32c\030\004 \001(\0132\033.goog"
+ + "le.protobuf.Int64ValueB\004\342A\001\001\022O\n$addition"
+ + "al_authenticated_data_crc32c\030\005 \001(\0132\033.goo"
+ + "gle.protobuf.Int64ValueB\004\342A\001\001\022#\n\025initial"
+ + "ization_vector\030\006 \001(\014B\004\342A\001\001\022G\n\034initializa"
+ + "tion_vector_crc32c\030\007 \001(\0132\033.google.protob"
+ + "uf.Int64ValueB\004\342A\001\001\"\377\002\n\021RawDecryptReques"
+ + "t\022\022\n\004name\030\001 \001(\tB\004\342A\001\002\022\030\n\nciphertext\030\002 \001("
+ + "\014B\004\342A\001\002\022+\n\035additional_authenticated_data"
+ + "\030\003 \001(\014B\004\342A\001\001\022#\n\025initialization_vector\030\004 "
+ + "\001(\014B\004\342A\001\002\022\022\n\ntag_length\030\005 \001(\005\022<\n\021ciphert"
+ + "ext_crc32c\030\006 \001(\0132\033.google.protobuf.Int64"
+ + "ValueB\004\342A\001\001\022O\n$additional_authenticated_"
+ + "data_crc32c\030\007 \001(\0132\033.google.protobuf.Int6"
+ + "4ValueB\004\342A\001\001\022G\n\034initialization_vector_cr"
+ + "c32c\030\010 \001(\0132\033.google.protobuf.Int64ValueB"
+ + "\004\342A\001\001\"\221\002\n\025AsymmetricSignRequest\022?\n\004name\030"
+ + "\001 \001(\tB1\342A\001\002\372A*\n(cloudkms.googleapis.com/"
+ + "CryptoKeyVersion\0221\n\006digest\030\003 \001(\0132\033.googl"
+ + "e.cloud.kms.v1.DigestB\004\342A\001\001\0228\n\rdigest_cr"
+ + "c32c\030\004 \001(\0132\033.google.protobuf.Int64ValueB"
+ + "\004\342A\001\001\022\022\n\004data\030\006 \001(\014B\004\342A\001\001\0226\n\013data_crc32c"
+ + "\030\007 \001(\0132\033.google.protobuf.Int64ValueB\004\342A\001"
+ + "\001\"\263\001\n\030AsymmetricDecryptRequest\022?\n\004name\030\001"
+ + " \001(\tB1\342A\001\002\372A*\n(cloudkms.googleapis.com/C"
+ + "ryptoKeyVersion\022\030\n\nciphertext\030\003 \001(\014B\004\342A\001"
+ + "\002\022<\n\021ciphertext_crc32c\030\004 \001(\0132\033.google.pr"
+ + "otobuf.Int64ValueB\004\342A\001\001\"\235\001\n\016MacSignReque"
+ + "st\022?\n\004name\030\001 \001(\tB1\342A\001\002\372A*\n(cloudkms.goog"
+ + "leapis.com/CryptoKeyVersion\022\022\n\004data\030\002 \001("
+ + "\014B\004\342A\001\002\0226\n\013data_crc32c\030\003 \001(\0132\033.google.pr"
+ + "otobuf.Int64ValueB\004\342A\001\001\"\351\001\n\020MacVerifyReq"
+ + "uest\022?\n\004name\030\001 \001(\tB1\342A\001\002\372A*\n(cloudkms.go"
+ + "ogleapis.com/CryptoKeyVersion\022\022\n\004data\030\002 "
+ + "\001(\014B\004\342A\001\002\0226\n\013data_crc32c\030\003 \001(\0132\033.google."
+ + "protobuf.Int64ValueB\004\342A\001\001\022\021\n\003mac\030\004 \001(\014B\004"
+ + "\342A\001\002\0225\n\nmac_crc32c\030\005 \001(\0132\033.google.protob"
+ + "uf.Int64ValueB\004\342A\001\001\"\204\001\n\032GenerateRandomBy"
+ + "tesRequest\022\020\n\010location\030\001 \001(\t\022\024\n\014length_b"
+ + "ytes\030\002 \001(\005\022>\n\020protection_level\030\003 \001(\0162$.g"
+ + "oogle.cloud.kms.v1.ProtectionLevel\"\205\002\n\017E"
+ + "ncryptResponse\022\014\n\004name\030\001 \001(\t\022\022\n\ncipherte"
+ + "xt\030\002 \001(\014\0226\n\021ciphertext_crc32c\030\004 \001(\0132\033.go"
+ + "ogle.protobuf.Int64Value\022!\n\031verified_pla"
+ + "intext_crc32c\030\005 \001(\010\0225\n-verified_addition"
+ + "al_authenticated_data_crc32c\030\006 \001(\010\022>\n\020pr"
+ + "otection_level\030\007 \001(\0162$.google.cloud.kms."
+ + "v1.ProtectionLevel\"\261\001\n\017DecryptResponse\022\021"
+ + "\n\tplaintext\030\001 \001(\014\0225\n\020plaintext_crc32c\030\002 "
+ + "\001(\0132\033.google.protobuf.Int64Value\022\024\n\014used"
+ + "_primary\030\003 \001(\010\022>\n\020protection_level\030\004 \001(\016"
+ + "2$.google.cloud.kms.v1.ProtectionLevel\"\255"
+ + "\003\n\022RawEncryptResponse\022\022\n\nciphertext\030\001 \001("
+ + "\014\022\035\n\025initialization_vector\030\002 \001(\014\022\022\n\ntag_"
+ + "length\030\003 \001(\005\0226\n\021ciphertext_crc32c\030\004 \001(\0132"
+ + "\033.google.protobuf.Int64Value\022A\n\034initiali"
+ + "zation_vector_crc32c\030\005 \001(\0132\033.google.prot"
+ + "obuf.Int64Value\022!\n\031verified_plaintext_cr"
+ + "c32c\030\006 \001(\010\0225\n-verified_additional_authen"
+ + "ticated_data_crc32c\030\007 \001(\010\022-\n%verified_in"
+ + "itialization_vector_crc32c\030\n \001(\010\022\014\n\004name"
+ + "\030\010 \001(\t\022>\n\020protection_level\030\t \001(\0162$.googl"
+ + "e.cloud.kms.v1.ProtectionLevel\"\250\002\n\022RawDe"
+ + "cryptResponse\022\021\n\tplaintext\030\001 \001(\014\0225\n\020plai"
+ + "ntext_crc32c\030\002 \001(\0132\033.google.protobuf.Int"
+ + "64Value\022>\n\020protection_level\030\003 \001(\0162$.goog"
+ + "le.cloud.kms.v1.ProtectionLevel\022\"\n\032verif"
+ + "ied_ciphertext_crc32c\030\004 \001(\010\0225\n-verified_"
+ + "additional_authenticated_data_crc32c\030\005 \001"
+ + "(\010\022-\n%verified_initialization_vector_crc"
+ + "32c\030\006 \001(\010\"\356\001\n\026AsymmetricSignResponse\022\021\n\t"
+ + "signature\030\001 \001(\014\0225\n\020signature_crc32c\030\002 \001("
+ + "\0132\033.google.protobuf.Int64Value\022\036\n\026verifi"
+ + "ed_digest_crc32c\030\003 \001(\010\022\014\n\004name\030\004 \001(\t\022\034\n\024"
+ + "verified_data_crc32c\030\005 \001(\010\022>\n\020protection"
+ + "_level\030\006 \001(\0162$.google.cloud.kms.v1.Prote"
+ + "ctionLevel\"\311\001\n\031AsymmetricDecryptResponse"
+ + "\022\021\n\tplaintext\030\001 \001(\014\0225\n\020plaintext_crc32c\030"
+ + "\002 \001(\0132\033.google.protobuf.Int64Value\022\"\n\032ve"
+ + "rified_ciphertext_crc32c\030\003 \001(\010\022>\n\020protec"
+ + "tion_level\030\004 \001(\0162$.google.cloud.kms.v1.P"
+ + "rotectionLevel\"\273\001\n\017MacSignResponse\022\014\n\004na"
+ + "me\030\001 \001(\t\022\013\n\003mac\030\002 \001(\014\022/\n\nmac_crc32c\030\003 \001("
+ + "\0132\033.google.protobuf.Int64Value\022\034\n\024verifi"
+ + "ed_data_crc32c\030\004 \001(\010\022>\n\020protection_level"
+ + "\030\005 \001(\0162$.google.cloud.kms.v1.ProtectionL"
+ + "evel\"\321\001\n\021MacVerifyResponse\022\014\n\004name\030\001 \001(\t"
+ + "\022\017\n\007success\030\002 \001(\010\022\034\n\024verified_data_crc32"
+ + "c\030\003 \001(\010\022\033\n\023verified_mac_crc32c\030\004 \001(\010\022\"\n\032"
+ + "verified_success_integrity\030\005 \001(\010\022>\n\020prot"
+ + "ection_level\030\006 \001(\0162$.google.cloud.kms.v1"
+ + ".ProtectionLevel\"]\n\033GenerateRandomBytesR"
+ + "esponse\022\014\n\004data\030\001 \001(\014\0220\n\013data_crc32c\030\003 \001"
+ + "(\0132\033.google.protobuf.Int64Value\"H\n\006Diges"
+ + "t\022\020\n\006sha256\030\001 \001(\014H\000\022\020\n\006sha384\030\002 \001(\014H\000\022\020\n"
+ + "\006sha512\030\003 \001(\014H\000B\010\n\006digest\"@\n\020LocationMet"
+ + "adata\022\025\n\rhsm_available\030\001 \001(\010\022\025\n\rekm_avai"
+ + "lable\030\002 \001(\0102\220.\n\024KeyManagementService\022\242\001\n"
+ + "\014ListKeyRings\022(.google.cloud.kms.v1.List"
+ + "KeyRingsRequest\032).google.cloud.kms.v1.Li"
+ + "stKeyRingsResponse\"=\332A\006parent\202\323\344\223\002.\022,/v1"
+ + "/{parent=projects/*/locations/*}/keyRing"
+ + "s\022\265\001\n\016ListCryptoKeys\022*.google.cloud.kms."
+ + "v1.ListCryptoKeysRequest\032+.google.cloud."
+ + "kms.v1.ListCryptoKeysResponse\"J\332A\006parent"
+ + "\202\323\344\223\002;\0229/v1/{parent=projects/*/locations"
+ + "/*/keyRings/*}/cryptoKeys\022\336\001\n\025ListCrypto"
+ + "KeyVersions\0221.google.cloud.kms.v1.ListCr"
+ + "yptoKeyVersionsRequest\0322.google.cloud.km"
+ + "s.v1.ListCryptoKeyVersionsResponse\"^\332A\006p"
+ + "arent\202\323\344\223\002O\022M/v1/{parent=projects/*/loca"
+ + "tions/*/keyRings/*/cryptoKeys/*}/cryptoK"
+ + "eyVersions\022\265\001\n\016ListImportJobs\022*.google.c"
+ + "loud.kms.v1.ListImportJobsRequest\032+.goog"
+ + "le.cloud.kms.v1.ListImportJobsResponse\"J"
+ + "\332A\006parent\202\323\344\223\002;\0229/v1/{parent=projects/*/"
+ + "locations/*/keyRings/*}/importJobs\022\217\001\n\nG"
+ + "etKeyRing\022&.google.cloud.kms.v1.GetKeyRi"
+ + "ngRequest\032\034.google.cloud.kms.v1.KeyRing\""
+ + ";\332A\004name\202\323\344\223\002.\022,/v1/{name=projects/*/loc"
+ + "ations/*/keyRings/*}\022\242\001\n\014GetCryptoKey\022(."
+ + "google.cloud.kms.v1.GetCryptoKeyRequest\032"
+ + "\036.google.cloud.kms.v1.CryptoKey\"H\332A\004name"
+ + "\202\323\344\223\002;\0229/v1/{name=projects/*/locations/*"
+ + "/keyRings/*/cryptoKeys/*}\022\313\001\n\023GetCryptoK"
+ + "eyVersion\022/.google.cloud.kms.v1.GetCrypt"
+ + "oKeyVersionRequest\032%.google.cloud.kms.v1"
+ + ".CryptoKeyVersion\"\\\332A\004name\202\323\344\223\002O\022M/v1/{n"
+ + "ame=projects/*/locations/*/keyRings/*/cr"
+ + "yptoKeys/*/cryptoKeyVersions/*}\022\300\001\n\014GetP"
+ + "ublicKey\022(.google.cloud.kms.v1.GetPublic"
+ + "KeyRequest\032\036.google.cloud.kms.v1.PublicK"
+ + "ey\"f\332A\004name\202\323\344\223\002Y\022W/v1/{name=projects/*/"
+ + "locations/*/keyRings/*/cryptoKeys/*/cryp"
+ + "toKeyVersions/*}/publicKey\022\242\001\n\014GetImport"
+ + "Job\022(.google.cloud.kms.v1.GetImportJobRe"
+ + "quest\032\036.google.cloud.kms.v1.ImportJob\"H\332"
+ + "A\004name\202\323\344\223\002;\0229/v1/{name=projects/*/locat"
+ + "ions/*/keyRings/*/importJobs/*}\022\266\001\n\rCrea"
+ + "teKeyRing\022).google.cloud.kms.v1.CreateKe"
+ + "yRingRequest\032\034.google.cloud.kms.v1.KeyRi"
+ + "ng\"\\\332A\033parent,key_ring_id,key_ring\202\323\344\223\0028"
+ + "\",/v1/{parent=projects/*/locations/*}/ke"
+ + "yRings:\010key_ring\022\317\001\n\017CreateCryptoKey\022+.g"
+ + "oogle.cloud.kms.v1.CreateCryptoKeyReques"
+ + "t\032\036.google.cloud.kms.v1.CryptoKey\"o\332A\037pa"
+ + "rent,crypto_key_id,crypto_key\202\323\344\223\002G\"9/v1"
+ + "/{parent=projects/*/locations/*/keyRings"
+ + "/*}/cryptoKeys:\ncrypto_key\022\373\001\n\026CreateCry"
+ + "ptoKeyVersion\0222.google.cloud.kms.v1.Crea"
+ + "teCryptoKeyVersionRequest\032%.google.cloud"
+ + ".kms.v1.CryptoKeyVersion\"\205\001\332A\031parent,cry"
+ + "pto_key_version\202\323\344\223\002c\"M/v1/{parent=proje"
+ + "cts/*/locations/*/keyRings/*/cryptoKeys/"
+ + "*}/cryptoKeyVersions:\022crypto_key_version"
+ + "\022\324\001\n\026ImportCryptoKeyVersion\0222.google.clo"
+ + "ud.kms.v1.ImportCryptoKeyVersionRequest\032"
+ + "%.google.cloud.kms.v1.CryptoKeyVersion\"_"
+ + "\202\323\344\223\002Y\"T/v1/{parent=projects/*/locations"
+ + "/*/keyRings/*/cryptoKeys/*}/cryptoKeyVer"
+ + "sions:import:\001*\022\317\001\n\017CreateImportJob\022+.go"
+ + "ogle.cloud.kms.v1.CreateImportJobRequest"
+ + "\032\036.google.cloud.kms.v1.ImportJob\"o\332A\037par"
+ + "ent,import_job_id,import_job\202\323\344\223\002G\"9/v1/"
+ "{parent=projects/*/locations/*/keyRings/"
- + "*}/cryptoKeys:\ncrypto_key\022\373\001\n\026CreateCryp"
- + "toKeyVersion\0222.google.cloud.kms.v1.Creat"
- + "eCryptoKeyVersionRequest\032%.google.cloud."
- + "kms.v1.CryptoKeyVersion\"\205\001\332A\031parent,cryp"
- + "to_key_version\202\323\344\223\002c\"M/v1/{parent=projec"
- + "ts/*/locations/*/keyRings/*/cryptoKeys/*"
- + "}/cryptoKeyVersions:\022crypto_key_version\022"
- + "\324\001\n\026ImportCryptoKeyVersion\0222.google.clou"
- + "d.kms.v1.ImportCryptoKeyVersionRequest\032%"
- + ".google.cloud.kms.v1.CryptoKeyVersion\"_\202"
- + "\323\344\223\002Y\"T/v1/{parent=projects/*/locations/"
- + "*/keyRings/*/cryptoKeys/*}/cryptoKeyVers"
- + "ions:import:\001*\022\317\001\n\017CreateImportJob\022+.goo"
- + "gle.cloud.kms.v1.CreateImportJobRequest\032"
- + "\036.google.cloud.kms.v1.ImportJob\"o\332A\037pare"
- + "nt,import_job_id,import_job\202\323\344\223\002G\"9/v1/{"
- + "parent=projects/*/locations/*/keyRings/*"
- + "}/importJobs:\nimport_job\022\321\001\n\017UpdateCrypt"
- + "oKey\022+.google.cloud.kms.v1.UpdateCryptoK"
- + "eyRequest\032\036.google.cloud.kms.v1.CryptoKe"
- + "y\"q\332A\026crypto_key,update_mask\202\323\344\223\002R2D/v1/"
- + "{crypto_key.name=projects/*/locations/*/"
- + "keyRings/*/cryptoKeys/*}:\ncrypto_key\022\223\002\n"
- + "\026UpdateCryptoKeyVersion\0222.google.cloud.k"
- + "ms.v1.UpdateCryptoKeyVersionRequest\032%.go"
- + "ogle.cloud.kms.v1.CryptoKeyVersion\"\235\001\332A\036"
- + "crypto_key_version,update_mask\202\323\344\223\002v2`/v"
- + "1/{crypto_key_version.name=projects/*/lo"
+ + "*}/importJobs:\nimport_job\022\321\001\n\017UpdateCryp"
+ + "toKey\022+.google.cloud.kms.v1.UpdateCrypto"
+ + "KeyRequest\032\036.google.cloud.kms.v1.CryptoK"
+ + "ey\"q\332A\026crypto_key,update_mask\202\323\344\223\002R2D/v1"
+ + "/{crypto_key.name=projects/*/locations/*"
+ + "/keyRings/*/cryptoKeys/*}:\ncrypto_key\022\223\002"
+ + "\n\026UpdateCryptoKeyVersion\0222.google.cloud."
+ + "kms.v1.UpdateCryptoKeyVersionRequest\032%.g"
+ + "oogle.cloud.kms.v1.CryptoKeyVersion\"\235\001\332A"
+ + "\036crypto_key_version,update_mask\202\323\344\223\002v2`/"
+ + "v1/{crypto_key_version.name=projects/*/l"
+ + "ocations/*/keyRings/*/cryptoKeys/*/crypt"
+ + "oKeyVersions/*}:\022crypto_key_version\022\362\001\n\035"
+ + "UpdateCryptoKeyPrimaryVersion\0229.google.c"
+ + "loud.kms.v1.UpdateCryptoKeyPrimaryVersio"
+ + "nRequest\032\036.google.cloud.kms.v1.CryptoKey"
+ + "\"v\332A\032name,crypto_key_version_id\202\323\344\223\002S\"N/"
+ + "v1/{name=projects/*/locations/*/keyRings"
+ + "/*/cryptoKeys/*}:updatePrimaryVersion:\001*"
+ + "\022\336\001\n\027DestroyCryptoKeyVersion\0223.google.cl"
+ + "oud.kms.v1.DestroyCryptoKeyVersionReques"
+ + "t\032%.google.cloud.kms.v1.CryptoKeyVersion"
+ + "\"g\332A\004name\202\323\344\223\002Z\"U/v1/{name=projects/*/lo"
+ "cations/*/keyRings/*/cryptoKeys/*/crypto"
- + "KeyVersions/*}:\022crypto_key_version\022\362\001\n\035U"
- + "pdateCryptoKeyPrimaryVersion\0229.google.cl"
- + "oud.kms.v1.UpdateCryptoKeyPrimaryVersion"
- + "Request\032\036.google.cloud.kms.v1.CryptoKey\""
- + "v\332A\032name,crypto_key_version_id\202\323\344\223\002S\"N/v"
- + "1/{name=projects/*/locations/*/keyRings/"
- + "*/cryptoKeys/*}:updatePrimaryVersion:\001*\022"
- + "\336\001\n\027DestroyCryptoKeyVersion\0223.google.clo"
- + "ud.kms.v1.DestroyCryptoKeyVersionRequest"
- + "\032%.google.cloud.kms.v1.CryptoKeyVersion\""
- + "g\332A\004name\202\323\344\223\002Z\"U/v1/{name=projects/*/loc"
- + "ations/*/keyRings/*/cryptoKeys/*/cryptoK"
- + "eyVersions/*}:destroy:\001*\022\336\001\n\027RestoreCryp"
- + "toKeyVersion\0223.google.cloud.kms.v1.Resto"
- + "reCryptoKeyVersionRequest\032%.google.cloud"
- + ".kms.v1.CryptoKeyVersion\"g\332A\004name\202\323\344\223\002Z\""
- + "U/v1/{name=projects/*/locations/*/keyRin"
- + "gs/*/cryptoKeys/*/cryptoKeyVersions/*}:r"
- + "estore:\001*\022\264\001\n\007Encrypt\022#.google.cloud.kms"
- + ".v1.EncryptRequest\032$.google.cloud.kms.v1"
- + ".EncryptResponse\"^\332A\016name,plaintext\202\323\344\223\002"
- + "G\"B/v1/{name=projects/*/locations/*/keyR"
- + "ings/*/cryptoKeys/**}:encrypt:\001*\022\264\001\n\007Dec"
- + "rypt\022#.google.cloud.kms.v1.DecryptReques"
- + "t\032$.google.cloud.kms.v1.DecryptResponse\""
- + "^\332A\017name,ciphertext\202\323\344\223\002F\"A/v1/{name=pro"
- + "jects/*/locations/*/keyRings/*/cryptoKey"
- + "s/*}:decrypt:\001*\022\340\001\n\016AsymmetricSign\022*.goo"
- + "gle.cloud.kms.v1.AsymmetricSignRequest\032+"
- + ".google.cloud.kms.v1.AsymmetricSignRespo"
- + "nse\"u\332A\013name,digest\202\323\344\223\002a\"\\/v1/{name=pro"
- + "jects/*/locations/*/keyRings/*/cryptoKey"
- + "s/*/cryptoKeyVersions/*}:asymmetricSign:"
- + "\001*\022\360\001\n\021AsymmetricDecrypt\022-.google.cloud."
- + "kms.v1.AsymmetricDecryptRequest\032..google"
- + ".cloud.kms.v1.AsymmetricDecryptResponse\""
- + "|\332A\017name,ciphertext\202\323\344\223\002d\"_/v1/{name=pro"
- + "jects/*/locations/*/keyRings/*/cryptoKey"
- + "s/*/cryptoKeyVersions/*}:asymmetricDecry"
- + "pt:\001*\022\302\001\n\007MacSign\022#.google.cloud.kms.v1."
- + "MacSignRequest\032$.google.cloud.kms.v1.Mac"
- + "SignResponse\"l\332A\tname,data\202\323\344\223\002Z\"U/v1/{n"
- + "ame=projects/*/locations/*/keyRings/*/cr"
- + "yptoKeys/*/cryptoKeyVersions/*}:macSign:"
- + "\001*\022\316\001\n\tMacVerify\022%.google.cloud.kms.v1.M"
- + "acVerifyRequest\032&.google.cloud.kms.v1.Ma"
- + "cVerifyResponse\"r\332A\rname,data,mac\202\323\344\223\002\\\""
- + "W/v1/{name=projects/*/locations/*/keyRin"
- + "gs/*/cryptoKeys/*/cryptoKeyVersions/*}:m"
- + "acVerify:\001*\022\347\001\n\023GenerateRandomBytes\022/.go"
- + "ogle.cloud.kms.v1.GenerateRandomBytesReq"
- + "uest\0320.google.cloud.kms.v1.GenerateRando"
- + "mBytesResponse\"m\332A&location,length_bytes"
- + ",protection_level\202\323\344\223\002>\"9/v1/{location=p"
- + "rojects/*/locations/*}:generateRandomByt"
- + "es:\001*\032t\312A\027cloudkms.googleapis.com\322AWhttp"
- + "s://www.googleapis.com/auth/cloud-platfo"
- + "rm,https://www.googleapis.com/auth/cloud"
- + "kmsB\177\n\027com.google.cloud.kms.v1B\010KmsProto"
- + "P\001Z)cloud.google.com/go/kms/apiv1/kmspb;"
- + "kmspb\370\001\001\252\002\023Google.Cloud.Kms.V1\312\002\023Google\\"
- + "Cloud\\Kms\\V1b\006proto3"
+ + "KeyVersions/*}:destroy:\001*\022\336\001\n\027RestoreCry"
+ + "ptoKeyVersion\0223.google.cloud.kms.v1.Rest"
+ + "oreCryptoKeyVersionRequest\032%.google.clou"
+ + "d.kms.v1.CryptoKeyVersion\"g\332A\004name\202\323\344\223\002Z"
+ + "\"U/v1/{name=projects/*/locations/*/keyRi"
+ + "ngs/*/cryptoKeys/*/cryptoKeyVersions/*}:"
+ + "restore:\001*\022\264\001\n\007Encrypt\022#.google.cloud.km"
+ + "s.v1.EncryptRequest\032$.google.cloud.kms.v"
+ + "1.EncryptResponse\"^\332A\016name,plaintext\202\323\344\223"
+ + "\002G\"B/v1/{name=projects/*/locations/*/key"
+ + "Rings/*/cryptoKeys/**}:encrypt:\001*\022\264\001\n\007De"
+ + "crypt\022#.google.cloud.kms.v1.DecryptReque"
+ + "st\032$.google.cloud.kms.v1.DecryptResponse"
+ + "\"^\332A\017name,ciphertext\202\323\344\223\002F\"A/v1/{name=pr"
+ + "ojects/*/locations/*/keyRings/*/cryptoKe"
+ + "ys/*}:decrypt:\001*\022\302\001\n\nRawEncrypt\022&.google"
+ + ".cloud.kms.v1.RawEncryptRequest\032\'.google"
+ + ".cloud.kms.v1.RawEncryptResponse\"c\202\323\344\223\002]"
+ + "\"X/v1/{name=projects/*/locations/*/keyRi"
+ + "ngs/*/cryptoKeys/*/cryptoKeyVersions/*}:"
+ + "rawEncrypt:\001*\022\302\001\n\nRawDecrypt\022&.google.cl"
+ + "oud.kms.v1.RawDecryptRequest\032\'.google.cl"
+ + "oud.kms.v1.RawDecryptResponse\"c\202\323\344\223\002]\"X/"
+ + "v1/{name=projects/*/locations/*/keyRings"
+ + "/*/cryptoKeys/*/cryptoKeyVersions/*}:raw"
+ + "Decrypt:\001*\022\340\001\n\016AsymmetricSign\022*.google.c"
+ + "loud.kms.v1.AsymmetricSignRequest\032+.goog"
+ + "le.cloud.kms.v1.AsymmetricSignResponse\"u"
+ + "\332A\013name,digest\202\323\344\223\002a\"\\/v1/{name=projects"
+ + "/*/locations/*/keyRings/*/cryptoKeys/*/c"
+ + "ryptoKeyVersions/*}:asymmetricSign:\001*\022\360\001"
+ + "\n\021AsymmetricDecrypt\022-.google.cloud.kms.v"
+ + "1.AsymmetricDecryptRequest\032..google.clou"
+ + "d.kms.v1.AsymmetricDecryptResponse\"|\332A\017n"
+ + "ame,ciphertext\202\323\344\223\002d\"_/v1/{name=projects"
+ + "/*/locations/*/keyRings/*/cryptoKeys/*/c"
+ + "ryptoKeyVersions/*}:asymmetricDecrypt:\001*"
+ + "\022\302\001\n\007MacSign\022#.google.cloud.kms.v1.MacSi"
+ + "gnRequest\032$.google.cloud.kms.v1.MacSignR"
+ + "esponse\"l\332A\tname,data\202\323\344\223\002Z\"U/v1/{name=p"
+ + "rojects/*/locations/*/keyRings/*/cryptoK"
+ + "eys/*/cryptoKeyVersions/*}:macSign:\001*\022\316\001"
+ + "\n\tMacVerify\022%.google.cloud.kms.v1.MacVer"
+ + "ifyRequest\032&.google.cloud.kms.v1.MacVeri"
+ + "fyResponse\"r\332A\rname,data,mac\202\323\344\223\002\\\"W/v1/"
+ + "{name=projects/*/locations/*/keyRings/*/"
+ + "cryptoKeys/*/cryptoKeyVersions/*}:macVer"
+ + "ify:\001*\022\347\001\n\023GenerateRandomBytes\022/.google."
+ + "cloud.kms.v1.GenerateRandomBytesRequest\032"
+ + "0.google.cloud.kms.v1.GenerateRandomByte"
+ + "sResponse\"m\332A&location,length_bytes,prot"
+ + "ection_level\202\323\344\223\002>\"9/v1/{location=projec"
+ + "ts/*/locations/*}:generateRandomBytes:\001*"
+ + "\032t\312A\027cloudkms.googleapis.com\322AWhttps://w"
+ + "ww.googleapis.com/auth/cloud-platform,ht"
+ + "tps://www.googleapis.com/auth/cloudkmsB\177"
+ + "\n\027com.google.cloud.kms.v1B\010KmsProtoP\001Z)c"
+ + "loud.google.com/go/kms/apiv1/kmspb;kmspb"
+ + "\370\001\001\252\002\023Google.Cloud.Kms.V1\312\002\023Google\\Cloud"
+ + "\\Kms\\V1b\006proto3"
};
descriptor =
com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
@@ -733,8 +796,37 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
"CiphertextCrc32C",
"AdditionalAuthenticatedDataCrc32C",
});
- internal_static_google_cloud_kms_v1_AsymmetricSignRequest_descriptor =
+ internal_static_google_cloud_kms_v1_RawEncryptRequest_descriptor =
getDescriptor().getMessageTypes().get(25);
+ internal_static_google_cloud_kms_v1_RawEncryptRequest_fieldAccessorTable =
+ new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+ internal_static_google_cloud_kms_v1_RawEncryptRequest_descriptor,
+ new java.lang.String[] {
+ "Name",
+ "Plaintext",
+ "AdditionalAuthenticatedData",
+ "PlaintextCrc32C",
+ "AdditionalAuthenticatedDataCrc32C",
+ "InitializationVector",
+ "InitializationVectorCrc32C",
+ });
+ internal_static_google_cloud_kms_v1_RawDecryptRequest_descriptor =
+ getDescriptor().getMessageTypes().get(26);
+ internal_static_google_cloud_kms_v1_RawDecryptRequest_fieldAccessorTable =
+ new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+ internal_static_google_cloud_kms_v1_RawDecryptRequest_descriptor,
+ new java.lang.String[] {
+ "Name",
+ "Ciphertext",
+ "AdditionalAuthenticatedData",
+ "InitializationVector",
+ "TagLength",
+ "CiphertextCrc32C",
+ "AdditionalAuthenticatedDataCrc32C",
+ "InitializationVectorCrc32C",
+ });
+ internal_static_google_cloud_kms_v1_AsymmetricSignRequest_descriptor =
+ getDescriptor().getMessageTypes().get(27);
internal_static_google_cloud_kms_v1_AsymmetricSignRequest_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_AsymmetricSignRequest_descriptor,
@@ -742,7 +834,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
"Name", "Digest", "DigestCrc32C", "Data", "DataCrc32C",
});
internal_static_google_cloud_kms_v1_AsymmetricDecryptRequest_descriptor =
- getDescriptor().getMessageTypes().get(26);
+ getDescriptor().getMessageTypes().get(28);
internal_static_google_cloud_kms_v1_AsymmetricDecryptRequest_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_AsymmetricDecryptRequest_descriptor,
@@ -750,7 +842,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
"Name", "Ciphertext", "CiphertextCrc32C",
});
internal_static_google_cloud_kms_v1_MacSignRequest_descriptor =
- getDescriptor().getMessageTypes().get(27);
+ getDescriptor().getMessageTypes().get(29);
internal_static_google_cloud_kms_v1_MacSignRequest_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_MacSignRequest_descriptor,
@@ -758,7 +850,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
"Name", "Data", "DataCrc32C",
});
internal_static_google_cloud_kms_v1_MacVerifyRequest_descriptor =
- getDescriptor().getMessageTypes().get(28);
+ getDescriptor().getMessageTypes().get(30);
internal_static_google_cloud_kms_v1_MacVerifyRequest_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_MacVerifyRequest_descriptor,
@@ -766,7 +858,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
"Name", "Data", "DataCrc32C", "Mac", "MacCrc32C",
});
internal_static_google_cloud_kms_v1_GenerateRandomBytesRequest_descriptor =
- getDescriptor().getMessageTypes().get(29);
+ getDescriptor().getMessageTypes().get(31);
internal_static_google_cloud_kms_v1_GenerateRandomBytesRequest_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_GenerateRandomBytesRequest_descriptor,
@@ -774,7 +866,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
"Location", "LengthBytes", "ProtectionLevel",
});
internal_static_google_cloud_kms_v1_EncryptResponse_descriptor =
- getDescriptor().getMessageTypes().get(30);
+ getDescriptor().getMessageTypes().get(32);
internal_static_google_cloud_kms_v1_EncryptResponse_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_EncryptResponse_descriptor,
@@ -787,15 +879,45 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
"ProtectionLevel",
});
internal_static_google_cloud_kms_v1_DecryptResponse_descriptor =
- getDescriptor().getMessageTypes().get(31);
+ getDescriptor().getMessageTypes().get(33);
internal_static_google_cloud_kms_v1_DecryptResponse_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_DecryptResponse_descriptor,
new java.lang.String[] {
"Plaintext", "PlaintextCrc32C", "UsedPrimary", "ProtectionLevel",
});
+ internal_static_google_cloud_kms_v1_RawEncryptResponse_descriptor =
+ getDescriptor().getMessageTypes().get(34);
+ internal_static_google_cloud_kms_v1_RawEncryptResponse_fieldAccessorTable =
+ new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+ internal_static_google_cloud_kms_v1_RawEncryptResponse_descriptor,
+ new java.lang.String[] {
+ "Ciphertext",
+ "InitializationVector",
+ "TagLength",
+ "CiphertextCrc32C",
+ "InitializationVectorCrc32C",
+ "VerifiedPlaintextCrc32C",
+ "VerifiedAdditionalAuthenticatedDataCrc32C",
+ "VerifiedInitializationVectorCrc32C",
+ "Name",
+ "ProtectionLevel",
+ });
+ internal_static_google_cloud_kms_v1_RawDecryptResponse_descriptor =
+ getDescriptor().getMessageTypes().get(35);
+ internal_static_google_cloud_kms_v1_RawDecryptResponse_fieldAccessorTable =
+ new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
+ internal_static_google_cloud_kms_v1_RawDecryptResponse_descriptor,
+ new java.lang.String[] {
+ "Plaintext",
+ "PlaintextCrc32C",
+ "ProtectionLevel",
+ "VerifiedCiphertextCrc32C",
+ "VerifiedAdditionalAuthenticatedDataCrc32C",
+ "VerifiedInitializationVectorCrc32C",
+ });
internal_static_google_cloud_kms_v1_AsymmetricSignResponse_descriptor =
- getDescriptor().getMessageTypes().get(32);
+ getDescriptor().getMessageTypes().get(36);
internal_static_google_cloud_kms_v1_AsymmetricSignResponse_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_AsymmetricSignResponse_descriptor,
@@ -808,7 +930,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
"ProtectionLevel",
});
internal_static_google_cloud_kms_v1_AsymmetricDecryptResponse_descriptor =
- getDescriptor().getMessageTypes().get(33);
+ getDescriptor().getMessageTypes().get(37);
internal_static_google_cloud_kms_v1_AsymmetricDecryptResponse_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_AsymmetricDecryptResponse_descriptor,
@@ -816,7 +938,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
"Plaintext", "PlaintextCrc32C", "VerifiedCiphertextCrc32C", "ProtectionLevel",
});
internal_static_google_cloud_kms_v1_MacSignResponse_descriptor =
- getDescriptor().getMessageTypes().get(34);
+ getDescriptor().getMessageTypes().get(38);
internal_static_google_cloud_kms_v1_MacSignResponse_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_MacSignResponse_descriptor,
@@ -824,7 +946,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
"Name", "Mac", "MacCrc32C", "VerifiedDataCrc32C", "ProtectionLevel",
});
internal_static_google_cloud_kms_v1_MacVerifyResponse_descriptor =
- getDescriptor().getMessageTypes().get(35);
+ getDescriptor().getMessageTypes().get(39);
internal_static_google_cloud_kms_v1_MacVerifyResponse_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_MacVerifyResponse_descriptor,
@@ -837,7 +959,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
"ProtectionLevel",
});
internal_static_google_cloud_kms_v1_GenerateRandomBytesResponse_descriptor =
- getDescriptor().getMessageTypes().get(36);
+ getDescriptor().getMessageTypes().get(40);
internal_static_google_cloud_kms_v1_GenerateRandomBytesResponse_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_GenerateRandomBytesResponse_descriptor,
@@ -845,7 +967,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
"Data", "DataCrc32C",
});
internal_static_google_cloud_kms_v1_Digest_descriptor =
- getDescriptor().getMessageTypes().get(37);
+ getDescriptor().getMessageTypes().get(41);
internal_static_google_cloud_kms_v1_Digest_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_Digest_descriptor,
@@ -853,7 +975,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
"Sha256", "Sha384", "Sha512", "Digest",
});
internal_static_google_cloud_kms_v1_LocationMetadata_descriptor =
- getDescriptor().getMessageTypes().get(38);
+ getDescriptor().getMessageTypes().get(42);
internal_static_google_cloud_kms_v1_LocationMetadata_fieldAccessorTable =
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_kms_v1_LocationMetadata_descriptor,
diff --git a/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsResourcesProto.java b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsResourcesProto.java
index e996007ea9ee..919c3acb5784 100644
--- a/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsResourcesProto.java
+++ b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsResourcesProto.java
@@ -90,7 +90,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
+ "otobuf.TimestampB\004\342A\001\003:a\352A^\n\037cloudkms.go"
+ "ogleapis.com/KeyRing\022;projects/{project}"
+ "/locations/{location}/keyRings/{key_ring"
- + "}\"\234\007\n\tCryptoKey\022\022\n\004name\030\001 \001(\tB\004\342A\001\003\022<\n\007p"
+ + "}\"\265\007\n\tCryptoKey\022\022\n\004name\030\001 \001(\tB\004\342A\001\003\022<\n\007p"
+ "rimary\030\002 \001(\0132%.google.cloud.kms.v1.Crypt"
+ "oKeyVersionB\004\342A\001\003\022F\n\007purpose\030\003 \001(\0162/.goo"
+ "gle.cloud.kms.v1.CryptoKey.CryptoKeyPurp"
@@ -106,134 +106,136 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
+ "tion\030\016 \001(\0132\031.google.protobuf.DurationB\004\342"
+ "A\001\005\022&\n\022crypto_key_backend\030\017 \001(\tB\n\342A\001\005\372A\003"
+ "\n\001*\032-\n\013LabelsEntry\022\013\n\003key\030\001 \001(\t\022\r\n\005value"
- + "\030\002 \001(\t:\0028\001\"\201\001\n\020CryptoKeyPurpose\022\"\n\036CRYPT"
+ + "\030\002 \001(\t:\0028\001\"\232\001\n\020CryptoKeyPurpose\022\"\n\036CRYPT"
+ "O_KEY_PURPOSE_UNSPECIFIED\020\000\022\023\n\017ENCRYPT_D"
+ "ECRYPT\020\001\022\023\n\017ASYMMETRIC_SIGN\020\005\022\026\n\022ASYMMET"
- + "RIC_DECRYPT\020\006\022\007\n\003MAC\020\t:{\352Ax\n!cloudkms.go"
- + "ogleapis.com/CryptoKey\022Sprojects/{projec"
- + "t}/locations/{location}/keyRings/{key_ri"
- + "ng}/cryptoKeys/{crypto_key}B\023\n\021rotation_"
- + "schedule\"\264\001\n\030CryptoKeyVersionTemplate\022>\n"
- + "\020protection_level\030\001 \001(\0162$.google.cloud.k"
- + "ms.v1.ProtectionLevel\022X\n\talgorithm\030\003 \001(\016"
- + "2?.google.cloud.kms.v1.CryptoKeyVersion."
- + "CryptoKeyVersionAlgorithmB\004\342A\001\002\"\264\003\n\027KeyO"
- + "perationAttestation\022T\n\006format\030\004 \001(\0162>.go"
- + "ogle.cloud.kms.v1.KeyOperationAttestatio"
- + "n.AttestationFormatB\004\342A\001\003\022\025\n\007content\030\005 \001"
- + "(\014B\004\342A\001\003\022Y\n\013cert_chains\030\006 \001(\0132>.google.c"
- + "loud.kms.v1.KeyOperationAttestation.Cert"
- + "ificateChainsB\004\342A\001\003\032d\n\021CertificateChains"
- + "\022\024\n\014cavium_certs\030\001 \003(\t\022\031\n\021google_card_ce"
- + "rts\030\002 \003(\t\022\036\n\026google_partition_certs\030\003 \003("
- + "\t\"k\n\021AttestationFormat\022\"\n\036ATTESTATION_FO"
- + "RMAT_UNSPECIFIED\020\000\022\030\n\024CAVIUM_V1_COMPRESS"
- + "ED\020\003\022\030\n\024CAVIUM_V2_COMPRESSED\020\004\"\224\022\n\020Crypt"
- + "oKeyVersion\022\022\n\004name\030\001 \001(\tB\004\342A\001\003\022J\n\005state"
- + "\030\003 \001(\0162;.google.cloud.kms.v1.CryptoKeyVe"
- + "rsion.CryptoKeyVersionState\022D\n\020protectio"
- + "n_level\030\007 \001(\0162$.google.cloud.kms.v1.Prot"
- + "ectionLevelB\004\342A\001\003\022X\n\talgorithm\030\n \001(\0162?.g"
- + "oogle.cloud.kms.v1.CryptoKeyVersion.Cryp"
- + "toKeyVersionAlgorithmB\004\342A\001\003\022G\n\013attestati"
- + "on\030\010 \001(\0132,.google.cloud.kms.v1.KeyOperat"
- + "ionAttestationB\004\342A\001\003\0225\n\013create_time\030\004 \001("
- + "\0132\032.google.protobuf.TimestampB\004\342A\001\003\0227\n\rg"
- + "enerate_time\030\013 \001(\0132\032.google.protobuf.Tim"
- + "estampB\004\342A\001\003\0226\n\014destroy_time\030\005 \001(\0132\032.goo"
- + "gle.protobuf.TimestampB\004\342A\001\003\022<\n\022destroy_"
- + "event_time\030\006 \001(\0132\032.google.protobuf.Times"
- + "tampB\004\342A\001\003\022\030\n\nimport_job\030\016 \001(\tB\004\342A\001\003\0225\n\013"
- + "import_time\030\017 \001(\0132\032.google.protobuf.Time"
- + "stampB\004\342A\001\003\022#\n\025import_failure_reason\030\020 \001"
- + "(\tB\004\342A\001\003\022\'\n\031generation_failure_reason\030\023 "
- + "\001(\tB\004\342A\001\003\0221\n#external_destruction_failur"
- + "e_reason\030\024 \001(\tB\004\342A\001\003\022^\n!external_protect"
- + "ion_level_options\030\021 \001(\01323.google.cloud.k"
- + "ms.v1.ExternalProtectionLevelOptions\022\037\n\021"
- + "reimport_eligible\030\022 \001(\010B\004\342A\001\003\"\347\006\n\031Crypto"
- + "KeyVersionAlgorithm\022,\n(CRYPTO_KEY_VERSIO"
- + "N_ALGORITHM_UNSPECIFIED\020\000\022\037\n\033GOOGLE_SYMM"
- + "ETRIC_ENCRYPTION\020\001\022\034\n\030RSA_SIGN_PSS_2048_"
- + "SHA256\020\002\022\034\n\030RSA_SIGN_PSS_3072_SHA256\020\003\022\034"
- + "\n\030RSA_SIGN_PSS_4096_SHA256\020\004\022\034\n\030RSA_SIGN"
- + "_PSS_4096_SHA512\020\017\022\036\n\032RSA_SIGN_PKCS1_204"
- + "8_SHA256\020\005\022\036\n\032RSA_SIGN_PKCS1_3072_SHA256"
- + "\020\006\022\036\n\032RSA_SIGN_PKCS1_4096_SHA256\020\007\022\036\n\032RS"
- + "A_SIGN_PKCS1_4096_SHA512\020\020\022\033\n\027RSA_SIGN_R"
- + "AW_PKCS1_2048\020\034\022\033\n\027RSA_SIGN_RAW_PKCS1_30"
- + "72\020\035\022\033\n\027RSA_SIGN_RAW_PKCS1_4096\020\036\022 \n\034RSA"
- + "_DECRYPT_OAEP_2048_SHA256\020\010\022 \n\034RSA_DECRY"
- + "PT_OAEP_3072_SHA256\020\t\022 \n\034RSA_DECRYPT_OAE"
- + "P_4096_SHA256\020\n\022 \n\034RSA_DECRYPT_OAEP_4096"
- + "_SHA512\020\021\022\036\n\032RSA_DECRYPT_OAEP_2048_SHA1\020"
- + "%\022\036\n\032RSA_DECRYPT_OAEP_3072_SHA1\020&\022\036\n\032RSA"
- + "_DECRYPT_OAEP_4096_SHA1\020\'\022\027\n\023EC_SIGN_P25"
- + "6_SHA256\020\014\022\027\n\023EC_SIGN_P384_SHA384\020\r\022\034\n\030E"
- + "C_SIGN_SECP256K1_SHA256\020\037\022\017\n\013HMAC_SHA256"
- + "\020 \022\r\n\tHMAC_SHA1\020!\022\017\n\013HMAC_SHA384\020\"\022\017\n\013HM"
- + "AC_SHA512\020#\022\017\n\013HMAC_SHA224\020$\022!\n\035EXTERNAL"
- + "_SYMMETRIC_ENCRYPTION\020\022\"\233\002\n\025CryptoKeyVer"
- + "sionState\022(\n$CRYPTO_KEY_VERSION_STATE_UN"
- + "SPECIFIED\020\000\022\026\n\022PENDING_GENERATION\020\005\022\013\n\007E"
- + "NABLED\020\001\022\014\n\010DISABLED\020\002\022\r\n\tDESTROYED\020\003\022\025\n"
- + "\021DESTROY_SCHEDULED\020\004\022\022\n\016PENDING_IMPORT\020\006"
- + "\022\021\n\rIMPORT_FAILED\020\007\022\025\n\021GENERATION_FAILED"
- + "\020\010\022 \n\034PENDING_EXTERNAL_DESTRUCTION\020\t\022\037\n\033"
- + "EXTERNAL_DESTRUCTION_FAILED\020\n\"I\n\024CryptoK"
- + "eyVersionView\022\'\n#CRYPTO_KEY_VERSION_VIEW"
- + "_UNSPECIFIED\020\000\022\010\n\004FULL\020\001:\252\001\352A\246\001\n(cloudkm"
- + "s.googleapis.com/CryptoKeyVersion\022zproje"
- + "cts/{project}/locations/{location}/keyRi"
- + "ngs/{key_ring}/cryptoKeys/{crypto_key}/c"
- + "ryptoKeyVersions/{crypto_key_version}\"\234\003"
- + "\n\tPublicKey\022\013\n\003pem\030\001 \001(\t\022R\n\talgorithm\030\002 "
- + "\001(\0162?.google.cloud.kms.v1.CryptoKeyVersi"
- + "on.CryptoKeyVersionAlgorithm\022/\n\npem_crc3"
- + "2c\030\003 \001(\0132\033.google.protobuf.Int64Value\022\014\n"
- + "\004name\030\004 \001(\t\022>\n\020protection_level\030\005 \001(\0162$."
- + "google.cloud.kms.v1.ProtectionLevel:\256\001\352A"
- + "\252\001\n!cloudkms.googleapis.com/PublicKey\022\204\001"
- + "projects/{project}/locations/{location}/"
- + "keyRings/{key_ring}/cryptoKeys/{crypto_k"
- + "ey}/cryptoKeyVersions/{crypto_key_versio"
- + "n}/publicKey\"\332\010\n\tImportJob\022\022\n\004name\030\001 \001(\t"
- + "B\004\342A\001\003\022I\n\rimport_method\030\002 \001(\0162+.google.c"
- + "loud.kms.v1.ImportJob.ImportMethodB\005\342A\002\002"
- + "\005\022E\n\020protection_level\030\t \001(\0162$.google.clo"
- + "ud.kms.v1.ProtectionLevelB\005\342A\002\002\005\0225\n\013crea"
- + "te_time\030\003 \001(\0132\032.google.protobuf.Timestam"
- + "pB\004\342A\001\003\0227\n\rgenerate_time\030\004 \001(\0132\032.google."
- + "protobuf.TimestampB\004\342A\001\003\0225\n\013expire_time\030"
- + "\005 \001(\0132\032.google.protobuf.TimestampB\004\342A\001\003\022"
- + ";\n\021expire_event_time\030\n \001(\0132\032.google.prot"
- + "obuf.TimestampB\004\342A\001\003\022B\n\005state\030\006 \001(\0162-.go"
- + "ogle.cloud.kms.v1.ImportJob.ImportJobSta"
- + "teB\004\342A\001\003\022J\n\npublic_key\030\007 \001(\01320.google.cl"
- + "oud.kms.v1.ImportJob.WrappingPublicKeyB\004"
- + "\342A\001\003\022G\n\013attestation\030\010 \001(\0132,.google.cloud"
- + ".kms.v1.KeyOperationAttestationB\004\342A\001\003\032 \n"
- + "\021WrappingPublicKey\022\013\n\003pem\030\001 \001(\t\"\345\001\n\014Impo"
- + "rtMethod\022\035\n\031IMPORT_METHOD_UNSPECIFIED\020\000\022"
- + "\036\n\032RSA_OAEP_3072_SHA1_AES_256\020\001\022\036\n\032RSA_O"
- + "AEP_4096_SHA1_AES_256\020\002\022 \n\034RSA_OAEP_3072"
- + "_SHA256_AES_256\020\003\022 \n\034RSA_OAEP_4096_SHA25"
- + "6_AES_256\020\004\022\030\n\024RSA_OAEP_3072_SHA256\020\005\022\030\n"
- + "\024RSA_OAEP_4096_SHA256\020\006\"c\n\016ImportJobStat"
- + "e\022 \n\034IMPORT_JOB_STATE_UNSPECIFIED\020\000\022\026\n\022P"
- + "ENDING_GENERATION\020\001\022\n\n\006ACTIVE\020\002\022\013\n\007EXPIR"
- + "ED\020\003:{\352Ax\n!cloudkms.googleapis.com/Impor"
- + "tJob\022Sprojects/{project}/locations/{loca"
- + "tion}/keyRings/{key_ring}/importJobs/{im"
- + "port_job}\"[\n\036ExternalProtectionLevelOpti"
- + "ons\022\030\n\020external_key_uri\030\001 \001(\t\022\037\n\027ekm_con"
- + "nection_key_path\030\002 \001(\t*j\n\017ProtectionLeve"
- + "l\022 \n\034PROTECTION_LEVEL_UNSPECIFIED\020\000\022\014\n\010S"
- + "OFTWARE\020\001\022\007\n\003HSM\020\002\022\014\n\010EXTERNAL\020\003\022\020\n\014EXTE"
- + "RNAL_VPC\020\004B\210\001\n\027com.google.cloud.kms.v1B\021"
- + "KmsResourcesProtoP\001Z)cloud.google.com/go"
- + "/kms/apiv1/kmspb;kmspb\370\001\001\252\002\023Google.Cloud"
- + ".Kms.V1\312\002\023Google\\Cloud\\Kms\\V1b\006proto3"
+ + "RIC_DECRYPT\020\006\022\027\n\023RAW_ENCRYPT_DECRYPT\020\007\022\007"
+ + "\n\003MAC\020\t:{\352Ax\n!cloudkms.googleapis.com/Cr"
+ + "yptoKey\022Sprojects/{project}/locations/{l"
+ + "ocation}/keyRings/{key_ring}/cryptoKeys/"
+ + "{crypto_key}B\023\n\021rotation_schedule\"\264\001\n\030Cr"
+ + "yptoKeyVersionTemplate\022>\n\020protection_lev"
+ + "el\030\001 \001(\0162$.google.cloud.kms.v1.Protectio"
+ + "nLevel\022X\n\talgorithm\030\003 \001(\0162?.google.cloud"
+ + ".kms.v1.CryptoKeyVersion.CryptoKeyVersio"
+ + "nAlgorithmB\004\342A\001\002\"\264\003\n\027KeyOperationAttesta"
+ + "tion\022T\n\006format\030\004 \001(\0162>.google.cloud.kms."
+ + "v1.KeyOperationAttestation.AttestationFo"
+ + "rmatB\004\342A\001\003\022\025\n\007content\030\005 \001(\014B\004\342A\001\003\022Y\n\013cer"
+ + "t_chains\030\006 \001(\0132>.google.cloud.kms.v1.Key"
+ + "OperationAttestation.CertificateChainsB\004"
+ + "\342A\001\003\032d\n\021CertificateChains\022\024\n\014cavium_cert"
+ + "s\030\001 \003(\t\022\031\n\021google_card_certs\030\002 \003(\t\022\036\n\026go"
+ + "ogle_partition_certs\030\003 \003(\t\"k\n\021Attestatio"
+ + "nFormat\022\"\n\036ATTESTATION_FORMAT_UNSPECIFIE"
+ + "D\020\000\022\030\n\024CAVIUM_V1_COMPRESSED\020\003\022\030\n\024CAVIUM_"
+ + "V2_COMPRESSED\020\004\"\266\022\n\020CryptoKeyVersion\022\022\n\004"
+ + "name\030\001 \001(\tB\004\342A\001\003\022J\n\005state\030\003 \001(\0162;.google"
+ + ".cloud.kms.v1.CryptoKeyVersion.CryptoKey"
+ + "VersionState\022D\n\020protection_level\030\007 \001(\0162$"
+ + ".google.cloud.kms.v1.ProtectionLevelB\004\342A"
+ + "\001\003\022X\n\talgorithm\030\n \001(\0162?.google.cloud.kms"
+ + ".v1.CryptoKeyVersion.CryptoKeyVersionAlg"
+ + "orithmB\004\342A\001\003\022G\n\013attestation\030\010 \001(\0132,.goog"
+ + "le.cloud.kms.v1.KeyOperationAttestationB"
+ + "\004\342A\001\003\0225\n\013create_time\030\004 \001(\0132\032.google.prot"
+ + "obuf.TimestampB\004\342A\001\003\0227\n\rgenerate_time\030\013 "
+ + "\001(\0132\032.google.protobuf.TimestampB\004\342A\001\003\0226\n"
+ + "\014destroy_time\030\005 \001(\0132\032.google.protobuf.Ti"
+ + "mestampB\004\342A\001\003\022<\n\022destroy_event_time\030\006 \001("
+ + "\0132\032.google.protobuf.TimestampB\004\342A\001\003\022\030\n\ni"
+ + "mport_job\030\016 \001(\tB\004\342A\001\003\0225\n\013import_time\030\017 \001"
+ + "(\0132\032.google.protobuf.TimestampB\004\342A\001\003\022#\n\025"
+ + "import_failure_reason\030\020 \001(\tB\004\342A\001\003\022\'\n\031gen"
+ + "eration_failure_reason\030\023 \001(\tB\004\342A\001\003\0221\n#ex"
+ + "ternal_destruction_failure_reason\030\024 \001(\tB"
+ + "\004\342A\001\003\022^\n!external_protection_level_optio"
+ + "ns\030\021 \001(\01323.google.cloud.kms.v1.ExternalP"
+ + "rotectionLevelOptions\022\037\n\021reimport_eligib"
+ + "le\030\022 \001(\010B\004\342A\001\003\"\211\007\n\031CryptoKeyVersionAlgor"
+ + "ithm\022,\n(CRYPTO_KEY_VERSION_ALGORITHM_UNS"
+ + "PECIFIED\020\000\022\037\n\033GOOGLE_SYMMETRIC_ENCRYPTIO"
+ + "N\020\001\022\017\n\013AES_128_GCM\020)\022\017\n\013AES_256_GCM\020\023\022\034\n"
+ + "\030RSA_SIGN_PSS_2048_SHA256\020\002\022\034\n\030RSA_SIGN_"
+ + "PSS_3072_SHA256\020\003\022\034\n\030RSA_SIGN_PSS_4096_S"
+ + "HA256\020\004\022\034\n\030RSA_SIGN_PSS_4096_SHA512\020\017\022\036\n"
+ + "\032RSA_SIGN_PKCS1_2048_SHA256\020\005\022\036\n\032RSA_SIG"
+ + "N_PKCS1_3072_SHA256\020\006\022\036\n\032RSA_SIGN_PKCS1_"
+ + "4096_SHA256\020\007\022\036\n\032RSA_SIGN_PKCS1_4096_SHA"
+ + "512\020\020\022\033\n\027RSA_SIGN_RAW_PKCS1_2048\020\034\022\033\n\027RS"
+ + "A_SIGN_RAW_PKCS1_3072\020\035\022\033\n\027RSA_SIGN_RAW_"
+ + "PKCS1_4096\020\036\022 \n\034RSA_DECRYPT_OAEP_2048_SH"
+ + "A256\020\010\022 \n\034RSA_DECRYPT_OAEP_3072_SHA256\020\t"
+ + "\022 \n\034RSA_DECRYPT_OAEP_4096_SHA256\020\n\022 \n\034RS"
+ + "A_DECRYPT_OAEP_4096_SHA512\020\021\022\036\n\032RSA_DECR"
+ + "YPT_OAEP_2048_SHA1\020%\022\036\n\032RSA_DECRYPT_OAEP"
+ + "_3072_SHA1\020&\022\036\n\032RSA_DECRYPT_OAEP_4096_SH"
+ + "A1\020\'\022\027\n\023EC_SIGN_P256_SHA256\020\014\022\027\n\023EC_SIGN"
+ + "_P384_SHA384\020\r\022\034\n\030EC_SIGN_SECP256K1_SHA2"
+ + "56\020\037\022\017\n\013HMAC_SHA256\020 \022\r\n\tHMAC_SHA1\020!\022\017\n\013"
+ + "HMAC_SHA384\020\"\022\017\n\013HMAC_SHA512\020#\022\017\n\013HMAC_S"
+ + "HA224\020$\022!\n\035EXTERNAL_SYMMETRIC_ENCRYPTION"
+ + "\020\022\"\233\002\n\025CryptoKeyVersionState\022(\n$CRYPTO_K"
+ + "EY_VERSION_STATE_UNSPECIFIED\020\000\022\026\n\022PENDIN"
+ + "G_GENERATION\020\005\022\013\n\007ENABLED\020\001\022\014\n\010DISABLED\020"
+ + "\002\022\r\n\tDESTROYED\020\003\022\025\n\021DESTROY_SCHEDULED\020\004\022"
+ + "\022\n\016PENDING_IMPORT\020\006\022\021\n\rIMPORT_FAILED\020\007\022\025"
+ + "\n\021GENERATION_FAILED\020\010\022 \n\034PENDING_EXTERNA"
+ + "L_DESTRUCTION\020\t\022\037\n\033EXTERNAL_DESTRUCTION_"
+ + "FAILED\020\n\"I\n\024CryptoKeyVersionView\022\'\n#CRYP"
+ + "TO_KEY_VERSION_VIEW_UNSPECIFIED\020\000\022\010\n\004FUL"
+ + "L\020\001:\252\001\352A\246\001\n(cloudkms.googleapis.com/Cryp"
+ + "toKeyVersion\022zprojects/{project}/locatio"
+ + "ns/{location}/keyRings/{key_ring}/crypto"
+ + "Keys/{crypto_key}/cryptoKeyVersions/{cry"
+ + "pto_key_version}\"\234\003\n\tPublicKey\022\013\n\003pem\030\001 "
+ + "\001(\t\022R\n\talgorithm\030\002 \001(\0162?.google.cloud.km"
+ + "s.v1.CryptoKeyVersion.CryptoKeyVersionAl"
+ + "gorithm\022/\n\npem_crc32c\030\003 \001(\0132\033.google.pro"
+ + "tobuf.Int64Value\022\014\n\004name\030\004 \001(\t\022>\n\020protec"
+ + "tion_level\030\005 \001(\0162$.google.cloud.kms.v1.P"
+ + "rotectionLevel:\256\001\352A\252\001\n!cloudkms.googleap"
+ + "is.com/PublicKey\022\204\001projects/{project}/lo"
+ + "cations/{location}/keyRings/{key_ring}/c"
+ + "ryptoKeys/{crypto_key}/cryptoKeyVersions"
+ + "/{crypto_key_version}/publicKey\"\332\010\n\tImpo"
+ + "rtJob\022\022\n\004name\030\001 \001(\tB\004\342A\001\003\022I\n\rimport_meth"
+ + "od\030\002 \001(\0162+.google.cloud.kms.v1.ImportJob"
+ + ".ImportMethodB\005\342A\002\002\005\022E\n\020protection_level"
+ + "\030\t \001(\0162$.google.cloud.kms.v1.ProtectionL"
+ + "evelB\005\342A\002\002\005\0225\n\013create_time\030\003 \001(\0132\032.googl"
+ + "e.protobuf.TimestampB\004\342A\001\003\0227\n\rgenerate_t"
+ + "ime\030\004 \001(\0132\032.google.protobuf.TimestampB\004\342"
+ + "A\001\003\0225\n\013expire_time\030\005 \001(\0132\032.google.protob"
+ + "uf.TimestampB\004\342A\001\003\022;\n\021expire_event_time\030"
+ + "\n \001(\0132\032.google.protobuf.TimestampB\004\342A\001\003\022"
+ + "B\n\005state\030\006 \001(\0162-.google.cloud.kms.v1.Imp"
+ + "ortJob.ImportJobStateB\004\342A\001\003\022J\n\npublic_ke"
+ + "y\030\007 \001(\01320.google.cloud.kms.v1.ImportJob."
+ + "WrappingPublicKeyB\004\342A\001\003\022G\n\013attestation\030\010"
+ + " \001(\0132,.google.cloud.kms.v1.KeyOperationA"
+ + "ttestationB\004\342A\001\003\032 \n\021WrappingPublicKey\022\013\n"
+ + "\003pem\030\001 \001(\t\"\345\001\n\014ImportMethod\022\035\n\031IMPORT_ME"
+ + "THOD_UNSPECIFIED\020\000\022\036\n\032RSA_OAEP_3072_SHA1"
+ + "_AES_256\020\001\022\036\n\032RSA_OAEP_4096_SHA1_AES_256"
+ + "\020\002\022 \n\034RSA_OAEP_3072_SHA256_AES_256\020\003\022 \n\034"
+ + "RSA_OAEP_4096_SHA256_AES_256\020\004\022\030\n\024RSA_OA"
+ + "EP_3072_SHA256\020\005\022\030\n\024RSA_OAEP_4096_SHA256"
+ + "\020\006\"c\n\016ImportJobState\022 \n\034IMPORT_JOB_STATE"
+ + "_UNSPECIFIED\020\000\022\026\n\022PENDING_GENERATION\020\001\022\n"
+ + "\n\006ACTIVE\020\002\022\013\n\007EXPIRED\020\003:{\352Ax\n!cloudkms.g"
+ + "oogleapis.com/ImportJob\022Sprojects/{proje"
+ + "ct}/locations/{location}/keyRings/{key_r"
+ + "ing}/importJobs/{import_job}\"[\n\036External"
+ + "ProtectionLevelOptions\022\030\n\020external_key_u"
+ + "ri\030\001 \001(\t\022\037\n\027ekm_connection_key_path\030\002 \001("
+ + "\t*j\n\017ProtectionLevel\022 \n\034PROTECTION_LEVEL"
+ + "_UNSPECIFIED\020\000\022\014\n\010SOFTWARE\020\001\022\007\n\003HSM\020\002\022\014\n"
+ + "\010EXTERNAL\020\003\022\020\n\014EXTERNAL_VPC\020\004B\210\001\n\027com.go"
+ + "ogle.cloud.kms.v1B\021KmsResourcesProtoP\001Z)"
+ + "cloud.google.com/go/kms/apiv1/kmspb;kmsp"
+ + "b\370\001\001\252\002\023Google.Cloud.Kms.V1\312\002\023Google\\Clou"
+ + "d\\Kms\\V1b\006proto3"
};
descriptor =
com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
diff --git a/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/RawDecryptRequest.java b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/RawDecryptRequest.java
new file mode 100644
index 000000000000..3bc6b2600a52
--- /dev/null
+++ b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/RawDecryptRequest.java
@@ -0,0 +1,2454 @@
+/*
+ * Copyright 2023 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler. DO NOT EDIT!
+// source: google/cloud/kms/v1/service.proto
+
+package com.google.cloud.kms.v1;
+
+/**
+ *
+ *
+ * + * Request message for + * [KeyManagementService.RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt]. + *+ * + * Protobuf type {@code google.cloud.kms.v1.RawDecryptRequest} + */ +public final class RawDecryptRequest extends com.google.protobuf.GeneratedMessageV3 + implements + // @@protoc_insertion_point(message_implements:google.cloud.kms.v1.RawDecryptRequest) + RawDecryptRequestOrBuilder { + private static final long serialVersionUID = 0L; + // Use RawDecryptRequest.newBuilder() to construct. + private RawDecryptRequest(com.google.protobuf.GeneratedMessageV3.Builder builder) { + super(builder); + } + + private RawDecryptRequest() { + name_ = ""; + ciphertext_ = com.google.protobuf.ByteString.EMPTY; + additionalAuthenticatedData_ = com.google.protobuf.ByteString.EMPTY; + initializationVector_ = com.google.protobuf.ByteString.EMPTY; + } + + @java.lang.Override + @SuppressWarnings({"unused"}) + protected java.lang.Object newInstance(UnusedPrivateParameter unused) { + return new RawDecryptRequest(); + } + + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return com.google.cloud.kms.v1.KmsProto + .internal_static_google_cloud_kms_v1_RawDecryptRequest_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return com.google.cloud.kms.v1.KmsProto + .internal_static_google_cloud_kms_v1_RawDecryptRequest_fieldAccessorTable + .ensureFieldAccessorsInitialized( + com.google.cloud.kms.v1.RawDecryptRequest.class, + com.google.cloud.kms.v1.RawDecryptRequest.Builder.class); + } + + public static final int NAME_FIELD_NUMBER = 1; + + @SuppressWarnings("serial") + private volatile java.lang.Object name_ = ""; + /** + * + * + *
+ * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * decryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The name.
+ */
+ @java.lang.Override
+ public java.lang.String getName() {
+ java.lang.Object ref = name_;
+ if (ref instanceof java.lang.String) {
+ return (java.lang.String) ref;
+ } else {
+ com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+ java.lang.String s = bs.toStringUtf8();
+ name_ = s;
+ return s;
+ }
+ }
+ /**
+ *
+ *
+ * + * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * decryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The bytes for name.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getNameBytes() {
+ java.lang.Object ref = name_;
+ if (ref instanceof java.lang.String) {
+ com.google.protobuf.ByteString b =
+ com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+ name_ = b;
+ return b;
+ } else {
+ return (com.google.protobuf.ByteString) ref;
+ }
+ }
+
+ public static final int CIPHERTEXT_FIELD_NUMBER = 2;
+ private com.google.protobuf.ByteString ciphertext_ = com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * Required. The encrypted data originally returned in + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + *+ * + *
bytes ciphertext = 2 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The ciphertext.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getCiphertext() {
+ return ciphertext_;
+ }
+
+ public static final int ADDITIONAL_AUTHENTICATED_DATA_FIELD_NUMBER = 3;
+ private com.google.protobuf.ByteString additionalAuthenticatedData_ =
+ com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * Optional. Optional data that must match the data originally supplied in + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + *+ * + *
bytes additional_authenticated_data = 3 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ * @return The additionalAuthenticatedData.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getAdditionalAuthenticatedData() {
+ return additionalAuthenticatedData_;
+ }
+
+ public static final int INITIALIZATION_VECTOR_FIELD_NUMBER = 4;
+ private com.google.protobuf.ByteString initializationVector_ =
+ com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * Required. The initialization vector (IV) used during encryption, which must + * match the data originally provided in + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + *+ * + *
bytes initialization_vector = 4 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The initializationVector.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getInitializationVector() {
+ return initializationVector_;
+ }
+
+ public static final int TAG_LENGTH_FIELD_NUMBER = 5;
+ private int tagLength_ = 0;
+ /**
+ *
+ *
+ * + * The length of the authentication tag that is appended to the end of + * the ciphertext. If unspecified (0), the default value for the key's + * algorithm will be used (for AES-GCM, the default value is 16). + *+ * + *
int32 tag_length = 5;
+ *
+ * @return The tagLength.
+ */
+ @java.lang.Override
+ public int getTagLength() {
+ return tagLength_;
+ }
+
+ public static final int CIPHERTEXT_CRC32C_FIELD_NUMBER = 6;
+ private com.google.protobuf.Int64Value ciphertextCrc32C_;
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the ciphertextCrc32c field is set.
+ */
+ @java.lang.Override
+ public boolean hasCiphertextCrc32C() {
+ return ciphertextCrc32C_ != null;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The ciphertextCrc32c.
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64Value getCiphertextCrc32C() {
+ return ciphertextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : ciphertextCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64ValueOrBuilder getCiphertextCrc32COrBuilder() {
+ return ciphertextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : ciphertextCrc32C_;
+ }
+
+ public static final int ADDITIONAL_AUTHENTICATED_DATA_CRC32C_FIELD_NUMBER = 7;
+ private com.google.protobuf.Int64Value additionalAuthenticatedDataCrc32C_;
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the additionalAuthenticatedDataCrc32c field is set.
+ */
+ @java.lang.Override
+ public boolean hasAdditionalAuthenticatedDataCrc32C() {
+ return additionalAuthenticatedDataCrc32C_ != null;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The additionalAuthenticatedDataCrc32c.
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64Value getAdditionalAuthenticatedDataCrc32C() {
+ return additionalAuthenticatedDataCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : additionalAuthenticatedDataCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64ValueOrBuilder getAdditionalAuthenticatedDataCrc32COrBuilder() {
+ return additionalAuthenticatedDataCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : additionalAuthenticatedDataCrc32C_;
+ }
+
+ public static final int INITIALIZATION_VECTOR_CRC32C_FIELD_NUMBER = 8;
+ private com.google.protobuf.Int64Value initializationVectorCrc32C_;
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the initializationVectorCrc32c field is set.
+ */
+ @java.lang.Override
+ public boolean hasInitializationVectorCrc32C() {
+ return initializationVectorCrc32C_ != null;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The initializationVectorCrc32c.
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64Value getInitializationVectorCrc32C() {
+ return initializationVectorCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : initializationVectorCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64ValueOrBuilder getInitializationVectorCrc32COrBuilder() {
+ return initializationVectorCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : initializationVectorCrc32C_;
+ }
+
+ private byte memoizedIsInitialized = -1;
+
+ @java.lang.Override
+ public final boolean isInitialized() {
+ byte isInitialized = memoizedIsInitialized;
+ if (isInitialized == 1) return true;
+ if (isInitialized == 0) return false;
+
+ memoizedIsInitialized = 1;
+ return true;
+ }
+
+ @java.lang.Override
+ public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+ if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+ com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+ }
+ if (!ciphertext_.isEmpty()) {
+ output.writeBytes(2, ciphertext_);
+ }
+ if (!additionalAuthenticatedData_.isEmpty()) {
+ output.writeBytes(3, additionalAuthenticatedData_);
+ }
+ if (!initializationVector_.isEmpty()) {
+ output.writeBytes(4, initializationVector_);
+ }
+ if (tagLength_ != 0) {
+ output.writeInt32(5, tagLength_);
+ }
+ if (ciphertextCrc32C_ != null) {
+ output.writeMessage(6, getCiphertextCrc32C());
+ }
+ if (additionalAuthenticatedDataCrc32C_ != null) {
+ output.writeMessage(7, getAdditionalAuthenticatedDataCrc32C());
+ }
+ if (initializationVectorCrc32C_ != null) {
+ output.writeMessage(8, getInitializationVectorCrc32C());
+ }
+ getUnknownFields().writeTo(output);
+ }
+
+ @java.lang.Override
+ public int getSerializedSize() {
+ int size = memoizedSize;
+ if (size != -1) return size;
+
+ size = 0;
+ if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+ size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+ }
+ if (!ciphertext_.isEmpty()) {
+ size += com.google.protobuf.CodedOutputStream.computeBytesSize(2, ciphertext_);
+ }
+ if (!additionalAuthenticatedData_.isEmpty()) {
+ size +=
+ com.google.protobuf.CodedOutputStream.computeBytesSize(3, additionalAuthenticatedData_);
+ }
+ if (!initializationVector_.isEmpty()) {
+ size += com.google.protobuf.CodedOutputStream.computeBytesSize(4, initializationVector_);
+ }
+ if (tagLength_ != 0) {
+ size += com.google.protobuf.CodedOutputStream.computeInt32Size(5, tagLength_);
+ }
+ if (ciphertextCrc32C_ != null) {
+ size += com.google.protobuf.CodedOutputStream.computeMessageSize(6, getCiphertextCrc32C());
+ }
+ if (additionalAuthenticatedDataCrc32C_ != null) {
+ size +=
+ com.google.protobuf.CodedOutputStream.computeMessageSize(
+ 7, getAdditionalAuthenticatedDataCrc32C());
+ }
+ if (initializationVectorCrc32C_ != null) {
+ size +=
+ com.google.protobuf.CodedOutputStream.computeMessageSize(
+ 8, getInitializationVectorCrc32C());
+ }
+ size += getUnknownFields().getSerializedSize();
+ memoizedSize = size;
+ return size;
+ }
+
+ @java.lang.Override
+ public boolean equals(final java.lang.Object obj) {
+ if (obj == this) {
+ return true;
+ }
+ if (!(obj instanceof com.google.cloud.kms.v1.RawDecryptRequest)) {
+ return super.equals(obj);
+ }
+ com.google.cloud.kms.v1.RawDecryptRequest other =
+ (com.google.cloud.kms.v1.RawDecryptRequest) obj;
+
+ if (!getName().equals(other.getName())) return false;
+ if (!getCiphertext().equals(other.getCiphertext())) return false;
+ if (!getAdditionalAuthenticatedData().equals(other.getAdditionalAuthenticatedData()))
+ return false;
+ if (!getInitializationVector().equals(other.getInitializationVector())) return false;
+ if (getTagLength() != other.getTagLength()) return false;
+ if (hasCiphertextCrc32C() != other.hasCiphertextCrc32C()) return false;
+ if (hasCiphertextCrc32C()) {
+ if (!getCiphertextCrc32C().equals(other.getCiphertextCrc32C())) return false;
+ }
+ if (hasAdditionalAuthenticatedDataCrc32C() != other.hasAdditionalAuthenticatedDataCrc32C())
+ return false;
+ if (hasAdditionalAuthenticatedDataCrc32C()) {
+ if (!getAdditionalAuthenticatedDataCrc32C()
+ .equals(other.getAdditionalAuthenticatedDataCrc32C())) return false;
+ }
+ if (hasInitializationVectorCrc32C() != other.hasInitializationVectorCrc32C()) return false;
+ if (hasInitializationVectorCrc32C()) {
+ if (!getInitializationVectorCrc32C().equals(other.getInitializationVectorCrc32C()))
+ return false;
+ }
+ if (!getUnknownFields().equals(other.getUnknownFields())) return false;
+ return true;
+ }
+
+ @java.lang.Override
+ public int hashCode() {
+ if (memoizedHashCode != 0) {
+ return memoizedHashCode;
+ }
+ int hash = 41;
+ hash = (19 * hash) + getDescriptor().hashCode();
+ hash = (37 * hash) + NAME_FIELD_NUMBER;
+ hash = (53 * hash) + getName().hashCode();
+ hash = (37 * hash) + CIPHERTEXT_FIELD_NUMBER;
+ hash = (53 * hash) + getCiphertext().hashCode();
+ hash = (37 * hash) + ADDITIONAL_AUTHENTICATED_DATA_FIELD_NUMBER;
+ hash = (53 * hash) + getAdditionalAuthenticatedData().hashCode();
+ hash = (37 * hash) + INITIALIZATION_VECTOR_FIELD_NUMBER;
+ hash = (53 * hash) + getInitializationVector().hashCode();
+ hash = (37 * hash) + TAG_LENGTH_FIELD_NUMBER;
+ hash = (53 * hash) + getTagLength();
+ if (hasCiphertextCrc32C()) {
+ hash = (37 * hash) + CIPHERTEXT_CRC32C_FIELD_NUMBER;
+ hash = (53 * hash) + getCiphertextCrc32C().hashCode();
+ }
+ if (hasAdditionalAuthenticatedDataCrc32C()) {
+ hash = (37 * hash) + ADDITIONAL_AUTHENTICATED_DATA_CRC32C_FIELD_NUMBER;
+ hash = (53 * hash) + getAdditionalAuthenticatedDataCrc32C().hashCode();
+ }
+ if (hasInitializationVectorCrc32C()) {
+ hash = (37 * hash) + INITIALIZATION_VECTOR_CRC32C_FIELD_NUMBER;
+ hash = (53 * hash) + getInitializationVectorCrc32C().hashCode();
+ }
+ hash = (29 * hash) + getUnknownFields().hashCode();
+ memoizedHashCode = hash;
+ return hash;
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptRequest parseFrom(java.nio.ByteBuffer data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptRequest parseFrom(
+ java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptRequest parseFrom(
+ com.google.protobuf.ByteString data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptRequest parseFrom(
+ com.google.protobuf.ByteString data,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptRequest parseFrom(byte[] data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptRequest parseFrom(
+ byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptRequest parseFrom(java.io.InputStream input)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptRequest parseFrom(
+ java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+ PARSER, input, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptRequest parseDelimitedFrom(
+ java.io.InputStream input) throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptRequest parseDelimitedFrom(
+ java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+ PARSER, input, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptRequest parseFrom(
+ com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptRequest parseFrom(
+ com.google.protobuf.CodedInputStream input,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+ PARSER, input, extensionRegistry);
+ }
+
+ @java.lang.Override
+ public Builder newBuilderForType() {
+ return newBuilder();
+ }
+
+ public static Builder newBuilder() {
+ return DEFAULT_INSTANCE.toBuilder();
+ }
+
+ public static Builder newBuilder(com.google.cloud.kms.v1.RawDecryptRequest prototype) {
+ return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+ }
+
+ @java.lang.Override
+ public Builder toBuilder() {
+ return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+ }
+
+ @java.lang.Override
+ protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+ Builder builder = new Builder(parent);
+ return builder;
+ }
+ /**
+ *
+ *
+ * + * Request message for + * [KeyManagementService.RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt]. + *+ * + * Protobuf type {@code google.cloud.kms.v1.RawDecryptRequest} + */ + public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder
+ * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * decryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The name.
+ */
+ public java.lang.String getName() {
+ java.lang.Object ref = name_;
+ if (!(ref instanceof java.lang.String)) {
+ com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+ java.lang.String s = bs.toStringUtf8();
+ name_ = s;
+ return s;
+ } else {
+ return (java.lang.String) ref;
+ }
+ }
+ /**
+ *
+ *
+ * + * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * decryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The bytes for name.
+ */
+ public com.google.protobuf.ByteString getNameBytes() {
+ java.lang.Object ref = name_;
+ if (ref instanceof String) {
+ com.google.protobuf.ByteString b =
+ com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+ name_ = b;
+ return b;
+ } else {
+ return (com.google.protobuf.ByteString) ref;
+ }
+ }
+ /**
+ *
+ *
+ * + * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * decryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @param value The name to set.
+ * @return This builder for chaining.
+ */
+ public Builder setName(java.lang.String value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ name_ = value;
+ bitField0_ |= 0x00000001;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * decryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearName() {
+ name_ = getDefaultInstance().getName();
+ bitField0_ = (bitField0_ & ~0x00000001);
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * decryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @param value The bytes for name to set.
+ * @return This builder for chaining.
+ */
+ public Builder setNameBytes(com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ checkByteStringIsUtf8(value);
+ name_ = value;
+ bitField0_ |= 0x00000001;
+ onChanged();
+ return this;
+ }
+
+ private com.google.protobuf.ByteString ciphertext_ = com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * Required. The encrypted data originally returned in + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + *+ * + *
bytes ciphertext = 2 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The ciphertext.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getCiphertext() {
+ return ciphertext_;
+ }
+ /**
+ *
+ *
+ * + * Required. The encrypted data originally returned in + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + *+ * + *
bytes ciphertext = 2 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @param value The ciphertext to set.
+ * @return This builder for chaining.
+ */
+ public Builder setCiphertext(com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ ciphertext_ = value;
+ bitField0_ |= 0x00000002;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Required. The encrypted data originally returned in + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + *+ * + *
bytes ciphertext = 2 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearCiphertext() {
+ bitField0_ = (bitField0_ & ~0x00000002);
+ ciphertext_ = getDefaultInstance().getCiphertext();
+ onChanged();
+ return this;
+ }
+
+ private com.google.protobuf.ByteString additionalAuthenticatedData_ =
+ com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * Optional. Optional data that must match the data originally supplied in + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + *+ * + *
bytes additional_authenticated_data = 3 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The additionalAuthenticatedData.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getAdditionalAuthenticatedData() {
+ return additionalAuthenticatedData_;
+ }
+ /**
+ *
+ *
+ * + * Optional. Optional data that must match the data originally supplied in + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + *+ * + *
bytes additional_authenticated_data = 3 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @param value The additionalAuthenticatedData to set.
+ * @return This builder for chaining.
+ */
+ public Builder setAdditionalAuthenticatedData(com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ additionalAuthenticatedData_ = value;
+ bitField0_ |= 0x00000004;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. Optional data that must match the data originally supplied in + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + *+ * + *
bytes additional_authenticated_data = 3 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearAdditionalAuthenticatedData() {
+ bitField0_ = (bitField0_ & ~0x00000004);
+ additionalAuthenticatedData_ = getDefaultInstance().getAdditionalAuthenticatedData();
+ onChanged();
+ return this;
+ }
+
+ private com.google.protobuf.ByteString initializationVector_ =
+ com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * Required. The initialization vector (IV) used during encryption, which must + * match the data originally provided in + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + *+ * + *
bytes initialization_vector = 4 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The initializationVector.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getInitializationVector() {
+ return initializationVector_;
+ }
+ /**
+ *
+ *
+ * + * Required. The initialization vector (IV) used during encryption, which must + * match the data originally provided in + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + *+ * + *
bytes initialization_vector = 4 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @param value The initializationVector to set.
+ * @return This builder for chaining.
+ */
+ public Builder setInitializationVector(com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ initializationVector_ = value;
+ bitField0_ |= 0x00000008;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Required. The initialization vector (IV) used during encryption, which must + * match the data originally provided in + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + *+ * + *
bytes initialization_vector = 4 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearInitializationVector() {
+ bitField0_ = (bitField0_ & ~0x00000008);
+ initializationVector_ = getDefaultInstance().getInitializationVector();
+ onChanged();
+ return this;
+ }
+
+ private int tagLength_;
+ /**
+ *
+ *
+ * + * The length of the authentication tag that is appended to the end of + * the ciphertext. If unspecified (0), the default value for the key's + * algorithm will be used (for AES-GCM, the default value is 16). + *+ * + *
int32 tag_length = 5;
+ *
+ * @return The tagLength.
+ */
+ @java.lang.Override
+ public int getTagLength() {
+ return tagLength_;
+ }
+ /**
+ *
+ *
+ * + * The length of the authentication tag that is appended to the end of + * the ciphertext. If unspecified (0), the default value for the key's + * algorithm will be used (for AES-GCM, the default value is 16). + *+ * + *
int32 tag_length = 5;
+ *
+ * @param value The tagLength to set.
+ * @return This builder for chaining.
+ */
+ public Builder setTagLength(int value) {
+
+ tagLength_ = value;
+ bitField0_ |= 0x00000010;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * The length of the authentication tag that is appended to the end of + * the ciphertext. If unspecified (0), the default value for the key's + * algorithm will be used (for AES-GCM, the default value is 16). + *+ * + *
int32 tag_length = 5;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearTagLength() {
+ bitField0_ = (bitField0_ & ~0x00000010);
+ tagLength_ = 0;
+ onChanged();
+ return this;
+ }
+
+ private com.google.protobuf.Int64Value ciphertextCrc32C_;
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ ciphertextCrc32CBuilder_;
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the ciphertextCrc32c field is set.
+ */
+ public boolean hasCiphertextCrc32C() {
+ return ((bitField0_ & 0x00000020) != 0);
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The ciphertextCrc32c.
+ */
+ public com.google.protobuf.Int64Value getCiphertextCrc32C() {
+ if (ciphertextCrc32CBuilder_ == null) {
+ return ciphertextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : ciphertextCrc32C_;
+ } else {
+ return ciphertextCrc32CBuilder_.getMessage();
+ }
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder setCiphertextCrc32C(com.google.protobuf.Int64Value value) {
+ if (ciphertextCrc32CBuilder_ == null) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ ciphertextCrc32C_ = value;
+ } else {
+ ciphertextCrc32CBuilder_.setMessage(value);
+ }
+ bitField0_ |= 0x00000020;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder setCiphertextCrc32C(com.google.protobuf.Int64Value.Builder builderForValue) {
+ if (ciphertextCrc32CBuilder_ == null) {
+ ciphertextCrc32C_ = builderForValue.build();
+ } else {
+ ciphertextCrc32CBuilder_.setMessage(builderForValue.build());
+ }
+ bitField0_ |= 0x00000020;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder mergeCiphertextCrc32C(com.google.protobuf.Int64Value value) {
+ if (ciphertextCrc32CBuilder_ == null) {
+ if (((bitField0_ & 0x00000020) != 0)
+ && ciphertextCrc32C_ != null
+ && ciphertextCrc32C_ != com.google.protobuf.Int64Value.getDefaultInstance()) {
+ getCiphertextCrc32CBuilder().mergeFrom(value);
+ } else {
+ ciphertextCrc32C_ = value;
+ }
+ } else {
+ ciphertextCrc32CBuilder_.mergeFrom(value);
+ }
+ bitField0_ |= 0x00000020;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder clearCiphertextCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000020);
+ ciphertextCrc32C_ = null;
+ if (ciphertextCrc32CBuilder_ != null) {
+ ciphertextCrc32CBuilder_.dispose();
+ ciphertextCrc32CBuilder_ = null;
+ }
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public com.google.protobuf.Int64Value.Builder getCiphertextCrc32CBuilder() {
+ bitField0_ |= 0x00000020;
+ onChanged();
+ return getCiphertextCrc32CFieldBuilder().getBuilder();
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public com.google.protobuf.Int64ValueOrBuilder getCiphertextCrc32COrBuilder() {
+ if (ciphertextCrc32CBuilder_ != null) {
+ return ciphertextCrc32CBuilder_.getMessageOrBuilder();
+ } else {
+ return ciphertextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : ciphertextCrc32C_;
+ }
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ getCiphertextCrc32CFieldBuilder() {
+ if (ciphertextCrc32CBuilder_ == null) {
+ ciphertextCrc32CBuilder_ =
+ new com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>(
+ getCiphertextCrc32C(), getParentForChildren(), isClean());
+ ciphertextCrc32C_ = null;
+ }
+ return ciphertextCrc32CBuilder_;
+ }
+
+ private com.google.protobuf.Int64Value additionalAuthenticatedDataCrc32C_;
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ additionalAuthenticatedDataCrc32CBuilder_;
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the additionalAuthenticatedDataCrc32c field is set.
+ */
+ public boolean hasAdditionalAuthenticatedDataCrc32C() {
+ return ((bitField0_ & 0x00000040) != 0);
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The additionalAuthenticatedDataCrc32c.
+ */
+ public com.google.protobuf.Int64Value getAdditionalAuthenticatedDataCrc32C() {
+ if (additionalAuthenticatedDataCrc32CBuilder_ == null) {
+ return additionalAuthenticatedDataCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : additionalAuthenticatedDataCrc32C_;
+ } else {
+ return additionalAuthenticatedDataCrc32CBuilder_.getMessage();
+ }
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder setAdditionalAuthenticatedDataCrc32C(com.google.protobuf.Int64Value value) {
+ if (additionalAuthenticatedDataCrc32CBuilder_ == null) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ additionalAuthenticatedDataCrc32C_ = value;
+ } else {
+ additionalAuthenticatedDataCrc32CBuilder_.setMessage(value);
+ }
+ bitField0_ |= 0x00000040;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder setAdditionalAuthenticatedDataCrc32C(
+ com.google.protobuf.Int64Value.Builder builderForValue) {
+ if (additionalAuthenticatedDataCrc32CBuilder_ == null) {
+ additionalAuthenticatedDataCrc32C_ = builderForValue.build();
+ } else {
+ additionalAuthenticatedDataCrc32CBuilder_.setMessage(builderForValue.build());
+ }
+ bitField0_ |= 0x00000040;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder mergeAdditionalAuthenticatedDataCrc32C(com.google.protobuf.Int64Value value) {
+ if (additionalAuthenticatedDataCrc32CBuilder_ == null) {
+ if (((bitField0_ & 0x00000040) != 0)
+ && additionalAuthenticatedDataCrc32C_ != null
+ && additionalAuthenticatedDataCrc32C_
+ != com.google.protobuf.Int64Value.getDefaultInstance()) {
+ getAdditionalAuthenticatedDataCrc32CBuilder().mergeFrom(value);
+ } else {
+ additionalAuthenticatedDataCrc32C_ = value;
+ }
+ } else {
+ additionalAuthenticatedDataCrc32CBuilder_.mergeFrom(value);
+ }
+ bitField0_ |= 0x00000040;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder clearAdditionalAuthenticatedDataCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000040);
+ additionalAuthenticatedDataCrc32C_ = null;
+ if (additionalAuthenticatedDataCrc32CBuilder_ != null) {
+ additionalAuthenticatedDataCrc32CBuilder_.dispose();
+ additionalAuthenticatedDataCrc32CBuilder_ = null;
+ }
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public com.google.protobuf.Int64Value.Builder getAdditionalAuthenticatedDataCrc32CBuilder() {
+ bitField0_ |= 0x00000040;
+ onChanged();
+ return getAdditionalAuthenticatedDataCrc32CFieldBuilder().getBuilder();
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public com.google.protobuf.Int64ValueOrBuilder getAdditionalAuthenticatedDataCrc32COrBuilder() {
+ if (additionalAuthenticatedDataCrc32CBuilder_ != null) {
+ return additionalAuthenticatedDataCrc32CBuilder_.getMessageOrBuilder();
+ } else {
+ return additionalAuthenticatedDataCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : additionalAuthenticatedDataCrc32C_;
+ }
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ getAdditionalAuthenticatedDataCrc32CFieldBuilder() {
+ if (additionalAuthenticatedDataCrc32CBuilder_ == null) {
+ additionalAuthenticatedDataCrc32CBuilder_ =
+ new com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>(
+ getAdditionalAuthenticatedDataCrc32C(), getParentForChildren(), isClean());
+ additionalAuthenticatedDataCrc32C_ = null;
+ }
+ return additionalAuthenticatedDataCrc32CBuilder_;
+ }
+
+ private com.google.protobuf.Int64Value initializationVectorCrc32C_;
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ initializationVectorCrc32CBuilder_;
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the initializationVectorCrc32c field is set.
+ */
+ public boolean hasInitializationVectorCrc32C() {
+ return ((bitField0_ & 0x00000080) != 0);
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The initializationVectorCrc32c.
+ */
+ public com.google.protobuf.Int64Value getInitializationVectorCrc32C() {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ return initializationVectorCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : initializationVectorCrc32C_;
+ } else {
+ return initializationVectorCrc32CBuilder_.getMessage();
+ }
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder setInitializationVectorCrc32C(com.google.protobuf.Int64Value value) {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ initializationVectorCrc32C_ = value;
+ } else {
+ initializationVectorCrc32CBuilder_.setMessage(value);
+ }
+ bitField0_ |= 0x00000080;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder setInitializationVectorCrc32C(
+ com.google.protobuf.Int64Value.Builder builderForValue) {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ initializationVectorCrc32C_ = builderForValue.build();
+ } else {
+ initializationVectorCrc32CBuilder_.setMessage(builderForValue.build());
+ }
+ bitField0_ |= 0x00000080;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder mergeInitializationVectorCrc32C(com.google.protobuf.Int64Value value) {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ if (((bitField0_ & 0x00000080) != 0)
+ && initializationVectorCrc32C_ != null
+ && initializationVectorCrc32C_ != com.google.protobuf.Int64Value.getDefaultInstance()) {
+ getInitializationVectorCrc32CBuilder().mergeFrom(value);
+ } else {
+ initializationVectorCrc32C_ = value;
+ }
+ } else {
+ initializationVectorCrc32CBuilder_.mergeFrom(value);
+ }
+ bitField0_ |= 0x00000080;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder clearInitializationVectorCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000080);
+ initializationVectorCrc32C_ = null;
+ if (initializationVectorCrc32CBuilder_ != null) {
+ initializationVectorCrc32CBuilder_.dispose();
+ initializationVectorCrc32CBuilder_ = null;
+ }
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public com.google.protobuf.Int64Value.Builder getInitializationVectorCrc32CBuilder() {
+ bitField0_ |= 0x00000080;
+ onChanged();
+ return getInitializationVectorCrc32CFieldBuilder().getBuilder();
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public com.google.protobuf.Int64ValueOrBuilder getInitializationVectorCrc32COrBuilder() {
+ if (initializationVectorCrc32CBuilder_ != null) {
+ return initializationVectorCrc32CBuilder_.getMessageOrBuilder();
+ } else {
+ return initializationVectorCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : initializationVectorCrc32C_;
+ }
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ getInitializationVectorCrc32CFieldBuilder() {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ initializationVectorCrc32CBuilder_ =
+ new com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>(
+ getInitializationVectorCrc32C(), getParentForChildren(), isClean());
+ initializationVectorCrc32C_ = null;
+ }
+ return initializationVectorCrc32CBuilder_;
+ }
+
+ @java.lang.Override
+ public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+ return super.setUnknownFields(unknownFields);
+ }
+
+ @java.lang.Override
+ public final Builder mergeUnknownFields(
+ final com.google.protobuf.UnknownFieldSet unknownFields) {
+ return super.mergeUnknownFields(unknownFields);
+ }
+
+ // @@protoc_insertion_point(builder_scope:google.cloud.kms.v1.RawDecryptRequest)
+ }
+
+ // @@protoc_insertion_point(class_scope:google.cloud.kms.v1.RawDecryptRequest)
+ private static final com.google.cloud.kms.v1.RawDecryptRequest DEFAULT_INSTANCE;
+
+ static {
+ DEFAULT_INSTANCE = new com.google.cloud.kms.v1.RawDecryptRequest();
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptRequest getDefaultInstance() {
+ return DEFAULT_INSTANCE;
+ }
+
+ private static final com.google.protobuf.Parser+ * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * decryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The name.
+ */
+ java.lang.String getName();
+ /**
+ *
+ *
+ * + * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * decryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The bytes for name.
+ */
+ com.google.protobuf.ByteString getNameBytes();
+
+ /**
+ *
+ *
+ * + * Required. The encrypted data originally returned in + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + *+ * + *
bytes ciphertext = 2 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The ciphertext.
+ */
+ com.google.protobuf.ByteString getCiphertext();
+
+ /**
+ *
+ *
+ * + * Optional. Optional data that must match the data originally supplied in + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + *+ * + *
bytes additional_authenticated_data = 3 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ * @return The additionalAuthenticatedData.
+ */
+ com.google.protobuf.ByteString getAdditionalAuthenticatedData();
+
+ /**
+ *
+ *
+ * + * Required. The initialization vector (IV) used during encryption, which must + * match the data originally provided in + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + *+ * + *
bytes initialization_vector = 4 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The initializationVector.
+ */
+ com.google.protobuf.ByteString getInitializationVector();
+
+ /**
+ *
+ *
+ * + * The length of the authentication tag that is appended to the end of + * the ciphertext. If unspecified (0), the default value for the key's + * algorithm will be used (for AES-GCM, the default value is 16). + *+ * + *
int32 tag_length = 5;
+ *
+ * @return The tagLength.
+ */
+ int getTagLength();
+
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the ciphertextCrc32c field is set.
+ */
+ boolean hasCiphertextCrc32C();
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The ciphertextCrc32c.
+ */
+ com.google.protobuf.Int64Value getCiphertextCrc32C();
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received ciphertext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(ciphertext) is equal + * to ciphertext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value ciphertext_crc32c = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ com.google.protobuf.Int64ValueOrBuilder getCiphertextCrc32COrBuilder();
+
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the additionalAuthenticatedDataCrc32c field is set.
+ */
+ boolean hasAdditionalAuthenticatedDataCrc32C();
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The additionalAuthenticatedDataCrc32c.
+ */
+ com.google.protobuf.Int64Value getAdditionalAuthenticatedDataCrc32C();
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ com.google.protobuf.Int64ValueOrBuilder getAdditionalAuthenticatedDataCrc32COrBuilder();
+
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the initializationVectorCrc32c field is set.
+ */
+ boolean hasInitializationVectorCrc32C();
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The initializationVectorCrc32c.
+ */
+ com.google.protobuf.Int64Value getInitializationVectorCrc32C();
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and + * if so, perform a limited number of retries. A persistent mismatch may + * indicate an issue in your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 8 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ com.google.protobuf.Int64ValueOrBuilder getInitializationVectorCrc32COrBuilder();
+}
diff --git a/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/RawDecryptResponse.java b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/RawDecryptResponse.java
new file mode 100644
index 000000000000..cf1212dcbae8
--- /dev/null
+++ b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/RawDecryptResponse.java
@@ -0,0 +1,1572 @@
+/*
+ * Copyright 2023 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler. DO NOT EDIT!
+// source: google/cloud/kms/v1/service.proto
+
+package com.google.cloud.kms.v1;
+
+/**
+ *
+ *
+ * + * Response message for + * [KeyManagementService.RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt]. + *+ * + * Protobuf type {@code google.cloud.kms.v1.RawDecryptResponse} + */ +public final class RawDecryptResponse extends com.google.protobuf.GeneratedMessageV3 + implements + // @@protoc_insertion_point(message_implements:google.cloud.kms.v1.RawDecryptResponse) + RawDecryptResponseOrBuilder { + private static final long serialVersionUID = 0L; + // Use RawDecryptResponse.newBuilder() to construct. + private RawDecryptResponse(com.google.protobuf.GeneratedMessageV3.Builder builder) { + super(builder); + } + + private RawDecryptResponse() { + plaintext_ = com.google.protobuf.ByteString.EMPTY; + protectionLevel_ = 0; + } + + @java.lang.Override + @SuppressWarnings({"unused"}) + protected java.lang.Object newInstance(UnusedPrivateParameter unused) { + return new RawDecryptResponse(); + } + + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return com.google.cloud.kms.v1.KmsProto + .internal_static_google_cloud_kms_v1_RawDecryptResponse_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return com.google.cloud.kms.v1.KmsProto + .internal_static_google_cloud_kms_v1_RawDecryptResponse_fieldAccessorTable + .ensureFieldAccessorsInitialized( + com.google.cloud.kms.v1.RawDecryptResponse.class, + com.google.cloud.kms.v1.RawDecryptResponse.Builder.class); + } + + public static final int PLAINTEXT_FIELD_NUMBER = 1; + private com.google.protobuf.ByteString plaintext_ = com.google.protobuf.ByteString.EMPTY; + /** + * + * + *
+ * The decrypted data. + *+ * + *
bytes plaintext = 1;
+ *
+ * @return The plaintext.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getPlaintext() {
+ return plaintext_;
+ }
+
+ public static final int PLAINTEXT_CRC32C_FIELD_NUMBER = 2;
+ private com.google.protobuf.Int64Value plaintextCrc32C_;
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ *
+ * @return Whether the plaintextCrc32c field is set.
+ */
+ @java.lang.Override
+ public boolean hasPlaintextCrc32C() {
+ return plaintextCrc32C_ != null;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ *
+ * @return The plaintextCrc32c.
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64Value getPlaintextCrc32C() {
+ return plaintextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : plaintextCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64ValueOrBuilder getPlaintextCrc32COrBuilder() {
+ return plaintextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : plaintextCrc32C_;
+ }
+
+ public static final int PROTECTION_LEVEL_FIELD_NUMBER = 3;
+ private int protectionLevel_ = 0;
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * decryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 3;
+ *
+ * @return The enum numeric value on the wire for protectionLevel.
+ */
+ @java.lang.Override
+ public int getProtectionLevelValue() {
+ return protectionLevel_;
+ }
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * decryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 3;
+ *
+ * @return The protectionLevel.
+ */
+ @java.lang.Override
+ public com.google.cloud.kms.v1.ProtectionLevel getProtectionLevel() {
+ com.google.cloud.kms.v1.ProtectionLevel result =
+ com.google.cloud.kms.v1.ProtectionLevel.forNumber(protectionLevel_);
+ return result == null ? com.google.cloud.kms.v1.ProtectionLevel.UNRECOGNIZED : result;
+ }
+
+ public static final int VERIFIED_CIPHERTEXT_CRC32C_FIELD_NUMBER = 4;
+ private boolean verifiedCiphertextCrc32C_ = false;
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of the ciphertext. A false value of this + * field indicates either that + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_ciphertext_crc32c = 4;
+ *
+ * @return The verifiedCiphertextCrc32c.
+ */
+ @java.lang.Override
+ public boolean getVerifiedCiphertextCrc32C() {
+ return verifiedCiphertextCrc32C_;
+ }
+
+ public static final int VERIFIED_ADDITIONAL_AUTHENTICATED_DATA_CRC32C_FIELD_NUMBER = 5;
+ private boolean verifiedAdditionalAuthenticatedDataCrc32C_ = false;
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of additional_authenticated_data. A false + * value of this field indicates either that // + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_additional_authenticated_data_crc32c = 5;
+ *
+ * @return The verifiedAdditionalAuthenticatedDataCrc32c.
+ */
+ @java.lang.Override
+ public boolean getVerifiedAdditionalAuthenticatedDataCrc32C() {
+ return verifiedAdditionalAuthenticatedDataCrc32C_;
+ }
+
+ public static final int VERIFIED_INITIALIZATION_VECTOR_CRC32C_FIELD_NUMBER = 6;
+ private boolean verifiedInitializationVectorCrc32C_ = false;
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of initialization_vector. A false value of + * this field indicates either that + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_initialization_vector_crc32c = 6;
+ *
+ * @return The verifiedInitializationVectorCrc32c.
+ */
+ @java.lang.Override
+ public boolean getVerifiedInitializationVectorCrc32C() {
+ return verifiedInitializationVectorCrc32C_;
+ }
+
+ private byte memoizedIsInitialized = -1;
+
+ @java.lang.Override
+ public final boolean isInitialized() {
+ byte isInitialized = memoizedIsInitialized;
+ if (isInitialized == 1) return true;
+ if (isInitialized == 0) return false;
+
+ memoizedIsInitialized = 1;
+ return true;
+ }
+
+ @java.lang.Override
+ public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+ if (!plaintext_.isEmpty()) {
+ output.writeBytes(1, plaintext_);
+ }
+ if (plaintextCrc32C_ != null) {
+ output.writeMessage(2, getPlaintextCrc32C());
+ }
+ if (protectionLevel_
+ != com.google.cloud.kms.v1.ProtectionLevel.PROTECTION_LEVEL_UNSPECIFIED.getNumber()) {
+ output.writeEnum(3, protectionLevel_);
+ }
+ if (verifiedCiphertextCrc32C_ != false) {
+ output.writeBool(4, verifiedCiphertextCrc32C_);
+ }
+ if (verifiedAdditionalAuthenticatedDataCrc32C_ != false) {
+ output.writeBool(5, verifiedAdditionalAuthenticatedDataCrc32C_);
+ }
+ if (verifiedInitializationVectorCrc32C_ != false) {
+ output.writeBool(6, verifiedInitializationVectorCrc32C_);
+ }
+ getUnknownFields().writeTo(output);
+ }
+
+ @java.lang.Override
+ public int getSerializedSize() {
+ int size = memoizedSize;
+ if (size != -1) return size;
+
+ size = 0;
+ if (!plaintext_.isEmpty()) {
+ size += com.google.protobuf.CodedOutputStream.computeBytesSize(1, plaintext_);
+ }
+ if (plaintextCrc32C_ != null) {
+ size += com.google.protobuf.CodedOutputStream.computeMessageSize(2, getPlaintextCrc32C());
+ }
+ if (protectionLevel_
+ != com.google.cloud.kms.v1.ProtectionLevel.PROTECTION_LEVEL_UNSPECIFIED.getNumber()) {
+ size += com.google.protobuf.CodedOutputStream.computeEnumSize(3, protectionLevel_);
+ }
+ if (verifiedCiphertextCrc32C_ != false) {
+ size += com.google.protobuf.CodedOutputStream.computeBoolSize(4, verifiedCiphertextCrc32C_);
+ }
+ if (verifiedAdditionalAuthenticatedDataCrc32C_ != false) {
+ size +=
+ com.google.protobuf.CodedOutputStream.computeBoolSize(
+ 5, verifiedAdditionalAuthenticatedDataCrc32C_);
+ }
+ if (verifiedInitializationVectorCrc32C_ != false) {
+ size +=
+ com.google.protobuf.CodedOutputStream.computeBoolSize(
+ 6, verifiedInitializationVectorCrc32C_);
+ }
+ size += getUnknownFields().getSerializedSize();
+ memoizedSize = size;
+ return size;
+ }
+
+ @java.lang.Override
+ public boolean equals(final java.lang.Object obj) {
+ if (obj == this) {
+ return true;
+ }
+ if (!(obj instanceof com.google.cloud.kms.v1.RawDecryptResponse)) {
+ return super.equals(obj);
+ }
+ com.google.cloud.kms.v1.RawDecryptResponse other =
+ (com.google.cloud.kms.v1.RawDecryptResponse) obj;
+
+ if (!getPlaintext().equals(other.getPlaintext())) return false;
+ if (hasPlaintextCrc32C() != other.hasPlaintextCrc32C()) return false;
+ if (hasPlaintextCrc32C()) {
+ if (!getPlaintextCrc32C().equals(other.getPlaintextCrc32C())) return false;
+ }
+ if (protectionLevel_ != other.protectionLevel_) return false;
+ if (getVerifiedCiphertextCrc32C() != other.getVerifiedCiphertextCrc32C()) return false;
+ if (getVerifiedAdditionalAuthenticatedDataCrc32C()
+ != other.getVerifiedAdditionalAuthenticatedDataCrc32C()) return false;
+ if (getVerifiedInitializationVectorCrc32C() != other.getVerifiedInitializationVectorCrc32C())
+ return false;
+ if (!getUnknownFields().equals(other.getUnknownFields())) return false;
+ return true;
+ }
+
+ @java.lang.Override
+ public int hashCode() {
+ if (memoizedHashCode != 0) {
+ return memoizedHashCode;
+ }
+ int hash = 41;
+ hash = (19 * hash) + getDescriptor().hashCode();
+ hash = (37 * hash) + PLAINTEXT_FIELD_NUMBER;
+ hash = (53 * hash) + getPlaintext().hashCode();
+ if (hasPlaintextCrc32C()) {
+ hash = (37 * hash) + PLAINTEXT_CRC32C_FIELD_NUMBER;
+ hash = (53 * hash) + getPlaintextCrc32C().hashCode();
+ }
+ hash = (37 * hash) + PROTECTION_LEVEL_FIELD_NUMBER;
+ hash = (53 * hash) + protectionLevel_;
+ hash = (37 * hash) + VERIFIED_CIPHERTEXT_CRC32C_FIELD_NUMBER;
+ hash = (53 * hash) + com.google.protobuf.Internal.hashBoolean(getVerifiedCiphertextCrc32C());
+ hash = (37 * hash) + VERIFIED_ADDITIONAL_AUTHENTICATED_DATA_CRC32C_FIELD_NUMBER;
+ hash =
+ (53 * hash)
+ + com.google.protobuf.Internal.hashBoolean(
+ getVerifiedAdditionalAuthenticatedDataCrc32C());
+ hash = (37 * hash) + VERIFIED_INITIALIZATION_VECTOR_CRC32C_FIELD_NUMBER;
+ hash =
+ (53 * hash)
+ + com.google.protobuf.Internal.hashBoolean(getVerifiedInitializationVectorCrc32C());
+ hash = (29 * hash) + getUnknownFields().hashCode();
+ memoizedHashCode = hash;
+ return hash;
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptResponse parseFrom(java.nio.ByteBuffer data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptResponse parseFrom(
+ java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptResponse parseFrom(
+ com.google.protobuf.ByteString data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptResponse parseFrom(
+ com.google.protobuf.ByteString data,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptResponse parseFrom(byte[] data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptResponse parseFrom(
+ byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptResponse parseFrom(java.io.InputStream input)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptResponse parseFrom(
+ java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+ PARSER, input, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptResponse parseDelimitedFrom(
+ java.io.InputStream input) throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptResponse parseDelimitedFrom(
+ java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+ PARSER, input, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptResponse parseFrom(
+ com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptResponse parseFrom(
+ com.google.protobuf.CodedInputStream input,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+ PARSER, input, extensionRegistry);
+ }
+
+ @java.lang.Override
+ public Builder newBuilderForType() {
+ return newBuilder();
+ }
+
+ public static Builder newBuilder() {
+ return DEFAULT_INSTANCE.toBuilder();
+ }
+
+ public static Builder newBuilder(com.google.cloud.kms.v1.RawDecryptResponse prototype) {
+ return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+ }
+
+ @java.lang.Override
+ public Builder toBuilder() {
+ return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+ }
+
+ @java.lang.Override
+ protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+ Builder builder = new Builder(parent);
+ return builder;
+ }
+ /**
+ *
+ *
+ * + * Response message for + * [KeyManagementService.RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt]. + *+ * + * Protobuf type {@code google.cloud.kms.v1.RawDecryptResponse} + */ + public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder
+ * The decrypted data. + *+ * + *
bytes plaintext = 1;
+ *
+ * @return The plaintext.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getPlaintext() {
+ return plaintext_;
+ }
+ /**
+ *
+ *
+ * + * The decrypted data. + *+ * + *
bytes plaintext = 1;
+ *
+ * @param value The plaintext to set.
+ * @return This builder for chaining.
+ */
+ public Builder setPlaintext(com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ plaintext_ = value;
+ bitField0_ |= 0x00000001;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * The decrypted data. + *+ * + *
bytes plaintext = 1;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearPlaintext() {
+ bitField0_ = (bitField0_ & ~0x00000001);
+ plaintext_ = getDefaultInstance().getPlaintext();
+ onChanged();
+ return this;
+ }
+
+ private com.google.protobuf.Int64Value plaintextCrc32C_;
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ plaintextCrc32CBuilder_;
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ *
+ * @return Whether the plaintextCrc32c field is set.
+ */
+ public boolean hasPlaintextCrc32C() {
+ return ((bitField0_ & 0x00000002) != 0);
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ *
+ * @return The plaintextCrc32c.
+ */
+ public com.google.protobuf.Int64Value getPlaintextCrc32C() {
+ if (plaintextCrc32CBuilder_ == null) {
+ return plaintextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : plaintextCrc32C_;
+ } else {
+ return plaintextCrc32CBuilder_.getMessage();
+ }
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ */
+ public Builder setPlaintextCrc32C(com.google.protobuf.Int64Value value) {
+ if (plaintextCrc32CBuilder_ == null) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ plaintextCrc32C_ = value;
+ } else {
+ plaintextCrc32CBuilder_.setMessage(value);
+ }
+ bitField0_ |= 0x00000002;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ */
+ public Builder setPlaintextCrc32C(com.google.protobuf.Int64Value.Builder builderForValue) {
+ if (plaintextCrc32CBuilder_ == null) {
+ plaintextCrc32C_ = builderForValue.build();
+ } else {
+ plaintextCrc32CBuilder_.setMessage(builderForValue.build());
+ }
+ bitField0_ |= 0x00000002;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ */
+ public Builder mergePlaintextCrc32C(com.google.protobuf.Int64Value value) {
+ if (plaintextCrc32CBuilder_ == null) {
+ if (((bitField0_ & 0x00000002) != 0)
+ && plaintextCrc32C_ != null
+ && plaintextCrc32C_ != com.google.protobuf.Int64Value.getDefaultInstance()) {
+ getPlaintextCrc32CBuilder().mergeFrom(value);
+ } else {
+ plaintextCrc32C_ = value;
+ }
+ } else {
+ plaintextCrc32CBuilder_.mergeFrom(value);
+ }
+ bitField0_ |= 0x00000002;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ */
+ public Builder clearPlaintextCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000002);
+ plaintextCrc32C_ = null;
+ if (plaintextCrc32CBuilder_ != null) {
+ plaintextCrc32CBuilder_.dispose();
+ plaintextCrc32CBuilder_ = null;
+ }
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ */
+ public com.google.protobuf.Int64Value.Builder getPlaintextCrc32CBuilder() {
+ bitField0_ |= 0x00000002;
+ onChanged();
+ return getPlaintextCrc32CFieldBuilder().getBuilder();
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ */
+ public com.google.protobuf.Int64ValueOrBuilder getPlaintextCrc32COrBuilder() {
+ if (plaintextCrc32CBuilder_ != null) {
+ return plaintextCrc32CBuilder_.getMessageOrBuilder();
+ } else {
+ return plaintextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : plaintextCrc32C_;
+ }
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ */
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ getPlaintextCrc32CFieldBuilder() {
+ if (plaintextCrc32CBuilder_ == null) {
+ plaintextCrc32CBuilder_ =
+ new com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>(
+ getPlaintextCrc32C(), getParentForChildren(), isClean());
+ plaintextCrc32C_ = null;
+ }
+ return plaintextCrc32CBuilder_;
+ }
+
+ private int protectionLevel_ = 0;
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * decryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 3;
+ *
+ * @return The enum numeric value on the wire for protectionLevel.
+ */
+ @java.lang.Override
+ public int getProtectionLevelValue() {
+ return protectionLevel_;
+ }
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * decryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 3;
+ *
+ * @param value The enum numeric value on the wire for protectionLevel to set.
+ * @return This builder for chaining.
+ */
+ public Builder setProtectionLevelValue(int value) {
+ protectionLevel_ = value;
+ bitField0_ |= 0x00000004;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * decryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 3;
+ *
+ * @return The protectionLevel.
+ */
+ @java.lang.Override
+ public com.google.cloud.kms.v1.ProtectionLevel getProtectionLevel() {
+ com.google.cloud.kms.v1.ProtectionLevel result =
+ com.google.cloud.kms.v1.ProtectionLevel.forNumber(protectionLevel_);
+ return result == null ? com.google.cloud.kms.v1.ProtectionLevel.UNRECOGNIZED : result;
+ }
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * decryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 3;
+ *
+ * @param value The protectionLevel to set.
+ * @return This builder for chaining.
+ */
+ public Builder setProtectionLevel(com.google.cloud.kms.v1.ProtectionLevel value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ bitField0_ |= 0x00000004;
+ protectionLevel_ = value.getNumber();
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * decryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 3;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearProtectionLevel() {
+ bitField0_ = (bitField0_ & ~0x00000004);
+ protectionLevel_ = 0;
+ onChanged();
+ return this;
+ }
+
+ private boolean verifiedCiphertextCrc32C_;
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of the ciphertext. A false value of this + * field indicates either that + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_ciphertext_crc32c = 4;
+ *
+ * @return The verifiedCiphertextCrc32c.
+ */
+ @java.lang.Override
+ public boolean getVerifiedCiphertextCrc32C() {
+ return verifiedCiphertextCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of the ciphertext. A false value of this + * field indicates either that + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_ciphertext_crc32c = 4;
+ *
+ * @param value The verifiedCiphertextCrc32c to set.
+ * @return This builder for chaining.
+ */
+ public Builder setVerifiedCiphertextCrc32C(boolean value) {
+
+ verifiedCiphertextCrc32C_ = value;
+ bitField0_ |= 0x00000008;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of the ciphertext. A false value of this + * field indicates either that + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_ciphertext_crc32c = 4;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearVerifiedCiphertextCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000008);
+ verifiedCiphertextCrc32C_ = false;
+ onChanged();
+ return this;
+ }
+
+ private boolean verifiedAdditionalAuthenticatedDataCrc32C_;
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of additional_authenticated_data. A false + * value of this field indicates either that // + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_additional_authenticated_data_crc32c = 5;
+ *
+ * @return The verifiedAdditionalAuthenticatedDataCrc32c.
+ */
+ @java.lang.Override
+ public boolean getVerifiedAdditionalAuthenticatedDataCrc32C() {
+ return verifiedAdditionalAuthenticatedDataCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of additional_authenticated_data. A false + * value of this field indicates either that // + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_additional_authenticated_data_crc32c = 5;
+ *
+ * @param value The verifiedAdditionalAuthenticatedDataCrc32c to set.
+ * @return This builder for chaining.
+ */
+ public Builder setVerifiedAdditionalAuthenticatedDataCrc32C(boolean value) {
+
+ verifiedAdditionalAuthenticatedDataCrc32C_ = value;
+ bitField0_ |= 0x00000010;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of additional_authenticated_data. A false + * value of this field indicates either that // + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_additional_authenticated_data_crc32c = 5;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearVerifiedAdditionalAuthenticatedDataCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000010);
+ verifiedAdditionalAuthenticatedDataCrc32C_ = false;
+ onChanged();
+ return this;
+ }
+
+ private boolean verifiedInitializationVectorCrc32C_;
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of initialization_vector. A false value of + * this field indicates either that + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_initialization_vector_crc32c = 6;
+ *
+ * @return The verifiedInitializationVectorCrc32c.
+ */
+ @java.lang.Override
+ public boolean getVerifiedInitializationVectorCrc32C() {
+ return verifiedInitializationVectorCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of initialization_vector. A false value of + * this field indicates either that + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_initialization_vector_crc32c = 6;
+ *
+ * @param value The verifiedInitializationVectorCrc32c to set.
+ * @return This builder for chaining.
+ */
+ public Builder setVerifiedInitializationVectorCrc32C(boolean value) {
+
+ verifiedInitializationVectorCrc32C_ = value;
+ bitField0_ |= 0x00000020;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of initialization_vector. A false value of + * this field indicates either that + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_initialization_vector_crc32c = 6;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearVerifiedInitializationVectorCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000020);
+ verifiedInitializationVectorCrc32C_ = false;
+ onChanged();
+ return this;
+ }
+
+ @java.lang.Override
+ public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+ return super.setUnknownFields(unknownFields);
+ }
+
+ @java.lang.Override
+ public final Builder mergeUnknownFields(
+ final com.google.protobuf.UnknownFieldSet unknownFields) {
+ return super.mergeUnknownFields(unknownFields);
+ }
+
+ // @@protoc_insertion_point(builder_scope:google.cloud.kms.v1.RawDecryptResponse)
+ }
+
+ // @@protoc_insertion_point(class_scope:google.cloud.kms.v1.RawDecryptResponse)
+ private static final com.google.cloud.kms.v1.RawDecryptResponse DEFAULT_INSTANCE;
+
+ static {
+ DEFAULT_INSTANCE = new com.google.cloud.kms.v1.RawDecryptResponse();
+ }
+
+ public static com.google.cloud.kms.v1.RawDecryptResponse getDefaultInstance() {
+ return DEFAULT_INSTANCE;
+ }
+
+ private static final com.google.protobuf.Parser+ * The decrypted data. + *+ * + *
bytes plaintext = 1;
+ *
+ * @return The plaintext.
+ */
+ com.google.protobuf.ByteString getPlaintext();
+
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ *
+ * @return Whether the plaintextCrc32c field is set.
+ */
+ boolean hasPlaintextCrc32C();
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ *
+ * @return The plaintextCrc32c.
+ */
+ com.google.protobuf.Int64Value getPlaintextCrc32C();
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext]. + * An integrity check of plaintext can be performed by computing the CRC32C + * checksum of plaintext and comparing your results to this field. Discard the + * response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: receiving this response message + * indicates that + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + * successfully decrypt the + * [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext]. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
.google.protobuf.Int64Value plaintext_crc32c = 2;
+ */
+ com.google.protobuf.Int64ValueOrBuilder getPlaintextCrc32COrBuilder();
+
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * decryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 3;
+ *
+ * @return The enum numeric value on the wire for protectionLevel.
+ */
+ int getProtectionLevelValue();
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * decryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 3;
+ *
+ * @return The protectionLevel.
+ */
+ com.google.cloud.kms.v1.ProtectionLevel getProtectionLevel();
+
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of the ciphertext. A false value of this + * field indicates either that + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_ciphertext_crc32c = 4;
+ *
+ * @return The verifiedCiphertextCrc32c.
+ */
+ boolean getVerifiedCiphertextCrc32C();
+
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of additional_authenticated_data. A false + * value of this field indicates either that // + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_additional_authenticated_data_crc32c = 5;
+ *
+ * @return The verifiedAdditionalAuthenticatedDataCrc32c.
+ */
+ boolean getVerifiedAdditionalAuthenticatedDataCrc32C();
+
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of initialization_vector. A false value of + * this field indicates either that + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_initialization_vector_crc32c = 6;
+ *
+ * @return The verifiedInitializationVectorCrc32c.
+ */
+ boolean getVerifiedInitializationVectorCrc32C();
+}
diff --git a/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/RawEncryptRequest.java b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/RawEncryptRequest.java
new file mode 100644
index 000000000000..259a0eb3a5f8
--- /dev/null
+++ b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/RawEncryptRequest.java
@@ -0,0 +1,2448 @@
+/*
+ * Copyright 2023 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler. DO NOT EDIT!
+// source: google/cloud/kms/v1/service.proto
+
+package com.google.cloud.kms.v1;
+
+/**
+ *
+ *
+ * + * Request message for + * [KeyManagementService.RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt]. + *+ * + * Protobuf type {@code google.cloud.kms.v1.RawEncryptRequest} + */ +public final class RawEncryptRequest extends com.google.protobuf.GeneratedMessageV3 + implements + // @@protoc_insertion_point(message_implements:google.cloud.kms.v1.RawEncryptRequest) + RawEncryptRequestOrBuilder { + private static final long serialVersionUID = 0L; + // Use RawEncryptRequest.newBuilder() to construct. + private RawEncryptRequest(com.google.protobuf.GeneratedMessageV3.Builder builder) { + super(builder); + } + + private RawEncryptRequest() { + name_ = ""; + plaintext_ = com.google.protobuf.ByteString.EMPTY; + additionalAuthenticatedData_ = com.google.protobuf.ByteString.EMPTY; + initializationVector_ = com.google.protobuf.ByteString.EMPTY; + } + + @java.lang.Override + @SuppressWarnings({"unused"}) + protected java.lang.Object newInstance(UnusedPrivateParameter unused) { + return new RawEncryptRequest(); + } + + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return com.google.cloud.kms.v1.KmsProto + .internal_static_google_cloud_kms_v1_RawEncryptRequest_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return com.google.cloud.kms.v1.KmsProto + .internal_static_google_cloud_kms_v1_RawEncryptRequest_fieldAccessorTable + .ensureFieldAccessorsInitialized( + com.google.cloud.kms.v1.RawEncryptRequest.class, + com.google.cloud.kms.v1.RawEncryptRequest.Builder.class); + } + + public static final int NAME_FIELD_NUMBER = 1; + + @SuppressWarnings("serial") + private volatile java.lang.Object name_ = ""; + /** + * + * + *
+ * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * encryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The name.
+ */
+ @java.lang.Override
+ public java.lang.String getName() {
+ java.lang.Object ref = name_;
+ if (ref instanceof java.lang.String) {
+ return (java.lang.String) ref;
+ } else {
+ com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+ java.lang.String s = bs.toStringUtf8();
+ name_ = s;
+ return s;
+ }
+ }
+ /**
+ *
+ *
+ * + * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * encryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The bytes for name.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getNameBytes() {
+ java.lang.Object ref = name_;
+ if (ref instanceof java.lang.String) {
+ com.google.protobuf.ByteString b =
+ com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+ name_ = b;
+ return b;
+ } else {
+ return (com.google.protobuf.ByteString) ref;
+ }
+ }
+
+ public static final int PLAINTEXT_FIELD_NUMBER = 2;
+ private com.google.protobuf.ByteString plaintext_ = com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * Required. The data to encrypt. Must be no larger than 64KiB. + * + * The maximum size depends on the key version's + * [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. + * For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the + * plaintext must be no larger than 64KiB. For + * [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of + * the plaintext and additional_authenticated_data fields must be no larger + * than 8KiB. + *+ * + *
bytes plaintext = 2 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The plaintext.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getPlaintext() {
+ return plaintext_;
+ }
+
+ public static final int ADDITIONAL_AUTHENTICATED_DATA_FIELD_NUMBER = 3;
+ private com.google.protobuf.ByteString additionalAuthenticatedData_ =
+ com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * Optional. Optional data that, if specified, must also be provided during + * decryption through + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * + * This field may only be used in conjunction with an + * [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm] that accepts + * additional authenticated data (for example, AES-GCM). + * + * The maximum size depends on the key version's + * [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. + * For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the + * plaintext must be no larger than 64KiB. For + * [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of + * the plaintext and additional_authenticated_data fields must be no larger + * than 8KiB. + *+ * + *
bytes additional_authenticated_data = 3 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ * @return The additionalAuthenticatedData.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getAdditionalAuthenticatedData() {
+ return additionalAuthenticatedData_;
+ }
+
+ public static final int PLAINTEXT_CRC32C_FIELD_NUMBER = 4;
+ private com.google.protobuf.Int64Value plaintextCrc32C_;
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the plaintextCrc32c field is set.
+ */
+ @java.lang.Override
+ public boolean hasPlaintextCrc32C() {
+ return plaintextCrc32C_ != null;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The plaintextCrc32c.
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64Value getPlaintextCrc32C() {
+ return plaintextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : plaintextCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64ValueOrBuilder getPlaintextCrc32COrBuilder() {
+ return plaintextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : plaintextCrc32C_;
+ }
+
+ public static final int ADDITIONAL_AUTHENTICATED_DATA_CRC32C_FIELD_NUMBER = 5;
+ private com.google.protobuf.Int64Value additionalAuthenticatedDataCrc32C_;
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the additionalAuthenticatedDataCrc32c field is set.
+ */
+ @java.lang.Override
+ public boolean hasAdditionalAuthenticatedDataCrc32C() {
+ return additionalAuthenticatedDataCrc32C_ != null;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The additionalAuthenticatedDataCrc32c.
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64Value getAdditionalAuthenticatedDataCrc32C() {
+ return additionalAuthenticatedDataCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : additionalAuthenticatedDataCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64ValueOrBuilder getAdditionalAuthenticatedDataCrc32COrBuilder() {
+ return additionalAuthenticatedDataCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : additionalAuthenticatedDataCrc32C_;
+ }
+
+ public static final int INITIALIZATION_VECTOR_FIELD_NUMBER = 6;
+ private com.google.protobuf.ByteString initializationVector_ =
+ com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * Optional. A customer-supplied initialization vector that will be used for + * encryption. If it is not provided for AES-CBC and AES-CTR, one will be + * generated. It will be returned in + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + *+ * + *
bytes initialization_vector = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ * @return The initializationVector.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getInitializationVector() {
+ return initializationVector_;
+ }
+
+ public static final int INITIALIZATION_VECTOR_CRC32C_FIELD_NUMBER = 7;
+ private com.google.protobuf.Int64Value initializationVectorCrc32C_;
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the initializationVectorCrc32c field is set.
+ */
+ @java.lang.Override
+ public boolean hasInitializationVectorCrc32C() {
+ return initializationVectorCrc32C_ != null;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The initializationVectorCrc32c.
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64Value getInitializationVectorCrc32C() {
+ return initializationVectorCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : initializationVectorCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64ValueOrBuilder getInitializationVectorCrc32COrBuilder() {
+ return initializationVectorCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : initializationVectorCrc32C_;
+ }
+
+ private byte memoizedIsInitialized = -1;
+
+ @java.lang.Override
+ public final boolean isInitialized() {
+ byte isInitialized = memoizedIsInitialized;
+ if (isInitialized == 1) return true;
+ if (isInitialized == 0) return false;
+
+ memoizedIsInitialized = 1;
+ return true;
+ }
+
+ @java.lang.Override
+ public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+ if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+ com.google.protobuf.GeneratedMessageV3.writeString(output, 1, name_);
+ }
+ if (!plaintext_.isEmpty()) {
+ output.writeBytes(2, plaintext_);
+ }
+ if (!additionalAuthenticatedData_.isEmpty()) {
+ output.writeBytes(3, additionalAuthenticatedData_);
+ }
+ if (plaintextCrc32C_ != null) {
+ output.writeMessage(4, getPlaintextCrc32C());
+ }
+ if (additionalAuthenticatedDataCrc32C_ != null) {
+ output.writeMessage(5, getAdditionalAuthenticatedDataCrc32C());
+ }
+ if (!initializationVector_.isEmpty()) {
+ output.writeBytes(6, initializationVector_);
+ }
+ if (initializationVectorCrc32C_ != null) {
+ output.writeMessage(7, getInitializationVectorCrc32C());
+ }
+ getUnknownFields().writeTo(output);
+ }
+
+ @java.lang.Override
+ public int getSerializedSize() {
+ int size = memoizedSize;
+ if (size != -1) return size;
+
+ size = 0;
+ if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+ size += com.google.protobuf.GeneratedMessageV3.computeStringSize(1, name_);
+ }
+ if (!plaintext_.isEmpty()) {
+ size += com.google.protobuf.CodedOutputStream.computeBytesSize(2, plaintext_);
+ }
+ if (!additionalAuthenticatedData_.isEmpty()) {
+ size +=
+ com.google.protobuf.CodedOutputStream.computeBytesSize(3, additionalAuthenticatedData_);
+ }
+ if (plaintextCrc32C_ != null) {
+ size += com.google.protobuf.CodedOutputStream.computeMessageSize(4, getPlaintextCrc32C());
+ }
+ if (additionalAuthenticatedDataCrc32C_ != null) {
+ size +=
+ com.google.protobuf.CodedOutputStream.computeMessageSize(
+ 5, getAdditionalAuthenticatedDataCrc32C());
+ }
+ if (!initializationVector_.isEmpty()) {
+ size += com.google.protobuf.CodedOutputStream.computeBytesSize(6, initializationVector_);
+ }
+ if (initializationVectorCrc32C_ != null) {
+ size +=
+ com.google.protobuf.CodedOutputStream.computeMessageSize(
+ 7, getInitializationVectorCrc32C());
+ }
+ size += getUnknownFields().getSerializedSize();
+ memoizedSize = size;
+ return size;
+ }
+
+ @java.lang.Override
+ public boolean equals(final java.lang.Object obj) {
+ if (obj == this) {
+ return true;
+ }
+ if (!(obj instanceof com.google.cloud.kms.v1.RawEncryptRequest)) {
+ return super.equals(obj);
+ }
+ com.google.cloud.kms.v1.RawEncryptRequest other =
+ (com.google.cloud.kms.v1.RawEncryptRequest) obj;
+
+ if (!getName().equals(other.getName())) return false;
+ if (!getPlaintext().equals(other.getPlaintext())) return false;
+ if (!getAdditionalAuthenticatedData().equals(other.getAdditionalAuthenticatedData()))
+ return false;
+ if (hasPlaintextCrc32C() != other.hasPlaintextCrc32C()) return false;
+ if (hasPlaintextCrc32C()) {
+ if (!getPlaintextCrc32C().equals(other.getPlaintextCrc32C())) return false;
+ }
+ if (hasAdditionalAuthenticatedDataCrc32C() != other.hasAdditionalAuthenticatedDataCrc32C())
+ return false;
+ if (hasAdditionalAuthenticatedDataCrc32C()) {
+ if (!getAdditionalAuthenticatedDataCrc32C()
+ .equals(other.getAdditionalAuthenticatedDataCrc32C())) return false;
+ }
+ if (!getInitializationVector().equals(other.getInitializationVector())) return false;
+ if (hasInitializationVectorCrc32C() != other.hasInitializationVectorCrc32C()) return false;
+ if (hasInitializationVectorCrc32C()) {
+ if (!getInitializationVectorCrc32C().equals(other.getInitializationVectorCrc32C()))
+ return false;
+ }
+ if (!getUnknownFields().equals(other.getUnknownFields())) return false;
+ return true;
+ }
+
+ @java.lang.Override
+ public int hashCode() {
+ if (memoizedHashCode != 0) {
+ return memoizedHashCode;
+ }
+ int hash = 41;
+ hash = (19 * hash) + getDescriptor().hashCode();
+ hash = (37 * hash) + NAME_FIELD_NUMBER;
+ hash = (53 * hash) + getName().hashCode();
+ hash = (37 * hash) + PLAINTEXT_FIELD_NUMBER;
+ hash = (53 * hash) + getPlaintext().hashCode();
+ hash = (37 * hash) + ADDITIONAL_AUTHENTICATED_DATA_FIELD_NUMBER;
+ hash = (53 * hash) + getAdditionalAuthenticatedData().hashCode();
+ if (hasPlaintextCrc32C()) {
+ hash = (37 * hash) + PLAINTEXT_CRC32C_FIELD_NUMBER;
+ hash = (53 * hash) + getPlaintextCrc32C().hashCode();
+ }
+ if (hasAdditionalAuthenticatedDataCrc32C()) {
+ hash = (37 * hash) + ADDITIONAL_AUTHENTICATED_DATA_CRC32C_FIELD_NUMBER;
+ hash = (53 * hash) + getAdditionalAuthenticatedDataCrc32C().hashCode();
+ }
+ hash = (37 * hash) + INITIALIZATION_VECTOR_FIELD_NUMBER;
+ hash = (53 * hash) + getInitializationVector().hashCode();
+ if (hasInitializationVectorCrc32C()) {
+ hash = (37 * hash) + INITIALIZATION_VECTOR_CRC32C_FIELD_NUMBER;
+ hash = (53 * hash) + getInitializationVectorCrc32C().hashCode();
+ }
+ hash = (29 * hash) + getUnknownFields().hashCode();
+ memoizedHashCode = hash;
+ return hash;
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptRequest parseFrom(java.nio.ByteBuffer data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptRequest parseFrom(
+ java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptRequest parseFrom(
+ com.google.protobuf.ByteString data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptRequest parseFrom(
+ com.google.protobuf.ByteString data,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptRequest parseFrom(byte[] data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptRequest parseFrom(
+ byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptRequest parseFrom(java.io.InputStream input)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptRequest parseFrom(
+ java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+ PARSER, input, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptRequest parseDelimitedFrom(
+ java.io.InputStream input) throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptRequest parseDelimitedFrom(
+ java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+ PARSER, input, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptRequest parseFrom(
+ com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptRequest parseFrom(
+ com.google.protobuf.CodedInputStream input,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+ PARSER, input, extensionRegistry);
+ }
+
+ @java.lang.Override
+ public Builder newBuilderForType() {
+ return newBuilder();
+ }
+
+ public static Builder newBuilder() {
+ return DEFAULT_INSTANCE.toBuilder();
+ }
+
+ public static Builder newBuilder(com.google.cloud.kms.v1.RawEncryptRequest prototype) {
+ return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+ }
+
+ @java.lang.Override
+ public Builder toBuilder() {
+ return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+ }
+
+ @java.lang.Override
+ protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+ Builder builder = new Builder(parent);
+ return builder;
+ }
+ /**
+ *
+ *
+ * + * Request message for + * [KeyManagementService.RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt]. + *+ * + * Protobuf type {@code google.cloud.kms.v1.RawEncryptRequest} + */ + public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder
+ * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * encryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The name.
+ */
+ public java.lang.String getName() {
+ java.lang.Object ref = name_;
+ if (!(ref instanceof java.lang.String)) {
+ com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+ java.lang.String s = bs.toStringUtf8();
+ name_ = s;
+ return s;
+ } else {
+ return (java.lang.String) ref;
+ }
+ }
+ /**
+ *
+ *
+ * + * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * encryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The bytes for name.
+ */
+ public com.google.protobuf.ByteString getNameBytes() {
+ java.lang.Object ref = name_;
+ if (ref instanceof String) {
+ com.google.protobuf.ByteString b =
+ com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+ name_ = b;
+ return b;
+ } else {
+ return (com.google.protobuf.ByteString) ref;
+ }
+ }
+ /**
+ *
+ *
+ * + * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * encryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @param value The name to set.
+ * @return This builder for chaining.
+ */
+ public Builder setName(java.lang.String value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ name_ = value;
+ bitField0_ |= 0x00000001;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * encryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearName() {
+ name_ = getDefaultInstance().getName();
+ bitField0_ = (bitField0_ & ~0x00000001);
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * encryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @param value The bytes for name to set.
+ * @return This builder for chaining.
+ */
+ public Builder setNameBytes(com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ checkByteStringIsUtf8(value);
+ name_ = value;
+ bitField0_ |= 0x00000001;
+ onChanged();
+ return this;
+ }
+
+ private com.google.protobuf.ByteString plaintext_ = com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * Required. The data to encrypt. Must be no larger than 64KiB. + * + * The maximum size depends on the key version's + * [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. + * For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the + * plaintext must be no larger than 64KiB. For + * [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of + * the plaintext and additional_authenticated_data fields must be no larger + * than 8KiB. + *+ * + *
bytes plaintext = 2 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The plaintext.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getPlaintext() {
+ return plaintext_;
+ }
+ /**
+ *
+ *
+ * + * Required. The data to encrypt. Must be no larger than 64KiB. + * + * The maximum size depends on the key version's + * [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. + * For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the + * plaintext must be no larger than 64KiB. For + * [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of + * the plaintext and additional_authenticated_data fields must be no larger + * than 8KiB. + *+ * + *
bytes plaintext = 2 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @param value The plaintext to set.
+ * @return This builder for chaining.
+ */
+ public Builder setPlaintext(com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ plaintext_ = value;
+ bitField0_ |= 0x00000002;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Required. The data to encrypt. Must be no larger than 64KiB. + * + * The maximum size depends on the key version's + * [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. + * For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the + * plaintext must be no larger than 64KiB. For + * [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of + * the plaintext and additional_authenticated_data fields must be no larger + * than 8KiB. + *+ * + *
bytes plaintext = 2 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearPlaintext() {
+ bitField0_ = (bitField0_ & ~0x00000002);
+ plaintext_ = getDefaultInstance().getPlaintext();
+ onChanged();
+ return this;
+ }
+
+ private com.google.protobuf.ByteString additionalAuthenticatedData_ =
+ com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * Optional. Optional data that, if specified, must also be provided during + * decryption through + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * + * This field may only be used in conjunction with an + * [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm] that accepts + * additional authenticated data (for example, AES-GCM). + * + * The maximum size depends on the key version's + * [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. + * For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the + * plaintext must be no larger than 64KiB. For + * [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of + * the plaintext and additional_authenticated_data fields must be no larger + * than 8KiB. + *+ * + *
bytes additional_authenticated_data = 3 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The additionalAuthenticatedData.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getAdditionalAuthenticatedData() {
+ return additionalAuthenticatedData_;
+ }
+ /**
+ *
+ *
+ * + * Optional. Optional data that, if specified, must also be provided during + * decryption through + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * + * This field may only be used in conjunction with an + * [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm] that accepts + * additional authenticated data (for example, AES-GCM). + * + * The maximum size depends on the key version's + * [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. + * For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the + * plaintext must be no larger than 64KiB. For + * [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of + * the plaintext and additional_authenticated_data fields must be no larger + * than 8KiB. + *+ * + *
bytes additional_authenticated_data = 3 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @param value The additionalAuthenticatedData to set.
+ * @return This builder for chaining.
+ */
+ public Builder setAdditionalAuthenticatedData(com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ additionalAuthenticatedData_ = value;
+ bitField0_ |= 0x00000004;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. Optional data that, if specified, must also be provided during + * decryption through + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * + * This field may only be used in conjunction with an + * [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm] that accepts + * additional authenticated data (for example, AES-GCM). + * + * The maximum size depends on the key version's + * [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. + * For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the + * plaintext must be no larger than 64KiB. For + * [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of + * the plaintext and additional_authenticated_data fields must be no larger + * than 8KiB. + *+ * + *
bytes additional_authenticated_data = 3 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearAdditionalAuthenticatedData() {
+ bitField0_ = (bitField0_ & ~0x00000004);
+ additionalAuthenticatedData_ = getDefaultInstance().getAdditionalAuthenticatedData();
+ onChanged();
+ return this;
+ }
+
+ private com.google.protobuf.Int64Value plaintextCrc32C_;
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ plaintextCrc32CBuilder_;
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the plaintextCrc32c field is set.
+ */
+ public boolean hasPlaintextCrc32C() {
+ return ((bitField0_ & 0x00000008) != 0);
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The plaintextCrc32c.
+ */
+ public com.google.protobuf.Int64Value getPlaintextCrc32C() {
+ if (plaintextCrc32CBuilder_ == null) {
+ return plaintextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : plaintextCrc32C_;
+ } else {
+ return plaintextCrc32CBuilder_.getMessage();
+ }
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder setPlaintextCrc32C(com.google.protobuf.Int64Value value) {
+ if (plaintextCrc32CBuilder_ == null) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ plaintextCrc32C_ = value;
+ } else {
+ plaintextCrc32CBuilder_.setMessage(value);
+ }
+ bitField0_ |= 0x00000008;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder setPlaintextCrc32C(com.google.protobuf.Int64Value.Builder builderForValue) {
+ if (plaintextCrc32CBuilder_ == null) {
+ plaintextCrc32C_ = builderForValue.build();
+ } else {
+ plaintextCrc32CBuilder_.setMessage(builderForValue.build());
+ }
+ bitField0_ |= 0x00000008;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder mergePlaintextCrc32C(com.google.protobuf.Int64Value value) {
+ if (plaintextCrc32CBuilder_ == null) {
+ if (((bitField0_ & 0x00000008) != 0)
+ && plaintextCrc32C_ != null
+ && plaintextCrc32C_ != com.google.protobuf.Int64Value.getDefaultInstance()) {
+ getPlaintextCrc32CBuilder().mergeFrom(value);
+ } else {
+ plaintextCrc32C_ = value;
+ }
+ } else {
+ plaintextCrc32CBuilder_.mergeFrom(value);
+ }
+ bitField0_ |= 0x00000008;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder clearPlaintextCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000008);
+ plaintextCrc32C_ = null;
+ if (plaintextCrc32CBuilder_ != null) {
+ plaintextCrc32CBuilder_.dispose();
+ plaintextCrc32CBuilder_ = null;
+ }
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public com.google.protobuf.Int64Value.Builder getPlaintextCrc32CBuilder() {
+ bitField0_ |= 0x00000008;
+ onChanged();
+ return getPlaintextCrc32CFieldBuilder().getBuilder();
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public com.google.protobuf.Int64ValueOrBuilder getPlaintextCrc32COrBuilder() {
+ if (plaintextCrc32CBuilder_ != null) {
+ return plaintextCrc32CBuilder_.getMessageOrBuilder();
+ } else {
+ return plaintextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : plaintextCrc32C_;
+ }
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ getPlaintextCrc32CFieldBuilder() {
+ if (plaintextCrc32CBuilder_ == null) {
+ plaintextCrc32CBuilder_ =
+ new com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>(
+ getPlaintextCrc32C(), getParentForChildren(), isClean());
+ plaintextCrc32C_ = null;
+ }
+ return plaintextCrc32CBuilder_;
+ }
+
+ private com.google.protobuf.Int64Value additionalAuthenticatedDataCrc32C_;
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ additionalAuthenticatedDataCrc32CBuilder_;
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the additionalAuthenticatedDataCrc32c field is set.
+ */
+ public boolean hasAdditionalAuthenticatedDataCrc32C() {
+ return ((bitField0_ & 0x00000010) != 0);
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The additionalAuthenticatedDataCrc32c.
+ */
+ public com.google.protobuf.Int64Value getAdditionalAuthenticatedDataCrc32C() {
+ if (additionalAuthenticatedDataCrc32CBuilder_ == null) {
+ return additionalAuthenticatedDataCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : additionalAuthenticatedDataCrc32C_;
+ } else {
+ return additionalAuthenticatedDataCrc32CBuilder_.getMessage();
+ }
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder setAdditionalAuthenticatedDataCrc32C(com.google.protobuf.Int64Value value) {
+ if (additionalAuthenticatedDataCrc32CBuilder_ == null) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ additionalAuthenticatedDataCrc32C_ = value;
+ } else {
+ additionalAuthenticatedDataCrc32CBuilder_.setMessage(value);
+ }
+ bitField0_ |= 0x00000010;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder setAdditionalAuthenticatedDataCrc32C(
+ com.google.protobuf.Int64Value.Builder builderForValue) {
+ if (additionalAuthenticatedDataCrc32CBuilder_ == null) {
+ additionalAuthenticatedDataCrc32C_ = builderForValue.build();
+ } else {
+ additionalAuthenticatedDataCrc32CBuilder_.setMessage(builderForValue.build());
+ }
+ bitField0_ |= 0x00000010;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder mergeAdditionalAuthenticatedDataCrc32C(com.google.protobuf.Int64Value value) {
+ if (additionalAuthenticatedDataCrc32CBuilder_ == null) {
+ if (((bitField0_ & 0x00000010) != 0)
+ && additionalAuthenticatedDataCrc32C_ != null
+ && additionalAuthenticatedDataCrc32C_
+ != com.google.protobuf.Int64Value.getDefaultInstance()) {
+ getAdditionalAuthenticatedDataCrc32CBuilder().mergeFrom(value);
+ } else {
+ additionalAuthenticatedDataCrc32C_ = value;
+ }
+ } else {
+ additionalAuthenticatedDataCrc32CBuilder_.mergeFrom(value);
+ }
+ bitField0_ |= 0x00000010;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder clearAdditionalAuthenticatedDataCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000010);
+ additionalAuthenticatedDataCrc32C_ = null;
+ if (additionalAuthenticatedDataCrc32CBuilder_ != null) {
+ additionalAuthenticatedDataCrc32CBuilder_.dispose();
+ additionalAuthenticatedDataCrc32CBuilder_ = null;
+ }
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public com.google.protobuf.Int64Value.Builder getAdditionalAuthenticatedDataCrc32CBuilder() {
+ bitField0_ |= 0x00000010;
+ onChanged();
+ return getAdditionalAuthenticatedDataCrc32CFieldBuilder().getBuilder();
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public com.google.protobuf.Int64ValueOrBuilder getAdditionalAuthenticatedDataCrc32COrBuilder() {
+ if (additionalAuthenticatedDataCrc32CBuilder_ != null) {
+ return additionalAuthenticatedDataCrc32CBuilder_.getMessageOrBuilder();
+ } else {
+ return additionalAuthenticatedDataCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : additionalAuthenticatedDataCrc32C_;
+ }
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ getAdditionalAuthenticatedDataCrc32CFieldBuilder() {
+ if (additionalAuthenticatedDataCrc32CBuilder_ == null) {
+ additionalAuthenticatedDataCrc32CBuilder_ =
+ new com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>(
+ getAdditionalAuthenticatedDataCrc32C(), getParentForChildren(), isClean());
+ additionalAuthenticatedDataCrc32C_ = null;
+ }
+ return additionalAuthenticatedDataCrc32CBuilder_;
+ }
+
+ private com.google.protobuf.ByteString initializationVector_ =
+ com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * Optional. A customer-supplied initialization vector that will be used for + * encryption. If it is not provided for AES-CBC and AES-CTR, one will be + * generated. It will be returned in + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + *+ * + *
bytes initialization_vector = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ * @return The initializationVector.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getInitializationVector() {
+ return initializationVector_;
+ }
+ /**
+ *
+ *
+ * + * Optional. A customer-supplied initialization vector that will be used for + * encryption. If it is not provided for AES-CBC and AES-CTR, one will be + * generated. It will be returned in + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + *+ * + *
bytes initialization_vector = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ * @param value The initializationVector to set.
+ * @return This builder for chaining.
+ */
+ public Builder setInitializationVector(com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ initializationVector_ = value;
+ bitField0_ |= 0x00000020;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. A customer-supplied initialization vector that will be used for + * encryption. If it is not provided for AES-CBC and AES-CTR, one will be + * generated. It will be returned in + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + *+ * + *
bytes initialization_vector = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearInitializationVector() {
+ bitField0_ = (bitField0_ & ~0x00000020);
+ initializationVector_ = getDefaultInstance().getInitializationVector();
+ onChanged();
+ return this;
+ }
+
+ private com.google.protobuf.Int64Value initializationVectorCrc32C_;
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ initializationVectorCrc32CBuilder_;
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the initializationVectorCrc32c field is set.
+ */
+ public boolean hasInitializationVectorCrc32C() {
+ return ((bitField0_ & 0x00000040) != 0);
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The initializationVectorCrc32c.
+ */
+ public com.google.protobuf.Int64Value getInitializationVectorCrc32C() {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ return initializationVectorCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : initializationVectorCrc32C_;
+ } else {
+ return initializationVectorCrc32CBuilder_.getMessage();
+ }
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder setInitializationVectorCrc32C(com.google.protobuf.Int64Value value) {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ initializationVectorCrc32C_ = value;
+ } else {
+ initializationVectorCrc32CBuilder_.setMessage(value);
+ }
+ bitField0_ |= 0x00000040;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder setInitializationVectorCrc32C(
+ com.google.protobuf.Int64Value.Builder builderForValue) {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ initializationVectorCrc32C_ = builderForValue.build();
+ } else {
+ initializationVectorCrc32CBuilder_.setMessage(builderForValue.build());
+ }
+ bitField0_ |= 0x00000040;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder mergeInitializationVectorCrc32C(com.google.protobuf.Int64Value value) {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ if (((bitField0_ & 0x00000040) != 0)
+ && initializationVectorCrc32C_ != null
+ && initializationVectorCrc32C_ != com.google.protobuf.Int64Value.getDefaultInstance()) {
+ getInitializationVectorCrc32CBuilder().mergeFrom(value);
+ } else {
+ initializationVectorCrc32C_ = value;
+ }
+ } else {
+ initializationVectorCrc32CBuilder_.mergeFrom(value);
+ }
+ bitField0_ |= 0x00000040;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public Builder clearInitializationVectorCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000040);
+ initializationVectorCrc32C_ = null;
+ if (initializationVectorCrc32CBuilder_ != null) {
+ initializationVectorCrc32CBuilder_.dispose();
+ initializationVectorCrc32CBuilder_ = null;
+ }
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public com.google.protobuf.Int64Value.Builder getInitializationVectorCrc32CBuilder() {
+ bitField0_ |= 0x00000040;
+ onChanged();
+ return getInitializationVectorCrc32CFieldBuilder().getBuilder();
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ public com.google.protobuf.Int64ValueOrBuilder getInitializationVectorCrc32COrBuilder() {
+ if (initializationVectorCrc32CBuilder_ != null) {
+ return initializationVectorCrc32CBuilder_.getMessageOrBuilder();
+ } else {
+ return initializationVectorCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : initializationVectorCrc32C_;
+ }
+ }
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ getInitializationVectorCrc32CFieldBuilder() {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ initializationVectorCrc32CBuilder_ =
+ new com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>(
+ getInitializationVectorCrc32C(), getParentForChildren(), isClean());
+ initializationVectorCrc32C_ = null;
+ }
+ return initializationVectorCrc32CBuilder_;
+ }
+
+ @java.lang.Override
+ public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+ return super.setUnknownFields(unknownFields);
+ }
+
+ @java.lang.Override
+ public final Builder mergeUnknownFields(
+ final com.google.protobuf.UnknownFieldSet unknownFields) {
+ return super.mergeUnknownFields(unknownFields);
+ }
+
+ // @@protoc_insertion_point(builder_scope:google.cloud.kms.v1.RawEncryptRequest)
+ }
+
+ // @@protoc_insertion_point(class_scope:google.cloud.kms.v1.RawEncryptRequest)
+ private static final com.google.cloud.kms.v1.RawEncryptRequest DEFAULT_INSTANCE;
+
+ static {
+ DEFAULT_INSTANCE = new com.google.cloud.kms.v1.RawEncryptRequest();
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptRequest getDefaultInstance() {
+ return DEFAULT_INSTANCE;
+ }
+
+ private static final com.google.protobuf.Parser+ * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * encryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The name.
+ */
+ java.lang.String getName();
+ /**
+ *
+ *
+ * + * Required. The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + * encryption. + *+ * + *
string name = 1 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The bytes for name.
+ */
+ com.google.protobuf.ByteString getNameBytes();
+
+ /**
+ *
+ *
+ * + * Required. The data to encrypt. Must be no larger than 64KiB. + * + * The maximum size depends on the key version's + * [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. + * For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the + * plaintext must be no larger than 64KiB. For + * [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of + * the plaintext and additional_authenticated_data fields must be no larger + * than 8KiB. + *+ * + *
bytes plaintext = 2 [(.google.api.field_behavior) = REQUIRED];
+ *
+ * @return The plaintext.
+ */
+ com.google.protobuf.ByteString getPlaintext();
+
+ /**
+ *
+ *
+ * + * Optional. Optional data that, if specified, must also be provided during + * decryption through + * [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data]. + * + * This field may only be used in conjunction with an + * [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm] that accepts + * additional authenticated data (for example, AES-GCM). + * + * The maximum size depends on the key version's + * [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. + * For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the + * plaintext must be no larger than 64KiB. For + * [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of + * the plaintext and additional_authenticated_data fields must be no larger + * than 8KiB. + *+ * + *
bytes additional_authenticated_data = 3 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ * @return The additionalAuthenticatedData.
+ */
+ com.google.protobuf.ByteString getAdditionalAuthenticatedData();
+
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the plaintextCrc32c field is set.
+ */
+ boolean hasPlaintextCrc32C();
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The plaintextCrc32c.
+ */
+ com.google.protobuf.Int64Value getPlaintextCrc32C();
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received plaintext using this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that CRC32C(plaintext) is equal + * to plaintext_crc32c, and if so, perform a limited number of retries. A + * persistent mismatch may indicate an issue in your computation of the CRC32C + * checksum. Note: This field is defined as int64 for reasons of compatibility + * across different languages. However, it is a non-negative integer, which + * will never exceed 2^32-1, and can be safely downconverted to uint32 in + * languages that support this type. + *+ * + *
+ * .google.protobuf.Int64Value plaintext_crc32c = 4 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ com.google.protobuf.Int64ValueOrBuilder getPlaintextCrc32COrBuilder();
+
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the additionalAuthenticatedDataCrc32c field is set.
+ */
+ boolean hasAdditionalAuthenticatedDataCrc32C();
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The additionalAuthenticatedDataCrc32c.
+ */
+ com.google.protobuf.Int64Value getAdditionalAuthenticatedDataCrc32C();
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received additional_authenticated_data using + * this checksum. + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(additional_authenticated_data) is equal to + * additional_authenticated_data_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value additional_authenticated_data_crc32c = 5 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ com.google.protobuf.Int64ValueOrBuilder getAdditionalAuthenticatedDataCrc32COrBuilder();
+
+ /**
+ *
+ *
+ * + * Optional. A customer-supplied initialization vector that will be used for + * encryption. If it is not provided for AES-CBC and AES-CTR, one will be + * generated. It will be returned in + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + *+ * + *
bytes initialization_vector = 6 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ * @return The initializationVector.
+ */
+ com.google.protobuf.ByteString getInitializationVector();
+
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return Whether the initializationVectorCrc32c field is set.
+ */
+ boolean hasInitializationVectorCrc32C();
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ *
+ * @return The initializationVectorCrc32c.
+ */
+ com.google.protobuf.Int64Value getInitializationVectorCrc32C();
+ /**
+ *
+ *
+ * + * Optional. An optional CRC32C checksum of the + * [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector]. + * If specified, + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will + * verify the integrity of the received initialization_vector using this + * checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService] + * will report an error if the checksum verification fails. If you receive a + * checksum error, your client should verify that + * CRC32C(initialization_vector) is equal to + * initialization_vector_crc32c, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + *+ * + *
+ * .google.protobuf.Int64Value initialization_vector_crc32c = 7 [(.google.api.field_behavior) = OPTIONAL];
+ *
+ */
+ com.google.protobuf.Int64ValueOrBuilder getInitializationVectorCrc32COrBuilder();
+}
diff --git a/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/RawEncryptResponse.java b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/RawEncryptResponse.java
new file mode 100644
index 000000000000..c15918e1869a
--- /dev/null
+++ b/java-kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/RawEncryptResponse.java
@@ -0,0 +1,2311 @@
+/*
+ * Copyright 2023 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+// Generated by the protocol buffer compiler. DO NOT EDIT!
+// source: google/cloud/kms/v1/service.proto
+
+package com.google.cloud.kms.v1;
+
+/**
+ *
+ *
+ * + * Response message for + * [KeyManagementService.RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt]. + *+ * + * Protobuf type {@code google.cloud.kms.v1.RawEncryptResponse} + */ +public final class RawEncryptResponse extends com.google.protobuf.GeneratedMessageV3 + implements + // @@protoc_insertion_point(message_implements:google.cloud.kms.v1.RawEncryptResponse) + RawEncryptResponseOrBuilder { + private static final long serialVersionUID = 0L; + // Use RawEncryptResponse.newBuilder() to construct. + private RawEncryptResponse(com.google.protobuf.GeneratedMessageV3.Builder builder) { + super(builder); + } + + private RawEncryptResponse() { + ciphertext_ = com.google.protobuf.ByteString.EMPTY; + initializationVector_ = com.google.protobuf.ByteString.EMPTY; + name_ = ""; + protectionLevel_ = 0; + } + + @java.lang.Override + @SuppressWarnings({"unused"}) + protected java.lang.Object newInstance(UnusedPrivateParameter unused) { + return new RawEncryptResponse(); + } + + public static final com.google.protobuf.Descriptors.Descriptor getDescriptor() { + return com.google.cloud.kms.v1.KmsProto + .internal_static_google_cloud_kms_v1_RawEncryptResponse_descriptor; + } + + @java.lang.Override + protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable + internalGetFieldAccessorTable() { + return com.google.cloud.kms.v1.KmsProto + .internal_static_google_cloud_kms_v1_RawEncryptResponse_fieldAccessorTable + .ensureFieldAccessorsInitialized( + com.google.cloud.kms.v1.RawEncryptResponse.class, + com.google.cloud.kms.v1.RawEncryptResponse.Builder.class); + } + + public static final int CIPHERTEXT_FIELD_NUMBER = 1; + private com.google.protobuf.ByteString ciphertext_ = com.google.protobuf.ByteString.EMPTY; + /** + * + * + *
+ * The encrypted data. In the case of AES-GCM, the authentication tag + * is the [tag_length][google.cloud.kms.v1.RawEncryptResponse.tag_length] + * bytes at the end of this field. + *+ * + *
bytes ciphertext = 1;
+ *
+ * @return The ciphertext.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getCiphertext() {
+ return ciphertext_;
+ }
+
+ public static final int INITIALIZATION_VECTOR_FIELD_NUMBER = 2;
+ private com.google.protobuf.ByteString initializationVector_ =
+ com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * The initialization vector (IV) generated by the service during + * encryption. This value must be stored and provided in + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector] + * at decryption time. + *+ * + *
bytes initialization_vector = 2;
+ *
+ * @return The initializationVector.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getInitializationVector() {
+ return initializationVector_;
+ }
+
+ public static final int TAG_LENGTH_FIELD_NUMBER = 3;
+ private int tagLength_ = 0;
+ /**
+ *
+ *
+ * + * The length of the authentication tag that is appended to + * the end of the ciphertext. + *+ * + *
int32 tag_length = 3;
+ *
+ * @return The tagLength.
+ */
+ @java.lang.Override
+ public int getTagLength() {
+ return tagLength_;
+ }
+
+ public static final int CIPHERTEXT_CRC32C_FIELD_NUMBER = 4;
+ private com.google.protobuf.Int64Value ciphertextCrc32C_;
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ *
+ * @return Whether the ciphertextCrc32c field is set.
+ */
+ @java.lang.Override
+ public boolean hasCiphertextCrc32C() {
+ return ciphertextCrc32C_ != null;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ *
+ * @return The ciphertextCrc32c.
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64Value getCiphertextCrc32C() {
+ return ciphertextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : ciphertextCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64ValueOrBuilder getCiphertextCrc32COrBuilder() {
+ return ciphertextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : ciphertextCrc32C_;
+ }
+
+ public static final int INITIALIZATION_VECTOR_CRC32C_FIELD_NUMBER = 5;
+ private com.google.protobuf.Int64Value initializationVectorCrc32C_;
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ *
+ * @return Whether the initializationVectorCrc32c field is set.
+ */
+ @java.lang.Override
+ public boolean hasInitializationVectorCrc32C() {
+ return initializationVectorCrc32C_ != null;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ *
+ * @return The initializationVectorCrc32c.
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64Value getInitializationVectorCrc32C() {
+ return initializationVectorCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : initializationVectorCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ */
+ @java.lang.Override
+ public com.google.protobuf.Int64ValueOrBuilder getInitializationVectorCrc32COrBuilder() {
+ return initializationVectorCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : initializationVectorCrc32C_;
+ }
+
+ public static final int VERIFIED_PLAINTEXT_CRC32C_FIELD_NUMBER = 6;
+ private boolean verifiedPlaintextCrc32C_ = false;
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of the plaintext. A false value of this + * field indicates either that + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_plaintext_crc32c = 6;
+ *
+ * @return The verifiedPlaintextCrc32c.
+ */
+ @java.lang.Override
+ public boolean getVerifiedPlaintextCrc32C() {
+ return verifiedPlaintextCrc32C_;
+ }
+
+ public static final int VERIFIED_ADDITIONAL_AUTHENTICATED_DATA_CRC32C_FIELD_NUMBER = 7;
+ private boolean verifiedAdditionalAuthenticatedDataCrc32C_ = false;
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of additional_authenticated_data. A false + * value of this field indicates either that // + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_additional_authenticated_data_crc32c = 7;
+ *
+ * @return The verifiedAdditionalAuthenticatedDataCrc32c.
+ */
+ @java.lang.Override
+ public boolean getVerifiedAdditionalAuthenticatedDataCrc32C() {
+ return verifiedAdditionalAuthenticatedDataCrc32C_;
+ }
+
+ public static final int VERIFIED_INITIALIZATION_VECTOR_CRC32C_FIELD_NUMBER = 10;
+ private boolean verifiedInitializationVectorCrc32C_ = false;
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of initialization_vector. A false value of + * this field indicates either that + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_initialization_vector_crc32c = 10;
+ *
+ * @return The verifiedInitializationVectorCrc32c.
+ */
+ @java.lang.Override
+ public boolean getVerifiedInitializationVectorCrc32C() {
+ return verifiedInitializationVectorCrc32C_;
+ }
+
+ public static final int NAME_FIELD_NUMBER = 8;
+
+ @SuppressWarnings("serial")
+ private volatile java.lang.Object name_ = "";
+ /**
+ *
+ *
+ * + * The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. Check this field to verify that the intended resource was used + * for encryption. + *+ * + *
string name = 8;
+ *
+ * @return The name.
+ */
+ @java.lang.Override
+ public java.lang.String getName() {
+ java.lang.Object ref = name_;
+ if (ref instanceof java.lang.String) {
+ return (java.lang.String) ref;
+ } else {
+ com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+ java.lang.String s = bs.toStringUtf8();
+ name_ = s;
+ return s;
+ }
+ }
+ /**
+ *
+ *
+ * + * The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. Check this field to verify that the intended resource was used + * for encryption. + *+ * + *
string name = 8;
+ *
+ * @return The bytes for name.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getNameBytes() {
+ java.lang.Object ref = name_;
+ if (ref instanceof java.lang.String) {
+ com.google.protobuf.ByteString b =
+ com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+ name_ = b;
+ return b;
+ } else {
+ return (com.google.protobuf.ByteString) ref;
+ }
+ }
+
+ public static final int PROTECTION_LEVEL_FIELD_NUMBER = 9;
+ private int protectionLevel_ = 0;
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 9;
+ *
+ * @return The enum numeric value on the wire for protectionLevel.
+ */
+ @java.lang.Override
+ public int getProtectionLevelValue() {
+ return protectionLevel_;
+ }
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 9;
+ *
+ * @return The protectionLevel.
+ */
+ @java.lang.Override
+ public com.google.cloud.kms.v1.ProtectionLevel getProtectionLevel() {
+ com.google.cloud.kms.v1.ProtectionLevel result =
+ com.google.cloud.kms.v1.ProtectionLevel.forNumber(protectionLevel_);
+ return result == null ? com.google.cloud.kms.v1.ProtectionLevel.UNRECOGNIZED : result;
+ }
+
+ private byte memoizedIsInitialized = -1;
+
+ @java.lang.Override
+ public final boolean isInitialized() {
+ byte isInitialized = memoizedIsInitialized;
+ if (isInitialized == 1) return true;
+ if (isInitialized == 0) return false;
+
+ memoizedIsInitialized = 1;
+ return true;
+ }
+
+ @java.lang.Override
+ public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io.IOException {
+ if (!ciphertext_.isEmpty()) {
+ output.writeBytes(1, ciphertext_);
+ }
+ if (!initializationVector_.isEmpty()) {
+ output.writeBytes(2, initializationVector_);
+ }
+ if (tagLength_ != 0) {
+ output.writeInt32(3, tagLength_);
+ }
+ if (ciphertextCrc32C_ != null) {
+ output.writeMessage(4, getCiphertextCrc32C());
+ }
+ if (initializationVectorCrc32C_ != null) {
+ output.writeMessage(5, getInitializationVectorCrc32C());
+ }
+ if (verifiedPlaintextCrc32C_ != false) {
+ output.writeBool(6, verifiedPlaintextCrc32C_);
+ }
+ if (verifiedAdditionalAuthenticatedDataCrc32C_ != false) {
+ output.writeBool(7, verifiedAdditionalAuthenticatedDataCrc32C_);
+ }
+ if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+ com.google.protobuf.GeneratedMessageV3.writeString(output, 8, name_);
+ }
+ if (protectionLevel_
+ != com.google.cloud.kms.v1.ProtectionLevel.PROTECTION_LEVEL_UNSPECIFIED.getNumber()) {
+ output.writeEnum(9, protectionLevel_);
+ }
+ if (verifiedInitializationVectorCrc32C_ != false) {
+ output.writeBool(10, verifiedInitializationVectorCrc32C_);
+ }
+ getUnknownFields().writeTo(output);
+ }
+
+ @java.lang.Override
+ public int getSerializedSize() {
+ int size = memoizedSize;
+ if (size != -1) return size;
+
+ size = 0;
+ if (!ciphertext_.isEmpty()) {
+ size += com.google.protobuf.CodedOutputStream.computeBytesSize(1, ciphertext_);
+ }
+ if (!initializationVector_.isEmpty()) {
+ size += com.google.protobuf.CodedOutputStream.computeBytesSize(2, initializationVector_);
+ }
+ if (tagLength_ != 0) {
+ size += com.google.protobuf.CodedOutputStream.computeInt32Size(3, tagLength_);
+ }
+ if (ciphertextCrc32C_ != null) {
+ size += com.google.protobuf.CodedOutputStream.computeMessageSize(4, getCiphertextCrc32C());
+ }
+ if (initializationVectorCrc32C_ != null) {
+ size +=
+ com.google.protobuf.CodedOutputStream.computeMessageSize(
+ 5, getInitializationVectorCrc32C());
+ }
+ if (verifiedPlaintextCrc32C_ != false) {
+ size += com.google.protobuf.CodedOutputStream.computeBoolSize(6, verifiedPlaintextCrc32C_);
+ }
+ if (verifiedAdditionalAuthenticatedDataCrc32C_ != false) {
+ size +=
+ com.google.protobuf.CodedOutputStream.computeBoolSize(
+ 7, verifiedAdditionalAuthenticatedDataCrc32C_);
+ }
+ if (!com.google.protobuf.GeneratedMessageV3.isStringEmpty(name_)) {
+ size += com.google.protobuf.GeneratedMessageV3.computeStringSize(8, name_);
+ }
+ if (protectionLevel_
+ != com.google.cloud.kms.v1.ProtectionLevel.PROTECTION_LEVEL_UNSPECIFIED.getNumber()) {
+ size += com.google.protobuf.CodedOutputStream.computeEnumSize(9, protectionLevel_);
+ }
+ if (verifiedInitializationVectorCrc32C_ != false) {
+ size +=
+ com.google.protobuf.CodedOutputStream.computeBoolSize(
+ 10, verifiedInitializationVectorCrc32C_);
+ }
+ size += getUnknownFields().getSerializedSize();
+ memoizedSize = size;
+ return size;
+ }
+
+ @java.lang.Override
+ public boolean equals(final java.lang.Object obj) {
+ if (obj == this) {
+ return true;
+ }
+ if (!(obj instanceof com.google.cloud.kms.v1.RawEncryptResponse)) {
+ return super.equals(obj);
+ }
+ com.google.cloud.kms.v1.RawEncryptResponse other =
+ (com.google.cloud.kms.v1.RawEncryptResponse) obj;
+
+ if (!getCiphertext().equals(other.getCiphertext())) return false;
+ if (!getInitializationVector().equals(other.getInitializationVector())) return false;
+ if (getTagLength() != other.getTagLength()) return false;
+ if (hasCiphertextCrc32C() != other.hasCiphertextCrc32C()) return false;
+ if (hasCiphertextCrc32C()) {
+ if (!getCiphertextCrc32C().equals(other.getCiphertextCrc32C())) return false;
+ }
+ if (hasInitializationVectorCrc32C() != other.hasInitializationVectorCrc32C()) return false;
+ if (hasInitializationVectorCrc32C()) {
+ if (!getInitializationVectorCrc32C().equals(other.getInitializationVectorCrc32C()))
+ return false;
+ }
+ if (getVerifiedPlaintextCrc32C() != other.getVerifiedPlaintextCrc32C()) return false;
+ if (getVerifiedAdditionalAuthenticatedDataCrc32C()
+ != other.getVerifiedAdditionalAuthenticatedDataCrc32C()) return false;
+ if (getVerifiedInitializationVectorCrc32C() != other.getVerifiedInitializationVectorCrc32C())
+ return false;
+ if (!getName().equals(other.getName())) return false;
+ if (protectionLevel_ != other.protectionLevel_) return false;
+ if (!getUnknownFields().equals(other.getUnknownFields())) return false;
+ return true;
+ }
+
+ @java.lang.Override
+ public int hashCode() {
+ if (memoizedHashCode != 0) {
+ return memoizedHashCode;
+ }
+ int hash = 41;
+ hash = (19 * hash) + getDescriptor().hashCode();
+ hash = (37 * hash) + CIPHERTEXT_FIELD_NUMBER;
+ hash = (53 * hash) + getCiphertext().hashCode();
+ hash = (37 * hash) + INITIALIZATION_VECTOR_FIELD_NUMBER;
+ hash = (53 * hash) + getInitializationVector().hashCode();
+ hash = (37 * hash) + TAG_LENGTH_FIELD_NUMBER;
+ hash = (53 * hash) + getTagLength();
+ if (hasCiphertextCrc32C()) {
+ hash = (37 * hash) + CIPHERTEXT_CRC32C_FIELD_NUMBER;
+ hash = (53 * hash) + getCiphertextCrc32C().hashCode();
+ }
+ if (hasInitializationVectorCrc32C()) {
+ hash = (37 * hash) + INITIALIZATION_VECTOR_CRC32C_FIELD_NUMBER;
+ hash = (53 * hash) + getInitializationVectorCrc32C().hashCode();
+ }
+ hash = (37 * hash) + VERIFIED_PLAINTEXT_CRC32C_FIELD_NUMBER;
+ hash = (53 * hash) + com.google.protobuf.Internal.hashBoolean(getVerifiedPlaintextCrc32C());
+ hash = (37 * hash) + VERIFIED_ADDITIONAL_AUTHENTICATED_DATA_CRC32C_FIELD_NUMBER;
+ hash =
+ (53 * hash)
+ + com.google.protobuf.Internal.hashBoolean(
+ getVerifiedAdditionalAuthenticatedDataCrc32C());
+ hash = (37 * hash) + VERIFIED_INITIALIZATION_VECTOR_CRC32C_FIELD_NUMBER;
+ hash =
+ (53 * hash)
+ + com.google.protobuf.Internal.hashBoolean(getVerifiedInitializationVectorCrc32C());
+ hash = (37 * hash) + NAME_FIELD_NUMBER;
+ hash = (53 * hash) + getName().hashCode();
+ hash = (37 * hash) + PROTECTION_LEVEL_FIELD_NUMBER;
+ hash = (53 * hash) + protectionLevel_;
+ hash = (29 * hash) + getUnknownFields().hashCode();
+ memoizedHashCode = hash;
+ return hash;
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptResponse parseFrom(java.nio.ByteBuffer data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptResponse parseFrom(
+ java.nio.ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptResponse parseFrom(
+ com.google.protobuf.ByteString data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptResponse parseFrom(
+ com.google.protobuf.ByteString data,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptResponse parseFrom(byte[] data)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptResponse parseFrom(
+ byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws com.google.protobuf.InvalidProtocolBufferException {
+ return PARSER.parseFrom(data, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptResponse parseFrom(java.io.InputStream input)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptResponse parseFrom(
+ java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+ PARSER, input, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptResponse parseDelimitedFrom(
+ java.io.InputStream input) throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(PARSER, input);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptResponse parseDelimitedFrom(
+ java.io.InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseDelimitedWithIOException(
+ PARSER, input, extensionRegistry);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptResponse parseFrom(
+ com.google.protobuf.CodedInputStream input) throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(PARSER, input);
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptResponse parseFrom(
+ com.google.protobuf.CodedInputStream input,
+ com.google.protobuf.ExtensionRegistryLite extensionRegistry)
+ throws java.io.IOException {
+ return com.google.protobuf.GeneratedMessageV3.parseWithIOException(
+ PARSER, input, extensionRegistry);
+ }
+
+ @java.lang.Override
+ public Builder newBuilderForType() {
+ return newBuilder();
+ }
+
+ public static Builder newBuilder() {
+ return DEFAULT_INSTANCE.toBuilder();
+ }
+
+ public static Builder newBuilder(com.google.cloud.kms.v1.RawEncryptResponse prototype) {
+ return DEFAULT_INSTANCE.toBuilder().mergeFrom(prototype);
+ }
+
+ @java.lang.Override
+ public Builder toBuilder() {
+ return this == DEFAULT_INSTANCE ? new Builder() : new Builder().mergeFrom(this);
+ }
+
+ @java.lang.Override
+ protected Builder newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) {
+ Builder builder = new Builder(parent);
+ return builder;
+ }
+ /**
+ *
+ *
+ * + * Response message for + * [KeyManagementService.RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt]. + *+ * + * Protobuf type {@code google.cloud.kms.v1.RawEncryptResponse} + */ + public static final class Builder extends com.google.protobuf.GeneratedMessageV3.Builder
+ * The encrypted data. In the case of AES-GCM, the authentication tag + * is the [tag_length][google.cloud.kms.v1.RawEncryptResponse.tag_length] + * bytes at the end of this field. + *+ * + *
bytes ciphertext = 1;
+ *
+ * @return The ciphertext.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getCiphertext() {
+ return ciphertext_;
+ }
+ /**
+ *
+ *
+ * + * The encrypted data. In the case of AES-GCM, the authentication tag + * is the [tag_length][google.cloud.kms.v1.RawEncryptResponse.tag_length] + * bytes at the end of this field. + *+ * + *
bytes ciphertext = 1;
+ *
+ * @param value The ciphertext to set.
+ * @return This builder for chaining.
+ */
+ public Builder setCiphertext(com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ ciphertext_ = value;
+ bitField0_ |= 0x00000001;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * The encrypted data. In the case of AES-GCM, the authentication tag + * is the [tag_length][google.cloud.kms.v1.RawEncryptResponse.tag_length] + * bytes at the end of this field. + *+ * + *
bytes ciphertext = 1;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearCiphertext() {
+ bitField0_ = (bitField0_ & ~0x00000001);
+ ciphertext_ = getDefaultInstance().getCiphertext();
+ onChanged();
+ return this;
+ }
+
+ private com.google.protobuf.ByteString initializationVector_ =
+ com.google.protobuf.ByteString.EMPTY;
+ /**
+ *
+ *
+ * + * The initialization vector (IV) generated by the service during + * encryption. This value must be stored and provided in + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector] + * at decryption time. + *+ * + *
bytes initialization_vector = 2;
+ *
+ * @return The initializationVector.
+ */
+ @java.lang.Override
+ public com.google.protobuf.ByteString getInitializationVector() {
+ return initializationVector_;
+ }
+ /**
+ *
+ *
+ * + * The initialization vector (IV) generated by the service during + * encryption. This value must be stored and provided in + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector] + * at decryption time. + *+ * + *
bytes initialization_vector = 2;
+ *
+ * @param value The initializationVector to set.
+ * @return This builder for chaining.
+ */
+ public Builder setInitializationVector(com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ initializationVector_ = value;
+ bitField0_ |= 0x00000002;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * The initialization vector (IV) generated by the service during + * encryption. This value must be stored and provided in + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector] + * at decryption time. + *+ * + *
bytes initialization_vector = 2;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearInitializationVector() {
+ bitField0_ = (bitField0_ & ~0x00000002);
+ initializationVector_ = getDefaultInstance().getInitializationVector();
+ onChanged();
+ return this;
+ }
+
+ private int tagLength_;
+ /**
+ *
+ *
+ * + * The length of the authentication tag that is appended to + * the end of the ciphertext. + *+ * + *
int32 tag_length = 3;
+ *
+ * @return The tagLength.
+ */
+ @java.lang.Override
+ public int getTagLength() {
+ return tagLength_;
+ }
+ /**
+ *
+ *
+ * + * The length of the authentication tag that is appended to + * the end of the ciphertext. + *+ * + *
int32 tag_length = 3;
+ *
+ * @param value The tagLength to set.
+ * @return This builder for chaining.
+ */
+ public Builder setTagLength(int value) {
+
+ tagLength_ = value;
+ bitField0_ |= 0x00000004;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * The length of the authentication tag that is appended to + * the end of the ciphertext. + *+ * + *
int32 tag_length = 3;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearTagLength() {
+ bitField0_ = (bitField0_ & ~0x00000004);
+ tagLength_ = 0;
+ onChanged();
+ return this;
+ }
+
+ private com.google.protobuf.Int64Value ciphertextCrc32C_;
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ ciphertextCrc32CBuilder_;
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ *
+ * @return Whether the ciphertextCrc32c field is set.
+ */
+ public boolean hasCiphertextCrc32C() {
+ return ((bitField0_ & 0x00000008) != 0);
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ *
+ * @return The ciphertextCrc32c.
+ */
+ public com.google.protobuf.Int64Value getCiphertextCrc32C() {
+ if (ciphertextCrc32CBuilder_ == null) {
+ return ciphertextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : ciphertextCrc32C_;
+ } else {
+ return ciphertextCrc32CBuilder_.getMessage();
+ }
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ */
+ public Builder setCiphertextCrc32C(com.google.protobuf.Int64Value value) {
+ if (ciphertextCrc32CBuilder_ == null) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ ciphertextCrc32C_ = value;
+ } else {
+ ciphertextCrc32CBuilder_.setMessage(value);
+ }
+ bitField0_ |= 0x00000008;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ */
+ public Builder setCiphertextCrc32C(com.google.protobuf.Int64Value.Builder builderForValue) {
+ if (ciphertextCrc32CBuilder_ == null) {
+ ciphertextCrc32C_ = builderForValue.build();
+ } else {
+ ciphertextCrc32CBuilder_.setMessage(builderForValue.build());
+ }
+ bitField0_ |= 0x00000008;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ */
+ public Builder mergeCiphertextCrc32C(com.google.protobuf.Int64Value value) {
+ if (ciphertextCrc32CBuilder_ == null) {
+ if (((bitField0_ & 0x00000008) != 0)
+ && ciphertextCrc32C_ != null
+ && ciphertextCrc32C_ != com.google.protobuf.Int64Value.getDefaultInstance()) {
+ getCiphertextCrc32CBuilder().mergeFrom(value);
+ } else {
+ ciphertextCrc32C_ = value;
+ }
+ } else {
+ ciphertextCrc32CBuilder_.mergeFrom(value);
+ }
+ bitField0_ |= 0x00000008;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ */
+ public Builder clearCiphertextCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000008);
+ ciphertextCrc32C_ = null;
+ if (ciphertextCrc32CBuilder_ != null) {
+ ciphertextCrc32CBuilder_.dispose();
+ ciphertextCrc32CBuilder_ = null;
+ }
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ */
+ public com.google.protobuf.Int64Value.Builder getCiphertextCrc32CBuilder() {
+ bitField0_ |= 0x00000008;
+ onChanged();
+ return getCiphertextCrc32CFieldBuilder().getBuilder();
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ */
+ public com.google.protobuf.Int64ValueOrBuilder getCiphertextCrc32COrBuilder() {
+ if (ciphertextCrc32CBuilder_ != null) {
+ return ciphertextCrc32CBuilder_.getMessageOrBuilder();
+ } else {
+ return ciphertextCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : ciphertextCrc32C_;
+ }
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ */
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ getCiphertextCrc32CFieldBuilder() {
+ if (ciphertextCrc32CBuilder_ == null) {
+ ciphertextCrc32CBuilder_ =
+ new com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>(
+ getCiphertextCrc32C(), getParentForChildren(), isClean());
+ ciphertextCrc32C_ = null;
+ }
+ return ciphertextCrc32CBuilder_;
+ }
+
+ private com.google.protobuf.Int64Value initializationVectorCrc32C_;
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ initializationVectorCrc32CBuilder_;
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ *
+ * @return Whether the initializationVectorCrc32c field is set.
+ */
+ public boolean hasInitializationVectorCrc32C() {
+ return ((bitField0_ & 0x00000010) != 0);
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ *
+ * @return The initializationVectorCrc32c.
+ */
+ public com.google.protobuf.Int64Value getInitializationVectorCrc32C() {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ return initializationVectorCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : initializationVectorCrc32C_;
+ } else {
+ return initializationVectorCrc32CBuilder_.getMessage();
+ }
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ */
+ public Builder setInitializationVectorCrc32C(com.google.protobuf.Int64Value value) {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ initializationVectorCrc32C_ = value;
+ } else {
+ initializationVectorCrc32CBuilder_.setMessage(value);
+ }
+ bitField0_ |= 0x00000010;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ */
+ public Builder setInitializationVectorCrc32C(
+ com.google.protobuf.Int64Value.Builder builderForValue) {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ initializationVectorCrc32C_ = builderForValue.build();
+ } else {
+ initializationVectorCrc32CBuilder_.setMessage(builderForValue.build());
+ }
+ bitField0_ |= 0x00000010;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ */
+ public Builder mergeInitializationVectorCrc32C(com.google.protobuf.Int64Value value) {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ if (((bitField0_ & 0x00000010) != 0)
+ && initializationVectorCrc32C_ != null
+ && initializationVectorCrc32C_ != com.google.protobuf.Int64Value.getDefaultInstance()) {
+ getInitializationVectorCrc32CBuilder().mergeFrom(value);
+ } else {
+ initializationVectorCrc32C_ = value;
+ }
+ } else {
+ initializationVectorCrc32CBuilder_.mergeFrom(value);
+ }
+ bitField0_ |= 0x00000010;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ */
+ public Builder clearInitializationVectorCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000010);
+ initializationVectorCrc32C_ = null;
+ if (initializationVectorCrc32CBuilder_ != null) {
+ initializationVectorCrc32CBuilder_.dispose();
+ initializationVectorCrc32CBuilder_ = null;
+ }
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ */
+ public com.google.protobuf.Int64Value.Builder getInitializationVectorCrc32CBuilder() {
+ bitField0_ |= 0x00000010;
+ onChanged();
+ return getInitializationVectorCrc32CFieldBuilder().getBuilder();
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ */
+ public com.google.protobuf.Int64ValueOrBuilder getInitializationVectorCrc32COrBuilder() {
+ if (initializationVectorCrc32CBuilder_ != null) {
+ return initializationVectorCrc32CBuilder_.getMessageOrBuilder();
+ } else {
+ return initializationVectorCrc32C_ == null
+ ? com.google.protobuf.Int64Value.getDefaultInstance()
+ : initializationVectorCrc32C_;
+ }
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ */
+ private com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>
+ getInitializationVectorCrc32CFieldBuilder() {
+ if (initializationVectorCrc32CBuilder_ == null) {
+ initializationVectorCrc32CBuilder_ =
+ new com.google.protobuf.SingleFieldBuilderV3<
+ com.google.protobuf.Int64Value,
+ com.google.protobuf.Int64Value.Builder,
+ com.google.protobuf.Int64ValueOrBuilder>(
+ getInitializationVectorCrc32C(), getParentForChildren(), isClean());
+ initializationVectorCrc32C_ = null;
+ }
+ return initializationVectorCrc32CBuilder_;
+ }
+
+ private boolean verifiedPlaintextCrc32C_;
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of the plaintext. A false value of this + * field indicates either that + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_plaintext_crc32c = 6;
+ *
+ * @return The verifiedPlaintextCrc32c.
+ */
+ @java.lang.Override
+ public boolean getVerifiedPlaintextCrc32C() {
+ return verifiedPlaintextCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of the plaintext. A false value of this + * field indicates either that + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_plaintext_crc32c = 6;
+ *
+ * @param value The verifiedPlaintextCrc32c to set.
+ * @return This builder for chaining.
+ */
+ public Builder setVerifiedPlaintextCrc32C(boolean value) {
+
+ verifiedPlaintextCrc32C_ = value;
+ bitField0_ |= 0x00000020;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of the plaintext. A false value of this + * field indicates either that + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_plaintext_crc32c = 6;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearVerifiedPlaintextCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000020);
+ verifiedPlaintextCrc32C_ = false;
+ onChanged();
+ return this;
+ }
+
+ private boolean verifiedAdditionalAuthenticatedDataCrc32C_;
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of additional_authenticated_data. A false + * value of this field indicates either that // + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_additional_authenticated_data_crc32c = 7;
+ *
+ * @return The verifiedAdditionalAuthenticatedDataCrc32c.
+ */
+ @java.lang.Override
+ public boolean getVerifiedAdditionalAuthenticatedDataCrc32C() {
+ return verifiedAdditionalAuthenticatedDataCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of additional_authenticated_data. A false + * value of this field indicates either that // + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_additional_authenticated_data_crc32c = 7;
+ *
+ * @param value The verifiedAdditionalAuthenticatedDataCrc32c to set.
+ * @return This builder for chaining.
+ */
+ public Builder setVerifiedAdditionalAuthenticatedDataCrc32C(boolean value) {
+
+ verifiedAdditionalAuthenticatedDataCrc32C_ = value;
+ bitField0_ |= 0x00000040;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of additional_authenticated_data. A false + * value of this field indicates either that // + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_additional_authenticated_data_crc32c = 7;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearVerifiedAdditionalAuthenticatedDataCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000040);
+ verifiedAdditionalAuthenticatedDataCrc32C_ = false;
+ onChanged();
+ return this;
+ }
+
+ private boolean verifiedInitializationVectorCrc32C_;
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of initialization_vector. A false value of + * this field indicates either that + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_initialization_vector_crc32c = 10;
+ *
+ * @return The verifiedInitializationVectorCrc32c.
+ */
+ @java.lang.Override
+ public boolean getVerifiedInitializationVectorCrc32C() {
+ return verifiedInitializationVectorCrc32C_;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of initialization_vector. A false value of + * this field indicates either that + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_initialization_vector_crc32c = 10;
+ *
+ * @param value The verifiedInitializationVectorCrc32c to set.
+ * @return This builder for chaining.
+ */
+ public Builder setVerifiedInitializationVectorCrc32C(boolean value) {
+
+ verifiedInitializationVectorCrc32C_ = value;
+ bitField0_ |= 0x00000080;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of initialization_vector. A false value of + * this field indicates either that + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_initialization_vector_crc32c = 10;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearVerifiedInitializationVectorCrc32C() {
+ bitField0_ = (bitField0_ & ~0x00000080);
+ verifiedInitializationVectorCrc32C_ = false;
+ onChanged();
+ return this;
+ }
+
+ private java.lang.Object name_ = "";
+ /**
+ *
+ *
+ * + * The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. Check this field to verify that the intended resource was used + * for encryption. + *+ * + *
string name = 8;
+ *
+ * @return The name.
+ */
+ public java.lang.String getName() {
+ java.lang.Object ref = name_;
+ if (!(ref instanceof java.lang.String)) {
+ com.google.protobuf.ByteString bs = (com.google.protobuf.ByteString) ref;
+ java.lang.String s = bs.toStringUtf8();
+ name_ = s;
+ return s;
+ } else {
+ return (java.lang.String) ref;
+ }
+ }
+ /**
+ *
+ *
+ * + * The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. Check this field to verify that the intended resource was used + * for encryption. + *+ * + *
string name = 8;
+ *
+ * @return The bytes for name.
+ */
+ public com.google.protobuf.ByteString getNameBytes() {
+ java.lang.Object ref = name_;
+ if (ref instanceof String) {
+ com.google.protobuf.ByteString b =
+ com.google.protobuf.ByteString.copyFromUtf8((java.lang.String) ref);
+ name_ = b;
+ return b;
+ } else {
+ return (com.google.protobuf.ByteString) ref;
+ }
+ }
+ /**
+ *
+ *
+ * + * The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. Check this field to verify that the intended resource was used + * for encryption. + *+ * + *
string name = 8;
+ *
+ * @param value The name to set.
+ * @return This builder for chaining.
+ */
+ public Builder setName(java.lang.String value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ name_ = value;
+ bitField0_ |= 0x00000100;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. Check this field to verify that the intended resource was used + * for encryption. + *+ * + *
string name = 8;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearName() {
+ name_ = getDefaultInstance().getName();
+ bitField0_ = (bitField0_ & ~0x00000100);
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. Check this field to verify that the intended resource was used + * for encryption. + *+ * + *
string name = 8;
+ *
+ * @param value The bytes for name to set.
+ * @return This builder for chaining.
+ */
+ public Builder setNameBytes(com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ checkByteStringIsUtf8(value);
+ name_ = value;
+ bitField0_ |= 0x00000100;
+ onChanged();
+ return this;
+ }
+
+ private int protectionLevel_ = 0;
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 9;
+ *
+ * @return The enum numeric value on the wire for protectionLevel.
+ */
+ @java.lang.Override
+ public int getProtectionLevelValue() {
+ return protectionLevel_;
+ }
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 9;
+ *
+ * @param value The enum numeric value on the wire for protectionLevel to set.
+ * @return This builder for chaining.
+ */
+ public Builder setProtectionLevelValue(int value) {
+ protectionLevel_ = value;
+ bitField0_ |= 0x00000200;
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 9;
+ *
+ * @return The protectionLevel.
+ */
+ @java.lang.Override
+ public com.google.cloud.kms.v1.ProtectionLevel getProtectionLevel() {
+ com.google.cloud.kms.v1.ProtectionLevel result =
+ com.google.cloud.kms.v1.ProtectionLevel.forNumber(protectionLevel_);
+ return result == null ? com.google.cloud.kms.v1.ProtectionLevel.UNRECOGNIZED : result;
+ }
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 9;
+ *
+ * @param value The protectionLevel to set.
+ * @return This builder for chaining.
+ */
+ public Builder setProtectionLevel(com.google.cloud.kms.v1.ProtectionLevel value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ bitField0_ |= 0x00000200;
+ protectionLevel_ = value.getNumber();
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 9;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearProtectionLevel() {
+ bitField0_ = (bitField0_ & ~0x00000200);
+ protectionLevel_ = 0;
+ onChanged();
+ return this;
+ }
+
+ @java.lang.Override
+ public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
+ return super.setUnknownFields(unknownFields);
+ }
+
+ @java.lang.Override
+ public final Builder mergeUnknownFields(
+ final com.google.protobuf.UnknownFieldSet unknownFields) {
+ return super.mergeUnknownFields(unknownFields);
+ }
+
+ // @@protoc_insertion_point(builder_scope:google.cloud.kms.v1.RawEncryptResponse)
+ }
+
+ // @@protoc_insertion_point(class_scope:google.cloud.kms.v1.RawEncryptResponse)
+ private static final com.google.cloud.kms.v1.RawEncryptResponse DEFAULT_INSTANCE;
+
+ static {
+ DEFAULT_INSTANCE = new com.google.cloud.kms.v1.RawEncryptResponse();
+ }
+
+ public static com.google.cloud.kms.v1.RawEncryptResponse getDefaultInstance() {
+ return DEFAULT_INSTANCE;
+ }
+
+ private static final com.google.protobuf.Parser+ * The encrypted data. In the case of AES-GCM, the authentication tag + * is the [tag_length][google.cloud.kms.v1.RawEncryptResponse.tag_length] + * bytes at the end of this field. + *+ * + *
bytes ciphertext = 1;
+ *
+ * @return The ciphertext.
+ */
+ com.google.protobuf.ByteString getCiphertext();
+
+ /**
+ *
+ *
+ * + * The initialization vector (IV) generated by the service during + * encryption. This value must be stored and provided in + * [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector] + * at decryption time. + *+ * + *
bytes initialization_vector = 2;
+ *
+ * @return The initializationVector.
+ */
+ com.google.protobuf.ByteString getInitializationVector();
+
+ /**
+ *
+ *
+ * + * The length of the authentication tag that is appended to + * the end of the ciphertext. + *+ * + *
int32 tag_length = 3;
+ *
+ * @return The tagLength.
+ */
+ int getTagLength();
+
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ *
+ * @return Whether the ciphertextCrc32c field is set.
+ */
+ boolean hasCiphertextCrc32C();
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ *
+ * @return The ciphertextCrc32c.
+ */
+ com.google.protobuf.Int64Value getCiphertextCrc32C();
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext]. + * An integrity check of ciphertext can be performed by computing the CRC32C + * checksum of ciphertext and comparing your results to this field. Discard + * the response in case of non-matching checksum values, and perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. Note: This field is defined as int64 + * for reasons of compatibility across different languages. However, it is a + * non-negative integer, which will never exceed 2^32-1, and can be safely + * downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value ciphertext_crc32c = 4;
+ */
+ com.google.protobuf.Int64ValueOrBuilder getCiphertextCrc32COrBuilder();
+
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ *
+ * @return Whether the initializationVectorCrc32c field is set.
+ */
+ boolean hasInitializationVectorCrc32C();
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ *
+ * @return The initializationVectorCrc32c.
+ */
+ com.google.protobuf.Int64Value getInitializationVectorCrc32C();
+ /**
+ *
+ *
+ * + * Integrity verification field. A CRC32C checksum of the returned + * [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector]. + * An integrity check of initialization_vector can be performed by computing + * the CRC32C checksum of initialization_vector and comparing your results to + * this field. Discard the response in case of non-matching checksum values, + * and perform a limited number of retries. A persistent mismatch may indicate + * an issue in your computation of the CRC32C checksum. Note: This field is + * defined as int64 for reasons of compatibility across different languages. + * However, it is a non-negative integer, which will never exceed 2^32-1, and + * can be safely downconverted to uint32 in languages that support this type. + *+ * + *
.google.protobuf.Int64Value initialization_vector_crc32c = 5;
+ */
+ com.google.protobuf.Int64ValueOrBuilder getInitializationVectorCrc32COrBuilder();
+
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of the plaintext. A false value of this + * field indicates either that + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_plaintext_crc32c = 6;
+ *
+ * @return The verifiedPlaintextCrc32c.
+ */
+ boolean getVerifiedPlaintextCrc32C();
+
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of additional_authenticated_data. A false + * value of this field indicates either that // + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_additional_authenticated_data_crc32c = 7;
+ *
+ * @return The verifiedAdditionalAuthenticatedDataCrc32c.
+ */
+ boolean getVerifiedAdditionalAuthenticatedDataCrc32C();
+
+ /**
+ *
+ *
+ * + * Integrity verification field. A flag indicating whether + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * was received by + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used + * for the integrity verification of initialization_vector. A false value of + * this field indicates either that + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * was left unset or that it was not delivered to + * [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + * set + * [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c] + * but this field is still false, discard the response and perform a limited + * number of retries. + *+ * + *
bool verified_initialization_vector_crc32c = 10;
+ *
+ * @return The verifiedInitializationVectorCrc32c.
+ */
+ boolean getVerifiedInitializationVectorCrc32C();
+
+ /**
+ *
+ *
+ * + * The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. Check this field to verify that the intended resource was used + * for encryption. + *+ * + *
string name = 8;
+ *
+ * @return The name.
+ */
+ java.lang.String getName();
+ /**
+ *
+ *
+ * + * The resource name of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. Check this field to verify that the intended resource was used + * for encryption. + *+ * + *
string name = 8;
+ *
+ * @return The bytes for name.
+ */
+ com.google.protobuf.ByteString getNameBytes();
+
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 9;
+ *
+ * @return The enum numeric value on the wire for protectionLevel.
+ */
+ int getProtectionLevelValue();
+ /**
+ *
+ *
+ * + * The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the + * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in + * encryption. + *+ * + *
.google.cloud.kms.v1.ProtectionLevel protection_level = 9;
+ *
+ * @return The protectionLevel.
+ */
+ com.google.cloud.kms.v1.ProtectionLevel getProtectionLevel();
+}
diff --git a/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/ekm_service.proto b/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/ekm_service.proto
index 51e2fceecc81..da3056543db0 100644
--- a/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/ekm_service.proto
+++ b/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/ekm_service.proto
@@ -448,4 +448,4 @@ message VerifyConnectivityRequest {
// Response message for
// [EkmService.VerifyConnectivity][google.cloud.kms.v1.EkmService.VerifyConnectivity].
-message VerifyConnectivityResponse {}
\ No newline at end of file
+message VerifyConnectivityResponse {}
diff --git a/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/resources.proto b/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/resources.proto
index 77b6383f2468..0ae8b37d15f2 100644
--- a/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/resources.proto
+++ b/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/resources.proto
@@ -89,6 +89,13 @@ message CryptoKey {
// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
ASYMMETRIC_DECRYPT = 6;
+ // [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used
+ // with [RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt]
+ // and [RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt].
+ // This purpose is meant to be used for interoperable symmetric
+ // encryption and does not support automatic CryptoKey rotation.
+ RAW_ENCRYPT_DECRYPT = 7;
+
// [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used
// with [MacSign][google.cloud.kms.v1.KeyManagementService.MacSign].
MAC = 9;
@@ -339,6 +346,12 @@ message CryptoKeyVersion {
// Creates symmetric encryption keys.
GOOGLE_SYMMETRIC_ENCRYPTION = 1;
+ // AES-GCM (Galois Counter Mode) using 128-bit keys.
+ AES_128_GCM = 41;
+
+ // AES-GCM (Galois Counter Mode) using 256-bit keys.
+ AES_256_GCM = 19;
+
// RSASSA-PSS 2048 bit key with a SHA256 digest.
RSA_SIGN_PSS_2048_SHA256 = 2;
diff --git a/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/service.proto b/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/service.proto
index eb831da779af..c9a0557141c0 100644
--- a/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/service.proto
+++ b/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/service.proto
@@ -317,6 +317,30 @@ service KeyManagementService {
option (google.api.method_signature) = "name,ciphertext";
}
+ // Encrypts data using portable cryptographic primitives. Most users should
+ // choose [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and
+ // [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than
+ // their raw counterparts. The
+ // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
+ // [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
+ rpc RawEncrypt(RawEncryptRequest) returns (RawEncryptResponse) {
+ option (google.api.http) = {
+ post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:rawEncrypt"
+ body: "*"
+ };
+ }
+
+ // Decrypts data that was originally encrypted using a raw cryptographic
+ // mechanism. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
+ // must be
+ // [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
+ rpc RawDecrypt(RawDecryptRequest) returns (RawDecryptResponse) {
+ option (google.api.http) = {
+ post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:rawDecrypt"
+ body: "*"
+ };
+ }
+
// Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
// with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
// ASYMMETRIC_SIGN, producing a signature that can be verified with the public
@@ -1095,6 +1119,189 @@ message DecryptRequest {
[(google.api.field_behavior) = OPTIONAL];
}
+// Request message for
+// [KeyManagementService.RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt].
+message RawEncryptRequest {
+ // Required. The resource name of the
+ // [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for
+ // encryption.
+ string name = 1 [(google.api.field_behavior) = REQUIRED];
+
+ // Required. The data to encrypt. Must be no larger than 64KiB.
+ //
+ // The maximum size depends on the key version's
+ // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level].
+ // For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the
+ // plaintext must be no larger than 64KiB. For
+ // [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of
+ // the plaintext and additional_authenticated_data fields must be no larger
+ // than 8KiB.
+ bytes plaintext = 2 [(google.api.field_behavior) = REQUIRED];
+
+ // Optional. Optional data that, if specified, must also be provided during
+ // decryption through
+ // [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data].
+ //
+ // This field may only be used in conjunction with an
+ // [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm] that accepts
+ // additional authenticated data (for example, AES-GCM).
+ //
+ // The maximum size depends on the key version's
+ // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level].
+ // For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the
+ // plaintext must be no larger than 64KiB. For
+ // [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of
+ // the plaintext and additional_authenticated_data fields must be no larger
+ // than 8KiB.
+ bytes additional_authenticated_data = 3
+ [(google.api.field_behavior) = OPTIONAL];
+
+ // Optional. An optional CRC32C checksum of the
+ // [RawEncryptRequest.plaintext][google.cloud.kms.v1.RawEncryptRequest.plaintext].
+ // If specified,
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
+ // verify the integrity of the received plaintext using this checksum.
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
+ // report an error if the checksum verification fails. If you receive a
+ // checksum error, your client should verify that CRC32C(plaintext) is equal
+ // to plaintext_crc32c, and if so, perform a limited number of retries. A
+ // persistent mismatch may indicate an issue in your computation of the CRC32C
+ // checksum. Note: This field is defined as int64 for reasons of compatibility
+ // across different languages. However, it is a non-negative integer, which
+ // will never exceed 2^32-1, and can be safely downconverted to uint32 in
+ // languages that support this type.
+ google.protobuf.Int64Value plaintext_crc32c = 4
+ [(google.api.field_behavior) = OPTIONAL];
+
+ // Optional. An optional CRC32C checksum of the
+ // [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data].
+ // If specified,
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
+ // verify the integrity of the received additional_authenticated_data using
+ // this checksum.
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
+ // report an error if the checksum verification fails. If you receive a
+ // checksum error, your client should verify that
+ // CRC32C(additional_authenticated_data) is equal to
+ // additional_authenticated_data_crc32c, and if so, perform
+ // a limited number of retries. A persistent mismatch may indicate an issue in
+ // your computation of the CRC32C checksum.
+ // Note: This field is defined as int64 for reasons of compatibility across
+ // different languages. However, it is a non-negative integer, which will
+ // never exceed 2^32-1, and can be safely downconverted to uint32 in languages
+ // that support this type.
+ google.protobuf.Int64Value additional_authenticated_data_crc32c = 5
+ [(google.api.field_behavior) = OPTIONAL];
+
+ // Optional. A customer-supplied initialization vector that will be used for
+ // encryption. If it is not provided for AES-CBC and AES-CTR, one will be
+ // generated. It will be returned in
+ // [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector].
+ bytes initialization_vector = 6 [(google.api.field_behavior) = OPTIONAL];
+
+ // Optional. An optional CRC32C checksum of the
+ // [RawEncryptRequest.initialization_vector][google.cloud.kms.v1.RawEncryptRequest.initialization_vector].
+ // If specified,
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
+ // verify the integrity of the received initialization_vector using this
+ // checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService]
+ // will report an error if the checksum verification fails. If you receive a
+ // checksum error, your client should verify that
+ // CRC32C(initialization_vector) is equal to
+ // initialization_vector_crc32c, and if so, perform
+ // a limited number of retries. A persistent mismatch may indicate an issue in
+ // your computation of the CRC32C checksum.
+ // Note: This field is defined as int64 for reasons of compatibility across
+ // different languages. However, it is a non-negative integer, which will
+ // never exceed 2^32-1, and can be safely downconverted to uint32 in languages
+ // that support this type.
+ google.protobuf.Int64Value initialization_vector_crc32c = 7
+ [(google.api.field_behavior) = OPTIONAL];
+}
+
+// Request message for
+// [KeyManagementService.RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt].
+message RawDecryptRequest {
+ // Required. The resource name of the
+ // [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for
+ // decryption.
+ string name = 1 [(google.api.field_behavior) = REQUIRED];
+
+ // Required. The encrypted data originally returned in
+ // [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext].
+ bytes ciphertext = 2 [(google.api.field_behavior) = REQUIRED];
+
+ // Optional. Optional data that must match the data originally supplied in
+ // [RawEncryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data].
+ bytes additional_authenticated_data = 3
+ [(google.api.field_behavior) = OPTIONAL];
+
+ // Required. The initialization vector (IV) used during encryption, which must
+ // match the data originally provided in
+ // [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector].
+ bytes initialization_vector = 4 [(google.api.field_behavior) = REQUIRED];
+
+ // The length of the authentication tag that is appended to the end of
+ // the ciphertext. If unspecified (0), the default value for the key's
+ // algorithm will be used (for AES-GCM, the default value is 16).
+ int32 tag_length = 5;
+
+ // Optional. An optional CRC32C checksum of the
+ // [RawDecryptRequest.ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext].
+ // If specified,
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
+ // verify the integrity of the received ciphertext using this checksum.
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
+ // report an error if the checksum verification fails. If you receive a
+ // checksum error, your client should verify that CRC32C(ciphertext) is equal
+ // to ciphertext_crc32c, and if so, perform a limited number of retries. A
+ // persistent mismatch may indicate an issue in your computation of the CRC32C
+ // checksum. Note: This field is defined as int64 for reasons of compatibility
+ // across different languages. However, it is a non-negative integer, which
+ // will never exceed 2^32-1, and can be safely downconverted to uint32 in
+ // languages that support this type.
+ google.protobuf.Int64Value ciphertext_crc32c = 6
+ [(google.api.field_behavior) = OPTIONAL];
+
+ // Optional. An optional CRC32C checksum of the
+ // [RawDecryptRequest.additional_authenticated_data][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data].
+ // If specified,
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
+ // verify the integrity of the received additional_authenticated_data using
+ // this checksum.
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
+ // report an error if the checksum verification fails. If you receive a
+ // checksum error, your client should verify that
+ // CRC32C(additional_authenticated_data) is equal to
+ // additional_authenticated_data_crc32c, and if so, perform
+ // a limited number of retries. A persistent mismatch may indicate an issue in
+ // your computation of the CRC32C checksum.
+ // Note: This field is defined as int64 for reasons of compatibility across
+ // different languages. However, it is a non-negative integer, which will
+ // never exceed 2^32-1, and can be safely downconverted to uint32 in languages
+ // that support this type.
+ google.protobuf.Int64Value additional_authenticated_data_crc32c = 7
+ [(google.api.field_behavior) = OPTIONAL];
+
+ // Optional. An optional CRC32C checksum of the
+ // [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector].
+ // If specified,
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will
+ // verify the integrity of the received initialization_vector using this
+ // checksum. [KeyManagementService][google.cloud.kms.v1.KeyManagementService]
+ // will report an error if the checksum verification fails. If you receive a
+ // checksum error, your client should verify that
+ // CRC32C(initialization_vector) is equal to initialization_vector_crc32c, and
+ // if so, perform a limited number of retries. A persistent mismatch may
+ // indicate an issue in your computation of the CRC32C checksum.
+ // Note: This field is defined as int64 for reasons of compatibility across
+ // different languages. However, it is a non-negative integer, which will
+ // never exceed 2^32-1, and can be safely downconverted to uint32 in languages
+ // that support this type.
+ google.protobuf.Int64Value initialization_vector_crc32c = 8
+ [(google.api.field_behavior) = OPTIONAL];
+}
+
// Request message for
// [KeyManagementService.AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign].
message AsymmetricSignRequest {
@@ -1427,6 +1634,179 @@ message DecryptResponse {
ProtectionLevel protection_level = 4;
}
+// Response message for
+// [KeyManagementService.RawEncrypt][google.cloud.kms.v1.KeyManagementService.RawEncrypt].
+message RawEncryptResponse {
+ // The encrypted data. In the case of AES-GCM, the authentication tag
+ // is the [tag_length][google.cloud.kms.v1.RawEncryptResponse.tag_length]
+ // bytes at the end of this field.
+ bytes ciphertext = 1;
+
+ // The initialization vector (IV) generated by the service during
+ // encryption. This value must be stored and provided in
+ // [RawDecryptRequest.initialization_vector][google.cloud.kms.v1.RawDecryptRequest.initialization_vector]
+ // at decryption time.
+ bytes initialization_vector = 2;
+
+ // The length of the authentication tag that is appended to
+ // the end of the ciphertext.
+ int32 tag_length = 3;
+
+ // Integrity verification field. A CRC32C checksum of the returned
+ // [RawEncryptResponse.ciphertext][google.cloud.kms.v1.RawEncryptResponse.ciphertext].
+ // An integrity check of ciphertext can be performed by computing the CRC32C
+ // checksum of ciphertext and comparing your results to this field. Discard
+ // the response in case of non-matching checksum values, and perform a limited
+ // number of retries. A persistent mismatch may indicate an issue in your
+ // computation of the CRC32C checksum. Note: This field is defined as int64
+ // for reasons of compatibility across different languages. However, it is a
+ // non-negative integer, which will never exceed 2^32-1, and can be safely
+ // downconverted to uint32 in languages that support this type.
+ google.protobuf.Int64Value ciphertext_crc32c = 4;
+
+ // Integrity verification field. A CRC32C checksum of the returned
+ // [RawEncryptResponse.initialization_vector][google.cloud.kms.v1.RawEncryptResponse.initialization_vector].
+ // An integrity check of initialization_vector can be performed by computing
+ // the CRC32C checksum of initialization_vector and comparing your results to
+ // this field. Discard the response in case of non-matching checksum values,
+ // and perform a limited number of retries. A persistent mismatch may indicate
+ // an issue in your computation of the CRC32C checksum. Note: This field is
+ // defined as int64 for reasons of compatibility across different languages.
+ // However, it is a non-negative integer, which will never exceed 2^32-1, and
+ // can be safely downconverted to uint32 in languages that support this type.
+ google.protobuf.Int64Value initialization_vector_crc32c = 5;
+
+ // Integrity verification field. A flag indicating whether
+ // [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c]
+ // was received by
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used
+ // for the integrity verification of the plaintext. A false value of this
+ // field indicates either that
+ // [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c]
+ // was left unset or that it was not delivered to
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've
+ // set
+ // [RawEncryptRequest.plaintext_crc32c][google.cloud.kms.v1.RawEncryptRequest.plaintext_crc32c]
+ // but this field is still false, discard the response and perform a limited
+ // number of retries.
+ bool verified_plaintext_crc32c = 6;
+
+ // Integrity verification field. A flag indicating whether
+ // [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c]
+ // was received by
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used
+ // for the integrity verification of additional_authenticated_data. A false
+ // value of this field indicates either that //
+ // [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c]
+ // was left unset or that it was not delivered to
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've
+ // set
+ // [RawEncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawEncryptRequest.additional_authenticated_data_crc32c]
+ // but this field is still false, discard the response and perform a limited
+ // number of retries.
+ bool verified_additional_authenticated_data_crc32c = 7;
+
+ // Integrity verification field. A flag indicating whether
+ // [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c]
+ // was received by
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used
+ // for the integrity verification of initialization_vector. A false value of
+ // this field indicates either that
+ // [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c]
+ // was left unset or that it was not delivered to
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've
+ // set
+ // [RawEncryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawEncryptRequest.initialization_vector_crc32c]
+ // but this field is still false, discard the response and perform a limited
+ // number of retries.
+ bool verified_initialization_vector_crc32c = 10;
+
+ // The resource name of the
+ // [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in
+ // encryption. Check this field to verify that the intended resource was used
+ // for encryption.
+ string name = 8;
+
+ // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the
+ // [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in
+ // encryption.
+ ProtectionLevel protection_level = 9;
+}
+
+// Response message for
+// [KeyManagementService.RawDecrypt][google.cloud.kms.v1.KeyManagementService.RawDecrypt].
+message RawDecryptResponse {
+ // The decrypted data.
+ bytes plaintext = 1;
+
+ // Integrity verification field. A CRC32C checksum of the returned
+ // [RawDecryptResponse.plaintext][google.cloud.kms.v1.RawDecryptResponse.plaintext].
+ // An integrity check of plaintext can be performed by computing the CRC32C
+ // checksum of plaintext and comparing your results to this field. Discard the
+ // response in case of non-matching checksum values, and perform a limited
+ // number of retries. A persistent mismatch may indicate an issue in your
+ // computation of the CRC32C checksum. Note: receiving this response message
+ // indicates that
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to
+ // successfully decrypt the
+ // [ciphertext][google.cloud.kms.v1.RawDecryptRequest.ciphertext].
+ // Note: This field is defined as int64 for reasons of compatibility across
+ // different languages. However, it is a non-negative integer, which will
+ // never exceed 2^32-1, and can be safely downconverted to uint32 in languages
+ // that support this type.
+ google.protobuf.Int64Value plaintext_crc32c = 2;
+
+ // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the
+ // [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in
+ // decryption.
+ ProtectionLevel protection_level = 3;
+
+ // Integrity verification field. A flag indicating whether
+ // [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c]
+ // was received by
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used
+ // for the integrity verification of the ciphertext. A false value of this
+ // field indicates either that
+ // [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c]
+ // was left unset or that it was not delivered to
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've
+ // set
+ // [RawDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.RawDecryptRequest.ciphertext_crc32c]
+ // but this field is still false, discard the response and perform a limited
+ // number of retries.
+ bool verified_ciphertext_crc32c = 4;
+
+ // Integrity verification field. A flag indicating whether
+ // [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c]
+ // was received by
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used
+ // for the integrity verification of additional_authenticated_data. A false
+ // value of this field indicates either that //
+ // [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c]
+ // was left unset or that it was not delivered to
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've
+ // set
+ // [RawDecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.RawDecryptRequest.additional_authenticated_data_crc32c]
+ // but this field is still false, discard the response and perform a limited
+ // number of retries.
+ bool verified_additional_authenticated_data_crc32c = 5;
+
+ // Integrity verification field. A flag indicating whether
+ // [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c]
+ // was received by
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used
+ // for the integrity verification of initialization_vector. A false value of
+ // this field indicates either that
+ // [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c]
+ // was left unset or that it was not delivered to
+ // [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've
+ // set
+ // [RawDecryptRequest.initialization_vector_crc32c][google.cloud.kms.v1.RawDecryptRequest.initialization_vector_crc32c]
+ // but this field is still false, discard the response and perform a limited
+ // number of retries.
+ bool verified_initialization_vector_crc32c = 6;
+}
+
// Response message for
// [KeyManagementService.AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign].
message AsymmetricSignResponse {
diff --git a/java-kms/samples/snippets/generated/com/google/cloud/kms/v1/keymanagementservice/rawdecrypt/AsyncRawDecrypt.java b/java-kms/samples/snippets/generated/com/google/cloud/kms/v1/keymanagementservice/rawdecrypt/AsyncRawDecrypt.java
new file mode 100644
index 000000000000..6191b66e40b3
--- /dev/null
+++ b/java-kms/samples/snippets/generated/com/google/cloud/kms/v1/keymanagementservice/rawdecrypt/AsyncRawDecrypt.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2023 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.cloud.kms.v1.samples;
+
+// [START cloudkms_v1_generated_KeyManagementService_RawDecrypt_async]
+import com.google.api.core.ApiFuture;
+import com.google.cloud.kms.v1.KeyManagementServiceClient;
+import com.google.cloud.kms.v1.RawDecryptRequest;
+import com.google.cloud.kms.v1.RawDecryptResponse;
+import com.google.protobuf.ByteString;
+import com.google.protobuf.Int64Value;
+
+public class AsyncRawDecrypt {
+
+ public static void main(String[] args) throws Exception {
+ asyncRawDecrypt();
+ }
+
+ public static void asyncRawDecrypt() throws Exception {
+ // This snippet has been automatically generated and should be regarded as a code template only.
+ // It will require modifications to work:
+ // - It may require correct/in-range values for request initialization.
+ // - It may require specifying regional endpoints when creating the service client as shown in
+ // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
+ try (KeyManagementServiceClient keyManagementServiceClient =
+ KeyManagementServiceClient.create()) {
+ RawDecryptRequest request =
+ RawDecryptRequest.newBuilder()
+ .setName("name3373707")
+ .setCiphertext(ByteString.EMPTY)
+ .setAdditionalAuthenticatedData(ByteString.EMPTY)
+ .setInitializationVector(ByteString.EMPTY)
+ .setTagLength(172791595)
+ .setCiphertextCrc32C(Int64Value.newBuilder().build())
+ .setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build())
+ .setInitializationVectorCrc32C(Int64Value.newBuilder().build())
+ .build();
+ ApiFuture