Package com.google.cloud.kms.v1

Class KeyManagementServiceGrpc.KeyManagementServiceFutureStub

  • Enclosing class:
    KeyManagementServiceGrpc
    public static final class KeyManagementServiceGrpc.KeyManagementServiceFutureStub
extends io.grpc.stub.AbstractFutureStub<KeyManagementServiceGrpc.KeyManagementServiceFutureStub>
    A stub to allow clients to do ListenableFuture-style rpc calls to service KeyManagementService. 
     Google Cloud Key Management Service
 Manages cryptographic keys and operations using those keys. Implements a REST
 model with the following objects:
 * [KeyRing][google.cloud.kms.v1.KeyRing]
 * [CryptoKey][google.cloud.kms.v1.CryptoKey]
 * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
 * [ImportJob][google.cloud.kms.v1.ImportJob]
 If you are using manual gRPC libraries, see
 [Using gRPC with Cloud KMS](https://cloud.google.com/kms/docs/grpc).

    • Method Detail

      • getKeyRing

        public com.google.common.util.concurrent.ListenableFuture<KeyRing> getKeyRing​(GetKeyRingRequest request)
         Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].

      • getCryptoKey

        public com.google.common.util.concurrent.ListenableFuture<CryptoKey> getCryptoKey​(GetCryptoKeyRequest request)
         Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as
 well as its [primary][google.cloud.kms.v1.CryptoKey.primary]
 [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].

      • getCryptoKeyVersion

        public com.google.common.util.concurrent.ListenableFuture<CryptoKeyVersion> getCryptoKeyVersion​(GetCryptoKeyVersionRequest request)
         Returns metadata for a given
 [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].

      • getPublicKey

        public com.google.common.util.concurrent.ListenableFuture<PublicKey> getPublicKey​(GetPublicKeyRequest request)
         Returns the public key for the given
 [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The
 [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
 [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN]
 or
 [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].

      • getImportJob

        public com.google.common.util.concurrent.ListenableFuture<ImportJob> getImportJob​(GetImportJobRequest request)
         Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].

      • createKeyRing

        public com.google.common.util.concurrent.ListenableFuture<KeyRing> createKeyRing​(CreateKeyRingRequest request)
         Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and
 Location.

      • createCryptoKey

        public com.google.common.util.concurrent.ListenableFuture<CryptoKey> createCryptoKey​(CreateCryptoKeyRequest request)
         Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a
 [KeyRing][google.cloud.kms.v1.KeyRing].
 [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and
 [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm]
 are required.

      • createCryptoKeyVersion

        public com.google.common.util.concurrent.ListenableFuture<CryptoKeyVersion> createCryptoKeyVersion​(CreateCryptoKeyVersionRequest request)
         Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a
 [CryptoKey][google.cloud.kms.v1.CryptoKey].
 The server will assign the next sequential id. If unset,
 [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
 [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].

      • importCryptoKeyVersion

        public com.google.common.util.concurrent.ListenableFuture<CryptoKeyVersion> importCryptoKeyVersion​(ImportCryptoKeyVersionRequest request)
         Import wrapped key material into a
 [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
 All requests must specify a [CryptoKey][google.cloud.kms.v1.CryptoKey]. If
 a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] is additionally
 specified in the request, key material will be reimported into that
 version. Otherwise, a new version will be created, and will be assigned the
 next sequential id within the [CryptoKey][google.cloud.kms.v1.CryptoKey].

      • createImportJob

        public com.google.common.util.concurrent.ListenableFuture<ImportJob> createImportJob​(CreateImportJobRequest request)
         Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a
 [KeyRing][google.cloud.kms.v1.KeyRing].
 [ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is
 required.

      • updateCryptoKey

        public com.google.common.util.concurrent.ListenableFuture<CryptoKey> updateCryptoKey​(UpdateCryptoKeyRequest request)
         Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].

      • updateCryptoKeyVersion

        public com.google.common.util.concurrent.ListenableFuture<CryptoKeyVersion> updateCryptoKeyVersion​(UpdateCryptoKeyVersionRequest request)
         Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s
 metadata.
 [state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between
 [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
 and
 [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED]
 using this method. See
 [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion]
 and
 [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]
 to move between other states.

      • updateCryptoKeyPrimaryVersion

        public com.google.common.util.concurrent.ListenableFuture<CryptoKey> updateCryptoKeyPrimaryVersion​(UpdateCryptoKeyPrimaryVersionRequest request)
         Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that
 will be used in
 [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
 Returns an error if called on a key whose purpose is not
 [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].

      • destroyCryptoKeyVersion

        public com.google.common.util.concurrent.ListenableFuture<CryptoKeyVersion> destroyCryptoKeyVersion​(DestroyCryptoKeyVersionRequest request)
         Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for
 destruction.
 Upon calling this method,
 [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will
 be set to
 [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED],
 and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will
 be set to the time
 [destroy_scheduled_duration][google.cloud.kms.v1.CryptoKey.destroy_scheduled_duration]
 in the future. At that time, the
 [state][google.cloud.kms.v1.CryptoKeyVersion.state] will automatically
 change to
 [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED],
 and the key material will be irrevocably destroyed.
 Before the
 [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is
 reached,
 [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]
 may be called to reverse the process.

      • restoreCryptoKeyVersion

        public com.google.common.util.concurrent.ListenableFuture<CryptoKeyVersion> restoreCryptoKeyVersion​(RestoreCryptoKeyVersionRequest request)
         Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
 [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
 state.
 Upon restoration of the CryptoKeyVersion,
 [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
 [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED],
 and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will
 be cleared.

      • encrypt

        public com.google.common.util.concurrent.ListenableFuture<EncryptResponse> encrypt​(EncryptRequest request)
         Encrypts data, so that it can only be recovered by a call to
 [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. The
 [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
 [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].

      • decrypt

        public com.google.common.util.concurrent.ListenableFuture<DecryptResponse> decrypt​(DecryptRequest request)
         Decrypts data that was protected by
 [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The
 [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
 [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].

      • rawEncrypt

        public com.google.common.util.concurrent.ListenableFuture<RawEncryptResponse> rawEncrypt​(RawEncryptRequest request)
         Encrypts data using portable cryptographic primitives. Most users should
 choose [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and
 [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than
 their raw counterparts. The
 [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
 [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].

      • rawDecrypt

        public com.google.common.util.concurrent.ListenableFuture<RawDecryptResponse> rawDecrypt​(RawDecryptRequest request)
         Decrypts data that was originally encrypted using a raw cryptographic
 mechanism. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
 must be
 [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].

      • asymmetricSign

        public com.google.common.util.concurrent.ListenableFuture<AsymmetricSignResponse> asymmetricSign​(AsymmetricSignRequest request)
         Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
 with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
 ASYMMETRIC_SIGN, producing a signature that can be verified with the public
 key retrieved from
 [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].

      • asymmetricDecrypt

        public com.google.common.util.concurrent.ListenableFuture<AsymmetricDecryptResponse> asymmetricDecrypt​(AsymmetricDecryptRequest request)
         Decrypts data that was encrypted with a public key retrieved from
 [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]
 corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
 with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
 ASYMMETRIC_DECRYPT.

      • macSign

        public com.google.common.util.concurrent.ListenableFuture<MacSignResponse> macSign​(MacSignRequest request)
         Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
 with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC,
 producing a tag that can be verified by another source with the same key.

      • macVerify

        public com.google.common.util.concurrent.ListenableFuture<MacVerifyResponse> macVerify​(MacVerifyRequest request)
         Verifies MAC tag using a
 [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
 [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC, and returns
 a response that indicates whether or not the verification was successful.