From 822c71d1796d8714dc4937e8833d668656fbd296 Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Fri, 20 Aug 2021 23:11:56 +0000 Subject: [PATCH 1/2] feat: turns on self-signed JWT feature flag PiperOrigin-RevId: 392067151 Source-Link: https://github.com/googleapis/googleapis/commit/06345f7b95c4b4a3ffe4303f1f2984ccc304b2e0 Source-Link: https://github.com/googleapis/googleapis-gen/commit/95882b37970e41e4cd51b22fa507cfd46dc7c4b6 --- owl-bot-staging/v1/.eslintignore | 6 + owl-bot-staging/v1/.eslintrc.json | 3 + owl-bot-staging/v1/.gitignore | 14 + owl-bot-staging/v1/.jsdoc.js | 55 + owl-bot-staging/v1/.mocharc.js | 33 + owl-bot-staging/v1/.prettierrc.js | 22 + owl-bot-staging/v1/README.md | 1 + owl-bot-staging/v1/linkinator.config.json | 10 + owl-bot-staging/v1/package.json | 64 + .../google/cloud/kms/v1/resources.proto | 634 +++ .../protos/google/cloud/kms/v1/service.proto | 1307 ++++++ owl-bot-staging/v1/src/index.ts | 25 + owl-bot-staging/v1/src/v1/gapic_metadata.json | 299 ++ owl-bot-staging/v1/src/v1/index.ts | 19 + .../src/v1/key_management_service_client.ts | 3615 +++++++++++++++++ .../key_management_service_client_config.json | 153 + .../v1/key_management_service_proto_list.json | 4 + .../system-test/fixtures/sample/src/index.js | 27 + .../system-test/fixtures/sample/src/index.ts | 32 + owl-bot-staging/v1/system-test/install.ts | 49 + .../test/gapic_key_management_service_v1.ts | 3508 ++++++++++++++++ owl-bot-staging/v1/tsconfig.json | 19 + owl-bot-staging/v1/webpack.config.js | 64 + 23 files changed, 9963 insertions(+) create mode 100644 owl-bot-staging/v1/.eslintignore create mode 100644 owl-bot-staging/v1/.eslintrc.json create mode 100644 owl-bot-staging/v1/.gitignore create mode 100644 owl-bot-staging/v1/.jsdoc.js create mode 100644 owl-bot-staging/v1/.mocharc.js create mode 100644 owl-bot-staging/v1/.prettierrc.js create mode 100644 owl-bot-staging/v1/README.md create mode 100644 owl-bot-staging/v1/linkinator.config.json create mode 100644 owl-bot-staging/v1/package.json create mode 100644 owl-bot-staging/v1/protos/google/cloud/kms/v1/resources.proto create mode 100644 owl-bot-staging/v1/protos/google/cloud/kms/v1/service.proto create mode 100644 owl-bot-staging/v1/src/index.ts create mode 100644 owl-bot-staging/v1/src/v1/gapic_metadata.json create mode 100644 owl-bot-staging/v1/src/v1/index.ts create mode 100644 owl-bot-staging/v1/src/v1/key_management_service_client.ts create mode 100644 owl-bot-staging/v1/src/v1/key_management_service_client_config.json create mode 100644 owl-bot-staging/v1/src/v1/key_management_service_proto_list.json create mode 100644 owl-bot-staging/v1/system-test/fixtures/sample/src/index.js create mode 100644 owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts create mode 100644 owl-bot-staging/v1/system-test/install.ts create mode 100644 owl-bot-staging/v1/test/gapic_key_management_service_v1.ts create mode 100644 owl-bot-staging/v1/tsconfig.json create mode 100644 owl-bot-staging/v1/webpack.config.js diff --git a/owl-bot-staging/v1/.eslintignore b/owl-bot-staging/v1/.eslintignore new file mode 100644 index 00000000..521dc25a --- /dev/null +++ b/owl-bot-staging/v1/.eslintignore @@ -0,0 +1,6 @@ +**/node_modules +**/.coverage +build/ +docs/ +protos/ +system-test/ diff --git a/owl-bot-staging/v1/.eslintrc.json b/owl-bot-staging/v1/.eslintrc.json new file mode 100644 index 00000000..78215349 --- /dev/null +++ b/owl-bot-staging/v1/.eslintrc.json @@ -0,0 +1,3 @@ +{ + "extends": "./node_modules/gts" +} diff --git a/owl-bot-staging/v1/.gitignore b/owl-bot-staging/v1/.gitignore new file mode 100644 index 00000000..5d32b237 --- /dev/null +++ b/owl-bot-staging/v1/.gitignore @@ -0,0 +1,14 @@ +**/*.log +**/node_modules +.coverage +coverage +.nyc_output +docs/ +out/ +build/ +system-test/secrets.js +system-test/*key.json +*.lock +.DS_Store +package-lock.json +__pycache__ diff --git a/owl-bot-staging/v1/.jsdoc.js b/owl-bot-staging/v1/.jsdoc.js new file mode 100644 index 00000000..c7ff7c6b --- /dev/null +++ b/owl-bot-staging/v1/.jsdoc.js @@ -0,0 +1,55 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +'use strict'; + +module.exports = { + opts: { + readme: './README.md', + package: './package.json', + template: './node_modules/jsdoc-fresh', + recurse: true, + verbose: true, + destination: './docs/' + }, + plugins: [ + 'plugins/markdown', + 'jsdoc-region-tag' + ], + source: { + excludePattern: '(^|\\/|\\\\)[._]', + include: [ + 'build/src', + 'protos' + ], + includePattern: '\\.js$' + }, + templates: { + copyright: 'Copyright 2021 Google LLC', + includeDate: false, + sourceFiles: false, + systemName: '@google-cloud/kms', + theme: 'lumen', + default: { + outputSourceFiles: false + } + }, + markdown: { + idInHeadings: true + } +}; diff --git a/owl-bot-staging/v1/.mocharc.js b/owl-bot-staging/v1/.mocharc.js new file mode 100644 index 00000000..50bc7f79 --- /dev/null +++ b/owl-bot-staging/v1/.mocharc.js @@ -0,0 +1,33 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +const config = { + "enable-source-maps": true, + "throw-deprecation": true, + "timeout": 10000 +} +if (process.env.MOCHA_THROW_DEPRECATION === 'false') { + delete config['throw-deprecation']; +} +if (process.env.MOCHA_REPORTER) { + config.reporter = process.env.MOCHA_REPORTER; +} +if (process.env.MOCHA_REPORTER_OUTPUT) { + config['reporter-option'] = `output=${process.env.MOCHA_REPORTER_OUTPUT}`; +} +module.exports = config diff --git a/owl-bot-staging/v1/.prettierrc.js b/owl-bot-staging/v1/.prettierrc.js new file mode 100644 index 00000000..84f4713a --- /dev/null +++ b/owl-bot-staging/v1/.prettierrc.js @@ -0,0 +1,22 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + +module.exports = { + ...require('gts/.prettierrc.json') +} diff --git a/owl-bot-staging/v1/README.md b/owl-bot-staging/v1/README.md new file mode 100644 index 00000000..ea8e413e --- /dev/null +++ b/owl-bot-staging/v1/README.md @@ -0,0 +1 @@ +Kms: Nodejs Client diff --git a/owl-bot-staging/v1/linkinator.config.json b/owl-bot-staging/v1/linkinator.config.json new file mode 100644 index 00000000..29a223b6 --- /dev/null +++ b/owl-bot-staging/v1/linkinator.config.json @@ -0,0 +1,10 @@ +{ + "recurse": true, + "skip": [ + "https://codecov.io/gh/googleapis/", + "www.googleapis.com", + "img.shields.io" + ], + "silent": true, + "concurrency": 10 +} diff --git a/owl-bot-staging/v1/package.json b/owl-bot-staging/v1/package.json new file mode 100644 index 00000000..c867c563 --- /dev/null +++ b/owl-bot-staging/v1/package.json @@ -0,0 +1,64 @@ +{ + "name": "@google-cloud/kms", + "version": "0.1.0", + "description": "Kms client for Node.js", + "repository": "googleapis/nodejs-kms", + "license": "Apache-2.0", + "author": "Google LLC", + "main": "build/src/index.js", + "files": [ + "build/src", + "build/protos" + ], + "keywords": [ + "google apis client", + "google api client", + "google apis", + "google api", + "google", + "google cloud platform", + "google cloud", + "cloud", + "google kms", + "kms", + "key management service" + ], + "scripts": { + "clean": "gts clean", + "compile": "tsc -p . && cp -r protos build/", + "compile-protos": "compileProtos src", + "docs": "jsdoc -c .jsdoc.js", + "predocs-test": "npm run docs", + "docs-test": "linkinator docs", + "fix": "gts fix", + "lint": "gts check", + "prepare": "npm run compile-protos && npm run compile", + "system-test": "c8 mocha build/system-test", + "test": "c8 mocha build/test" + }, + "dependencies": { + "google-gax": "^2.19.0" + }, + "devDependencies": { + "@types/mocha": "^9.0.0", + "@types/node": "^14.17.3", + "@types/sinon": "^10.0.2", + "c8": "^7.7.3", + "gts": "^3.1.0", + "jsdoc": "^3.6.7", + "jsdoc-fresh": "^1.1.0", + "jsdoc-region-tag": "^1.1.0", + "linkinator": "^2.13.6", + "mocha": "^9.0.2", + "null-loader": "^4.0.1", + "pack-n-play": "^1.0.0-2", + "sinon": "^11.1.1", + "ts-loader": "^9.2.3", + "typescript": "^4.3.4", + "webpack": "^5.39.1", + "webpack-cli": "^4.7.2" + }, + "engines": { + "node": ">=v10.24.0" + } +} diff --git a/owl-bot-staging/v1/protos/google/cloud/kms/v1/resources.proto b/owl-bot-staging/v1/protos/google/cloud/kms/v1/resources.proto new file mode 100644 index 00000000..b03e22b9 --- /dev/null +++ b/owl-bot-staging/v1/protos/google/cloud/kms/v1/resources.proto @@ -0,0 +1,634 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.kms.v1; + +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; +import "google/protobuf/duration.proto"; +import "google/protobuf/timestamp.proto"; +import "google/protobuf/wrappers.proto"; +import "google/api/annotations.proto"; + +option cc_enable_arenas = true; +option csharp_namespace = "Google.Cloud.Kms.V1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/kms/v1;kms"; +option java_multiple_files = true; +option java_outer_classname = "KmsResourcesProto"; +option java_package = "com.google.cloud.kms.v1"; +option php_namespace = "Google\\Cloud\\Kms\\V1"; + +// A [KeyRing][google.cloud.kms.v1.KeyRing] is a toplevel logical grouping of [CryptoKeys][google.cloud.kms.v1.CryptoKey]. +message KeyRing { + option (google.api.resource) = { + type: "cloudkms.googleapis.com/KeyRing" + pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}" + }; + + // Output only. The resource name for the [KeyRing][google.cloud.kms.v1.KeyRing] in the format + // `projects/*/locations/*/keyRings/*`. + string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time at which this [KeyRing][google.cloud.kms.v1.KeyRing] was created. + google.protobuf.Timestamp create_time = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; +} + +// A [CryptoKey][google.cloud.kms.v1.CryptoKey] represents a logical key that can be used for cryptographic +// operations. +// +// A [CryptoKey][google.cloud.kms.v1.CryptoKey] is made up of zero or more [versions][google.cloud.kms.v1.CryptoKeyVersion], +// which represent the actual key material used in cryptographic operations. +message CryptoKey { + option (google.api.resource) = { + type: "cloudkms.googleapis.com/CryptoKey" + pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}" + }; + + // [CryptoKeyPurpose][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose] describes the cryptographic capabilities of a + // [CryptoKey][google.cloud.kms.v1.CryptoKey]. A given key can only be used for the operations allowed by + // its purpose. For more information, see + // [Key purposes](https://cloud.google.com/kms/docs/algorithms#key_purposes). + enum CryptoKeyPurpose { + // Not specified. + CRYPTO_KEY_PURPOSE_UNSPECIFIED = 0; + + // [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used with + // [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and + // [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. + ENCRYPT_DECRYPT = 1; + + // [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used with + // [AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign] and + // [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]. + ASYMMETRIC_SIGN = 5; + + // [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used with + // [AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt] and + // [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]. + ASYMMETRIC_DECRYPT = 6; + + // [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used with + // [MacSign][google.cloud.kms.v1.KeyManagementService.MacSign]. + MAC = 9; + } + + // Output only. The resource name for this [CryptoKey][google.cloud.kms.v1.CryptoKey] in the format + // `projects/*/locations/*/keyRings/*/cryptoKeys/*`. + string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. A copy of the "primary" [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] that will be used + // by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] when this [CryptoKey][google.cloud.kms.v1.CryptoKey] is given + // in [EncryptRequest.name][google.cloud.kms.v1.EncryptRequest.name]. + // + // The [CryptoKey][google.cloud.kms.v1.CryptoKey]'s primary version can be updated via + // [UpdateCryptoKeyPrimaryVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVersion]. + // + // Keys with [purpose][google.cloud.kms.v1.CryptoKey.purpose] + // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT] may have a + // primary. For other keys, this field will be omitted. + CryptoKeyVersion primary = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Immutable. The immutable purpose of this [CryptoKey][google.cloud.kms.v1.CryptoKey]. + CryptoKeyPurpose purpose = 3 [(google.api.field_behavior) = IMMUTABLE]; + + // Output only. The time at which this [CryptoKey][google.cloud.kms.v1.CryptoKey] was created. + google.protobuf.Timestamp create_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // At [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time], the Key Management Service will automatically: + // + // 1. Create a new version of this [CryptoKey][google.cloud.kms.v1.CryptoKey]. + // 2. Mark the new version as primary. + // + // Key rotations performed manually via + // [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] and + // [UpdateCryptoKeyPrimaryVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVersion] + // do not affect [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time]. + // + // Keys with [purpose][google.cloud.kms.v1.CryptoKey.purpose] + // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT] support + // automatic rotation. For other keys, this field must be omitted. + google.protobuf.Timestamp next_rotation_time = 7; + + // Controls the rate of automatic rotation. + oneof rotation_schedule { + // [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time] will be advanced by this period when the service + // automatically rotates a key. Must be at least 24 hours and at most + // 876,000 hours. + // + // If [rotation_period][google.cloud.kms.v1.CryptoKey.rotation_period] is set, [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time] must also be set. + // + // Keys with [purpose][google.cloud.kms.v1.CryptoKey.purpose] + // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT] support + // automatic rotation. For other keys, this field must be omitted. + google.protobuf.Duration rotation_period = 8; + } + + // A template describing settings for new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] instances. + // The properties of new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] instances created by either + // [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] or + // auto-rotation are controlled by this template. + CryptoKeyVersionTemplate version_template = 11; + + // Labels with user-defined metadata. For more information, see + // [Labeling Keys](https://cloud.google.com/kms/docs/labeling-keys). + map labels = 10; + + // Immutable. Whether this key may contain imported versions only. + bool import_only = 13 [(google.api.field_behavior) = IMMUTABLE]; + + // Immutable. The period of time that versions of this key spend in the + // [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] + // state before transitioning to + // [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED]. If not + // specified at creation time, the default duration is 24 hours. + google.protobuf.Duration destroy_scheduled_duration = 14 [(google.api.field_behavior) = IMMUTABLE]; +} + +// A [CryptoKeyVersionTemplate][google.cloud.kms.v1.CryptoKeyVersionTemplate] specifies the properties to use when creating +// a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], either manually with +// [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] or +// automatically as a result of auto-rotation. +message CryptoKeyVersionTemplate { + // [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] to use when creating a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] based on + // this template. Immutable. Defaults to [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE]. + ProtectionLevel protection_level = 1; + + // Required. [Algorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] to use + // when creating a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] based on this template. + // + // For backwards compatibility, GOOGLE_SYMMETRIC_ENCRYPTION is implied if both + // this field is omitted and [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] is + // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]. + CryptoKeyVersion.CryptoKeyVersionAlgorithm algorithm = 3 [(google.api.field_behavior) = REQUIRED]; +} + +// Contains an HSM-generated attestation about a key operation. For more +// information, see [Verifying attestations] +// (https://cloud.google.com/kms/docs/attest-key). +message KeyOperationAttestation { + // Attestation formats provided by the HSM. + enum AttestationFormat { + // Not specified. + ATTESTATION_FORMAT_UNSPECIFIED = 0; + + // Cavium HSM attestation compressed with gzip. Note that this format is + // defined by Cavium and subject to change at any time. + CAVIUM_V1_COMPRESSED = 3; + + // Cavium HSM attestation V2 compressed with gzip. This is a new format + // introduced in Cavium's version 3.2-08. + CAVIUM_V2_COMPRESSED = 4; + } + + // Output only. The format of the attestation data. + AttestationFormat format = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The attestation data provided by the HSM when the key + // operation was performed. + bytes content = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; +} + +// A [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] represents an individual cryptographic key, and the +// associated key material. +// +// An [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] version can be +// used for cryptographic operations. +// +// For security reasons, the raw cryptographic key material represented by a +// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] can never be viewed or exported. It can only be used to +// encrypt, decrypt, or sign data when an authorized user or application invokes +// Cloud KMS. +message CryptoKeyVersion { + option (google.api.resource) = { + type: "cloudkms.googleapis.com/CryptoKeyVersion" + pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}" + }; + + // The algorithm of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], indicating what + // parameters must be used for each cryptographic operation. + // + // The + // [GOOGLE_SYMMETRIC_ENCRYPTION][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm.GOOGLE_SYMMETRIC_ENCRYPTION] + // algorithm is usable with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] + // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]. + // + // Algorithms beginning with "RSA_SIGN_" are usable with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] + // [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN]. + // + // The fields in the name after "RSA_SIGN_" correspond to the following + // parameters: padding algorithm, modulus bit length, and digest algorithm. + // + // For PSS, the salt length used is equal to the length of digest + // algorithm. For example, + // [RSA_SIGN_PSS_2048_SHA256][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256] + // will use PSS with a salt length of 256 bits or 32 bytes. + // + // Algorithms beginning with "RSA_DECRYPT_" are usable with + // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] + // [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT]. + // + // The fields in the name after "RSA_DECRYPT_" correspond to the following + // parameters: padding algorithm, modulus bit length, and digest algorithm. + // + // Algorithms beginning with "EC_SIGN_" are usable with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] + // [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN]. + // + // The fields in the name after "EC_SIGN_" correspond to the following + // parameters: elliptic curve, digest algorithm. + // + // Algorithms beginning with "HMAC_" are usable with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] + // [MAC][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.MAC]. + // + // The suffix following "HMAC_" corresponds to the hash algorithm being used + // (eg. SHA256). + // + // For more information, see [Key purposes and algorithms] + // (https://cloud.google.com/kms/docs/algorithms). + enum CryptoKeyVersionAlgorithm { + // Not specified. + CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED = 0; + + // Creates symmetric encryption keys. + GOOGLE_SYMMETRIC_ENCRYPTION = 1; + + // RSASSA-PSS 2048 bit key with a SHA256 digest. + RSA_SIGN_PSS_2048_SHA256 = 2; + + // RSASSA-PSS 3072 bit key with a SHA256 digest. + RSA_SIGN_PSS_3072_SHA256 = 3; + + // RSASSA-PSS 4096 bit key with a SHA256 digest. + RSA_SIGN_PSS_4096_SHA256 = 4; + + // RSASSA-PSS 4096 bit key with a SHA512 digest. + RSA_SIGN_PSS_4096_SHA512 = 15; + + // RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_2048_SHA256 = 5; + + // RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_3072_SHA256 = 6; + + // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. + RSA_SIGN_PKCS1_4096_SHA256 = 7; + + // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. + RSA_SIGN_PKCS1_4096_SHA512 = 16; + + // RSAES-OAEP 2048 bit key with a SHA256 digest. + RSA_DECRYPT_OAEP_2048_SHA256 = 8; + + // RSAES-OAEP 3072 bit key with a SHA256 digest. + RSA_DECRYPT_OAEP_3072_SHA256 = 9; + + // RSAES-OAEP 4096 bit key with a SHA256 digest. + RSA_DECRYPT_OAEP_4096_SHA256 = 10; + + // RSAES-OAEP 4096 bit key with a SHA512 digest. + RSA_DECRYPT_OAEP_4096_SHA512 = 17; + + // ECDSA on the NIST P-256 curve with a SHA256 digest. + EC_SIGN_P256_SHA256 = 12; + + // ECDSA on the NIST P-384 curve with a SHA384 digest. + EC_SIGN_P384_SHA384 = 13; + + // ECDSA on the non-NIST secp256k1 curve. This curve is only supported for + // HSM protection level. + EC_SIGN_SECP256K1_SHA256 = 31; + + // HMAC-SHA256 signing with a 256 bit key. + HMAC_SHA256 = 32; + + // Algorithm representing symmetric encryption by an external key manager. + EXTERNAL_SYMMETRIC_ENCRYPTION = 18; + } + + // The state of a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], indicating if it can be used. + enum CryptoKeyVersionState { + // Not specified. + CRYPTO_KEY_VERSION_STATE_UNSPECIFIED = 0; + + // This version is still being generated. It may not be used, enabled, + // disabled, or destroyed yet. Cloud KMS will automatically mark this + // version [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] as soon as the version is ready. + PENDING_GENERATION = 5; + + // This version may be used for cryptographic operations. + ENABLED = 1; + + // This version may not be used, but the key material is still available, + // and the version can be placed back into the [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] state. + DISABLED = 2; + + // This version is destroyed, and the key material is no longer stored. + DESTROYED = 3; + + // This version is scheduled for destruction, and will be destroyed soon. + // Call + // [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] + // to put it back into the [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] state. + DESTROY_SCHEDULED = 4; + + // This version is still being imported. It may not be used, enabled, + // disabled, or destroyed yet. Cloud KMS will automatically mark this + // version [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] as soon as the version is ready. + PENDING_IMPORT = 6; + + // This version was not imported successfully. It may not be used, enabled, + // disabled, or destroyed. The submitted key material has been discarded. + // Additional details can be found in + // [CryptoKeyVersion.import_failure_reason][google.cloud.kms.v1.CryptoKeyVersion.import_failure_reason]. + IMPORT_FAILED = 7; + } + + // A view for [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]s. Controls the level of detail returned + // for [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] in + // [KeyManagementService.ListCryptoKeyVersions][google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions] and + // [KeyManagementService.ListCryptoKeys][google.cloud.kms.v1.KeyManagementService.ListCryptoKeys]. + enum CryptoKeyVersionView { + // Default view for each [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Does not include + // the [attestation][google.cloud.kms.v1.CryptoKeyVersion.attestation] field. + CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED = 0; + + // Provides all fields in each [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], including the + // [attestation][google.cloud.kms.v1.CryptoKeyVersion.attestation]. + FULL = 1; + } + + // Output only. The resource name for this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the format + // `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. + string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // The current state of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. + CryptoKeyVersionState state = 3; + + // Output only. The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] describing how crypto operations are + // performed with this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. + ProtectionLevel protection_level = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The [CryptoKeyVersionAlgorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] that this + // [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] supports. + CryptoKeyVersionAlgorithm algorithm = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Statement that was generated and signed by the HSM at key + // creation time. Use this statement to verify attributes of the key as stored + // on the HSM, independently of Google. Only provided for key versions with + // [protection_level][google.cloud.kms.v1.CryptoKeyVersion.protection_level] [HSM][google.cloud.kms.v1.ProtectionLevel.HSM]. + KeyOperationAttestation attestation = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time at which this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] was created. + google.protobuf.Timestamp create_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s key material was + // generated. + google.protobuf.Timestamp generate_time = 11 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s key material is scheduled + // for destruction. Only present if [state][google.cloud.kms.v1.CryptoKeyVersion.state] is + // [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]. + google.protobuf.Timestamp destroy_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time this CryptoKeyVersion's key material was + // destroyed. Only present if [state][google.cloud.kms.v1.CryptoKeyVersion.state] is + // [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED]. + google.protobuf.Timestamp destroy_event_time = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The name of the [ImportJob][google.cloud.kms.v1.ImportJob] used to import this + // [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Only present if the underlying key material was + // imported. + string import_job = 14 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time at which this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s key material + // was imported. + google.protobuf.Timestamp import_time = 15 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The root cause of an import failure. Only present if + // [state][google.cloud.kms.v1.CryptoKeyVersion.state] is + // [IMPORT_FAILED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.IMPORT_FAILED]. + string import_failure_reason = 16 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // ExternalProtectionLevelOptions stores a group of additional fields for + // configuring a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] that are specific to the + // [EXTERNAL][google.cloud.kms.v1.ProtectionLevel.EXTERNAL] protection level. + ExternalProtectionLevelOptions external_protection_level_options = 17; +} + +// The public key for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Obtained via +// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]. +message PublicKey { + option (google.api.resource) = { + type: "cloudkms.googleapis.com/PublicKey" + pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}/publicKey" + }; + + // The public key, encoded in PEM format. For more information, see the + // [RFC 7468](https://tools.ietf.org/html/rfc7468) sections for + // [General Considerations](https://tools.ietf.org/html/rfc7468#section-2) and + // [Textual Encoding of Subject Public Key Info] + // (https://tools.ietf.org/html/rfc7468#section-13). + string pem = 1; + + // The [Algorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] associated + // with this key. + CryptoKeyVersion.CryptoKeyVersionAlgorithm algorithm = 2; + + // Integrity verification field. A CRC32C checksum of the returned + // [PublicKey.pem][google.cloud.kms.v1.PublicKey.pem]. An integrity check of [PublicKey.pem][google.cloud.kms.v1.PublicKey.pem] can be performed + // by computing the CRC32C checksum of [PublicKey.pem][google.cloud.kms.v1.PublicKey.pem] and + // comparing your results to this field. Discard the response in case of + // non-matching checksum values, and perform a limited number of retries. A + // persistent mismatch may indicate an issue in your computation of the CRC32C + // checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + // + // NOTE: This field is in Beta. + google.protobuf.Int64Value pem_crc32c = 3; + + // The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] public key. + // Provided here for verification. + // + // NOTE: This field is in Beta. + string name = 4; + + // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] public key. + ProtectionLevel protection_level = 5; +} + +// An [ImportJob][google.cloud.kms.v1.ImportJob] can be used to create [CryptoKeys][google.cloud.kms.v1.CryptoKey] and +// [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] using pre-existing key material, +// generated outside of Cloud KMS. +// +// When an [ImportJob][google.cloud.kms.v1.ImportJob] is created, Cloud KMS will generate a "wrapping key", +// which is a public/private key pair. You use the wrapping key to encrypt (also +// known as wrap) the pre-existing key material to protect it during the import +// process. The nature of the wrapping key depends on the choice of +// [import_method][google.cloud.kms.v1.ImportJob.import_method]. When the wrapping key generation +// is complete, the [state][google.cloud.kms.v1.ImportJob.state] will be set to +// [ACTIVE][google.cloud.kms.v1.ImportJob.ImportJobState.ACTIVE] and the [public_key][google.cloud.kms.v1.ImportJob.public_key] +// can be fetched. The fetched public key can then be used to wrap your +// pre-existing key material. +// +// Once the key material is wrapped, it can be imported into a new +// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in an existing [CryptoKey][google.cloud.kms.v1.CryptoKey] by calling +// [ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion]. +// Multiple [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] can be imported with a single +// [ImportJob][google.cloud.kms.v1.ImportJob]. Cloud KMS uses the private key portion of the wrapping key to +// unwrap the key material. Only Cloud KMS has access to the private key. +// +// An [ImportJob][google.cloud.kms.v1.ImportJob] expires 3 days after it is created. Once expired, Cloud KMS +// will no longer be able to import or unwrap any key material that was wrapped +// with the [ImportJob][google.cloud.kms.v1.ImportJob]'s public key. +// +// For more information, see +// [Importing a key](https://cloud.google.com/kms/docs/importing-a-key). +message ImportJob { + option (google.api.resource) = { + type: "cloudkms.googleapis.com/ImportJob" + pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}/importJobs/{import_job}" + }; + + // The public key component of the wrapping key. For details of the type of + // key this public key corresponds to, see the [ImportMethod][google.cloud.kms.v1.ImportJob.ImportMethod]. + message WrappingPublicKey { + // The public key, encoded in PEM format. For more information, see the [RFC + // 7468](https://tools.ietf.org/html/rfc7468) sections for [General + // Considerations](https://tools.ietf.org/html/rfc7468#section-2) and + // [Textual Encoding of Subject Public Key Info] + // (https://tools.ietf.org/html/rfc7468#section-13). + string pem = 1; + } + + // [ImportMethod][google.cloud.kms.v1.ImportJob.ImportMethod] describes the key wrapping method chosen for this + // [ImportJob][google.cloud.kms.v1.ImportJob]. + enum ImportMethod { + // Not specified. + IMPORT_METHOD_UNSPECIFIED = 0; + + // This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping + // scheme defined in the PKCS #11 standard. In summary, this involves + // wrapping the raw key with an ephemeral AES key, and wrapping the + // ephemeral AES key with a 3072 bit RSA key. For more details, see + // [RSA AES key wrap + // mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908). + RSA_OAEP_3072_SHA1_AES_256 = 1; + + // This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping + // scheme defined in the PKCS #11 standard. In summary, this involves + // wrapping the raw key with an ephemeral AES key, and wrapping the + // ephemeral AES key with a 4096 bit RSA key. For more details, see + // [RSA AES key wrap + // mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908). + RSA_OAEP_4096_SHA1_AES_256 = 2; + } + + // The state of the [ImportJob][google.cloud.kms.v1.ImportJob], indicating if it can be used. + enum ImportJobState { + // Not specified. + IMPORT_JOB_STATE_UNSPECIFIED = 0; + + // The wrapping key for this job is still being generated. It may not be + // used. Cloud KMS will automatically mark this job as + // [ACTIVE][google.cloud.kms.v1.ImportJob.ImportJobState.ACTIVE] as soon as the wrapping key is generated. + PENDING_GENERATION = 1; + + // This job may be used in + // [CreateCryptoKey][google.cloud.kms.v1.KeyManagementService.CreateCryptoKey] and + // [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] + // requests. + ACTIVE = 2; + + // This job can no longer be used and may not leave this state once entered. + EXPIRED = 3; + } + + // Output only. The resource name for this [ImportJob][google.cloud.kms.v1.ImportJob] in the format + // `projects/*/locations/*/keyRings/*/importJobs/*`. + string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Required. Immutable. The wrapping method to be used for incoming key material. + ImportMethod import_method = 2 [ + (google.api.field_behavior) = REQUIRED, + (google.api.field_behavior) = IMMUTABLE + ]; + + // Required. Immutable. The protection level of the [ImportJob][google.cloud.kms.v1.ImportJob]. This must match the + // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level] of the + // [version_template][google.cloud.kms.v1.CryptoKey.version_template] on the [CryptoKey][google.cloud.kms.v1.CryptoKey] you + // attempt to import into. + ProtectionLevel protection_level = 9 [ + (google.api.field_behavior) = REQUIRED, + (google.api.field_behavior) = IMMUTABLE + ]; + + // Output only. The time at which this [ImportJob][google.cloud.kms.v1.ImportJob] was created. + google.protobuf.Timestamp create_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time this [ImportJob][google.cloud.kms.v1.ImportJob]'s key material was generated. + google.protobuf.Timestamp generate_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time at which this [ImportJob][google.cloud.kms.v1.ImportJob] is scheduled for + // expiration and can no longer be used to import key material. + google.protobuf.Timestamp expire_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time this [ImportJob][google.cloud.kms.v1.ImportJob] expired. Only present if + // [state][google.cloud.kms.v1.ImportJob.state] is [EXPIRED][google.cloud.kms.v1.ImportJob.ImportJobState.EXPIRED]. + google.protobuf.Timestamp expire_event_time = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The current state of the [ImportJob][google.cloud.kms.v1.ImportJob], indicating if it can + // be used. + ImportJobState state = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The public key with which to wrap key material prior to + // import. Only returned if [state][google.cloud.kms.v1.ImportJob.state] is + // [ACTIVE][google.cloud.kms.v1.ImportJob.ImportJobState.ACTIVE]. + WrappingPublicKey public_key = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Statement that was generated and signed by the key creator + // (for example, an HSM) at key creation time. Use this statement to verify + // attributes of the key as stored on the HSM, independently of Google. + // Only present if the chosen [ImportMethod][google.cloud.kms.v1.ImportJob.ImportMethod] is one with a protection + // level of [HSM][google.cloud.kms.v1.ProtectionLevel.HSM]. + KeyOperationAttestation attestation = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; +} + +// [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] specifies how cryptographic operations are performed. +// For more information, see [Protection levels] +// (https://cloud.google.com/kms/docs/algorithms#protection_levels). +enum ProtectionLevel { + // Not specified. + PROTECTION_LEVEL_UNSPECIFIED = 0; + + // Crypto operations are performed in software. + SOFTWARE = 1; + + // Crypto operations are performed in a Hardware Security Module. + HSM = 2; + + // Crypto operations are performed by an external key manager. + EXTERNAL = 3; +} + +// ExternalProtectionLevelOptions stores a group of additional fields for +// configuring a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] that are specific to the +// [EXTERNAL][google.cloud.kms.v1.ProtectionLevel.EXTERNAL] protection level. +message ExternalProtectionLevelOptions { + // The URI for an external resource that this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] represents. + string external_key_uri = 1; +} diff --git a/owl-bot-staging/v1/protos/google/cloud/kms/v1/service.proto b/owl-bot-staging/v1/protos/google/cloud/kms/v1/service.proto new file mode 100644 index 00000000..ba3baf28 --- /dev/null +++ b/owl-bot-staging/v1/protos/google/cloud/kms/v1/service.proto @@ -0,0 +1,1307 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.kms.v1; + +import "google/api/annotations.proto"; +import "google/api/client.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; +import "google/cloud/kms/v1/resources.proto"; +import "google/protobuf/field_mask.proto"; +import "google/protobuf/wrappers.proto"; + +option cc_enable_arenas = true; +option csharp_namespace = "Google.Cloud.Kms.V1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/kms/v1;kms"; +option java_multiple_files = true; +option java_outer_classname = "KmsProto"; +option java_package = "com.google.cloud.kms.v1"; +option php_namespace = "Google\\Cloud\\Kms\\V1"; + +// Google Cloud Key Management Service +// +// Manages cryptographic keys and operations using those keys. Implements a REST +// model with the following objects: +// +// * [KeyRing][google.cloud.kms.v1.KeyRing] +// * [CryptoKey][google.cloud.kms.v1.CryptoKey] +// * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] +// * [ImportJob][google.cloud.kms.v1.ImportJob] +// +// If you are using manual gRPC libraries, see +// [Using gRPC with Cloud KMS](https://cloud.google.com/kms/docs/grpc). +service KeyManagementService { + option (google.api.default_host) = "cloudkms.googleapis.com"; + option (google.api.oauth_scopes) = + "https://www.googleapis.com/auth/cloud-platform," + "https://www.googleapis.com/auth/cloudkms"; + + // Lists [KeyRings][google.cloud.kms.v1.KeyRing]. + rpc ListKeyRings(ListKeyRingsRequest) returns (ListKeyRingsResponse) { + option (google.api.http) = { + get: "/v1/{parent=projects/*/locations/*}/keyRings" + }; + option (google.api.method_signature) = "parent"; + } + + // Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey]. + rpc ListCryptoKeys(ListCryptoKeysRequest) returns (ListCryptoKeysResponse) { + option (google.api.http) = { + get: "/v1/{parent=projects/*/locations/*/keyRings/*}/cryptoKeys" + }; + option (google.api.method_signature) = "parent"; + } + + // Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion]. + rpc ListCryptoKeyVersions(ListCryptoKeyVersionsRequest) returns (ListCryptoKeyVersionsResponse) { + option (google.api.http) = { + get: "/v1/{parent=projects/*/locations/*/keyRings/*/cryptoKeys/*}/cryptoKeyVersions" + }; + option (google.api.method_signature) = "parent"; + } + + // Lists [ImportJobs][google.cloud.kms.v1.ImportJob]. + rpc ListImportJobs(ListImportJobsRequest) returns (ListImportJobsResponse) { + option (google.api.http) = { + get: "/v1/{parent=projects/*/locations/*/keyRings/*}/importJobs" + }; + option (google.api.method_signature) = "parent"; + } + + // Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing]. + rpc GetKeyRing(GetKeyRingRequest) returns (KeyRing) { + option (google.api.http) = { + get: "/v1/{name=projects/*/locations/*/keyRings/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its + // [primary][google.cloud.kms.v1.CryptoKey.primary] [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. + rpc GetCryptoKey(GetCryptoKeyRequest) returns (CryptoKey) { + option (google.api.http) = { + get: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. + rpc GetCryptoKeyVersion(GetCryptoKeyVersionRequest) returns (CryptoKeyVersion) { + option (google.api.http) = { + get: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The + // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be + // [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN] or + // [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT]. + rpc GetPublicKey(GetPublicKeyRequest) returns (PublicKey) { + option (google.api.http) = { + get: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}/publicKey" + }; + option (google.api.method_signature) = "name"; + } + + // Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob]. + rpc GetImportJob(GetImportJobRequest) returns (ImportJob) { + option (google.api.http) = { + get: "/v1/{name=projects/*/locations/*/keyRings/*/importJobs/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location. + rpc CreateKeyRing(CreateKeyRingRequest) returns (KeyRing) { + option (google.api.http) = { + post: "/v1/{parent=projects/*/locations/*}/keyRings" + body: "key_ring" + }; + option (google.api.method_signature) = "parent,key_ring_id,key_ring"; + } + + // Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a [KeyRing][google.cloud.kms.v1.KeyRing]. + // + // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and + // [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm] + // are required. + rpc CreateCryptoKey(CreateCryptoKeyRequest) returns (CryptoKey) { + option (google.api.http) = { + post: "/v1/{parent=projects/*/locations/*/keyRings/*}/cryptoKeys" + body: "crypto_key" + }; + option (google.api.method_signature) = "parent,crypto_key_id,crypto_key"; + } + + // Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a [CryptoKey][google.cloud.kms.v1.CryptoKey]. + // + // The server will assign the next sequential id. If unset, + // [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to + // [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]. + rpc CreateCryptoKeyVersion(CreateCryptoKeyVersionRequest) returns (CryptoKeyVersion) { + option (google.api.http) = { + post: "/v1/{parent=projects/*/locations/*/keyRings/*/cryptoKeys/*}/cryptoKeyVersions" + body: "crypto_key_version" + }; + option (google.api.method_signature) = "parent,crypto_key_version"; + } + + // Imports a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] into an existing [CryptoKey][google.cloud.kms.v1.CryptoKey] using the + // wrapped key material provided in the request. + // + // The version ID will be assigned the next sequential id within the + // [CryptoKey][google.cloud.kms.v1.CryptoKey]. + rpc ImportCryptoKeyVersion(ImportCryptoKeyVersionRequest) returns (CryptoKeyVersion) { + option (google.api.http) = { + post: "/v1/{parent=projects/*/locations/*/keyRings/*/cryptoKeys/*}/cryptoKeyVersions:import" + body: "*" + }; + } + + // Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a [KeyRing][google.cloud.kms.v1.KeyRing]. + // + // [ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is required. + rpc CreateImportJob(CreateImportJobRequest) returns (ImportJob) { + option (google.api.http) = { + post: "/v1/{parent=projects/*/locations/*/keyRings/*}/importJobs" + body: "import_job" + }; + option (google.api.method_signature) = "parent,import_job_id,import_job"; + } + + // Update a [CryptoKey][google.cloud.kms.v1.CryptoKey]. + rpc UpdateCryptoKey(UpdateCryptoKeyRequest) returns (CryptoKey) { + option (google.api.http) = { + patch: "/v1/{crypto_key.name=projects/*/locations/*/keyRings/*/cryptoKeys/*}" + body: "crypto_key" + }; + option (google.api.method_signature) = "crypto_key,update_mask"; + } + + // Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s metadata. + // + // [state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between + // [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] and + // [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this + // method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to + // move between other states. + rpc UpdateCryptoKeyVersion(UpdateCryptoKeyVersionRequest) returns (CryptoKeyVersion) { + option (google.api.http) = { + patch: "/v1/{crypto_key_version.name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}" + body: "crypto_key_version" + }; + option (google.api.method_signature) = "crypto_key_version,update_mask"; + } + + // Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. + // + // Returns an error if called on a key whose purpose is not + // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]. + rpc UpdateCryptoKeyPrimaryVersion(UpdateCryptoKeyPrimaryVersionRequest) returns (CryptoKey) { + option (google.api.http) = { + post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*}:updatePrimaryVersion" + body: "*" + }; + option (google.api.method_signature) = "name,crypto_key_version_id"; + } + + // Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction. + // + // Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to + // [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] + // and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be set to a time 24 + // hours in the future, at which point the [state][google.cloud.kms.v1.CryptoKeyVersion.state] + // will be changed to + // [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED], and the key + // material will be irrevocably destroyed. + // + // Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached, + // [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process. + rpc DestroyCryptoKeyVersion(DestroyCryptoKeyVersionRequest) returns (CryptoKeyVersion) { + option (google.api.http) = { + post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:destroy" + body: "*" + }; + option (google.api.method_signature) = "name"; + } + + // Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the + // [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] + // state. + // + // Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state] + // will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED], + // and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared. + rpc RestoreCryptoKeyVersion(RestoreCryptoKeyVersionRequest) returns (CryptoKeyVersion) { + option (google.api.http) = { + post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:restore" + body: "*" + }; + option (google.api.method_signature) = "name"; + } + + // Encrypts data, so that it can only be recovered by a call to [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. + // The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be + // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]. + rpc Encrypt(EncryptRequest) returns (EncryptResponse) { + option (google.api.http) = { + post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/**}:encrypt" + body: "*" + }; + option (google.api.method_signature) = "name,plaintext"; + } + + // Decrypts data that was protected by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] + // must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]. + rpc Decrypt(DecryptRequest) returns (DecryptResponse) { + option (google.api.http) = { + post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*}:decrypt" + body: "*" + }; + option (google.api.method_signature) = "name,ciphertext"; + } + + // Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] + // ASYMMETRIC_SIGN, producing a signature that can be verified with the public + // key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]. + rpc AsymmetricSign(AsymmetricSignRequest) returns (AsymmetricSignResponse) { + option (google.api.http) = { + post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:asymmetricSign" + body: "*" + }; + option (google.api.method_signature) = "name,digest"; + } + + // Decrypts data that was encrypted with a public key retrieved from + // [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with + // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT. + rpc AsymmetricDecrypt(AsymmetricDecryptRequest) returns (AsymmetricDecryptResponse) { + option (google.api.http) = { + post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:asymmetricDecrypt" + body: "*" + }; + option (google.api.method_signature) = "name,ciphertext"; + } + + // Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] + // MAC, producing a tag that can be verified by another source with the + // same key. + rpc MacSign(MacSignRequest) returns (MacSignResponse) { + option (google.api.http) = { + post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:macSign" + body: "*" + }; + option (google.api.method_signature) = "name,data"; + } + + // Verifies MAC tag using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] + // MAC, and returns a response that indicates whether or not the verification + // was successful. + rpc MacVerify(MacVerifyRequest) returns (MacVerifyResponse) { + option (google.api.http) = { + post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:macVerify" + body: "*" + }; + option (google.api.method_signature) = "name,data,mac"; + } + + // Generate random bytes using the Cloud KMS randomness source in the provided + // location. + rpc GenerateRandomBytes(GenerateRandomBytesRequest) returns (GenerateRandomBytesResponse) { + option (google.api.http) = { + post: "/v1/{location=projects/*/locations/*}:generateRandomBytes" + body: "*" + }; + option (google.api.method_signature) = "location,length_bytes,protection_level"; + } +} + +// Request message for [KeyManagementService.ListKeyRings][google.cloud.kms.v1.KeyManagementService.ListKeyRings]. +message ListKeyRingsRequest { + // Required. The resource name of the location associated with the + // [KeyRings][google.cloud.kms.v1.KeyRing], in the format `projects/*/locations/*`. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "locations.googleapis.com/Location" + } + ]; + + // Optional. Optional limit on the number of [KeyRings][google.cloud.kms.v1.KeyRing] to include in the + // response. Further [KeyRings][google.cloud.kms.v1.KeyRing] can subsequently be obtained by + // including the [ListKeyRingsResponse.next_page_token][google.cloud.kms.v1.ListKeyRingsResponse.next_page_token] in a subsequent + // request. If unspecified, the server will pick an appropriate default. + int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Optional pagination token, returned earlier via + // [ListKeyRingsResponse.next_page_token][google.cloud.kms.v1.ListKeyRingsResponse.next_page_token]. + string page_token = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Only include resources that match the filter in the response. For + // more information, see + // [Sorting and filtering list + // results](https://cloud.google.com/kms/docs/sorting-and-filtering). + string filter = 4 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Specify how the results should be sorted. If not specified, the + // results will be sorted in the default order. For more information, see + // [Sorting and filtering list + // results](https://cloud.google.com/kms/docs/sorting-and-filtering). + string order_by = 5 [(google.api.field_behavior) = OPTIONAL]; +} + +// Request message for [KeyManagementService.ListCryptoKeys][google.cloud.kms.v1.KeyManagementService.ListCryptoKeys]. +message ListCryptoKeysRequest { + // Required. The resource name of the [KeyRing][google.cloud.kms.v1.KeyRing] to list, in the format + // `projects/*/locations/*/keyRings/*`. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/KeyRing" + } + ]; + + // Optional. Optional limit on the number of [CryptoKeys][google.cloud.kms.v1.CryptoKey] to include in the + // response. Further [CryptoKeys][google.cloud.kms.v1.CryptoKey] can subsequently be obtained by + // including the [ListCryptoKeysResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token] in a subsequent + // request. If unspecified, the server will pick an appropriate default. + int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Optional pagination token, returned earlier via + // [ListCryptoKeysResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token]. + string page_token = 3 [(google.api.field_behavior) = OPTIONAL]; + + // The fields of the primary version to include in the response. + CryptoKeyVersion.CryptoKeyVersionView version_view = 4; + + // Optional. Only include resources that match the filter in the response. For + // more information, see + // [Sorting and filtering list + // results](https://cloud.google.com/kms/docs/sorting-and-filtering). + string filter = 5 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Specify how the results should be sorted. If not specified, the + // results will be sorted in the default order. For more information, see + // [Sorting and filtering list + // results](https://cloud.google.com/kms/docs/sorting-and-filtering). + string order_by = 6 [(google.api.field_behavior) = OPTIONAL]; +} + +// Request message for [KeyManagementService.ListCryptoKeyVersions][google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions]. +message ListCryptoKeyVersionsRequest { + // Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to list, in the format + // `projects/*/locations/*/keyRings/*/cryptoKeys/*`. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKey" + } + ]; + + // Optional. Optional limit on the number of [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] to + // include in the response. Further [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] can + // subsequently be obtained by including the + // [ListCryptoKeyVersionsResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token] in a subsequent request. + // If unspecified, the server will pick an appropriate default. + int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Optional pagination token, returned earlier via + // [ListCryptoKeyVersionsResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token]. + string page_token = 3 [(google.api.field_behavior) = OPTIONAL]; + + // The fields to include in the response. + CryptoKeyVersion.CryptoKeyVersionView view = 4; + + // Optional. Only include resources that match the filter in the response. For + // more information, see + // [Sorting and filtering list + // results](https://cloud.google.com/kms/docs/sorting-and-filtering). + string filter = 5 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Specify how the results should be sorted. If not specified, the + // results will be sorted in the default order. For more information, see + // [Sorting and filtering list + // results](https://cloud.google.com/kms/docs/sorting-and-filtering). + string order_by = 6 [(google.api.field_behavior) = OPTIONAL]; +} + +// Request message for [KeyManagementService.ListImportJobs][google.cloud.kms.v1.KeyManagementService.ListImportJobs]. +message ListImportJobsRequest { + // Required. The resource name of the [KeyRing][google.cloud.kms.v1.KeyRing] to list, in the format + // `projects/*/locations/*/keyRings/*`. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/KeyRing" + } + ]; + + // Optional. Optional limit on the number of [ImportJobs][google.cloud.kms.v1.ImportJob] to include in the + // response. Further [ImportJobs][google.cloud.kms.v1.ImportJob] can subsequently be obtained by + // including the [ListImportJobsResponse.next_page_token][google.cloud.kms.v1.ListImportJobsResponse.next_page_token] in a subsequent + // request. If unspecified, the server will pick an appropriate default. + int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Optional pagination token, returned earlier via + // [ListImportJobsResponse.next_page_token][google.cloud.kms.v1.ListImportJobsResponse.next_page_token]. + string page_token = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Only include resources that match the filter in the response. For + // more information, see + // [Sorting and filtering list + // results](https://cloud.google.com/kms/docs/sorting-and-filtering). + string filter = 4 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Specify how the results should be sorted. If not specified, the + // results will be sorted in the default order. For more information, see + // [Sorting and filtering list + // results](https://cloud.google.com/kms/docs/sorting-and-filtering). + string order_by = 5 [(google.api.field_behavior) = OPTIONAL]; +} + +// Response message for [KeyManagementService.ListKeyRings][google.cloud.kms.v1.KeyManagementService.ListKeyRings]. +message ListKeyRingsResponse { + // The list of [KeyRings][google.cloud.kms.v1.KeyRing]. + repeated KeyRing key_rings = 1; + + // A token to retrieve next page of results. Pass this value in + // [ListKeyRingsRequest.page_token][google.cloud.kms.v1.ListKeyRingsRequest.page_token] to retrieve the next page of results. + string next_page_token = 2; + + // The total number of [KeyRings][google.cloud.kms.v1.KeyRing] that matched the query. + int32 total_size = 3; +} + +// Response message for [KeyManagementService.ListCryptoKeys][google.cloud.kms.v1.KeyManagementService.ListCryptoKeys]. +message ListCryptoKeysResponse { + // The list of [CryptoKeys][google.cloud.kms.v1.CryptoKey]. + repeated CryptoKey crypto_keys = 1; + + // A token to retrieve next page of results. Pass this value in + // [ListCryptoKeysRequest.page_token][google.cloud.kms.v1.ListCryptoKeysRequest.page_token] to retrieve the next page of results. + string next_page_token = 2; + + // The total number of [CryptoKeys][google.cloud.kms.v1.CryptoKey] that matched the query. + int32 total_size = 3; +} + +// Response message for [KeyManagementService.ListCryptoKeyVersions][google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions]. +message ListCryptoKeyVersionsResponse { + // The list of [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion]. + repeated CryptoKeyVersion crypto_key_versions = 1; + + // A token to retrieve next page of results. Pass this value in + // [ListCryptoKeyVersionsRequest.page_token][google.cloud.kms.v1.ListCryptoKeyVersionsRequest.page_token] to retrieve the next page of + // results. + string next_page_token = 2; + + // The total number of [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] that matched the + // query. + int32 total_size = 3; +} + +// Response message for [KeyManagementService.ListImportJobs][google.cloud.kms.v1.KeyManagementService.ListImportJobs]. +message ListImportJobsResponse { + // The list of [ImportJobs][google.cloud.kms.v1.ImportJob]. + repeated ImportJob import_jobs = 1; + + // A token to retrieve next page of results. Pass this value in + // [ListImportJobsRequest.page_token][google.cloud.kms.v1.ListImportJobsRequest.page_token] to retrieve the next page of results. + string next_page_token = 2; + + // The total number of [ImportJobs][google.cloud.kms.v1.ImportJob] that matched the query. + int32 total_size = 3; +} + +// Request message for [KeyManagementService.GetKeyRing][google.cloud.kms.v1.KeyManagementService.GetKeyRing]. +message GetKeyRingRequest { + // Required. The [name][google.cloud.kms.v1.KeyRing.name] of the [KeyRing][google.cloud.kms.v1.KeyRing] to get. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/KeyRing" + } + ]; +} + +// Request message for [KeyManagementService.GetCryptoKey][google.cloud.kms.v1.KeyManagementService.GetCryptoKey]. +message GetCryptoKeyRequest { + // Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to get. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKey" + } + ]; +} + +// Request message for [KeyManagementService.GetCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.GetCryptoKeyVersion]. +message GetCryptoKeyVersionRequest { + // Required. The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to get. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKeyVersion" + } + ]; +} + +// Request message for [KeyManagementService.GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]. +message GetPublicKeyRequest { + // Required. The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] public key to + // get. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKeyVersion" + } + ]; +} + +// Request message for [KeyManagementService.GetImportJob][google.cloud.kms.v1.KeyManagementService.GetImportJob]. +message GetImportJobRequest { + // Required. The [name][google.cloud.kms.v1.ImportJob.name] of the [ImportJob][google.cloud.kms.v1.ImportJob] to get. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/ImportJob" + } + ]; +} + +// Request message for [KeyManagementService.CreateKeyRing][google.cloud.kms.v1.KeyManagementService.CreateKeyRing]. +message CreateKeyRingRequest { + // Required. The resource name of the location associated with the + // [KeyRings][google.cloud.kms.v1.KeyRing], in the format `projects/*/locations/*`. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "locations.googleapis.com/Location" + } + ]; + + // Required. It must be unique within a location and match the regular + // expression `[a-zA-Z0-9_-]{1,63}` + string key_ring_id = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. A [KeyRing][google.cloud.kms.v1.KeyRing] with initial field values. + KeyRing key_ring = 3 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for [KeyManagementService.CreateCryptoKey][google.cloud.kms.v1.KeyManagementService.CreateCryptoKey]. +message CreateCryptoKeyRequest { + // Required. The [name][google.cloud.kms.v1.KeyRing.name] of the KeyRing associated with the + // [CryptoKeys][google.cloud.kms.v1.CryptoKey]. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/KeyRing" + } + ]; + + // Required. It must be unique within a KeyRing and match the regular + // expression `[a-zA-Z0-9_-]{1,63}` + string crypto_key_id = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. A [CryptoKey][google.cloud.kms.v1.CryptoKey] with initial field values. + CryptoKey crypto_key = 3 [(google.api.field_behavior) = REQUIRED]; + + // If set to true, the request will create a [CryptoKey][google.cloud.kms.v1.CryptoKey] without any + // [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion]. You must manually call + // [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] or + // [ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion] + // before you can use this [CryptoKey][google.cloud.kms.v1.CryptoKey]. + bool skip_initial_version_creation = 5; +} + +// Request message for [KeyManagementService.CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion]. +message CreateCryptoKeyVersionRequest { + // Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] associated with + // the [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion]. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKey" + } + ]; + + // Required. A [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with initial field values. + CryptoKeyVersion crypto_key_version = 2 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for [KeyManagementService.ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion]. +message ImportCryptoKeyVersionRequest { + // Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to + // be imported into. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKey" + } + ]; + + // Required. The [algorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] of + // the key being imported. This does not need to match the + // [version_template][google.cloud.kms.v1.CryptoKey.version_template] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] this + // version imports into. + CryptoKeyVersion.CryptoKeyVersionAlgorithm algorithm = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. The [name][google.cloud.kms.v1.ImportJob.name] of the [ImportJob][google.cloud.kms.v1.ImportJob] that was used to + // wrap this key material. + string import_job = 4 [(google.api.field_behavior) = REQUIRED]; + + // Required. The incoming wrapped key material that is to be imported. + oneof wrapped_key_material { + // Wrapped key material produced with + // [RSA_OAEP_3072_SHA1_AES_256][google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_3072_SHA1_AES_256] + // or + // [RSA_OAEP_4096_SHA1_AES_256][google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_4096_SHA1_AES_256]. + // + // This field contains the concatenation of two wrapped keys: + //
    + //
  1. An ephemeral AES-256 wrapping key wrapped with the + // [public_key][google.cloud.kms.v1.ImportJob.public_key] using RSAES-OAEP with SHA-1, + // MGF1 with SHA-1, and an empty label. + //
    2. + //
  2. The key to be imported, wrapped with the ephemeral AES-256 key + // using AES-KWP (RFC 5649). + //
    3. + //
+ // + // If importing symmetric key material, it is expected that the unwrapped + // key contains plain bytes. If importing asymmetric key material, it is + // expected that the unwrapped key is in PKCS#8-encoded DER format (the + // PrivateKeyInfo structure from RFC 5208). + // + // This format is the same as the format produced by PKCS#11 mechanism + // CKM_RSA_AES_KEY_WRAP. + bytes rsa_aes_wrapped_key = 5; + } +} + +// Request message for [KeyManagementService.CreateImportJob][google.cloud.kms.v1.KeyManagementService.CreateImportJob]. +message CreateImportJobRequest { + // Required. The [name][google.cloud.kms.v1.KeyRing.name] of the [KeyRing][google.cloud.kms.v1.KeyRing] associated with the + // [ImportJobs][google.cloud.kms.v1.ImportJob]. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/KeyRing" + } + ]; + + // Required. It must be unique within a KeyRing and match the regular + // expression `[a-zA-Z0-9_-]{1,63}` + string import_job_id = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. An [ImportJob][google.cloud.kms.v1.ImportJob] with initial field values. + ImportJob import_job = 3 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for [KeyManagementService.UpdateCryptoKey][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKey]. +message UpdateCryptoKeyRequest { + // Required. [CryptoKey][google.cloud.kms.v1.CryptoKey] with updated values. + CryptoKey crypto_key = 1 [(google.api.field_behavior) = REQUIRED]; + + // Required. List of fields to be updated in this request. + google.protobuf.FieldMask update_mask = 2 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for [KeyManagementService.UpdateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyVersion]. +message UpdateCryptoKeyVersionRequest { + // Required. [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with updated values. + CryptoKeyVersion crypto_key_version = 1 [(google.api.field_behavior) = REQUIRED]; + + // Required. List of fields to be updated in this request. + google.protobuf.FieldMask update_mask = 2 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for [KeyManagementService.UpdateCryptoKeyPrimaryVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVersion]. +message UpdateCryptoKeyPrimaryVersionRequest { + // Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to update. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKey" + } + ]; + + // Required. The id of the child [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use as primary. + string crypto_key_version_id = 2 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for [KeyManagementService.DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion]. +message DestroyCryptoKeyVersionRequest { + // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to destroy. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKeyVersion" + } + ]; +} + +// Request message for [KeyManagementService.RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]. +message RestoreCryptoKeyVersionRequest { + // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to restore. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKeyVersion" + } + ]; +} + +// Request message for [KeyManagementService.Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. +message EncryptRequest { + // Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] or [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] + // to use for encryption. + // + // If a [CryptoKey][google.cloud.kms.v1.CryptoKey] is specified, the server will use its + // [primary version][google.cloud.kms.v1.CryptoKey.primary]. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "*" + } + ]; + + // Required. The data to encrypt. Must be no larger than 64KiB. + // + // The maximum size depends on the key version's + // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. For + // [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the plaintext must be no larger + // than 64KiB. For [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of the + // plaintext and additional_authenticated_data fields must be no larger than + // 8KiB. + bytes plaintext = 2 [(google.api.field_behavior) = REQUIRED]; + + // Optional. Optional data that, if specified, must also be provided during decryption + // through [DecryptRequest.additional_authenticated_data][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data]. + // + // The maximum size depends on the key version's + // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. For + // [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the AAD must be no larger than + // 64KiB. For [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of the + // plaintext and additional_authenticated_data fields must be no larger than + // 8KiB. + bytes additional_authenticated_data = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. An optional CRC32C checksum of the [EncryptRequest.plaintext][google.cloud.kms.v1.EncryptRequest.plaintext]. If + // specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the + // received [EncryptRequest.plaintext][google.cloud.kms.v1.EncryptRequest.plaintext] using this checksum. + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification + // fails. If you receive a checksum error, your client should verify that + // CRC32C([EncryptRequest.plaintext][google.cloud.kms.v1.EncryptRequest.plaintext]) is equal to + // [EncryptRequest.plaintext_crc32c][google.cloud.kms.v1.EncryptRequest.plaintext_crc32c], and if so, perform a limited number of + // retries. A persistent mismatch may indicate an issue in your computation of + // the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value plaintext_crc32c = 7 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. An optional CRC32C checksum of the + // [EncryptRequest.additional_authenticated_data][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data]. If specified, + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received + // [EncryptRequest.additional_authenticated_data][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data] using this checksum. + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification + // fails. If you receive a checksum error, your client should verify that + // CRC32C([EncryptRequest.additional_authenticated_data][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data]) is equal to + // [EncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c], and if so, perform + // a limited number of retries. A persistent mismatch may indicate an issue in + // your computation of the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value additional_authenticated_data_crc32c = 8 [(google.api.field_behavior) = OPTIONAL]; +} + +// Request message for [KeyManagementService.Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. +message DecryptRequest { + // Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to use for decryption. + // The server will choose the appropriate version. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKey" + } + ]; + + // Required. The encrypted data originally returned in + // [EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext]. + bytes ciphertext = 2 [(google.api.field_behavior) = REQUIRED]; + + // Optional. Optional data that must match the data originally supplied in + // [EncryptRequest.additional_authenticated_data][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data]. + bytes additional_authenticated_data = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. An optional CRC32C checksum of the [DecryptRequest.ciphertext][google.cloud.kms.v1.DecryptRequest.ciphertext]. If + // specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the + // received [DecryptRequest.ciphertext][google.cloud.kms.v1.DecryptRequest.ciphertext] using this checksum. + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification + // fails. If you receive a checksum error, your client should verify that + // CRC32C([DecryptRequest.ciphertext][google.cloud.kms.v1.DecryptRequest.ciphertext]) is equal to + // [DecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.DecryptRequest.ciphertext_crc32c], and if so, perform a limited number + // of retries. A persistent mismatch may indicate an issue in your computation + // of the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value ciphertext_crc32c = 5 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. An optional CRC32C checksum of the + // [DecryptRequest.additional_authenticated_data][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data]. If specified, + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received + // [DecryptRequest.additional_authenticated_data][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data] using this checksum. + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification + // fails. If you receive a checksum error, your client should verify that + // CRC32C([DecryptRequest.additional_authenticated_data][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data]) is equal to + // [DecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data_crc32c], and if so, perform + // a limited number of retries. A persistent mismatch may indicate an issue in + // your computation of the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value additional_authenticated_data_crc32c = 6 [(google.api.field_behavior) = OPTIONAL]; +} + +// Request message for [KeyManagementService.AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign]. +message AsymmetricSignRequest { + // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for signing. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKeyVersion" + } + ]; + + // Required. The digest of the data to sign. The digest must be produced with + // the same digest algorithm as specified by the key version's + // [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm]. + Digest digest = 3 [(google.api.field_behavior) = REQUIRED]; + + // Optional. An optional CRC32C checksum of the [AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest]. If + // specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the + // received [AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest] using this checksum. + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification + // fails. If you receive a checksum error, your client should verify that + // CRC32C([AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest]) is equal to + // [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c], and if so, perform a limited + // number of retries. A persistent mismatch may indicate an issue in your + // computation of the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value digest_crc32c = 4 [(google.api.field_behavior) = OPTIONAL]; +} + +// Request message for [KeyManagementService.AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt]. +message AsymmetricDecryptRequest { + // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for + // decryption. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKeyVersion" + } + ]; + + // Required. The data encrypted with the named [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s public + // key using OAEP. + bytes ciphertext = 3 [(google.api.field_behavior) = REQUIRED]; + + // Optional. An optional CRC32C checksum of the [AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext]. + // If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the + // received [AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext] using this checksum. + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification + // fails. If you receive a checksum error, your client should verify that + // CRC32C([AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext]) is equal to + // [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c], and if so, perform a + // limited number of retries. A persistent mismatch may indicate an issue in + // your computation of the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value ciphertext_crc32c = 4 [(google.api.field_behavior) = OPTIONAL]; +} + +// Request message for [KeyManagementService.MacSign][google.cloud.kms.v1.KeyManagementService.MacSign]. +message MacSignRequest { + // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for signing. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKeyVersion" + } + ]; + + // Required. The data to sign. The MAC tag is computed over this data field based on + // the specific algorithm. + bytes data = 2 [(google.api.field_behavior) = REQUIRED]; + + // Optional. An optional CRC32C checksum of the [MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data]. If + // specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the + // received [MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data] using this checksum. + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification + // fails. If you receive a checksum error, your client should verify that + // CRC32C([MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data]) is equal to + // [MacSignRequest.data_crc32c][google.cloud.kms.v1.MacSignRequest.data_crc32c], and if so, perform a limited + // number of retries. A persistent mismatch may indicate an issue in your + // computation of the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value data_crc32c = 3 [(google.api.field_behavior) = OPTIONAL]; +} + +// Request message for [KeyManagementService.MacVerify][google.cloud.kms.v1.KeyManagementService.MacVerify]. +message MacVerifyRequest { + // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for verification. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudkms.googleapis.com/CryptoKeyVersion" + } + ]; + + // Required. The data used previously as a [MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data] to generate the MAC + // tag. + bytes data = 2 [(google.api.field_behavior) = REQUIRED]; + + // Optional. An optional CRC32C checksum of the [MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data]. If + // specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the + // received [MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data] using this checksum. + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification + // fails. If you receive a checksum error, your client should verify that + // CRC32C([MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data]) is equal to + // [MacVerifyRequest.data_crc32c][google.cloud.kms.v1.MacVerifyRequest.data_crc32c], and if so, perform a limited + // number of retries. A persistent mismatch may indicate an issue in your + // computation of the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value data_crc32c = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Required. The signature to verify. + bytes mac = 4 [(google.api.field_behavior) = REQUIRED]; + + // Optional. An optional CRC32C checksum of the [MacVerifyRequest.mac][google.cloud.kms.v1.MacVerifyRequest.mac]. If + // specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the + // received [MacVerifyRequest.mac][google.cloud.kms.v1.MacVerifyRequest.mac] using this checksum. + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification + // fails. If you receive a checksum error, your client should verify that + // CRC32C([MacVerifyRequest.tag][]) is equal to + // [MacVerifyRequest.mac_crc32c][google.cloud.kms.v1.MacVerifyRequest.mac_crc32c], and if so, perform a limited + // number of retries. A persistent mismatch may indicate an issue in your + // computation of the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value mac_crc32c = 5 [(google.api.field_behavior) = OPTIONAL]; +} + +// Request message for [KeyManagementService.GenerateRandomBytes][google.cloud.kms.v1.KeyManagementService.GenerateRandomBytes]. +message GenerateRandomBytesRequest { + // The project-specific location in which to generate random bytes. + // For example, "projects/my-project/locations/us-central1". + string location = 1; + + // The length in bytes of the amount of randomness to retrieve. Minimum 8 + // bytes, maximum 1024 bytes. + int32 length_bytes = 2; + + // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] to use when generating the random data. Defaults to + // [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE]. + ProtectionLevel protection_level = 3; +} + +// Response message for [KeyManagementService.Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. +message EncryptResponse { + // The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in encryption. Check + // this field to verify that the intended resource was used for encryption. + string name = 1; + + // The encrypted data. + bytes ciphertext = 2; + + // Integrity verification field. A CRC32C checksum of the returned + // [EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext]. An integrity check of + // [EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext] can be performed by computing the CRC32C + // checksum of [EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext] and comparing your results to + // this field. Discard the response in case of non-matching checksum values, + // and perform a limited number of retries. A persistent mismatch may indicate + // an issue in your computation of the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value ciphertext_crc32c = 4; + + // Integrity verification field. A flag indicating whether + // [EncryptRequest.plaintext_crc32c][google.cloud.kms.v1.EncryptRequest.plaintext_crc32c] was received by + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the + // [plaintext][google.cloud.kms.v1.EncryptRequest.plaintext]. A false value of this field + // indicates either that [EncryptRequest.plaintext_crc32c][google.cloud.kms.v1.EncryptRequest.plaintext_crc32c] was left unset or + // that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set + // [EncryptRequest.plaintext_crc32c][google.cloud.kms.v1.EncryptRequest.plaintext_crc32c] but this field is still false, discard + // the response and perform a limited number of retries. + bool verified_plaintext_crc32c = 5; + + // Integrity verification field. A flag indicating whether + // [EncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c] was received by + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the + // [AAD][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data]. A false value of this + // field indicates either that + // [EncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c] was left unset or + // that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set + // [EncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c] but this field is + // still false, discard the response and perform a limited number of retries. + bool verified_additional_authenticated_data_crc32c = 6; + + // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in encryption. + ProtectionLevel protection_level = 7; +} + +// Response message for [KeyManagementService.Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. +message DecryptResponse { + // The decrypted data originally supplied in [EncryptRequest.plaintext][google.cloud.kms.v1.EncryptRequest.plaintext]. + bytes plaintext = 1; + + // Integrity verification field. A CRC32C checksum of the returned + // [DecryptResponse.plaintext][google.cloud.kms.v1.DecryptResponse.plaintext]. An integrity check of + // [DecryptResponse.plaintext][google.cloud.kms.v1.DecryptResponse.plaintext] can be performed by computing the CRC32C + // checksum of [DecryptResponse.plaintext][google.cloud.kms.v1.DecryptResponse.plaintext] and comparing your results to + // this field. Discard the response in case of non-matching checksum values, + // and perform a limited number of retries. A persistent mismatch may indicate + // an issue in your computation of the CRC32C checksum. Note: receiving this + // response message indicates that [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to + // successfully decrypt the [ciphertext][google.cloud.kms.v1.DecryptRequest.ciphertext]. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value plaintext_crc32c = 2; + + // Whether the Decryption was performed using the primary key version. + bool used_primary = 3; + + // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in decryption. + ProtectionLevel protection_level = 4; +} + +// Response message for [KeyManagementService.AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign]. +message AsymmetricSignResponse { + // The created signature. + bytes signature = 1; + + // Integrity verification field. A CRC32C checksum of the returned + // [AsymmetricSignResponse.signature][google.cloud.kms.v1.AsymmetricSignResponse.signature]. An integrity check of + // [AsymmetricSignResponse.signature][google.cloud.kms.v1.AsymmetricSignResponse.signature] can be performed by computing the + // CRC32C checksum of [AsymmetricSignResponse.signature][google.cloud.kms.v1.AsymmetricSignResponse.signature] and comparing your + // results to this field. Discard the response in case of non-matching + // checksum values, and perform a limited number of retries. A persistent + // mismatch may indicate an issue in your computation of the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value signature_crc32c = 2; + + // Integrity verification field. A flag indicating whether + // [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c] was received by + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the + // [digest][google.cloud.kms.v1.AsymmetricSignRequest.digest]. A false value of this field + // indicates either that [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c] was left + // unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + // set [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c] but this field is still false, + // discard the response and perform a limited number of retries. + bool verified_digest_crc32c = 3; + + // The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for signing. Check + // this field to verify that the intended resource was used for signing. + string name = 4; + + // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for signing. + ProtectionLevel protection_level = 6; +} + +// Response message for [KeyManagementService.AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt]. +message AsymmetricDecryptResponse { + // The decrypted data originally encrypted with the matching public key. + bytes plaintext = 1; + + // Integrity verification field. A CRC32C checksum of the returned + // [AsymmetricDecryptResponse.plaintext][google.cloud.kms.v1.AsymmetricDecryptResponse.plaintext]. An integrity check of + // [AsymmetricDecryptResponse.plaintext][google.cloud.kms.v1.AsymmetricDecryptResponse.plaintext] can be performed by computing the + // CRC32C checksum of [AsymmetricDecryptResponse.plaintext][google.cloud.kms.v1.AsymmetricDecryptResponse.plaintext] and comparing + // your results to this field. Discard the response in case of non-matching + // checksum values, and perform a limited number of retries. A persistent + // mismatch may indicate an issue in your computation of the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value plaintext_crc32c = 2; + + // Integrity verification field. A flag indicating whether + // [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c] was received by + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the + // [ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext]. A false value of this + // field indicates either that [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c] + // was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If + // you've set [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c] but this field is + // still false, discard the response and perform a limited number of retries. + bool verified_ciphertext_crc32c = 3; + + // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in decryption. + ProtectionLevel protection_level = 4; +} + +// Response message for [KeyManagementService.MacSign][google.cloud.kms.v1.KeyManagementService.MacSign]. +message MacSignResponse { + // The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for signing. Check + // this field to verify that the intended resource was used for signing. + string name = 1; + + // The created signature. + bytes mac = 2; + + // Integrity verification field. A CRC32C checksum of the returned + // [MacSignResponse.mac][google.cloud.kms.v1.MacSignResponse.mac]. An integrity check of + // [MacSignResponse.mac][google.cloud.kms.v1.MacSignResponse.mac] can be performed by computing the + // CRC32C checksum of [MacSignResponse.mac][google.cloud.kms.v1.MacSignResponse.mac] and comparing your + // results to this field. Discard the response in case of non-matching + // checksum values, and perform a limited number of retries. A persistent + // mismatch may indicate an issue in your computation of the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value mac_crc32c = 3; + + // Integrity verification field. A flag indicating whether + // [MacSignRequest.data_crc32c][google.cloud.kms.v1.MacSignRequest.data_crc32c] was received by + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the + // [data][google.cloud.kms.v1.MacSignRequest.data]. A false value of this field + // indicates either that [MacSignRequest.data_crc32c][google.cloud.kms.v1.MacSignRequest.data_crc32c] was left + // unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + // set [MacSignRequest.data_crc32c][google.cloud.kms.v1.MacSignRequest.data_crc32c] but this field is still false, + // discard the response and perform a limited number of retries. + bool verified_data_crc32c = 4; + + // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for signing. + ProtectionLevel protection_level = 5; +} + +// Response message for [KeyManagementService.MacVerify][google.cloud.kms.v1.KeyManagementService.MacVerify]. +message MacVerifyResponse { + // The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for verification. + // Check this field to verify that the intended resource was used for + // verification. + string name = 1; + + // This field indicates whether or not the verification operation for + // [MacVerifyRequest.mac][google.cloud.kms.v1.MacVerifyRequest.mac] over [MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data] was successful. + bool success = 2; + + // Integrity verification field. A flag indicating whether + // [MacVerifyRequest.data_crc32c][google.cloud.kms.v1.MacVerifyRequest.data_crc32c] was received by + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the + // [data][google.cloud.kms.v1.MacVerifyRequest.data]. A false value of this field + // indicates either that [MacVerifyRequest.data_crc32c][google.cloud.kms.v1.MacVerifyRequest.data_crc32c] was left + // unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + // set [MacVerifyRequest.data_crc32c][google.cloud.kms.v1.MacVerifyRequest.data_crc32c] but this field is still false, + // discard the response and perform a limited number of retries. + bool verified_data_crc32c = 3; + + // Integrity verification field. A flag indicating whether + // [MacVerifyRequest.mac_crc32c][google.cloud.kms.v1.MacVerifyRequest.mac_crc32c] was received by + // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the + // [data][google.cloud.kms.v1.MacVerifyRequest.mac]. A false value of this field + // indicates either that [MacVerifyRequest.mac_crc32c][google.cloud.kms.v1.MacVerifyRequest.mac_crc32c] was left + // unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've + // set [MacVerifyRequest.mac_crc32c][google.cloud.kms.v1.MacVerifyRequest.mac_crc32c] but this field is still false, + // discard the response and perform a limited number of retries. + bool verified_mac_crc32c = 4; + + // Integrity verification field. This value is used for the integrity + // verification of [MacVerifyResponse.success]. If the value of this field + // contradicts the value of [MacVerifyResponse.success], discard the response + // and perform a limited number of retries. + bool verified_success_integrity = 5; + + // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for verification. + ProtectionLevel protection_level = 6; +} + +// Response message for [KeyManagementService.GenerateRandomBytes][google.cloud.kms.v1.KeyManagementService.GenerateRandomBytes]. +message GenerateRandomBytesResponse { + // The generated data. + bytes data = 1; + + // Integrity verification field. A CRC32C checksum of the returned + // [GenerateRandomBytesResponse.data][google.cloud.kms.v1.GenerateRandomBytesResponse.data]. An integrity check of + // [GenerateRandomBytesResponse.data][google.cloud.kms.v1.GenerateRandomBytesResponse.data] can be performed by computing the + // CRC32C checksum of [GenerateRandomBytesResponse.data][google.cloud.kms.v1.GenerateRandomBytesResponse.data] and comparing your + // results to this field. Discard the response in case of non-matching + // checksum values, and perform a limited number of retries. A persistent + // mismatch may indicate an issue in your computation of the CRC32C checksum. + // Note: This field is defined as int64 for reasons of compatibility across + // different languages. However, it is a non-negative integer, which will + // never exceed 2^32-1, and can be safely downconverted to uint32 in languages + // that support this type. + google.protobuf.Int64Value data_crc32c = 3; +} + +// A [Digest][google.cloud.kms.v1.Digest] holds a cryptographic message digest. +message Digest { + // Required. The message digest. + oneof digest { + // A message digest produced with the SHA-256 algorithm. + bytes sha256 = 1; + + // A message digest produced with the SHA-384 algorithm. + bytes sha384 = 2; + + // A message digest produced with the SHA-512 algorithm. + bytes sha512 = 3; + } +} + +// Cloud KMS metadata for the given [google.cloud.location.Location][google.cloud.location.Location]. +message LocationMetadata { + // Indicates whether [CryptoKeys][google.cloud.kms.v1.CryptoKey] with + // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level] + // [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] can be created in this location. + bool hsm_available = 1; + + // Indicates whether [CryptoKeys][google.cloud.kms.v1.CryptoKey] with + // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level] + // [EXTERNAL][google.cloud.kms.v1.ProtectionLevel.EXTERNAL] can be created in this location. + bool ekm_available = 2; +} diff --git a/owl-bot-staging/v1/src/index.ts b/owl-bot-staging/v1/src/index.ts new file mode 100644 index 00000000..8bd69410 --- /dev/null +++ b/owl-bot-staging/v1/src/index.ts @@ -0,0 +1,25 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import * as v1 from './v1'; +const KeyManagementServiceClient = v1.KeyManagementServiceClient; +type KeyManagementServiceClient = v1.KeyManagementServiceClient; +export {v1, KeyManagementServiceClient}; +export default {v1, KeyManagementServiceClient}; +import * as protos from '../protos/protos'; +export {protos} diff --git a/owl-bot-staging/v1/src/v1/gapic_metadata.json b/owl-bot-staging/v1/src/v1/gapic_metadata.json new file mode 100644 index 00000000..2567548f --- /dev/null +++ b/owl-bot-staging/v1/src/v1/gapic_metadata.json @@ -0,0 +1,299 @@ +{ + "schema": "1.0", + "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", + "language": "typescript", + "protoPackage": "google.cloud.kms.v1", + "libraryPackage": "@google-cloud/kms", + "services": { + "KeyManagementService": { + "clients": { + "grpc": { + "libraryClient": "KeyManagementServiceClient", + "rpcs": { + "GetKeyRing": { + "methods": [ + "getKeyRing" + ] + }, + "GetCryptoKey": { + "methods": [ + "getCryptoKey" + ] + }, + "GetCryptoKeyVersion": { + "methods": [ + "getCryptoKeyVersion" + ] + }, + "GetPublicKey": { + "methods": [ + "getPublicKey" + ] + }, + "GetImportJob": { + "methods": [ + "getImportJob" + ] + }, + "CreateKeyRing": { + "methods": [ + "createKeyRing" + ] + }, + "CreateCryptoKey": { + "methods": [ + "createCryptoKey" + ] + }, + "CreateCryptoKeyVersion": { + "methods": [ + "createCryptoKeyVersion" + ] + }, + "ImportCryptoKeyVersion": { + "methods": [ + "importCryptoKeyVersion" + ] + }, + "CreateImportJob": { + "methods": [ + "createImportJob" + ] + }, + "UpdateCryptoKey": { + "methods": [ + "updateCryptoKey" + ] + }, + "UpdateCryptoKeyVersion": { + "methods": [ + "updateCryptoKeyVersion" + ] + }, + "UpdateCryptoKeyPrimaryVersion": { + "methods": [ + "updateCryptoKeyPrimaryVersion" + ] + }, + "DestroyCryptoKeyVersion": { + "methods": [ + "destroyCryptoKeyVersion" + ] + }, + "RestoreCryptoKeyVersion": { + "methods": [ + "restoreCryptoKeyVersion" + ] + }, + "Encrypt": { + "methods": [ + "encrypt" + ] + }, + "Decrypt": { + "methods": [ + "decrypt" + ] + }, + "AsymmetricSign": { + "methods": [ + "asymmetricSign" + ] + }, + "AsymmetricDecrypt": { + "methods": [ + "asymmetricDecrypt" + ] + }, + "MacSign": { + "methods": [ + "macSign" + ] + }, + "MacVerify": { + "methods": [ + "macVerify" + ] + }, + "GenerateRandomBytes": { + "methods": [ + "generateRandomBytes" + ] + }, + "ListKeyRings": { + "methods": [ + "listKeyRings", + "listKeyRingsStream", + "listKeyRingsAsync" + ] + }, + "ListCryptoKeys": { + "methods": [ + "listCryptoKeys", + "listCryptoKeysStream", + "listCryptoKeysAsync" + ] + }, + "ListCryptoKeyVersions": { + "methods": [ + "listCryptoKeyVersions", + "listCryptoKeyVersionsStream", + "listCryptoKeyVersionsAsync" + ] + }, + "ListImportJobs": { + "methods": [ + "listImportJobs", + "listImportJobsStream", + "listImportJobsAsync" + ] + } + } + }, + "grpc-fallback": { + "libraryClient": "KeyManagementServiceClient", + "rpcs": { + "GetKeyRing": { + "methods": [ + "getKeyRing" + ] + }, + "GetCryptoKey": { + "methods": [ + "getCryptoKey" + ] + }, + "GetCryptoKeyVersion": { + "methods": [ + "getCryptoKeyVersion" + ] + }, + "GetPublicKey": { + "methods": [ + "getPublicKey" + ] + }, + "GetImportJob": { + "methods": [ + "getImportJob" + ] + }, + "CreateKeyRing": { + "methods": [ + "createKeyRing" + ] + }, + "CreateCryptoKey": { + "methods": [ + "createCryptoKey" + ] + }, + "CreateCryptoKeyVersion": { + "methods": [ + "createCryptoKeyVersion" + ] + }, + "ImportCryptoKeyVersion": { + "methods": [ + "importCryptoKeyVersion" + ] + }, + "CreateImportJob": { + "methods": [ + "createImportJob" + ] + }, + "UpdateCryptoKey": { + "methods": [ + "updateCryptoKey" + ] + }, + "UpdateCryptoKeyVersion": { + "methods": [ + "updateCryptoKeyVersion" + ] + }, + "UpdateCryptoKeyPrimaryVersion": { + "methods": [ + "updateCryptoKeyPrimaryVersion" + ] + }, + "DestroyCryptoKeyVersion": { + "methods": [ + "destroyCryptoKeyVersion" + ] + }, + "RestoreCryptoKeyVersion": { + "methods": [ + "restoreCryptoKeyVersion" + ] + }, + "Encrypt": { + "methods": [ + "encrypt" + ] + }, + "Decrypt": { + "methods": [ + "decrypt" + ] + }, + "AsymmetricSign": { + "methods": [ + "asymmetricSign" + ] + }, + "AsymmetricDecrypt": { + "methods": [ + "asymmetricDecrypt" + ] + }, + "MacSign": { + "methods": [ + "macSign" + ] + }, + "MacVerify": { + "methods": [ + "macVerify" + ] + }, + "GenerateRandomBytes": { + "methods": [ + "generateRandomBytes" + ] + }, + "ListKeyRings": { + "methods": [ + "listKeyRings", + "listKeyRingsStream", + "listKeyRingsAsync" + ] + }, + "ListCryptoKeys": { + "methods": [ + "listCryptoKeys", + "listCryptoKeysStream", + "listCryptoKeysAsync" + ] + }, + "ListCryptoKeyVersions": { + "methods": [ + "listCryptoKeyVersions", + "listCryptoKeyVersionsStream", + "listCryptoKeyVersionsAsync" + ] + }, + "ListImportJobs": { + "methods": [ + "listImportJobs", + "listImportJobsStream", + "listImportJobsAsync" + ] + } + } + } + } + } + } +} diff --git a/owl-bot-staging/v1/src/v1/index.ts b/owl-bot-staging/v1/src/v1/index.ts new file mode 100644 index 00000000..e07f7779 --- /dev/null +++ b/owl-bot-staging/v1/src/v1/index.ts @@ -0,0 +1,19 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +export {KeyManagementServiceClient} from './key_management_service_client'; diff --git a/owl-bot-staging/v1/src/v1/key_management_service_client.ts b/owl-bot-staging/v1/src/v1/key_management_service_client.ts new file mode 100644 index 00000000..5ef96e7d --- /dev/null +++ b/owl-bot-staging/v1/src/v1/key_management_service_client.ts @@ -0,0 +1,3615 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +/* global window */ +import * as gax from 'google-gax'; +import {Callback, CallOptions, Descriptors, ClientOptions, PaginationCallback, GaxCall, IamClient, IamProtos} from 'google-gax'; + +import { Transform } from 'stream'; +import { RequestType } from 'google-gax/build/src/apitypes'; +import * as protos from '../../protos/protos'; +import jsonProtos = require('../../protos/protos.json'); +/** + * Client JSON configuration object, loaded from + * `src/v1/key_management_service_client_config.json`. + * This file defines retry strategy and timeouts for all API methods in this library. + */ +import * as gapicConfig from './key_management_service_client_config.json'; + +const version = require('../../../package.json').version; + +/** + * Google Cloud Key Management Service + * + * Manages cryptographic keys and operations using those keys. Implements a REST + * model with the following objects: + * + * * {@link google.cloud.kms.v1.KeyRing|KeyRing} + * * {@link google.cloud.kms.v1.CryptoKey|CryptoKey} + * * {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} + * * {@link google.cloud.kms.v1.ImportJob|ImportJob} + * + * If you are using manual gRPC libraries, see + * [Using gRPC with Cloud KMS](https://cloud.google.com/kms/docs/grpc). + * @class + * @memberof v1 + */ +export class KeyManagementServiceClient { + private _terminated = false; + private _opts: ClientOptions; + private _providedCustomServicePath: boolean; + private _gaxModule: typeof gax | typeof gax.fallback; + private _gaxGrpc: gax.GrpcClient | gax.fallback.GrpcClient; + private _protos: {}; + private _defaults: {[method: string]: gax.CallSettings}; + auth: gax.GoogleAuth; + descriptors: Descriptors = { + page: {}, + stream: {}, + longrunning: {}, + batching: {}, + }; + warn: (code: string, message: string, warnType?: string) => void; + innerApiCalls: {[name: string]: Function}; + iamClient: IamClient; + pathTemplates: {[name: string]: gax.PathTemplate}; + keyManagementServiceStub?: Promise<{[name: string]: Function}>; + + /** + * Construct an instance of KeyManagementServiceClient. + * + * @param {object} [options] - The configuration object. + * The options accepted by the constructor are described in detail + * in [this document](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#creating-the-client-instance). + * The common options are: + * @param {object} [options.credentials] - Credentials object. + * @param {string} [options.credentials.client_email] + * @param {string} [options.credentials.private_key] + * @param {string} [options.email] - Account email address. Required when + * using a .pem or .p12 keyFilename. + * @param {string} [options.keyFilename] - Full path to the a .json, .pem, or + * .p12 key downloaded from the Google Developers Console. If you provide + * a path to a JSON file, the projectId option below is not necessary. + * NOTE: .pem and .p12 require you to specify options.email as well. + * @param {number} [options.port] - The port on which to connect to + * the remote host. + * @param {string} [options.projectId] - The project ID from the Google + * Developer's Console, e.g. 'grape-spaceship-123'. We will also check + * the environment variable GCLOUD_PROJECT for your project ID. If your + * app is running in an environment which supports + * {@link https://developers.google.com/identity/protocols/application-default-credentials Application Default Credentials}, + * your project ID will be detected automatically. + * @param {string} [options.apiEndpoint] - The domain name of the + * API remote host. + * @param {gax.ClientConfig} [options.clientConfig] - Client configuration override. + * Follows the structure of {@link gapicConfig}. + * @param {boolean} [options.fallback] - Use HTTP fallback mode. + * In fallback mode, a special browser-compatible transport implementation is used + * instead of gRPC transport. In browser context (if the `window` object is defined) + * the fallback mode is enabled automatically; set `options.fallback` to `false` + * if you need to override this behavior. + */ + constructor(opts?: ClientOptions) { + // Ensure that options include all the required fields. + const staticMembers = this.constructor as typeof KeyManagementServiceClient; + const servicePath = opts?.servicePath || opts?.apiEndpoint || staticMembers.servicePath; + this._providedCustomServicePath = !!(opts?.servicePath || opts?.apiEndpoint); + const port = opts?.port || staticMembers.port; + const clientConfig = opts?.clientConfig ?? {}; + const fallback = opts?.fallback ?? (typeof window !== 'undefined' && typeof window?.fetch === 'function'); + opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); + + // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. + if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { + opts['scopes'] = staticMembers.scopes; + } + + // Choose either gRPC or proto-over-HTTP implementation of google-gax. + this._gaxModule = opts.fallback ? gax.fallback : gax; + + // Create a `gaxGrpc` object, with any grpc-specific options sent to the client. + this._gaxGrpc = new this._gaxModule.GrpcClient(opts); + + // Save options to use in initialize() method. + this._opts = opts; + + // Save the auth object to the client, for use by other methods. + this.auth = (this._gaxGrpc.auth as gax.GoogleAuth); + + // Set useJWTAccessWithScope on the auth object. + this.auth.useJWTAccessWithScope = true; + + // Set defaultServicePath on the auth object. + this.auth.defaultServicePath = staticMembers.servicePath; + + // Set the default scopes in auth client if needed. + if (servicePath === staticMembers.servicePath) { + this.auth.defaultScopes = staticMembers.scopes; + } + this.iamClient = new IamClient(this._gaxGrpc, opts); + + + // Determine the client header string. + const clientHeader = [ + `gax/${this._gaxModule.version}`, + `gapic/${version}`, + ]; + if (typeof process !== 'undefined' && 'versions' in process) { + clientHeader.push(`gl-node/${process.versions.node}`); + } else { + clientHeader.push(`gl-web/${this._gaxModule.version}`); + } + if (!opts.fallback) { + clientHeader.push(`grpc/${this._gaxGrpc.grpcVersion}`); + } else if (opts.fallback === 'rest' ) { + clientHeader.push(`rest/${this._gaxGrpc.grpcVersion}`); + } + if (opts.libName && opts.libVersion) { + clientHeader.push(`${opts.libName}/${opts.libVersion}`); + } + // Load the applicable protos. + this._protos = this._gaxGrpc.loadProtoJSON(jsonProtos); + + // This API contains "path templates"; forward-slash-separated + // identifiers to uniquely identify resources within the API. + // Create useful helper objects for these. + this.pathTemplates = { + cryptoKeyPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}' + ), + cryptoKeyVersionPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}' + ), + importJobPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/locations/{location}/keyRings/{key_ring}/importJobs/{import_job}' + ), + keyRingPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/locations/{location}/keyRings/{key_ring}' + ), + locationPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/locations/{location}' + ), + publicKeyPathTemplate: new this._gaxModule.PathTemplate( + 'projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}/publicKey' + ), + }; + + // Some of the methods on this service return "paged" results, + // (e.g. 50 results at a time, with tokens to get subsequent + // pages). Denote the keys used for pagination and results. + this.descriptors.page = { + listKeyRings: + new this._gaxModule.PageDescriptor('pageToken', 'nextPageToken', 'keyRings'), + listCryptoKeys: + new this._gaxModule.PageDescriptor('pageToken', 'nextPageToken', 'cryptoKeys'), + listCryptoKeyVersions: + new this._gaxModule.PageDescriptor('pageToken', 'nextPageToken', 'cryptoKeyVersions'), + listImportJobs: + new this._gaxModule.PageDescriptor('pageToken', 'nextPageToken', 'importJobs') + }; + + // Put together the default options sent with requests. + this._defaults = this._gaxGrpc.constructSettings( + 'google.cloud.kms.v1.KeyManagementService', gapicConfig as gax.ClientConfig, + opts.clientConfig || {}, {'x-goog-api-client': clientHeader.join(' ')}); + + // Set up a dictionary of "inner API calls"; the core implementation + // of calling the API is handled in `google-gax`, with this code + // merely providing the destination and request information. + this.innerApiCalls = {}; + + // Add a warn function to the client constructor so it can be easily tested. + this.warn = gax.warn; + } + + /** + * Initialize the client. + * Performs asynchronous operations (such as authentication) and prepares the client. + * This function will be called automatically when any class method is called for the + * first time, but if you need to initialize it before calling an actual method, + * feel free to call initialize() directly. + * + * You can await on this method if you want to make sure the client is initialized. + * + * @returns {Promise} A promise that resolves to an authenticated service stub. + */ + initialize() { + // If the client stub promise is already initialized, return immediately. + if (this.keyManagementServiceStub) { + return this.keyManagementServiceStub; + } + + // Put together the "service stub" for + // google.cloud.kms.v1.KeyManagementService. + this.keyManagementServiceStub = this._gaxGrpc.createStub( + this._opts.fallback ? + (this._protos as protobuf.Root).lookupService('google.cloud.kms.v1.KeyManagementService') : + // eslint-disable-next-line @typescript-eslint/no-explicit-any + (this._protos as any).google.cloud.kms.v1.KeyManagementService, + this._opts, this._providedCustomServicePath) as Promise<{[method: string]: Function}>; + + // Iterate over each of the methods that the service provides + // and create an API call method for each. + const keyManagementServiceStubMethods = + ['listKeyRings', 'listCryptoKeys', 'listCryptoKeyVersions', 'listImportJobs', 'getKeyRing', 'getCryptoKey', 'getCryptoKeyVersion', 'getPublicKey', 'getImportJob', 'createKeyRing', 'createCryptoKey', 'createCryptoKeyVersion', 'importCryptoKeyVersion', 'createImportJob', 'updateCryptoKey', 'updateCryptoKeyVersion', 'updateCryptoKeyPrimaryVersion', 'destroyCryptoKeyVersion', 'restoreCryptoKeyVersion', 'encrypt', 'decrypt', 'asymmetricSign', 'asymmetricDecrypt', 'macSign', 'macVerify', 'generateRandomBytes']; + for (const methodName of keyManagementServiceStubMethods) { + const callPromise = this.keyManagementServiceStub.then( + stub => (...args: Array<{}>) => { + if (this._terminated) { + return Promise.reject('The client has already been closed.'); + } + const func = stub[methodName]; + return func.apply(stub, args); + }, + (err: Error|null|undefined) => () => { + throw err; + }); + + const descriptor = + this.descriptors.page[methodName] || + undefined; + const apiCall = this._gaxModule.createApiCall( + callPromise, + this._defaults[methodName], + descriptor + ); + + this.innerApiCalls[methodName] = apiCall; + } + + return this.keyManagementServiceStub; + } + + /** + * The DNS address for this API service. + * @returns {string} The DNS address for this service. + */ + static get servicePath() { + return 'cloudkms.googleapis.com'; + } + + /** + * The DNS address for this API service - same as servicePath(), + * exists for compatibility reasons. + * @returns {string} The DNS address for this service. + */ + static get apiEndpoint() { + return 'cloudkms.googleapis.com'; + } + + /** + * The port for this API service. + * @returns {number} The default port for this service. + */ + static get port() { + return 443; + } + + /** + * The scopes needed to make gRPC calls for every method defined + * in this service. + * @returns {string[]} List of default scopes. + */ + static get scopes() { + return [ + 'https://www.googleapis.com/auth/cloud-platform', + 'https://www.googleapis.com/auth/cloudkms' + ]; + } + + getProjectId(): Promise; + getProjectId(callback: Callback): void; + /** + * Return the project ID used by this class. + * @returns {Promise} A promise that resolves to string containing the project ID. + */ + getProjectId(callback?: Callback): + Promise|void { + if (callback) { + this.auth.getProjectId(callback); + return; + } + return this.auth.getProjectId(); + } + + // ------------------- + // -- Service calls -- + // ------------------- + getKeyRing( + request?: protos.google.cloud.kms.v1.IGetKeyRingRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IKeyRing, + protos.google.cloud.kms.v1.IGetKeyRingRequest|undefined, {}|undefined + ]>; + getKeyRing( + request: protos.google.cloud.kms.v1.IGetKeyRingRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.IKeyRing, + protos.google.cloud.kms.v1.IGetKeyRingRequest|null|undefined, + {}|null|undefined>): void; + getKeyRing( + request: protos.google.cloud.kms.v1.IGetKeyRingRequest, + callback: Callback< + protos.google.cloud.kms.v1.IKeyRing, + protos.google.cloud.kms.v1.IGetKeyRingRequest|null|undefined, + {}|null|undefined>): void; +/** + * Returns metadata for a given {@link google.cloud.kms.v1.KeyRing|KeyRing}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The {@link google.cloud.kms.v1.KeyRing.name|name} of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to get. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [KeyRing]{@link google.cloud.kms.v1.KeyRing}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.getKeyRing(request); + */ + getKeyRing( + request?: protos.google.cloud.kms.v1.IGetKeyRingRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.IKeyRing, + protos.google.cloud.kms.v1.IGetKeyRingRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.IKeyRing, + protos.google.cloud.kms.v1.IGetKeyRingRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.IKeyRing, + protos.google.cloud.kms.v1.IGetKeyRingRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.getKeyRing(request, options, callback); + } + getCryptoKey( + request?: protos.google.cloud.kms.v1.IGetCryptoKeyRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IGetCryptoKeyRequest|undefined, {}|undefined + ]>; + getCryptoKey( + request: protos.google.cloud.kms.v1.IGetCryptoKeyRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IGetCryptoKeyRequest|null|undefined, + {}|null|undefined>): void; + getCryptoKey( + request: protos.google.cloud.kms.v1.IGetCryptoKeyRequest, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IGetCryptoKeyRequest|null|undefined, + {}|null|undefined>): void; +/** + * Returns metadata for a given {@link google.cloud.kms.v1.CryptoKey|CryptoKey}, as well as its + * {@link google.cloud.kms.v1.CryptoKey.primary|primary} {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The {@link google.cloud.kms.v1.CryptoKey.name|name} of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to get. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [CryptoKey]{@link google.cloud.kms.v1.CryptoKey}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.getCryptoKey(request); + */ + getCryptoKey( + request?: protos.google.cloud.kms.v1.IGetCryptoKeyRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IGetCryptoKeyRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IGetCryptoKeyRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IGetCryptoKeyRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.getCryptoKey(request, options, callback); + } + getCryptoKeyVersion( + request?: protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest|undefined, {}|undefined + ]>; + getCryptoKeyVersion( + request: protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): void; + getCryptoKeyVersion( + request: protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): void; +/** + * Returns metadata for a given {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The {@link google.cloud.kms.v1.CryptoKeyVersion.name|name} of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to get. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.getCryptoKeyVersion(request); + */ + getCryptoKeyVersion( + request?: protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.getCryptoKeyVersion(request, options, callback); + } + getPublicKey( + request?: protos.google.cloud.kms.v1.IGetPublicKeyRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IPublicKey, + protos.google.cloud.kms.v1.IGetPublicKeyRequest|undefined, {}|undefined + ]>; + getPublicKey( + request: protos.google.cloud.kms.v1.IGetPublicKeyRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.IPublicKey, + protos.google.cloud.kms.v1.IGetPublicKeyRequest|null|undefined, + {}|null|undefined>): void; + getPublicKey( + request: protos.google.cloud.kms.v1.IGetPublicKeyRequest, + callback: Callback< + protos.google.cloud.kms.v1.IPublicKey, + protos.google.cloud.kms.v1.IGetPublicKeyRequest|null|undefined, + {}|null|undefined>): void; +/** + * Returns the public key for the given {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion}. The + * {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} must be + * {@link google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN|ASYMMETRIC_SIGN} or + * {@link google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT|ASYMMETRIC_DECRYPT}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The {@link google.cloud.kms.v1.CryptoKeyVersion.name|name} of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} public key to + * get. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [PublicKey]{@link google.cloud.kms.v1.PublicKey}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.getPublicKey(request); + */ + getPublicKey( + request?: protos.google.cloud.kms.v1.IGetPublicKeyRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.IPublicKey, + protos.google.cloud.kms.v1.IGetPublicKeyRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.IPublicKey, + protos.google.cloud.kms.v1.IGetPublicKeyRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.IPublicKey, + protos.google.cloud.kms.v1.IGetPublicKeyRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.getPublicKey(request, options, callback); + } + getImportJob( + request?: protos.google.cloud.kms.v1.IGetImportJobRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IImportJob, + protos.google.cloud.kms.v1.IGetImportJobRequest|undefined, {}|undefined + ]>; + getImportJob( + request: protos.google.cloud.kms.v1.IGetImportJobRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.IImportJob, + protos.google.cloud.kms.v1.IGetImportJobRequest|null|undefined, + {}|null|undefined>): void; + getImportJob( + request: protos.google.cloud.kms.v1.IGetImportJobRequest, + callback: Callback< + protos.google.cloud.kms.v1.IImportJob, + protos.google.cloud.kms.v1.IGetImportJobRequest|null|undefined, + {}|null|undefined>): void; +/** + * Returns metadata for a given {@link google.cloud.kms.v1.ImportJob|ImportJob}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The {@link google.cloud.kms.v1.ImportJob.name|name} of the {@link google.cloud.kms.v1.ImportJob|ImportJob} to get. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [ImportJob]{@link google.cloud.kms.v1.ImportJob}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.getImportJob(request); + */ + getImportJob( + request?: protos.google.cloud.kms.v1.IGetImportJobRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.IImportJob, + protos.google.cloud.kms.v1.IGetImportJobRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.IImportJob, + protos.google.cloud.kms.v1.IGetImportJobRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.IImportJob, + protos.google.cloud.kms.v1.IGetImportJobRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.getImportJob(request, options, callback); + } + createKeyRing( + request?: protos.google.cloud.kms.v1.ICreateKeyRingRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IKeyRing, + protos.google.cloud.kms.v1.ICreateKeyRingRequest|undefined, {}|undefined + ]>; + createKeyRing( + request: protos.google.cloud.kms.v1.ICreateKeyRingRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.IKeyRing, + protos.google.cloud.kms.v1.ICreateKeyRingRequest|null|undefined, + {}|null|undefined>): void; + createKeyRing( + request: protos.google.cloud.kms.v1.ICreateKeyRingRequest, + callback: Callback< + protos.google.cloud.kms.v1.IKeyRing, + protos.google.cloud.kms.v1.ICreateKeyRingRequest|null|undefined, + {}|null|undefined>): void; +/** + * Create a new {@link google.cloud.kms.v1.KeyRing|KeyRing} in a given Project and Location. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the location associated with the + * {@link google.cloud.kms.v1.KeyRing|KeyRings}, in the format `projects/* /locations/*`. + * @param {string} request.keyRingId + * Required. It must be unique within a location and match the regular + * expression `[a-zA-Z0-9_-]{1,63}` + * @param {google.cloud.kms.v1.KeyRing} request.keyRing + * Required. A {@link google.cloud.kms.v1.KeyRing|KeyRing} with initial field values. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [KeyRing]{@link google.cloud.kms.v1.KeyRing}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.createKeyRing(request); + */ + createKeyRing( + request?: protos.google.cloud.kms.v1.ICreateKeyRingRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.IKeyRing, + protos.google.cloud.kms.v1.ICreateKeyRingRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.IKeyRing, + protos.google.cloud.kms.v1.ICreateKeyRingRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.IKeyRing, + protos.google.cloud.kms.v1.ICreateKeyRingRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + this.initialize(); + return this.innerApiCalls.createKeyRing(request, options, callback); + } + createCryptoKey( + request?: protos.google.cloud.kms.v1.ICreateCryptoKeyRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.ICreateCryptoKeyRequest|undefined, {}|undefined + ]>; + createCryptoKey( + request: protos.google.cloud.kms.v1.ICreateCryptoKeyRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.ICreateCryptoKeyRequest|null|undefined, + {}|null|undefined>): void; + createCryptoKey( + request: protos.google.cloud.kms.v1.ICreateCryptoKeyRequest, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.ICreateCryptoKeyRequest|null|undefined, + {}|null|undefined>): void; +/** + * Create a new {@link google.cloud.kms.v1.CryptoKey|CryptoKey} within a {@link google.cloud.kms.v1.KeyRing|KeyRing}. + * + * {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} and + * {@link google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm|CryptoKey.version_template.algorithm} + * are required. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The {@link google.cloud.kms.v1.KeyRing.name|name} of the KeyRing associated with the + * {@link google.cloud.kms.v1.CryptoKey|CryptoKeys}. + * @param {string} request.cryptoKeyId + * Required. It must be unique within a KeyRing and match the regular + * expression `[a-zA-Z0-9_-]{1,63}` + * @param {google.cloud.kms.v1.CryptoKey} request.cryptoKey + * Required. A {@link google.cloud.kms.v1.CryptoKey|CryptoKey} with initial field values. + * @param {boolean} request.skipInitialVersionCreation + * If set to true, the request will create a {@link google.cloud.kms.v1.CryptoKey|CryptoKey} without any + * {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions}. You must manually call + * {@link google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion|CreateCryptoKeyVersion} or + * {@link google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion|ImportCryptoKeyVersion} + * before you can use this {@link google.cloud.kms.v1.CryptoKey|CryptoKey}. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [CryptoKey]{@link google.cloud.kms.v1.CryptoKey}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.createCryptoKey(request); + */ + createCryptoKey( + request?: protos.google.cloud.kms.v1.ICreateCryptoKeyRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.ICreateCryptoKeyRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.ICreateCryptoKeyRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.ICreateCryptoKeyRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + this.initialize(); + return this.innerApiCalls.createCryptoKey(request, options, callback); + } + createCryptoKeyVersion( + request?: protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest|undefined, {}|undefined + ]>; + createCryptoKeyVersion( + request: protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): void; + createCryptoKeyVersion( + request: protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): void; +/** + * Create a new {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} in a {@link google.cloud.kms.v1.CryptoKey|CryptoKey}. + * + * The server will assign the next sequential id. If unset, + * {@link google.cloud.kms.v1.CryptoKeyVersion.state|state} will be set to + * {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED|ENABLED}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The {@link google.cloud.kms.v1.CryptoKey.name|name} of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} associated with + * the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions}. + * @param {google.cloud.kms.v1.CryptoKeyVersion} request.cryptoKeyVersion + * Required. A {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} with initial field values. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.createCryptoKeyVersion(request); + */ + createCryptoKeyVersion( + request?: protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + this.initialize(); + return this.innerApiCalls.createCryptoKeyVersion(request, options, callback); + } + importCryptoKeyVersion( + request?: protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest|undefined, {}|undefined + ]>; + importCryptoKeyVersion( + request: protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): void; + importCryptoKeyVersion( + request: protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): void; +/** + * Imports a new {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} into an existing {@link google.cloud.kms.v1.CryptoKey|CryptoKey} using the + * wrapped key material provided in the request. + * + * The version ID will be assigned the next sequential id within the + * {@link google.cloud.kms.v1.CryptoKey|CryptoKey}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The {@link google.cloud.kms.v1.CryptoKey.name|name} of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to + * be imported into. + * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm} request.algorithm + * Required. The {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm|algorithm} of + * the key being imported. This does not need to match the + * {@link google.cloud.kms.v1.CryptoKey.version_template|version_template} of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} this + * version imports into. + * @param {string} request.importJob + * Required. The {@link google.cloud.kms.v1.ImportJob.name|name} of the {@link google.cloud.kms.v1.ImportJob|ImportJob} that was used to + * wrap this key material. + * @param {Buffer} request.rsaAesWrappedKey + * Wrapped key material produced with + * {@link google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_3072_SHA1_AES_256|RSA_OAEP_3072_SHA1_AES_256} + * or + * {@link google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_4096_SHA1_AES_256|RSA_OAEP_4096_SHA1_AES_256}. + * + * This field contains the concatenation of two wrapped keys: + *
    + *
  1. An ephemeral AES-256 wrapping key wrapped with the + * {@link google.cloud.kms.v1.ImportJob.public_key|public_key} using RSAES-OAEP with SHA-1, + * MGF1 with SHA-1, and an empty label. + *
    2. + *
  2. The key to be imported, wrapped with the ephemeral AES-256 key + * using AES-KWP (RFC 5649). + *
    3. + *
+ * + * If importing symmetric key material, it is expected that the unwrapped + * key contains plain bytes. If importing asymmetric key material, it is + * expected that the unwrapped key is in PKCS#8-encoded DER format (the + * PrivateKeyInfo structure from RFC 5208). + * + * This format is the same as the format produced by PKCS#11 mechanism + * CKM_RSA_AES_KEY_WRAP. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.importCryptoKeyVersion(request); + */ + importCryptoKeyVersion( + request?: protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + this.initialize(); + return this.innerApiCalls.importCryptoKeyVersion(request, options, callback); + } + createImportJob( + request?: protos.google.cloud.kms.v1.ICreateImportJobRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IImportJob, + protos.google.cloud.kms.v1.ICreateImportJobRequest|undefined, {}|undefined + ]>; + createImportJob( + request: protos.google.cloud.kms.v1.ICreateImportJobRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.IImportJob, + protos.google.cloud.kms.v1.ICreateImportJobRequest|null|undefined, + {}|null|undefined>): void; + createImportJob( + request: protos.google.cloud.kms.v1.ICreateImportJobRequest, + callback: Callback< + protos.google.cloud.kms.v1.IImportJob, + protos.google.cloud.kms.v1.ICreateImportJobRequest|null|undefined, + {}|null|undefined>): void; +/** + * Create a new {@link google.cloud.kms.v1.ImportJob|ImportJob} within a {@link google.cloud.kms.v1.KeyRing|KeyRing}. + * + * {@link google.cloud.kms.v1.ImportJob.import_method|ImportJob.import_method} is required. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The {@link google.cloud.kms.v1.KeyRing.name|name} of the {@link google.cloud.kms.v1.KeyRing|KeyRing} associated with the + * {@link google.cloud.kms.v1.ImportJob|ImportJobs}. + * @param {string} request.importJobId + * Required. It must be unique within a KeyRing and match the regular + * expression `[a-zA-Z0-9_-]{1,63}` + * @param {google.cloud.kms.v1.ImportJob} request.importJob + * Required. An {@link google.cloud.kms.v1.ImportJob|ImportJob} with initial field values. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [ImportJob]{@link google.cloud.kms.v1.ImportJob}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.createImportJob(request); + */ + createImportJob( + request?: protos.google.cloud.kms.v1.ICreateImportJobRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.IImportJob, + protos.google.cloud.kms.v1.ICreateImportJobRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.IImportJob, + protos.google.cloud.kms.v1.ICreateImportJobRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.IImportJob, + protos.google.cloud.kms.v1.ICreateImportJobRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + this.initialize(); + return this.innerApiCalls.createImportJob(request, options, callback); + } + updateCryptoKey( + request?: protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest|undefined, {}|undefined + ]>; + updateCryptoKey( + request: protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest|null|undefined, + {}|null|undefined>): void; + updateCryptoKey( + request: protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest|null|undefined, + {}|null|undefined>): void; +/** + * Update a {@link google.cloud.kms.v1.CryptoKey|CryptoKey}. + * + * @param {Object} request + * The request object that will be sent. + * @param {google.cloud.kms.v1.CryptoKey} request.cryptoKey + * Required. {@link google.cloud.kms.v1.CryptoKey|CryptoKey} with updated values. + * @param {google.protobuf.FieldMask} request.updateMask + * Required. List of fields to be updated in this request. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [CryptoKey]{@link google.cloud.kms.v1.CryptoKey}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.updateCryptoKey(request); + */ + updateCryptoKey( + request?: protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'crypto_key.name': request.cryptoKey!.name || '', + }); + this.initialize(); + return this.innerApiCalls.updateCryptoKey(request, options, callback); + } + updateCryptoKeyVersion( + request?: protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest|undefined, {}|undefined + ]>; + updateCryptoKeyVersion( + request: protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): void; + updateCryptoKeyVersion( + request: protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): void; +/** + * Update a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion}'s metadata. + * + * {@link google.cloud.kms.v1.CryptoKeyVersion.state|state} may be changed between + * {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED|ENABLED} and + * {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED|DISABLED} using this + * method. See {@link google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion|DestroyCryptoKeyVersion} and {@link google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion|RestoreCryptoKeyVersion} to + * move between other states. + * + * @param {Object} request + * The request object that will be sent. + * @param {google.cloud.kms.v1.CryptoKeyVersion} request.cryptoKeyVersion + * Required. {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} with updated values. + * @param {google.protobuf.FieldMask} request.updateMask + * Required. List of fields to be updated in this request. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.updateCryptoKeyVersion(request); + */ + updateCryptoKeyVersion( + request?: protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'crypto_key_version.name': request.cryptoKeyVersion!.name || '', + }); + this.initialize(); + return this.innerApiCalls.updateCryptoKeyVersion(request, options, callback); + } + updateCryptoKeyPrimaryVersion( + request?: protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest|undefined, {}|undefined + ]>; + updateCryptoKeyPrimaryVersion( + request: protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest|null|undefined, + {}|null|undefined>): void; + updateCryptoKeyPrimaryVersion( + request: protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest|null|undefined, + {}|null|undefined>): void; +/** + * Update the version of a {@link google.cloud.kms.v1.CryptoKey|CryptoKey} that will be used in {@link google.cloud.kms.v1.KeyManagementService.Encrypt|Encrypt}. + * + * Returns an error if called on a key whose purpose is not + * {@link google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT|ENCRYPT_DECRYPT}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to update. + * @param {string} request.cryptoKeyVersionId + * Required. The id of the child {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to use as primary. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [CryptoKey]{@link google.cloud.kms.v1.CryptoKey}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.updateCryptoKeyPrimaryVersion(request); + */ + updateCryptoKeyPrimaryVersion( + request?: protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKey, + protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.updateCryptoKeyPrimaryVersion(request, options, callback); + } + destroyCryptoKeyVersion( + request?: protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest|undefined, {}|undefined + ]>; + destroyCryptoKeyVersion( + request: protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): void; + destroyCryptoKeyVersion( + request: protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): void; +/** + * Schedule a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} for destruction. + * + * Upon calling this method, {@link google.cloud.kms.v1.CryptoKeyVersion.state|CryptoKeyVersion.state} will be set to + * {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED|DESTROY_SCHEDULED} + * and {@link google.cloud.kms.v1.CryptoKeyVersion.destroy_time|destroy_time} will be set to a time 24 + * hours in the future, at which point the {@link google.cloud.kms.v1.CryptoKeyVersion.state|state} + * will be changed to + * {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED|DESTROYED}, and the key + * material will be irrevocably destroyed. + * + * Before the {@link google.cloud.kms.v1.CryptoKeyVersion.destroy_time|destroy_time} is reached, + * {@link google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion|RestoreCryptoKeyVersion} may be called to reverse the process. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to destroy. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.destroyCryptoKeyVersion(request); + */ + destroyCryptoKeyVersion( + request?: protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.destroyCryptoKeyVersion(request, options, callback); + } + restoreCryptoKeyVersion( + request?: protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest|undefined, {}|undefined + ]>; + restoreCryptoKeyVersion( + request: protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): void; + restoreCryptoKeyVersion( + request: protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest, + callback: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): void; +/** + * Restore a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} in the + * {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED|DESTROY_SCHEDULED} + * state. + * + * Upon restoration of the CryptoKeyVersion, {@link google.cloud.kms.v1.CryptoKeyVersion.state|state} + * will be set to {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED|DISABLED}, + * and {@link google.cloud.kms.v1.CryptoKeyVersion.destroy_time|destroy_time} will be cleared. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to restore. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.restoreCryptoKeyVersion(request); + */ + restoreCryptoKeyVersion( + request?: protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion, + protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.restoreCryptoKeyVersion(request, options, callback); + } + encrypt( + request?: protos.google.cloud.kms.v1.IEncryptRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IEncryptResponse, + protos.google.cloud.kms.v1.IEncryptRequest|undefined, {}|undefined + ]>; + encrypt( + request: protos.google.cloud.kms.v1.IEncryptRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.IEncryptResponse, + protos.google.cloud.kms.v1.IEncryptRequest|null|undefined, + {}|null|undefined>): void; + encrypt( + request: protos.google.cloud.kms.v1.IEncryptRequest, + callback: Callback< + protos.google.cloud.kms.v1.IEncryptResponse, + protos.google.cloud.kms.v1.IEncryptRequest|null|undefined, + {}|null|undefined>): void; +/** + * Encrypts data, so that it can only be recovered by a call to {@link google.cloud.kms.v1.KeyManagementService.Decrypt|Decrypt}. + * The {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} must be + * {@link google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT|ENCRYPT_DECRYPT}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} or {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} + * to use for encryption. + * + * If a {@link google.cloud.kms.v1.CryptoKey|CryptoKey} is specified, the server will use its + * {@link google.cloud.kms.v1.CryptoKey.primary|primary version}. + * @param {Buffer} request.plaintext + * Required. The data to encrypt. Must be no larger than 64KiB. + * + * The maximum size depends on the key version's + * {@link google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level|protection_level}. For + * {@link google.cloud.kms.v1.ProtectionLevel.SOFTWARE|SOFTWARE} keys, the plaintext must be no larger + * than 64KiB. For {@link google.cloud.kms.v1.ProtectionLevel.HSM|HSM} keys, the combined length of the + * plaintext and additional_authenticated_data fields must be no larger than + * 8KiB. + * @param {Buffer} [request.additionalAuthenticatedData] + * Optional. Optional data that, if specified, must also be provided during decryption + * through {@link google.cloud.kms.v1.DecryptRequest.additional_authenticated_data|DecryptRequest.additional_authenticated_data}. + * + * The maximum size depends on the key version's + * {@link google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level|protection_level}. For + * {@link google.cloud.kms.v1.ProtectionLevel.SOFTWARE|SOFTWARE} keys, the AAD must be no larger than + * 64KiB. For {@link google.cloud.kms.v1.ProtectionLevel.HSM|HSM} keys, the combined length of the + * plaintext and additional_authenticated_data fields must be no larger than + * 8KiB. + * @param {google.protobuf.Int64Value} [request.plaintextCrc32c] + * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.EncryptRequest.plaintext|EncryptRequest.plaintext}. If + * specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the + * received {@link google.cloud.kms.v1.EncryptRequest.plaintext|EncryptRequest.plaintext} using this checksum. + * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification + * fails. If you receive a checksum error, your client should verify that + * CRC32C({@link google.cloud.kms.v1.EncryptRequest.plaintext|EncryptRequest.plaintext}) is equal to + * {@link google.cloud.kms.v1.EncryptRequest.plaintext_crc32c|EncryptRequest.plaintext_crc32c}, and if so, perform a limited number of + * retries. A persistent mismatch may indicate an issue in your computation of + * the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + * @param {google.protobuf.Int64Value} [request.additionalAuthenticatedDataCrc32c] + * Optional. An optional CRC32C checksum of the + * {@link google.cloud.kms.v1.EncryptRequest.additional_authenticated_data|EncryptRequest.additional_authenticated_data}. If specified, + * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the received + * {@link google.cloud.kms.v1.EncryptRequest.additional_authenticated_data|EncryptRequest.additional_authenticated_data} using this checksum. + * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification + * fails. If you receive a checksum error, your client should verify that + * CRC32C({@link google.cloud.kms.v1.EncryptRequest.additional_authenticated_data|EncryptRequest.additional_authenticated_data}) is equal to + * {@link google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c|EncryptRequest.additional_authenticated_data_crc32c}, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [EncryptResponse]{@link google.cloud.kms.v1.EncryptResponse}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.encrypt(request); + */ + encrypt( + request?: protos.google.cloud.kms.v1.IEncryptRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.IEncryptResponse, + protos.google.cloud.kms.v1.IEncryptRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.IEncryptResponse, + protos.google.cloud.kms.v1.IEncryptRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.IEncryptResponse, + protos.google.cloud.kms.v1.IEncryptRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.encrypt(request, options, callback); + } + decrypt( + request?: protos.google.cloud.kms.v1.IDecryptRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IDecryptResponse, + protos.google.cloud.kms.v1.IDecryptRequest|undefined, {}|undefined + ]>; + decrypt( + request: protos.google.cloud.kms.v1.IDecryptRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.IDecryptResponse, + protos.google.cloud.kms.v1.IDecryptRequest|null|undefined, + {}|null|undefined>): void; + decrypt( + request: protos.google.cloud.kms.v1.IDecryptRequest, + callback: Callback< + protos.google.cloud.kms.v1.IDecryptResponse, + protos.google.cloud.kms.v1.IDecryptRequest|null|undefined, + {}|null|undefined>): void; +/** + * Decrypts data that was protected by {@link google.cloud.kms.v1.KeyManagementService.Encrypt|Encrypt}. The {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} + * must be {@link google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT|ENCRYPT_DECRYPT}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to use for decryption. + * The server will choose the appropriate version. + * @param {Buffer} request.ciphertext + * Required. The encrypted data originally returned in + * {@link google.cloud.kms.v1.EncryptResponse.ciphertext|EncryptResponse.ciphertext}. + * @param {Buffer} [request.additionalAuthenticatedData] + * Optional. Optional data that must match the data originally supplied in + * {@link google.cloud.kms.v1.EncryptRequest.additional_authenticated_data|EncryptRequest.additional_authenticated_data}. + * @param {google.protobuf.Int64Value} [request.ciphertextCrc32c] + * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.DecryptRequest.ciphertext|DecryptRequest.ciphertext}. If + * specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the + * received {@link google.cloud.kms.v1.DecryptRequest.ciphertext|DecryptRequest.ciphertext} using this checksum. + * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification + * fails. If you receive a checksum error, your client should verify that + * CRC32C({@link google.cloud.kms.v1.DecryptRequest.ciphertext|DecryptRequest.ciphertext}) is equal to + * {@link google.cloud.kms.v1.DecryptRequest.ciphertext_crc32c|DecryptRequest.ciphertext_crc32c}, and if so, perform a limited number + * of retries. A persistent mismatch may indicate an issue in your computation + * of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + * @param {google.protobuf.Int64Value} [request.additionalAuthenticatedDataCrc32c] + * Optional. An optional CRC32C checksum of the + * {@link google.cloud.kms.v1.DecryptRequest.additional_authenticated_data|DecryptRequest.additional_authenticated_data}. If specified, + * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the received + * {@link google.cloud.kms.v1.DecryptRequest.additional_authenticated_data|DecryptRequest.additional_authenticated_data} using this checksum. + * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification + * fails. If you receive a checksum error, your client should verify that + * CRC32C({@link google.cloud.kms.v1.DecryptRequest.additional_authenticated_data|DecryptRequest.additional_authenticated_data}) is equal to + * {@link google.cloud.kms.v1.DecryptRequest.additional_authenticated_data_crc32c|DecryptRequest.additional_authenticated_data_crc32c}, and if so, perform + * a limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [DecryptResponse]{@link google.cloud.kms.v1.DecryptResponse}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.decrypt(request); + */ + decrypt( + request?: protos.google.cloud.kms.v1.IDecryptRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.IDecryptResponse, + protos.google.cloud.kms.v1.IDecryptRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.IDecryptResponse, + protos.google.cloud.kms.v1.IDecryptRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.IDecryptResponse, + protos.google.cloud.kms.v1.IDecryptRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.decrypt(request, options, callback); + } + asymmetricSign( + request?: protos.google.cloud.kms.v1.IAsymmetricSignRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IAsymmetricSignResponse, + protos.google.cloud.kms.v1.IAsymmetricSignRequest|undefined, {}|undefined + ]>; + asymmetricSign( + request: protos.google.cloud.kms.v1.IAsymmetricSignRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.IAsymmetricSignResponse, + protos.google.cloud.kms.v1.IAsymmetricSignRequest|null|undefined, + {}|null|undefined>): void; + asymmetricSign( + request: protos.google.cloud.kms.v1.IAsymmetricSignRequest, + callback: Callback< + protos.google.cloud.kms.v1.IAsymmetricSignResponse, + protos.google.cloud.kms.v1.IAsymmetricSignRequest|null|undefined, + {}|null|undefined>): void; +/** + * Signs data using a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} with {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} + * ASYMMETRIC_SIGN, producing a signature that can be verified with the public + * key retrieved from {@link google.cloud.kms.v1.KeyManagementService.GetPublicKey|GetPublicKey}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to use for signing. + * @param {google.cloud.kms.v1.Digest} request.digest + * Required. The digest of the data to sign. The digest must be produced with + * the same digest algorithm as specified by the key version's + * {@link google.cloud.kms.v1.CryptoKeyVersion.algorithm|algorithm}. + * @param {google.protobuf.Int64Value} [request.digestCrc32c] + * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.AsymmetricSignRequest.digest|AsymmetricSignRequest.digest}. If + * specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the + * received {@link google.cloud.kms.v1.AsymmetricSignRequest.digest|AsymmetricSignRequest.digest} using this checksum. + * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification + * fails. If you receive a checksum error, your client should verify that + * CRC32C({@link google.cloud.kms.v1.AsymmetricSignRequest.digest|AsymmetricSignRequest.digest}) is equal to + * {@link google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c|AsymmetricSignRequest.digest_crc32c}, and if so, perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [AsymmetricSignResponse]{@link google.cloud.kms.v1.AsymmetricSignResponse}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.asymmetricSign(request); + */ + asymmetricSign( + request?: protos.google.cloud.kms.v1.IAsymmetricSignRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.IAsymmetricSignResponse, + protos.google.cloud.kms.v1.IAsymmetricSignRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.IAsymmetricSignResponse, + protos.google.cloud.kms.v1.IAsymmetricSignRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.IAsymmetricSignResponse, + protos.google.cloud.kms.v1.IAsymmetricSignRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.asymmetricSign(request, options, callback); + } + asymmetricDecrypt( + request?: protos.google.cloud.kms.v1.IAsymmetricDecryptRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IAsymmetricDecryptResponse, + protos.google.cloud.kms.v1.IAsymmetricDecryptRequest|undefined, {}|undefined + ]>; + asymmetricDecrypt( + request: protos.google.cloud.kms.v1.IAsymmetricDecryptRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.IAsymmetricDecryptResponse, + protos.google.cloud.kms.v1.IAsymmetricDecryptRequest|null|undefined, + {}|null|undefined>): void; + asymmetricDecrypt( + request: protos.google.cloud.kms.v1.IAsymmetricDecryptRequest, + callback: Callback< + protos.google.cloud.kms.v1.IAsymmetricDecryptResponse, + protos.google.cloud.kms.v1.IAsymmetricDecryptRequest|null|undefined, + {}|null|undefined>): void; +/** + * Decrypts data that was encrypted with a public key retrieved from + * {@link google.cloud.kms.v1.KeyManagementService.GetPublicKey|GetPublicKey} corresponding to a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} with + * {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} ASYMMETRIC_DECRYPT. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to use for + * decryption. + * @param {Buffer} request.ciphertext + * Required. The data encrypted with the named {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion}'s public + * key using OAEP. + * @param {google.protobuf.Int64Value} [request.ciphertextCrc32c] + * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext|AsymmetricDecryptRequest.ciphertext}. + * If specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the + * received {@link google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext|AsymmetricDecryptRequest.ciphertext} using this checksum. + * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification + * fails. If you receive a checksum error, your client should verify that + * CRC32C({@link google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext|AsymmetricDecryptRequest.ciphertext}) is equal to + * {@link google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c|AsymmetricDecryptRequest.ciphertext_crc32c}, and if so, perform a + * limited number of retries. A persistent mismatch may indicate an issue in + * your computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [AsymmetricDecryptResponse]{@link google.cloud.kms.v1.AsymmetricDecryptResponse}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.asymmetricDecrypt(request); + */ + asymmetricDecrypt( + request?: protos.google.cloud.kms.v1.IAsymmetricDecryptRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.IAsymmetricDecryptResponse, + protos.google.cloud.kms.v1.IAsymmetricDecryptRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.IAsymmetricDecryptResponse, + protos.google.cloud.kms.v1.IAsymmetricDecryptRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.IAsymmetricDecryptResponse, + protos.google.cloud.kms.v1.IAsymmetricDecryptRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.asymmetricDecrypt(request, options, callback); + } + macSign( + request?: protos.google.cloud.kms.v1.IMacSignRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IMacSignResponse, + protos.google.cloud.kms.v1.IMacSignRequest|undefined, {}|undefined + ]>; + macSign( + request: protos.google.cloud.kms.v1.IMacSignRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.IMacSignResponse, + protos.google.cloud.kms.v1.IMacSignRequest|null|undefined, + {}|null|undefined>): void; + macSign( + request: protos.google.cloud.kms.v1.IMacSignRequest, + callback: Callback< + protos.google.cloud.kms.v1.IMacSignResponse, + protos.google.cloud.kms.v1.IMacSignRequest|null|undefined, + {}|null|undefined>): void; +/** + * Signs data using a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} with {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} + * MAC, producing a tag that can be verified by another source with the + * same key. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to use for signing. + * @param {Buffer} request.data + * Required. The data to sign. The MAC tag is computed over this data field based on + * the specific algorithm. + * @param {google.protobuf.Int64Value} [request.dataCrc32c] + * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.MacSignRequest.data|MacSignRequest.data}. If + * specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the + * received {@link google.cloud.kms.v1.MacSignRequest.data|MacSignRequest.data} using this checksum. + * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification + * fails. If you receive a checksum error, your client should verify that + * CRC32C({@link google.cloud.kms.v1.MacSignRequest.data|MacSignRequest.data}) is equal to + * {@link google.cloud.kms.v1.MacSignRequest.data_crc32c|MacSignRequest.data_crc32c}, and if so, perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [MacSignResponse]{@link google.cloud.kms.v1.MacSignResponse}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.macSign(request); + */ + macSign( + request?: protos.google.cloud.kms.v1.IMacSignRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.IMacSignResponse, + protos.google.cloud.kms.v1.IMacSignRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.IMacSignResponse, + protos.google.cloud.kms.v1.IMacSignRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.IMacSignResponse, + protos.google.cloud.kms.v1.IMacSignRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.macSign(request, options, callback); + } + macVerify( + request?: protos.google.cloud.kms.v1.IMacVerifyRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IMacVerifyResponse, + protos.google.cloud.kms.v1.IMacVerifyRequest|undefined, {}|undefined + ]>; + macVerify( + request: protos.google.cloud.kms.v1.IMacVerifyRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.IMacVerifyResponse, + protos.google.cloud.kms.v1.IMacVerifyRequest|null|undefined, + {}|null|undefined>): void; + macVerify( + request: protos.google.cloud.kms.v1.IMacVerifyRequest, + callback: Callback< + protos.google.cloud.kms.v1.IMacVerifyResponse, + protos.google.cloud.kms.v1.IMacVerifyRequest|null|undefined, + {}|null|undefined>): void; +/** + * Verifies MAC tag using a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} with {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} + * MAC, and returns a response that indicates whether or not the verification + * was successful. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.name + * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to use for verification. + * @param {Buffer} request.data + * Required. The data used previously as a {@link google.cloud.kms.v1.MacSignRequest.data|MacSignRequest.data} to generate the MAC + * tag. + * @param {google.protobuf.Int64Value} [request.dataCrc32c] + * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.MacVerifyRequest.data|MacVerifyRequest.data}. If + * specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the + * received {@link google.cloud.kms.v1.MacVerifyRequest.data|MacVerifyRequest.data} using this checksum. + * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification + * fails. If you receive a checksum error, your client should verify that + * CRC32C({@link google.cloud.kms.v1.MacVerifyRequest.data|MacVerifyRequest.data}) is equal to + * {@link google.cloud.kms.v1.MacVerifyRequest.data_crc32c|MacVerifyRequest.data_crc32c}, and if so, perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + * @param {Buffer} request.mac + * Required. The signature to verify. + * @param {google.protobuf.Int64Value} [request.macCrc32c] + * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.MacVerifyRequest.mac|MacVerifyRequest.mac}. If + * specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the + * received {@link google.cloud.kms.v1.MacVerifyRequest.mac|MacVerifyRequest.mac} using this checksum. + * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification + * fails. If you receive a checksum error, your client should verify that + * CRC32C({@link |MacVerifyRequest.tag}) is equal to + * {@link google.cloud.kms.v1.MacVerifyRequest.mac_crc32c|MacVerifyRequest.mac_crc32c}, and if so, perform a limited + * number of retries. A persistent mismatch may indicate an issue in your + * computation of the CRC32C checksum. + * Note: This field is defined as int64 for reasons of compatibility across + * different languages. However, it is a non-negative integer, which will + * never exceed 2^32-1, and can be safely downconverted to uint32 in languages + * that support this type. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [MacVerifyResponse]{@link google.cloud.kms.v1.MacVerifyResponse}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.macVerify(request); + */ + macVerify( + request?: protos.google.cloud.kms.v1.IMacVerifyRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.IMacVerifyResponse, + protos.google.cloud.kms.v1.IMacVerifyRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.IMacVerifyResponse, + protos.google.cloud.kms.v1.IMacVerifyRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.IMacVerifyResponse, + protos.google.cloud.kms.v1.IMacVerifyRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'name': request.name || '', + }); + this.initialize(); + return this.innerApiCalls.macVerify(request, options, callback); + } + generateRandomBytes( + request?: protos.google.cloud.kms.v1.IGenerateRandomBytesRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IGenerateRandomBytesResponse, + protos.google.cloud.kms.v1.IGenerateRandomBytesRequest|undefined, {}|undefined + ]>; + generateRandomBytes( + request: protos.google.cloud.kms.v1.IGenerateRandomBytesRequest, + options: CallOptions, + callback: Callback< + protos.google.cloud.kms.v1.IGenerateRandomBytesResponse, + protos.google.cloud.kms.v1.IGenerateRandomBytesRequest|null|undefined, + {}|null|undefined>): void; + generateRandomBytes( + request: protos.google.cloud.kms.v1.IGenerateRandomBytesRequest, + callback: Callback< + protos.google.cloud.kms.v1.IGenerateRandomBytesResponse, + protos.google.cloud.kms.v1.IGenerateRandomBytesRequest|null|undefined, + {}|null|undefined>): void; +/** + * Generate random bytes using the Cloud KMS randomness source in the provided + * location. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.location + * The project-specific location in which to generate random bytes. + * For example, "projects/my-project/locations/us-central1". + * @param {number} request.lengthBytes + * The length in bytes of the amount of randomness to retrieve. Minimum 8 + * bytes, maximum 1024 bytes. + * @param {google.cloud.kms.v1.ProtectionLevel} request.protectionLevel + * The {@link google.cloud.kms.v1.ProtectionLevel|ProtectionLevel} to use when generating the random data. Defaults to + * {@link google.cloud.kms.v1.ProtectionLevel.SOFTWARE|SOFTWARE}. + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [GenerateRandomBytesResponse]{@link google.cloud.kms.v1.GenerateRandomBytesResponse}. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) + * for more details and examples. + * @example + * const [response] = await client.generateRandomBytes(request); + */ + generateRandomBytes( + request?: protos.google.cloud.kms.v1.IGenerateRandomBytesRequest, + optionsOrCallback?: CallOptions|Callback< + protos.google.cloud.kms.v1.IGenerateRandomBytesResponse, + protos.google.cloud.kms.v1.IGenerateRandomBytesRequest|null|undefined, + {}|null|undefined>, + callback?: Callback< + protos.google.cloud.kms.v1.IGenerateRandomBytesResponse, + protos.google.cloud.kms.v1.IGenerateRandomBytesRequest|null|undefined, + {}|null|undefined>): + Promise<[ + protos.google.cloud.kms.v1.IGenerateRandomBytesResponse, + protos.google.cloud.kms.v1.IGenerateRandomBytesRequest|undefined, {}|undefined + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'location': request.location || '', + }); + this.initialize(); + return this.innerApiCalls.generateRandomBytes(request, options, callback); + } + + listKeyRings( + request?: protos.google.cloud.kms.v1.IListKeyRingsRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IKeyRing[], + protos.google.cloud.kms.v1.IListKeyRingsRequest|null, + protos.google.cloud.kms.v1.IListKeyRingsResponse + ]>; + listKeyRings( + request: protos.google.cloud.kms.v1.IListKeyRingsRequest, + options: CallOptions, + callback: PaginationCallback< + protos.google.cloud.kms.v1.IListKeyRingsRequest, + protos.google.cloud.kms.v1.IListKeyRingsResponse|null|undefined, + protos.google.cloud.kms.v1.IKeyRing>): void; + listKeyRings( + request: protos.google.cloud.kms.v1.IListKeyRingsRequest, + callback: PaginationCallback< + protos.google.cloud.kms.v1.IListKeyRingsRequest, + protos.google.cloud.kms.v1.IListKeyRingsResponse|null|undefined, + protos.google.cloud.kms.v1.IKeyRing>): void; +/** + * Lists {@link google.cloud.kms.v1.KeyRing|KeyRings}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the location associated with the + * {@link google.cloud.kms.v1.KeyRing|KeyRings}, in the format `projects/* /locations/*`. + * @param {number} [request.pageSize] + * Optional. Optional limit on the number of {@link google.cloud.kms.v1.KeyRing|KeyRings} to include in the + * response. Further {@link google.cloud.kms.v1.KeyRing|KeyRings} can subsequently be obtained by + * including the {@link google.cloud.kms.v1.ListKeyRingsResponse.next_page_token|ListKeyRingsResponse.next_page_token} in a subsequent + * request. If unspecified, the server will pick an appropriate default. + * @param {string} [request.pageToken] + * Optional. Optional pagination token, returned earlier via + * {@link google.cloud.kms.v1.ListKeyRingsResponse.next_page_token|ListKeyRingsResponse.next_page_token}. + * @param {string} [request.filter] + * Optional. Only include resources that match the filter in the response. For + * more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {string} [request.orderBy] + * Optional. Specify how the results should be sorted. If not specified, the + * results will be sorted in the default order. For more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is Array of [KeyRing]{@link google.cloud.kms.v1.KeyRing}. + * The client library will perform auto-pagination by default: it will call the API as many + * times as needed and will merge results from all the pages into this array. + * Note that it can affect your quota. + * We recommend using `listKeyRingsAsync()` + * method described below for async iteration which you can stop as needed. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + */ + listKeyRings( + request?: protos.google.cloud.kms.v1.IListKeyRingsRequest, + optionsOrCallback?: CallOptions|PaginationCallback< + protos.google.cloud.kms.v1.IListKeyRingsRequest, + protos.google.cloud.kms.v1.IListKeyRingsResponse|null|undefined, + protos.google.cloud.kms.v1.IKeyRing>, + callback?: PaginationCallback< + protos.google.cloud.kms.v1.IListKeyRingsRequest, + protos.google.cloud.kms.v1.IListKeyRingsResponse|null|undefined, + protos.google.cloud.kms.v1.IKeyRing>): + Promise<[ + protos.google.cloud.kms.v1.IKeyRing[], + protos.google.cloud.kms.v1.IListKeyRingsRequest|null, + protos.google.cloud.kms.v1.IListKeyRingsResponse + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + this.initialize(); + return this.innerApiCalls.listKeyRings(request, options, callback); + } + +/** + * Equivalent to `method.name.toCamelCase()`, but returns a NodeJS Stream object. + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the location associated with the + * {@link google.cloud.kms.v1.KeyRing|KeyRings}, in the format `projects/* /locations/*`. + * @param {number} [request.pageSize] + * Optional. Optional limit on the number of {@link google.cloud.kms.v1.KeyRing|KeyRings} to include in the + * response. Further {@link google.cloud.kms.v1.KeyRing|KeyRings} can subsequently be obtained by + * including the {@link google.cloud.kms.v1.ListKeyRingsResponse.next_page_token|ListKeyRingsResponse.next_page_token} in a subsequent + * request. If unspecified, the server will pick an appropriate default. + * @param {string} [request.pageToken] + * Optional. Optional pagination token, returned earlier via + * {@link google.cloud.kms.v1.ListKeyRingsResponse.next_page_token|ListKeyRingsResponse.next_page_token}. + * @param {string} [request.filter] + * Optional. Only include resources that match the filter in the response. For + * more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {string} [request.orderBy] + * Optional. Specify how the results should be sorted. If not specified, the + * results will be sorted in the default order. For more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Stream} + * An object stream which emits an object representing [KeyRing]{@link google.cloud.kms.v1.KeyRing} on 'data' event. + * The client library will perform auto-pagination by default: it will call the API as many + * times as needed. Note that it can affect your quota. + * We recommend using `listKeyRingsAsync()` + * method described below for async iteration which you can stop as needed. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + */ + listKeyRingsStream( + request?: protos.google.cloud.kms.v1.IListKeyRingsRequest, + options?: CallOptions): + Transform{ + request = request || {}; + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + const callSettings = new gax.CallSettings(options); + this.initialize(); + return this.descriptors.page.listKeyRings.createStream( + this.innerApiCalls.listKeyRings as gax.GaxCall, + request, + callSettings + ); + } + +/** + * Equivalent to `listKeyRings`, but returns an iterable object. + * + * `for`-`await`-`of` syntax is used with the iterable to get response elements on-demand. + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the location associated with the + * {@link google.cloud.kms.v1.KeyRing|KeyRings}, in the format `projects/* /locations/*`. + * @param {number} [request.pageSize] + * Optional. Optional limit on the number of {@link google.cloud.kms.v1.KeyRing|KeyRings} to include in the + * response. Further {@link google.cloud.kms.v1.KeyRing|KeyRings} can subsequently be obtained by + * including the {@link google.cloud.kms.v1.ListKeyRingsResponse.next_page_token|ListKeyRingsResponse.next_page_token} in a subsequent + * request. If unspecified, the server will pick an appropriate default. + * @param {string} [request.pageToken] + * Optional. Optional pagination token, returned earlier via + * {@link google.cloud.kms.v1.ListKeyRingsResponse.next_page_token|ListKeyRingsResponse.next_page_token}. + * @param {string} [request.filter] + * Optional. Only include resources that match the filter in the response. For + * more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {string} [request.orderBy] + * Optional. Specify how the results should be sorted. If not specified, the + * results will be sorted in the default order. For more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Object} + * An iterable Object that allows [async iteration](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols). + * When you iterate the returned iterable, each element will be an object representing + * [KeyRing]{@link google.cloud.kms.v1.KeyRing}. The API will be called under the hood as needed, once per the page, + * so you can stop the iteration when you don't need more results. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + * @example + * const iterable = client.listKeyRingsAsync(request); + * for await (const response of iterable) { + * // process response + * } + */ + listKeyRingsAsync( + request?: protos.google.cloud.kms.v1.IListKeyRingsRequest, + options?: CallOptions): + AsyncIterable{ + request = request || {}; + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + options = options || {}; + const callSettings = new gax.CallSettings(options); + this.initialize(); + return this.descriptors.page.listKeyRings.asyncIterate( + this.innerApiCalls['listKeyRings'] as GaxCall, + request as unknown as RequestType, + callSettings + ) as AsyncIterable; + } + listCryptoKeys( + request?: protos.google.cloud.kms.v1.IListCryptoKeysRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKey[], + protos.google.cloud.kms.v1.IListCryptoKeysRequest|null, + protos.google.cloud.kms.v1.IListCryptoKeysResponse + ]>; + listCryptoKeys( + request: protos.google.cloud.kms.v1.IListCryptoKeysRequest, + options: CallOptions, + callback: PaginationCallback< + protos.google.cloud.kms.v1.IListCryptoKeysRequest, + protos.google.cloud.kms.v1.IListCryptoKeysResponse|null|undefined, + protos.google.cloud.kms.v1.ICryptoKey>): void; + listCryptoKeys( + request: protos.google.cloud.kms.v1.IListCryptoKeysRequest, + callback: PaginationCallback< + protos.google.cloud.kms.v1.IListCryptoKeysRequest, + protos.google.cloud.kms.v1.IListCryptoKeysResponse|null|undefined, + protos.google.cloud.kms.v1.ICryptoKey>): void; +/** + * Lists {@link google.cloud.kms.v1.CryptoKey|CryptoKeys}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to list, in the format + * `projects/* /locations/* /keyRings/*`. + * @param {number} [request.pageSize] + * Optional. Optional limit on the number of {@link google.cloud.kms.v1.CryptoKey|CryptoKeys} to include in the + * response. Further {@link google.cloud.kms.v1.CryptoKey|CryptoKeys} can subsequently be obtained by + * including the {@link google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token|ListCryptoKeysResponse.next_page_token} in a subsequent + * request. If unspecified, the server will pick an appropriate default. + * @param {string} [request.pageToken] + * Optional. Optional pagination token, returned earlier via + * {@link google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token|ListCryptoKeysResponse.next_page_token}. + * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView} request.versionView + * The fields of the primary version to include in the response. + * @param {string} [request.filter] + * Optional. Only include resources that match the filter in the response. For + * more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {string} [request.orderBy] + * Optional. Specify how the results should be sorted. If not specified, the + * results will be sorted in the default order. For more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is Array of [CryptoKey]{@link google.cloud.kms.v1.CryptoKey}. + * The client library will perform auto-pagination by default: it will call the API as many + * times as needed and will merge results from all the pages into this array. + * Note that it can affect your quota. + * We recommend using `listCryptoKeysAsync()` + * method described below for async iteration which you can stop as needed. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + */ + listCryptoKeys( + request?: protos.google.cloud.kms.v1.IListCryptoKeysRequest, + optionsOrCallback?: CallOptions|PaginationCallback< + protos.google.cloud.kms.v1.IListCryptoKeysRequest, + protos.google.cloud.kms.v1.IListCryptoKeysResponse|null|undefined, + protos.google.cloud.kms.v1.ICryptoKey>, + callback?: PaginationCallback< + protos.google.cloud.kms.v1.IListCryptoKeysRequest, + protos.google.cloud.kms.v1.IListCryptoKeysResponse|null|undefined, + protos.google.cloud.kms.v1.ICryptoKey>): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKey[], + protos.google.cloud.kms.v1.IListCryptoKeysRequest|null, + protos.google.cloud.kms.v1.IListCryptoKeysResponse + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + this.initialize(); + return this.innerApiCalls.listCryptoKeys(request, options, callback); + } + +/** + * Equivalent to `method.name.toCamelCase()`, but returns a NodeJS Stream object. + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to list, in the format + * `projects/* /locations/* /keyRings/*`. + * @param {number} [request.pageSize] + * Optional. Optional limit on the number of {@link google.cloud.kms.v1.CryptoKey|CryptoKeys} to include in the + * response. Further {@link google.cloud.kms.v1.CryptoKey|CryptoKeys} can subsequently be obtained by + * including the {@link google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token|ListCryptoKeysResponse.next_page_token} in a subsequent + * request. If unspecified, the server will pick an appropriate default. + * @param {string} [request.pageToken] + * Optional. Optional pagination token, returned earlier via + * {@link google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token|ListCryptoKeysResponse.next_page_token}. + * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView} request.versionView + * The fields of the primary version to include in the response. + * @param {string} [request.filter] + * Optional. Only include resources that match the filter in the response. For + * more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {string} [request.orderBy] + * Optional. Specify how the results should be sorted. If not specified, the + * results will be sorted in the default order. For more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Stream} + * An object stream which emits an object representing [CryptoKey]{@link google.cloud.kms.v1.CryptoKey} on 'data' event. + * The client library will perform auto-pagination by default: it will call the API as many + * times as needed. Note that it can affect your quota. + * We recommend using `listCryptoKeysAsync()` + * method described below for async iteration which you can stop as needed. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + */ + listCryptoKeysStream( + request?: protos.google.cloud.kms.v1.IListCryptoKeysRequest, + options?: CallOptions): + Transform{ + request = request || {}; + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + const callSettings = new gax.CallSettings(options); + this.initialize(); + return this.descriptors.page.listCryptoKeys.createStream( + this.innerApiCalls.listCryptoKeys as gax.GaxCall, + request, + callSettings + ); + } + +/** + * Equivalent to `listCryptoKeys`, but returns an iterable object. + * + * `for`-`await`-`of` syntax is used with the iterable to get response elements on-demand. + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to list, in the format + * `projects/* /locations/* /keyRings/*`. + * @param {number} [request.pageSize] + * Optional. Optional limit on the number of {@link google.cloud.kms.v1.CryptoKey|CryptoKeys} to include in the + * response. Further {@link google.cloud.kms.v1.CryptoKey|CryptoKeys} can subsequently be obtained by + * including the {@link google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token|ListCryptoKeysResponse.next_page_token} in a subsequent + * request. If unspecified, the server will pick an appropriate default. + * @param {string} [request.pageToken] + * Optional. Optional pagination token, returned earlier via + * {@link google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token|ListCryptoKeysResponse.next_page_token}. + * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView} request.versionView + * The fields of the primary version to include in the response. + * @param {string} [request.filter] + * Optional. Only include resources that match the filter in the response. For + * more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {string} [request.orderBy] + * Optional. Specify how the results should be sorted. If not specified, the + * results will be sorted in the default order. For more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Object} + * An iterable Object that allows [async iteration](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols). + * When you iterate the returned iterable, each element will be an object representing + * [CryptoKey]{@link google.cloud.kms.v1.CryptoKey}. The API will be called under the hood as needed, once per the page, + * so you can stop the iteration when you don't need more results. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + * @example + * const iterable = client.listCryptoKeysAsync(request); + * for await (const response of iterable) { + * // process response + * } + */ + listCryptoKeysAsync( + request?: protos.google.cloud.kms.v1.IListCryptoKeysRequest, + options?: CallOptions): + AsyncIterable{ + request = request || {}; + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + options = options || {}; + const callSettings = new gax.CallSettings(options); + this.initialize(); + return this.descriptors.page.listCryptoKeys.asyncIterate( + this.innerApiCalls['listCryptoKeys'] as GaxCall, + request as unknown as RequestType, + callSettings + ) as AsyncIterable; + } + listCryptoKeyVersions( + request?: protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion[], + protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest|null, + protos.google.cloud.kms.v1.IListCryptoKeyVersionsResponse + ]>; + listCryptoKeyVersions( + request: protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, + options: CallOptions, + callback: PaginationCallback< + protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, + protos.google.cloud.kms.v1.IListCryptoKeyVersionsResponse|null|undefined, + protos.google.cloud.kms.v1.ICryptoKeyVersion>): void; + listCryptoKeyVersions( + request: protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, + callback: PaginationCallback< + protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, + protos.google.cloud.kms.v1.IListCryptoKeyVersionsResponse|null|undefined, + protos.google.cloud.kms.v1.ICryptoKeyVersion>): void; +/** + * Lists {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to list, in the format + * `projects/* /locations/* /keyRings/* /cryptoKeys/*`. + * @param {number} [request.pageSize] + * Optional. Optional limit on the number of {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions} to + * include in the response. Further {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions} can + * subsequently be obtained by including the + * {@link google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token|ListCryptoKeyVersionsResponse.next_page_token} in a subsequent request. + * If unspecified, the server will pick an appropriate default. + * @param {string} [request.pageToken] + * Optional. Optional pagination token, returned earlier via + * {@link google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token|ListCryptoKeyVersionsResponse.next_page_token}. + * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView} request.view + * The fields to include in the response. + * @param {string} [request.filter] + * Optional. Only include resources that match the filter in the response. For + * more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {string} [request.orderBy] + * Optional. Specify how the results should be sorted. If not specified, the + * results will be sorted in the default order. For more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is Array of [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. + * The client library will perform auto-pagination by default: it will call the API as many + * times as needed and will merge results from all the pages into this array. + * Note that it can affect your quota. + * We recommend using `listCryptoKeyVersionsAsync()` + * method described below for async iteration which you can stop as needed. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + */ + listCryptoKeyVersions( + request?: protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, + optionsOrCallback?: CallOptions|PaginationCallback< + protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, + protos.google.cloud.kms.v1.IListCryptoKeyVersionsResponse|null|undefined, + protos.google.cloud.kms.v1.ICryptoKeyVersion>, + callback?: PaginationCallback< + protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, + protos.google.cloud.kms.v1.IListCryptoKeyVersionsResponse|null|undefined, + protos.google.cloud.kms.v1.ICryptoKeyVersion>): + Promise<[ + protos.google.cloud.kms.v1.ICryptoKeyVersion[], + protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest|null, + protos.google.cloud.kms.v1.IListCryptoKeyVersionsResponse + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + this.initialize(); + return this.innerApiCalls.listCryptoKeyVersions(request, options, callback); + } + +/** + * Equivalent to `method.name.toCamelCase()`, but returns a NodeJS Stream object. + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to list, in the format + * `projects/* /locations/* /keyRings/* /cryptoKeys/*`. + * @param {number} [request.pageSize] + * Optional. Optional limit on the number of {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions} to + * include in the response. Further {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions} can + * subsequently be obtained by including the + * {@link google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token|ListCryptoKeyVersionsResponse.next_page_token} in a subsequent request. + * If unspecified, the server will pick an appropriate default. + * @param {string} [request.pageToken] + * Optional. Optional pagination token, returned earlier via + * {@link google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token|ListCryptoKeyVersionsResponse.next_page_token}. + * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView} request.view + * The fields to include in the response. + * @param {string} [request.filter] + * Optional. Only include resources that match the filter in the response. For + * more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {string} [request.orderBy] + * Optional. Specify how the results should be sorted. If not specified, the + * results will be sorted in the default order. For more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Stream} + * An object stream which emits an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion} on 'data' event. + * The client library will perform auto-pagination by default: it will call the API as many + * times as needed. Note that it can affect your quota. + * We recommend using `listCryptoKeyVersionsAsync()` + * method described below for async iteration which you can stop as needed. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + */ + listCryptoKeyVersionsStream( + request?: protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, + options?: CallOptions): + Transform{ + request = request || {}; + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + const callSettings = new gax.CallSettings(options); + this.initialize(); + return this.descriptors.page.listCryptoKeyVersions.createStream( + this.innerApiCalls.listCryptoKeyVersions as gax.GaxCall, + request, + callSettings + ); + } + +/** + * Equivalent to `listCryptoKeyVersions`, but returns an iterable object. + * + * `for`-`await`-`of` syntax is used with the iterable to get response elements on-demand. + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to list, in the format + * `projects/* /locations/* /keyRings/* /cryptoKeys/*`. + * @param {number} [request.pageSize] + * Optional. Optional limit on the number of {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions} to + * include in the response. Further {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions} can + * subsequently be obtained by including the + * {@link google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token|ListCryptoKeyVersionsResponse.next_page_token} in a subsequent request. + * If unspecified, the server will pick an appropriate default. + * @param {string} [request.pageToken] + * Optional. Optional pagination token, returned earlier via + * {@link google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token|ListCryptoKeyVersionsResponse.next_page_token}. + * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView} request.view + * The fields to include in the response. + * @param {string} [request.filter] + * Optional. Only include resources that match the filter in the response. For + * more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {string} [request.orderBy] + * Optional. Specify how the results should be sorted. If not specified, the + * results will be sorted in the default order. For more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Object} + * An iterable Object that allows [async iteration](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols). + * When you iterate the returned iterable, each element will be an object representing + * [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. The API will be called under the hood as needed, once per the page, + * so you can stop the iteration when you don't need more results. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + * @example + * const iterable = client.listCryptoKeyVersionsAsync(request); + * for await (const response of iterable) { + * // process response + * } + */ + listCryptoKeyVersionsAsync( + request?: protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, + options?: CallOptions): + AsyncIterable{ + request = request || {}; + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + options = options || {}; + const callSettings = new gax.CallSettings(options); + this.initialize(); + return this.descriptors.page.listCryptoKeyVersions.asyncIterate( + this.innerApiCalls['listCryptoKeyVersions'] as GaxCall, + request as unknown as RequestType, + callSettings + ) as AsyncIterable; + } + listImportJobs( + request?: protos.google.cloud.kms.v1.IListImportJobsRequest, + options?: CallOptions): + Promise<[ + protos.google.cloud.kms.v1.IImportJob[], + protos.google.cloud.kms.v1.IListImportJobsRequest|null, + protos.google.cloud.kms.v1.IListImportJobsResponse + ]>; + listImportJobs( + request: protos.google.cloud.kms.v1.IListImportJobsRequest, + options: CallOptions, + callback: PaginationCallback< + protos.google.cloud.kms.v1.IListImportJobsRequest, + protos.google.cloud.kms.v1.IListImportJobsResponse|null|undefined, + protos.google.cloud.kms.v1.IImportJob>): void; + listImportJobs( + request: protos.google.cloud.kms.v1.IListImportJobsRequest, + callback: PaginationCallback< + protos.google.cloud.kms.v1.IListImportJobsRequest, + protos.google.cloud.kms.v1.IListImportJobsResponse|null|undefined, + protos.google.cloud.kms.v1.IImportJob>): void; +/** + * Lists {@link google.cloud.kms.v1.ImportJob|ImportJobs}. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to list, in the format + * `projects/* /locations/* /keyRings/*`. + * @param {number} [request.pageSize] + * Optional. Optional limit on the number of {@link google.cloud.kms.v1.ImportJob|ImportJobs} to include in the + * response. Further {@link google.cloud.kms.v1.ImportJob|ImportJobs} can subsequently be obtained by + * including the {@link google.cloud.kms.v1.ListImportJobsResponse.next_page_token|ListImportJobsResponse.next_page_token} in a subsequent + * request. If unspecified, the server will pick an appropriate default. + * @param {string} [request.pageToken] + * Optional. Optional pagination token, returned earlier via + * {@link google.cloud.kms.v1.ListImportJobsResponse.next_page_token|ListImportJobsResponse.next_page_token}. + * @param {string} [request.filter] + * Optional. Only include resources that match the filter in the response. For + * more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {string} [request.orderBy] + * Optional. Specify how the results should be sorted. If not specified, the + * results will be sorted in the default order. For more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is Array of [ImportJob]{@link google.cloud.kms.v1.ImportJob}. + * The client library will perform auto-pagination by default: it will call the API as many + * times as needed and will merge results from all the pages into this array. + * Note that it can affect your quota. + * We recommend using `listImportJobsAsync()` + * method described below for async iteration which you can stop as needed. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + */ + listImportJobs( + request?: protos.google.cloud.kms.v1.IListImportJobsRequest, + optionsOrCallback?: CallOptions|PaginationCallback< + protos.google.cloud.kms.v1.IListImportJobsRequest, + protos.google.cloud.kms.v1.IListImportJobsResponse|null|undefined, + protos.google.cloud.kms.v1.IImportJob>, + callback?: PaginationCallback< + protos.google.cloud.kms.v1.IListImportJobsRequest, + protos.google.cloud.kms.v1.IListImportJobsResponse|null|undefined, + protos.google.cloud.kms.v1.IImportJob>): + Promise<[ + protos.google.cloud.kms.v1.IImportJob[], + protos.google.cloud.kms.v1.IListImportJobsRequest|null, + protos.google.cloud.kms.v1.IListImportJobsResponse + ]>|void { + request = request || {}; + let options: CallOptions; + if (typeof optionsOrCallback === 'function' && callback === undefined) { + callback = optionsOrCallback; + options = {}; + } + else { + options = optionsOrCallback as CallOptions; + } + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + this.initialize(); + return this.innerApiCalls.listImportJobs(request, options, callback); + } + +/** + * Equivalent to `method.name.toCamelCase()`, but returns a NodeJS Stream object. + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to list, in the format + * `projects/* /locations/* /keyRings/*`. + * @param {number} [request.pageSize] + * Optional. Optional limit on the number of {@link google.cloud.kms.v1.ImportJob|ImportJobs} to include in the + * response. Further {@link google.cloud.kms.v1.ImportJob|ImportJobs} can subsequently be obtained by + * including the {@link google.cloud.kms.v1.ListImportJobsResponse.next_page_token|ListImportJobsResponse.next_page_token} in a subsequent + * request. If unspecified, the server will pick an appropriate default. + * @param {string} [request.pageToken] + * Optional. Optional pagination token, returned earlier via + * {@link google.cloud.kms.v1.ListImportJobsResponse.next_page_token|ListImportJobsResponse.next_page_token}. + * @param {string} [request.filter] + * Optional. Only include resources that match the filter in the response. For + * more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {string} [request.orderBy] + * Optional. Specify how the results should be sorted. If not specified, the + * results will be sorted in the default order. For more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Stream} + * An object stream which emits an object representing [ImportJob]{@link google.cloud.kms.v1.ImportJob} on 'data' event. + * The client library will perform auto-pagination by default: it will call the API as many + * times as needed. Note that it can affect your quota. + * We recommend using `listImportJobsAsync()` + * method described below for async iteration which you can stop as needed. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + */ + listImportJobsStream( + request?: protos.google.cloud.kms.v1.IListImportJobsRequest, + options?: CallOptions): + Transform{ + request = request || {}; + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + const callSettings = new gax.CallSettings(options); + this.initialize(); + return this.descriptors.page.listImportJobs.createStream( + this.innerApiCalls.listImportJobs as gax.GaxCall, + request, + callSettings + ); + } + +/** + * Equivalent to `listImportJobs`, but returns an iterable object. + * + * `for`-`await`-`of` syntax is used with the iterable to get response elements on-demand. + * @param {Object} request + * The request object that will be sent. + * @param {string} request.parent + * Required. The resource name of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to list, in the format + * `projects/* /locations/* /keyRings/*`. + * @param {number} [request.pageSize] + * Optional. Optional limit on the number of {@link google.cloud.kms.v1.ImportJob|ImportJobs} to include in the + * response. Further {@link google.cloud.kms.v1.ImportJob|ImportJobs} can subsequently be obtained by + * including the {@link google.cloud.kms.v1.ListImportJobsResponse.next_page_token|ListImportJobsResponse.next_page_token} in a subsequent + * request. If unspecified, the server will pick an appropriate default. + * @param {string} [request.pageToken] + * Optional. Optional pagination token, returned earlier via + * {@link google.cloud.kms.v1.ListImportJobsResponse.next_page_token|ListImportJobsResponse.next_page_token}. + * @param {string} [request.filter] + * Optional. Only include resources that match the filter in the response. For + * more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {string} [request.orderBy] + * Optional. Specify how the results should be sorted. If not specified, the + * results will be sorted in the default order. For more information, see + * [Sorting and filtering list + * results](https://cloud.google.com/kms/docs/sorting-and-filtering). + * @param {object} [options] + * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. + * @returns {Object} + * An iterable Object that allows [async iteration](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols). + * When you iterate the returned iterable, each element will be an object representing + * [ImportJob]{@link google.cloud.kms.v1.ImportJob}. The API will be called under the hood as needed, once per the page, + * so you can stop the iteration when you don't need more results. + * Please see the + * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) + * for more details and examples. + * @example + * const iterable = client.listImportJobsAsync(request); + * for await (const response of iterable) { + * // process response + * } + */ + listImportJobsAsync( + request?: protos.google.cloud.kms.v1.IListImportJobsRequest, + options?: CallOptions): + AsyncIterable{ + request = request || {}; + options = options || {}; + options.otherArgs = options.otherArgs || {}; + options.otherArgs.headers = options.otherArgs.headers || {}; + options.otherArgs.headers[ + 'x-goog-request-params' + ] = gax.routingHeader.fromParams({ + 'parent': request.parent || '', + }); + options = options || {}; + const callSettings = new gax.CallSettings(options); + this.initialize(); + return this.descriptors.page.listImportJobs.asyncIterate( + this.innerApiCalls['listImportJobs'] as GaxCall, + request as unknown as RequestType, + callSettings + ) as AsyncIterable; + } +/** + * Gets the access control policy for a resource. Returns an empty policy + * if the resource exists and does not have a policy set. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.resource + * REQUIRED: The resource for which the policy is being requested. + * See the operation documentation for the appropriate value for this field. + * @param {Object} [request.options] + * OPTIONAL: A `GetPolicyOptions` object for specifying options to + * `GetIamPolicy`. This field is only used by Cloud IAM. + * + * This object should have the same structure as [GetPolicyOptions]{@link google.iam.v1.GetPolicyOptions} + * @param {Object} [options] + * Optional parameters. You can override the default settings for this call, e.g, timeout, + * retries, paginations, etc. See [gax.CallOptions]{@link https://googleapis.github.io/gax-nodejs/interfaces/CallOptions.html} for the details. + * @param {function(?Error, ?Object)} [callback] + * The function which will be called with the result of the API call. + * + * The second parameter to the callback is an object representing [Policy]{@link google.iam.v1.Policy}. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [Policy]{@link google.iam.v1.Policy}. + * The promise has a method named "cancel" which cancels the ongoing API call. + */ + getIamPolicy( + request: IamProtos.google.iam.v1.GetIamPolicyRequest, + options?: + | gax.CallOptions + | Callback< + IamProtos.google.iam.v1.Policy, + IamProtos.google.iam.v1.GetIamPolicyRequest | null | undefined, + {} | null | undefined + >, + callback?: Callback< + IamProtos.google.iam.v1.Policy, + IamProtos.google.iam.v1.GetIamPolicyRequest | null | undefined, + {} | null | undefined + > + ):Promise { + return this.iamClient.getIamPolicy(request, options, callback); + } + +/** + * Returns permissions that a caller has on the specified resource. If the + * resource does not exist, this will return an empty set of + * permissions, not a NOT_FOUND error. + * + * Note: This operation is designed to be used for building + * permission-aware UIs and command-line tools, not for authorization + * checking. This operation may "fail open" without warning. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.resource + * REQUIRED: The resource for which the policy detail is being requested. + * See the operation documentation for the appropriate value for this field. + * @param {string[]} request.permissions + * The set of permissions to check for the `resource`. Permissions with + * wildcards (such as '*' or 'storage.*') are not allowed. For more + * information see + * [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). + * @param {Object} [options] + * Optional parameters. You can override the default settings for this call, e.g, timeout, + * retries, paginations, etc. See [gax.CallOptions]{@link https://googleapis.github.io/gax-nodejs/interfaces/CallOptions.html} for the details. + * @param {function(?Error, ?Object)} [callback] + * The function which will be called with the result of the API call. + * + * The second parameter to the callback is an object representing [TestIamPermissionsResponse]{@link google.iam.v1.TestIamPermissionsResponse}. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [TestIamPermissionsResponse]{@link google.iam.v1.TestIamPermissionsResponse}. + * The promise has a method named "cancel" which cancels the ongoing API call. + */ + setIamPolicy( + request: IamProtos.google.iam.v1.SetIamPolicyRequest, + options?: + | gax.CallOptions + | Callback< + IamProtos.google.iam.v1.Policy, + IamProtos.google.iam.v1.SetIamPolicyRequest | null | undefined, + {} | null | undefined + >, + callback?: Callback< + IamProtos.google.iam.v1.Policy, + IamProtos.google.iam.v1.SetIamPolicyRequest | null | undefined, + {} | null | undefined + > + ):Promise { + return this.iamClient.setIamPolicy(request, options, callback); + } + +/** + * Returns permissions that a caller has on the specified resource. If the + * resource does not exist, this will return an empty set of + * permissions, not a NOT_FOUND error. + * + * Note: This operation is designed to be used for building + * permission-aware UIs and command-line tools, not for authorization + * checking. This operation may "fail open" without warning. + * + * @param {Object} request + * The request object that will be sent. + * @param {string} request.resource + * REQUIRED: The resource for which the policy detail is being requested. + * See the operation documentation for the appropriate value for this field. + * @param {string[]} request.permissions + * The set of permissions to check for the `resource`. Permissions with + * wildcards (such as '*' or 'storage.*') are not allowed. For more + * information see + * [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). + * @param {Object} [options] + * Optional parameters. You can override the default settings for this call, e.g, timeout, + * retries, paginations, etc. See [gax.CallOptions]{@link https://googleapis.github.io/gax-nodejs/interfaces/CallOptions.html} for the details. + * @param {function(?Error, ?Object)} [callback] + * The function which will be called with the result of the API call. + * + * The second parameter to the callback is an object representing [TestIamPermissionsResponse]{@link google.iam.v1.TestIamPermissionsResponse}. + * @returns {Promise} - The promise which resolves to an array. + * The first element of the array is an object representing [TestIamPermissionsResponse]{@link google.iam.v1.TestIamPermissionsResponse}. + * The promise has a method named "cancel" which cancels the ongoing API call. + * + */ + testIamPermissions( + request: IamProtos.google.iam.v1.TestIamPermissionsRequest, + options?: + | gax.CallOptions + | Callback< + IamProtos.google.iam.v1.TestIamPermissionsResponse, + IamProtos.google.iam.v1.TestIamPermissionsRequest | null | undefined, + {} | null | undefined + >, + callback?: Callback< + IamProtos.google.iam.v1.TestIamPermissionsResponse, + IamProtos.google.iam.v1.TestIamPermissionsRequest | null | undefined, + {} | null | undefined + > + ):Promise { + return this.iamClient.testIamPermissions(request, options, callback); + } + + // -------------------- + // -- Path templates -- + // -------------------- + + /** + * Return a fully-qualified cryptoKey resource name string. + * + * @param {string} project + * @param {string} location + * @param {string} key_ring + * @param {string} crypto_key + * @returns {string} Resource name string. + */ + cryptoKeyPath(project:string,location:string,keyRing:string,cryptoKey:string) { + return this.pathTemplates.cryptoKeyPathTemplate.render({ + project: project, + location: location, + key_ring: keyRing, + crypto_key: cryptoKey, + }); + } + + /** + * Parse the project from CryptoKey resource. + * + * @param {string} cryptoKeyName + * A fully-qualified path representing CryptoKey resource. + * @returns {string} A string representing the project. + */ + matchProjectFromCryptoKeyName(cryptoKeyName: string) { + return this.pathTemplates.cryptoKeyPathTemplate.match(cryptoKeyName).project; + } + + /** + * Parse the location from CryptoKey resource. + * + * @param {string} cryptoKeyName + * A fully-qualified path representing CryptoKey resource. + * @returns {string} A string representing the location. + */ + matchLocationFromCryptoKeyName(cryptoKeyName: string) { + return this.pathTemplates.cryptoKeyPathTemplate.match(cryptoKeyName).location; + } + + /** + * Parse the key_ring from CryptoKey resource. + * + * @param {string} cryptoKeyName + * A fully-qualified path representing CryptoKey resource. + * @returns {string} A string representing the key_ring. + */ + matchKeyRingFromCryptoKeyName(cryptoKeyName: string) { + return this.pathTemplates.cryptoKeyPathTemplate.match(cryptoKeyName).key_ring; + } + + /** + * Parse the crypto_key from CryptoKey resource. + * + * @param {string} cryptoKeyName + * A fully-qualified path representing CryptoKey resource. + * @returns {string} A string representing the crypto_key. + */ + matchCryptoKeyFromCryptoKeyName(cryptoKeyName: string) { + return this.pathTemplates.cryptoKeyPathTemplate.match(cryptoKeyName).crypto_key; + } + + /** + * Return a fully-qualified cryptoKeyVersion resource name string. + * + * @param {string} project + * @param {string} location + * @param {string} key_ring + * @param {string} crypto_key + * @param {string} crypto_key_version + * @returns {string} Resource name string. + */ + cryptoKeyVersionPath(project:string,location:string,keyRing:string,cryptoKey:string,cryptoKeyVersion:string) { + return this.pathTemplates.cryptoKeyVersionPathTemplate.render({ + project: project, + location: location, + key_ring: keyRing, + crypto_key: cryptoKey, + crypto_key_version: cryptoKeyVersion, + }); + } + + /** + * Parse the project from CryptoKeyVersion resource. + * + * @param {string} cryptoKeyVersionName + * A fully-qualified path representing CryptoKeyVersion resource. + * @returns {string} A string representing the project. + */ + matchProjectFromCryptoKeyVersionName(cryptoKeyVersionName: string) { + return this.pathTemplates.cryptoKeyVersionPathTemplate.match(cryptoKeyVersionName).project; + } + + /** + * Parse the location from CryptoKeyVersion resource. + * + * @param {string} cryptoKeyVersionName + * A fully-qualified path representing CryptoKeyVersion resource. + * @returns {string} A string representing the location. + */ + matchLocationFromCryptoKeyVersionName(cryptoKeyVersionName: string) { + return this.pathTemplates.cryptoKeyVersionPathTemplate.match(cryptoKeyVersionName).location; + } + + /** + * Parse the key_ring from CryptoKeyVersion resource. + * + * @param {string} cryptoKeyVersionName + * A fully-qualified path representing CryptoKeyVersion resource. + * @returns {string} A string representing the key_ring. + */ + matchKeyRingFromCryptoKeyVersionName(cryptoKeyVersionName: string) { + return this.pathTemplates.cryptoKeyVersionPathTemplate.match(cryptoKeyVersionName).key_ring; + } + + /** + * Parse the crypto_key from CryptoKeyVersion resource. + * + * @param {string} cryptoKeyVersionName + * A fully-qualified path representing CryptoKeyVersion resource. + * @returns {string} A string representing the crypto_key. + */ + matchCryptoKeyFromCryptoKeyVersionName(cryptoKeyVersionName: string) { + return this.pathTemplates.cryptoKeyVersionPathTemplate.match(cryptoKeyVersionName).crypto_key; + } + + /** + * Parse the crypto_key_version from CryptoKeyVersion resource. + * + * @param {string} cryptoKeyVersionName + * A fully-qualified path representing CryptoKeyVersion resource. + * @returns {string} A string representing the crypto_key_version. + */ + matchCryptoKeyVersionFromCryptoKeyVersionName(cryptoKeyVersionName: string) { + return this.pathTemplates.cryptoKeyVersionPathTemplate.match(cryptoKeyVersionName).crypto_key_version; + } + + /** + * Return a fully-qualified importJob resource name string. + * + * @param {string} project + * @param {string} location + * @param {string} key_ring + * @param {string} import_job + * @returns {string} Resource name string. + */ + importJobPath(project:string,location:string,keyRing:string,importJob:string) { + return this.pathTemplates.importJobPathTemplate.render({ + project: project, + location: location, + key_ring: keyRing, + import_job: importJob, + }); + } + + /** + * Parse the project from ImportJob resource. + * + * @param {string} importJobName + * A fully-qualified path representing ImportJob resource. + * @returns {string} A string representing the project. + */ + matchProjectFromImportJobName(importJobName: string) { + return this.pathTemplates.importJobPathTemplate.match(importJobName).project; + } + + /** + * Parse the location from ImportJob resource. + * + * @param {string} importJobName + * A fully-qualified path representing ImportJob resource. + * @returns {string} A string representing the location. + */ + matchLocationFromImportJobName(importJobName: string) { + return this.pathTemplates.importJobPathTemplate.match(importJobName).location; + } + + /** + * Parse the key_ring from ImportJob resource. + * + * @param {string} importJobName + * A fully-qualified path representing ImportJob resource. + * @returns {string} A string representing the key_ring. + */ + matchKeyRingFromImportJobName(importJobName: string) { + return this.pathTemplates.importJobPathTemplate.match(importJobName).key_ring; + } + + /** + * Parse the import_job from ImportJob resource. + * + * @param {string} importJobName + * A fully-qualified path representing ImportJob resource. + * @returns {string} A string representing the import_job. + */ + matchImportJobFromImportJobName(importJobName: string) { + return this.pathTemplates.importJobPathTemplate.match(importJobName).import_job; + } + + /** + * Return a fully-qualified keyRing resource name string. + * + * @param {string} project + * @param {string} location + * @param {string} key_ring + * @returns {string} Resource name string. + */ + keyRingPath(project:string,location:string,keyRing:string) { + return this.pathTemplates.keyRingPathTemplate.render({ + project: project, + location: location, + key_ring: keyRing, + }); + } + + /** + * Parse the project from KeyRing resource. + * + * @param {string} keyRingName + * A fully-qualified path representing KeyRing resource. + * @returns {string} A string representing the project. + */ + matchProjectFromKeyRingName(keyRingName: string) { + return this.pathTemplates.keyRingPathTemplate.match(keyRingName).project; + } + + /** + * Parse the location from KeyRing resource. + * + * @param {string} keyRingName + * A fully-qualified path representing KeyRing resource. + * @returns {string} A string representing the location. + */ + matchLocationFromKeyRingName(keyRingName: string) { + return this.pathTemplates.keyRingPathTemplate.match(keyRingName).location; + } + + /** + * Parse the key_ring from KeyRing resource. + * + * @param {string} keyRingName + * A fully-qualified path representing KeyRing resource. + * @returns {string} A string representing the key_ring. + */ + matchKeyRingFromKeyRingName(keyRingName: string) { + return this.pathTemplates.keyRingPathTemplate.match(keyRingName).key_ring; + } + + /** + * Return a fully-qualified location resource name string. + * + * @param {string} project + * @param {string} location + * @returns {string} Resource name string. + */ + locationPath(project:string,location:string) { + return this.pathTemplates.locationPathTemplate.render({ + project: project, + location: location, + }); + } + + /** + * Parse the project from Location resource. + * + * @param {string} locationName + * A fully-qualified path representing Location resource. + * @returns {string} A string representing the project. + */ + matchProjectFromLocationName(locationName: string) { + return this.pathTemplates.locationPathTemplate.match(locationName).project; + } + + /** + * Parse the location from Location resource. + * + * @param {string} locationName + * A fully-qualified path representing Location resource. + * @returns {string} A string representing the location. + */ + matchLocationFromLocationName(locationName: string) { + return this.pathTemplates.locationPathTemplate.match(locationName).location; + } + + /** + * Return a fully-qualified publicKey resource name string. + * + * @param {string} project + * @param {string} location + * @param {string} key_ring + * @param {string} crypto_key + * @param {string} crypto_key_version + * @returns {string} Resource name string. + */ + publicKeyPath(project:string,location:string,keyRing:string,cryptoKey:string,cryptoKeyVersion:string) { + return this.pathTemplates.publicKeyPathTemplate.render({ + project: project, + location: location, + key_ring: keyRing, + crypto_key: cryptoKey, + crypto_key_version: cryptoKeyVersion, + }); + } + + /** + * Parse the project from PublicKey resource. + * + * @param {string} publicKeyName + * A fully-qualified path representing PublicKey resource. + * @returns {string} A string representing the project. + */ + matchProjectFromPublicKeyName(publicKeyName: string) { + return this.pathTemplates.publicKeyPathTemplate.match(publicKeyName).project; + } + + /** + * Parse the location from PublicKey resource. + * + * @param {string} publicKeyName + * A fully-qualified path representing PublicKey resource. + * @returns {string} A string representing the location. + */ + matchLocationFromPublicKeyName(publicKeyName: string) { + return this.pathTemplates.publicKeyPathTemplate.match(publicKeyName).location; + } + + /** + * Parse the key_ring from PublicKey resource. + * + * @param {string} publicKeyName + * A fully-qualified path representing PublicKey resource. + * @returns {string} A string representing the key_ring. + */ + matchKeyRingFromPublicKeyName(publicKeyName: string) { + return this.pathTemplates.publicKeyPathTemplate.match(publicKeyName).key_ring; + } + + /** + * Parse the crypto_key from PublicKey resource. + * + * @param {string} publicKeyName + * A fully-qualified path representing PublicKey resource. + * @returns {string} A string representing the crypto_key. + */ + matchCryptoKeyFromPublicKeyName(publicKeyName: string) { + return this.pathTemplates.publicKeyPathTemplate.match(publicKeyName).crypto_key; + } + + /** + * Parse the crypto_key_version from PublicKey resource. + * + * @param {string} publicKeyName + * A fully-qualified path representing PublicKey resource. + * @returns {string} A string representing the crypto_key_version. + */ + matchCryptoKeyVersionFromPublicKeyName(publicKeyName: string) { + return this.pathTemplates.publicKeyPathTemplate.match(publicKeyName).crypto_key_version; + } + + /** + * Terminate the gRPC channel and close the client. + * + * The client will no longer be usable and all future behavior is undefined. + * @returns {Promise} A promise that resolves when the client is closed. + */ + close(): Promise { + this.initialize(); + if (!this._terminated) { + return this.keyManagementServiceStub!.then(stub => { + this._terminated = true; + stub.close(); + this.iamClient.close(); + }); + } + return Promise.resolve(); + } +} diff --git a/owl-bot-staging/v1/src/v1/key_management_service_client_config.json b/owl-bot-staging/v1/src/v1/key_management_service_client_config.json new file mode 100644 index 00000000..15426292 --- /dev/null +++ b/owl-bot-staging/v1/src/v1/key_management_service_client_config.json @@ -0,0 +1,153 @@ +{ + "interfaces": { + "google.cloud.kms.v1.KeyManagementService": { + "retry_codes": { + "non_idempotent": [], + "idempotent": [ + "DEADLINE_EXCEEDED", + "UNAVAILABLE" + ] + }, + "retry_params": { + "default": { + "initial_retry_delay_millis": 100, + "retry_delay_multiplier": 1.3, + "max_retry_delay_millis": 60000, + "initial_rpc_timeout_millis": 60000, + "rpc_timeout_multiplier": 1, + "max_rpc_timeout_millis": 60000, + "total_timeout_millis": 600000 + } + }, + "methods": { + "ListKeyRings": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "ListCryptoKeys": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "ListCryptoKeyVersions": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "ListImportJobs": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "GetKeyRing": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "GetCryptoKey": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "GetCryptoKeyVersion": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "GetPublicKey": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "GetImportJob": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "CreateKeyRing": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "CreateCryptoKey": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "CreateCryptoKeyVersion": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default" + }, + "ImportCryptoKeyVersion": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default" + }, + "CreateImportJob": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "UpdateCryptoKey": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "UpdateCryptoKeyVersion": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "UpdateCryptoKeyPrimaryVersion": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "DestroyCryptoKeyVersion": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "RestoreCryptoKeyVersion": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "Encrypt": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "Decrypt": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "AsymmetricSign": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "AsymmetricDecrypt": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default" + }, + "MacSign": { + "retry_codes_name": "non_idempotent", + "retry_params_name": "default" + }, + "MacVerify": { + "retry_codes_name": "non_idempotent", + "retry_params_name": "default" + }, + "GenerateRandomBytes": { + "retry_codes_name": "non_idempotent", + "retry_params_name": "default" + } + } + } + } +} diff --git a/owl-bot-staging/v1/src/v1/key_management_service_proto_list.json b/owl-bot-staging/v1/src/v1/key_management_service_proto_list.json new file mode 100644 index 00000000..b7e20599 --- /dev/null +++ b/owl-bot-staging/v1/src/v1/key_management_service_proto_list.json @@ -0,0 +1,4 @@ +[ + "../../protos/google/cloud/kms/v1/resources.proto", + "../../protos/google/cloud/kms/v1/service.proto" +] diff --git a/owl-bot-staging/v1/system-test/fixtures/sample/src/index.js b/owl-bot-staging/v1/system-test/fixtures/sample/src/index.js new file mode 100644 index 00000000..02b65ac2 --- /dev/null +++ b/owl-bot-staging/v1/system-test/fixtures/sample/src/index.js @@ -0,0 +1,27 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + + +/* eslint-disable node/no-missing-require, no-unused-vars */ +const kms = require('@google-cloud/kms'); + +function main() { + const keyManagementServiceClient = new kms.KeyManagementServiceClient(); +} + +main(); diff --git a/owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts b/owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts new file mode 100644 index 00000000..bbefa665 --- /dev/null +++ b/owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts @@ -0,0 +1,32 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import {KeyManagementServiceClient} from '@google-cloud/kms'; + +// check that the client class type name can be used +function doStuffWithKeyManagementServiceClient(client: KeyManagementServiceClient) { + client.close(); +} + +function main() { + // check that the client instance can be created + const keyManagementServiceClient = new KeyManagementServiceClient(); + doStuffWithKeyManagementServiceClient(keyManagementServiceClient); +} + +main(); diff --git a/owl-bot-staging/v1/system-test/install.ts b/owl-bot-staging/v1/system-test/install.ts new file mode 100644 index 00000000..1f850b52 --- /dev/null +++ b/owl-bot-staging/v1/system-test/install.ts @@ -0,0 +1,49 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import { packNTest } from 'pack-n-play'; +import { readFileSync } from 'fs'; +import { describe, it } from 'mocha'; + +describe('📦 pack-n-play test', () => { + + it('TypeScript code', async function() { + this.timeout(300000); + const options = { + packageDir: process.cwd(), + sample: { + description: 'TypeScript user can use the type definitions', + ts: readFileSync('./system-test/fixtures/sample/src/index.ts').toString() + } + }; + await packNTest(options); + }); + + it('JavaScript code', async function() { + this.timeout(300000); + const options = { + packageDir: process.cwd(), + sample: { + description: 'JavaScript user can use the library', + ts: readFileSync('./system-test/fixtures/sample/src/index.js').toString() + } + }; + await packNTest(options); + }); + +}); diff --git a/owl-bot-staging/v1/test/gapic_key_management_service_v1.ts b/owl-bot-staging/v1/test/gapic_key_management_service_v1.ts new file mode 100644 index 00000000..fc5b613f --- /dev/null +++ b/owl-bot-staging/v1/test/gapic_key_management_service_v1.ts @@ -0,0 +1,3508 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// ** This file is automatically generated by gapic-generator-typescript. ** +// ** https://github.com/googleapis/gapic-generator-typescript ** +// ** All changes to this file may be overwritten. ** + +import * as protos from '../protos/protos'; +import * as assert from 'assert'; +import * as sinon from 'sinon'; +import {SinonStub} from 'sinon'; +import { describe, it } from 'mocha'; +import * as keymanagementserviceModule from '../src'; + +import {PassThrough} from 'stream'; + +import {protobuf, IamProtos} from 'google-gax'; + +function generateSampleMessage(instance: T) { + const filledObject = (instance.constructor as typeof protobuf.Message) + .toObject(instance as protobuf.Message, {defaults: true}); + return (instance.constructor as typeof protobuf.Message).fromObject(filledObject) as T; +} + +function stubSimpleCall(response?: ResponseType, error?: Error) { + return error ? sinon.stub().rejects(error) : sinon.stub().resolves([response]); +} + +function stubSimpleCallWithCallback(response?: ResponseType, error?: Error) { + return error ? sinon.stub().callsArgWith(2, error) : sinon.stub().callsArgWith(2, null, response); +} + +function stubPageStreamingCall(responses?: ResponseType[], error?: Error) { + const pagingStub = sinon.stub(); + if (responses) { + for (let i = 0; i < responses.length; ++i) { + pagingStub.onCall(i).callsArgWith(2, null, responses[i]); + } + } + const transformStub = error ? sinon.stub().callsArgWith(2, error) : pagingStub; + const mockStream = new PassThrough({ + objectMode: true, + transform: transformStub, + }); + // trigger as many responses as needed + if (responses) { + for (let i = 0; i < responses.length; ++i) { + setImmediate(() => { mockStream.write({}); }); + } + setImmediate(() => { mockStream.end(); }); + } else { + setImmediate(() => { mockStream.write({}); }); + setImmediate(() => { mockStream.end(); }); + } + return sinon.stub().returns(mockStream); +} + +function stubAsyncIterationCall(responses?: ResponseType[], error?: Error) { + let counter = 0; + const asyncIterable = { + [Symbol.asyncIterator]() { + return { + async next() { + if (error) { + return Promise.reject(error); + } + if (counter >= responses!.length) { + return Promise.resolve({done: true, value: undefined}); + } + return Promise.resolve({done: false, value: responses![counter++]}); + } + }; + } + }; + return sinon.stub().returns(asyncIterable); +} + +describe('v1.KeyManagementServiceClient', () => { + it('has servicePath', () => { + const servicePath = keymanagementserviceModule.v1.KeyManagementServiceClient.servicePath; + assert(servicePath); + }); + + it('has apiEndpoint', () => { + const apiEndpoint = keymanagementserviceModule.v1.KeyManagementServiceClient.apiEndpoint; + assert(apiEndpoint); + }); + + it('has port', () => { + const port = keymanagementserviceModule.v1.KeyManagementServiceClient.port; + assert(port); + assert(typeof port === 'number'); + }); + + it('should create a client with no option', () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient(); + assert(client); + }); + + it('should create a client with gRPC fallback', () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + fallback: true, + }); + assert(client); + }); + + it('has initialize method and supports deferred initialization', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + assert.strictEqual(client.keyManagementServiceStub, undefined); + await client.initialize(); + assert(client.keyManagementServiceStub); + }); + + it('has close method', () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.close(); + }); + + it('has getProjectId method', async () => { + const fakeProjectId = 'fake-project-id'; + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.auth.getProjectId = sinon.stub().resolves(fakeProjectId); + const result = await client.getProjectId(); + assert.strictEqual(result, fakeProjectId); + assert((client.auth.getProjectId as SinonStub).calledWithExactly()); + }); + + it('has getProjectId method with callback', async () => { + const fakeProjectId = 'fake-project-id'; + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.auth.getProjectId = sinon.stub().callsArgWith(0, null, fakeProjectId); + const promise = new Promise((resolve, reject) => { + client.getProjectId((err?: Error|null, projectId?: string|null) => { + if (err) { + reject(err); + } else { + resolve(projectId); + } + }); + }); + const result = await promise; + assert.strictEqual(result, fakeProjectId); + }); + + describe('getKeyRing', () => { + it('invokes getKeyRing without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetKeyRingRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()); + client.innerApiCalls.getKeyRing = stubSimpleCall(expectedResponse); + const [response] = await client.getKeyRing(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getKeyRing as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getKeyRing without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetKeyRingRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()); + client.innerApiCalls.getKeyRing = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.getKeyRing( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IKeyRing|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getKeyRing as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes getKeyRing with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetKeyRingRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.getKeyRing = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.getKeyRing(request), expectedError); + assert((client.innerApiCalls.getKeyRing as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('getCryptoKey', () => { + it('invokes getCryptoKey without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetCryptoKeyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); + client.innerApiCalls.getCryptoKey = stubSimpleCall(expectedResponse); + const [response] = await client.getCryptoKey(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getCryptoKey as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getCryptoKey without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetCryptoKeyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); + client.innerApiCalls.getCryptoKey = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.getCryptoKey( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKey|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getCryptoKey as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes getCryptoKey with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetCryptoKeyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.getCryptoKey = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.getCryptoKey(request), expectedError); + assert((client.innerApiCalls.getCryptoKey as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('getCryptoKeyVersion', () => { + it('invokes getCryptoKeyVersion without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetCryptoKeyVersionRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); + client.innerApiCalls.getCryptoKeyVersion = stubSimpleCall(expectedResponse); + const [response] = await client.getCryptoKeyVersion(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getCryptoKeyVersion without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetCryptoKeyVersionRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); + client.innerApiCalls.getCryptoKeyVersion = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.getCryptoKeyVersion( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes getCryptoKeyVersion with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetCryptoKeyVersionRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.getCryptoKeyVersion = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.getCryptoKeyVersion(request), expectedError); + assert((client.innerApiCalls.getCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('getPublicKey', () => { + it('invokes getPublicKey without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetPublicKeyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.PublicKey()); + client.innerApiCalls.getPublicKey = stubSimpleCall(expectedResponse); + const [response] = await client.getPublicKey(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getPublicKey as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getPublicKey without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetPublicKeyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.PublicKey()); + client.innerApiCalls.getPublicKey = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.getPublicKey( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IPublicKey|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getPublicKey as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes getPublicKey with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetPublicKeyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.getPublicKey = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.getPublicKey(request), expectedError); + assert((client.innerApiCalls.getPublicKey as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('getImportJob', () => { + it('invokes getImportJob without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetImportJobRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()); + client.innerApiCalls.getImportJob = stubSimpleCall(expectedResponse); + const [response] = await client.getImportJob(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getImportJob as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes getImportJob without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetImportJobRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()); + client.innerApiCalls.getImportJob = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.getImportJob( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IImportJob|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.getImportJob as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes getImportJob with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetImportJobRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.getImportJob = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.getImportJob(request), expectedError); + assert((client.innerApiCalls.getImportJob as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('createKeyRing', () => { + it('invokes createKeyRing without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateKeyRingRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()); + client.innerApiCalls.createKeyRing = stubSimpleCall(expectedResponse); + const [response] = await client.createKeyRing(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.createKeyRing as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes createKeyRing without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateKeyRingRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()); + client.innerApiCalls.createKeyRing = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.createKeyRing( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IKeyRing|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.createKeyRing as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes createKeyRing with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateKeyRingRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.createKeyRing = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.createKeyRing(request), expectedError); + assert((client.innerApiCalls.createKeyRing as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('createCryptoKey', () => { + it('invokes createCryptoKey without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateCryptoKeyRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); + client.innerApiCalls.createCryptoKey = stubSimpleCall(expectedResponse); + const [response] = await client.createCryptoKey(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.createCryptoKey as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes createCryptoKey without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateCryptoKeyRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); + client.innerApiCalls.createCryptoKey = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.createCryptoKey( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKey|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.createCryptoKey as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes createCryptoKey with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateCryptoKeyRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.createCryptoKey = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.createCryptoKey(request), expectedError); + assert((client.innerApiCalls.createCryptoKey as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('createCryptoKeyVersion', () => { + it('invokes createCryptoKeyVersion without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateCryptoKeyVersionRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); + client.innerApiCalls.createCryptoKeyVersion = stubSimpleCall(expectedResponse); + const [response] = await client.createCryptoKeyVersion(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.createCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes createCryptoKeyVersion without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateCryptoKeyVersionRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); + client.innerApiCalls.createCryptoKeyVersion = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.createCryptoKeyVersion( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.createCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes createCryptoKeyVersion with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateCryptoKeyVersionRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.createCryptoKeyVersion = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.createCryptoKeyVersion(request), expectedError); + assert((client.innerApiCalls.createCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('importCryptoKeyVersion', () => { + it('invokes importCryptoKeyVersion without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ImportCryptoKeyVersionRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); + client.innerApiCalls.importCryptoKeyVersion = stubSimpleCall(expectedResponse); + const [response] = await client.importCryptoKeyVersion(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.importCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes importCryptoKeyVersion without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ImportCryptoKeyVersionRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); + client.innerApiCalls.importCryptoKeyVersion = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.importCryptoKeyVersion( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.importCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes importCryptoKeyVersion with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ImportCryptoKeyVersionRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.importCryptoKeyVersion = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.importCryptoKeyVersion(request), expectedError); + assert((client.innerApiCalls.importCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('createImportJob', () => { + it('invokes createImportJob without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateImportJobRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()); + client.innerApiCalls.createImportJob = stubSimpleCall(expectedResponse); + const [response] = await client.createImportJob(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.createImportJob as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes createImportJob without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateImportJobRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()); + client.innerApiCalls.createImportJob = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.createImportJob( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IImportJob|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.createImportJob as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes createImportJob with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateImportJobRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.createImportJob = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.createImportJob(request), expectedError); + assert((client.innerApiCalls.createImportJob as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('updateCryptoKey', () => { + it('invokes updateCryptoKey without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyRequest()); + request.cryptoKey = {}; + request.cryptoKey.name = ''; + const expectedHeaderRequestParams = "crypto_key.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); + client.innerApiCalls.updateCryptoKey = stubSimpleCall(expectedResponse); + const [response] = await client.updateCryptoKey(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updateCryptoKey as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes updateCryptoKey without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyRequest()); + request.cryptoKey = {}; + request.cryptoKey.name = ''; + const expectedHeaderRequestParams = "crypto_key.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); + client.innerApiCalls.updateCryptoKey = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.updateCryptoKey( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKey|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updateCryptoKey as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes updateCryptoKey with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyRequest()); + request.cryptoKey = {}; + request.cryptoKey.name = ''; + const expectedHeaderRequestParams = "crypto_key.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.updateCryptoKey = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.updateCryptoKey(request), expectedError); + assert((client.innerApiCalls.updateCryptoKey as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('updateCryptoKeyVersion', () => { + it('invokes updateCryptoKeyVersion without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyVersionRequest()); + request.cryptoKeyVersion = {}; + request.cryptoKeyVersion.name = ''; + const expectedHeaderRequestParams = "crypto_key_version.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); + client.innerApiCalls.updateCryptoKeyVersion = stubSimpleCall(expectedResponse); + const [response] = await client.updateCryptoKeyVersion(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updateCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes updateCryptoKeyVersion without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyVersionRequest()); + request.cryptoKeyVersion = {}; + request.cryptoKeyVersion.name = ''; + const expectedHeaderRequestParams = "crypto_key_version.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); + client.innerApiCalls.updateCryptoKeyVersion = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.updateCryptoKeyVersion( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updateCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes updateCryptoKeyVersion with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyVersionRequest()); + request.cryptoKeyVersion = {}; + request.cryptoKeyVersion.name = ''; + const expectedHeaderRequestParams = "crypto_key_version.name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.updateCryptoKeyVersion = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.updateCryptoKeyVersion(request), expectedError); + assert((client.innerApiCalls.updateCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('updateCryptoKeyPrimaryVersion', () => { + it('invokes updateCryptoKeyPrimaryVersion without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyPrimaryVersionRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); + client.innerApiCalls.updateCryptoKeyPrimaryVersion = stubSimpleCall(expectedResponse); + const [response] = await client.updateCryptoKeyPrimaryVersion(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updateCryptoKeyPrimaryVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes updateCryptoKeyPrimaryVersion without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyPrimaryVersionRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); + client.innerApiCalls.updateCryptoKeyPrimaryVersion = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.updateCryptoKeyPrimaryVersion( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKey|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.updateCryptoKeyPrimaryVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes updateCryptoKeyPrimaryVersion with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyPrimaryVersionRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.updateCryptoKeyPrimaryVersion = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.updateCryptoKeyPrimaryVersion(request), expectedError); + assert((client.innerApiCalls.updateCryptoKeyPrimaryVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('destroyCryptoKeyVersion', () => { + it('invokes destroyCryptoKeyVersion without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.DestroyCryptoKeyVersionRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); + client.innerApiCalls.destroyCryptoKeyVersion = stubSimpleCall(expectedResponse); + const [response] = await client.destroyCryptoKeyVersion(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.destroyCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes destroyCryptoKeyVersion without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.DestroyCryptoKeyVersionRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); + client.innerApiCalls.destroyCryptoKeyVersion = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.destroyCryptoKeyVersion( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.destroyCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes destroyCryptoKeyVersion with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.DestroyCryptoKeyVersionRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.destroyCryptoKeyVersion = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.destroyCryptoKeyVersion(request), expectedError); + assert((client.innerApiCalls.destroyCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('restoreCryptoKeyVersion', () => { + it('invokes restoreCryptoKeyVersion without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.RestoreCryptoKeyVersionRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); + client.innerApiCalls.restoreCryptoKeyVersion = stubSimpleCall(expectedResponse); + const [response] = await client.restoreCryptoKeyVersion(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.restoreCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes restoreCryptoKeyVersion without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.RestoreCryptoKeyVersionRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); + client.innerApiCalls.restoreCryptoKeyVersion = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.restoreCryptoKeyVersion( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.restoreCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes restoreCryptoKeyVersion with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.RestoreCryptoKeyVersionRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.restoreCryptoKeyVersion = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.restoreCryptoKeyVersion(request), expectedError); + assert((client.innerApiCalls.restoreCryptoKeyVersion as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('encrypt', () => { + it('invokes encrypt without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.EncryptRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.EncryptResponse()); + client.innerApiCalls.encrypt = stubSimpleCall(expectedResponse); + const [response] = await client.encrypt(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.encrypt as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes encrypt without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.EncryptRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.EncryptResponse()); + client.innerApiCalls.encrypt = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.encrypt( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IEncryptResponse|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.encrypt as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes encrypt with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.EncryptRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.encrypt = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.encrypt(request), expectedError); + assert((client.innerApiCalls.encrypt as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('decrypt', () => { + it('invokes decrypt without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.DecryptRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.DecryptResponse()); + client.innerApiCalls.decrypt = stubSimpleCall(expectedResponse); + const [response] = await client.decrypt(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.decrypt as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes decrypt without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.DecryptRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.DecryptResponse()); + client.innerApiCalls.decrypt = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.decrypt( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IDecryptResponse|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.decrypt as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes decrypt with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.DecryptRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.decrypt = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.decrypt(request), expectedError); + assert((client.innerApiCalls.decrypt as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('asymmetricSign', () => { + it('invokes asymmetricSign without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricSignRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricSignResponse()); + client.innerApiCalls.asymmetricSign = stubSimpleCall(expectedResponse); + const [response] = await client.asymmetricSign(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.asymmetricSign as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes asymmetricSign without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricSignRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricSignResponse()); + client.innerApiCalls.asymmetricSign = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.asymmetricSign( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IAsymmetricSignResponse|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.asymmetricSign as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes asymmetricSign with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricSignRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.asymmetricSign = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.asymmetricSign(request), expectedError); + assert((client.innerApiCalls.asymmetricSign as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('asymmetricDecrypt', () => { + it('invokes asymmetricDecrypt without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricDecryptRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricDecryptResponse()); + client.innerApiCalls.asymmetricDecrypt = stubSimpleCall(expectedResponse); + const [response] = await client.asymmetricDecrypt(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.asymmetricDecrypt as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes asymmetricDecrypt without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricDecryptRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricDecryptResponse()); + client.innerApiCalls.asymmetricDecrypt = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.asymmetricDecrypt( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IAsymmetricDecryptResponse|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.asymmetricDecrypt as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes asymmetricDecrypt with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricDecryptRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.asymmetricDecrypt = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.asymmetricDecrypt(request), expectedError); + assert((client.innerApiCalls.asymmetricDecrypt as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('macSign', () => { + it('invokes macSign without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.MacSignRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.MacSignResponse()); + client.innerApiCalls.macSign = stubSimpleCall(expectedResponse); + const [response] = await client.macSign(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.macSign as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes macSign without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.MacSignRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.MacSignResponse()); + client.innerApiCalls.macSign = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.macSign( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IMacSignResponse|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.macSign as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes macSign with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.MacSignRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.macSign = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.macSign(request), expectedError); + assert((client.innerApiCalls.macSign as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('macVerify', () => { + it('invokes macVerify without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.MacVerifyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.MacVerifyResponse()); + client.innerApiCalls.macVerify = stubSimpleCall(expectedResponse); + const [response] = await client.macVerify(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.macVerify as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes macVerify without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.MacVerifyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.MacVerifyResponse()); + client.innerApiCalls.macVerify = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.macVerify( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IMacVerifyResponse|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.macVerify as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes macVerify with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.MacVerifyRequest()); + request.name = ''; + const expectedHeaderRequestParams = "name="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.macVerify = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.macVerify(request), expectedError); + assert((client.innerApiCalls.macVerify as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('generateRandomBytes', () => { + it('invokes generateRandomBytes without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GenerateRandomBytesRequest()); + request.location = ''; + const expectedHeaderRequestParams = "location="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.GenerateRandomBytesResponse()); + client.innerApiCalls.generateRandomBytes = stubSimpleCall(expectedResponse); + const [response] = await client.generateRandomBytes(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.generateRandomBytes as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes generateRandomBytes without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GenerateRandomBytesRequest()); + request.location = ''; + const expectedHeaderRequestParams = "location="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.GenerateRandomBytesResponse()); + client.innerApiCalls.generateRandomBytes = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.generateRandomBytes( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IGenerateRandomBytesResponse|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.generateRandomBytes as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes generateRandomBytes with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.GenerateRandomBytesRequest()); + request.location = ''; + const expectedHeaderRequestParams = "location="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.generateRandomBytes = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.generateRandomBytes(request), expectedError); + assert((client.innerApiCalls.generateRandomBytes as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('listKeyRings', () => { + it('invokes listKeyRings without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), + generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), + generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), + ]; + client.innerApiCalls.listKeyRings = stubSimpleCall(expectedResponse); + const [response] = await client.listKeyRings(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.listKeyRings as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes listKeyRings without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), + generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), + generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), + ]; + client.innerApiCalls.listKeyRings = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.listKeyRings( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IKeyRing[]|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.listKeyRings as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes listKeyRings with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.listKeyRings = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.listKeyRings(request), expectedError); + assert((client.innerApiCalls.listKeyRings as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes listKeyRingsStream without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), + generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), + generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), + ]; + client.descriptors.page.listKeyRings.createStream = stubPageStreamingCall(expectedResponse); + const stream = client.listKeyRingsStream(request); + const promise = new Promise((resolve, reject) => { + const responses: protos.google.cloud.kms.v1.KeyRing[] = []; + stream.on('data', (response: protos.google.cloud.kms.v1.KeyRing) => { + responses.push(response); + }); + stream.on('end', () => { + resolve(responses); + }); + stream.on('error', (err: Error) => { + reject(err); + }); + }); + const responses = await promise; + assert.deepStrictEqual(responses, expectedResponse); + assert((client.descriptors.page.listKeyRings.createStream as SinonStub) + .getCall(0).calledWith(client.innerApiCalls.listKeyRings, request)); + assert.strictEqual( + (client.descriptors.page.listKeyRings.createStream as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('invokes listKeyRingsStream with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedError = new Error('expected'); + client.descriptors.page.listKeyRings.createStream = stubPageStreamingCall(undefined, expectedError); + const stream = client.listKeyRingsStream(request); + const promise = new Promise((resolve, reject) => { + const responses: protos.google.cloud.kms.v1.KeyRing[] = []; + stream.on('data', (response: protos.google.cloud.kms.v1.KeyRing) => { + responses.push(response); + }); + stream.on('end', () => { + resolve(responses); + }); + stream.on('error', (err: Error) => { + reject(err); + }); + }); + await assert.rejects(promise, expectedError); + assert((client.descriptors.page.listKeyRings.createStream as SinonStub) + .getCall(0).calledWith(client.innerApiCalls.listKeyRings, request)); + assert.strictEqual( + (client.descriptors.page.listKeyRings.createStream as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('uses async iteration with listKeyRings without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), + generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), + generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), + ]; + client.descriptors.page.listKeyRings.asyncIterate = stubAsyncIterationCall(expectedResponse); + const responses: protos.google.cloud.kms.v1.IKeyRing[] = []; + const iterable = client.listKeyRingsAsync(request); + for await (const resource of iterable) { + responses.push(resource!); + } + assert.deepStrictEqual(responses, expectedResponse); + assert.deepStrictEqual( + (client.descriptors.page.listKeyRings.asyncIterate as SinonStub) + .getCall(0).args[1], request); + assert.strictEqual( + (client.descriptors.page.listKeyRings.asyncIterate as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('uses async iteration with listKeyRings with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent=";const expectedError = new Error('expected'); + client.descriptors.page.listKeyRings.asyncIterate = stubAsyncIterationCall(undefined, expectedError); + const iterable = client.listKeyRingsAsync(request); + await assert.rejects(async () => { + const responses: protos.google.cloud.kms.v1.IKeyRing[] = []; + for await (const resource of iterable) { + responses.push(resource!); + } + }); + assert.deepStrictEqual( + (client.descriptors.page.listKeyRings.asyncIterate as SinonStub) + .getCall(0).args[1], request); + assert.strictEqual( + (client.descriptors.page.listKeyRings.asyncIterate as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + }); + + describe('listCryptoKeys', () => { + it('invokes listCryptoKeys without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), + ]; + client.innerApiCalls.listCryptoKeys = stubSimpleCall(expectedResponse); + const [response] = await client.listCryptoKeys(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.listCryptoKeys as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes listCryptoKeys without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), + ]; + client.innerApiCalls.listCryptoKeys = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.listCryptoKeys( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKey[]|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.listCryptoKeys as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes listCryptoKeys with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.listCryptoKeys = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.listCryptoKeys(request), expectedError); + assert((client.innerApiCalls.listCryptoKeys as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes listCryptoKeysStream without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), + ]; + client.descriptors.page.listCryptoKeys.createStream = stubPageStreamingCall(expectedResponse); + const stream = client.listCryptoKeysStream(request); + const promise = new Promise((resolve, reject) => { + const responses: protos.google.cloud.kms.v1.CryptoKey[] = []; + stream.on('data', (response: protos.google.cloud.kms.v1.CryptoKey) => { + responses.push(response); + }); + stream.on('end', () => { + resolve(responses); + }); + stream.on('error', (err: Error) => { + reject(err); + }); + }); + const responses = await promise; + assert.deepStrictEqual(responses, expectedResponse); + assert((client.descriptors.page.listCryptoKeys.createStream as SinonStub) + .getCall(0).calledWith(client.innerApiCalls.listCryptoKeys, request)); + assert.strictEqual( + (client.descriptors.page.listCryptoKeys.createStream as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('invokes listCryptoKeysStream with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedError = new Error('expected'); + client.descriptors.page.listCryptoKeys.createStream = stubPageStreamingCall(undefined, expectedError); + const stream = client.listCryptoKeysStream(request); + const promise = new Promise((resolve, reject) => { + const responses: protos.google.cloud.kms.v1.CryptoKey[] = []; + stream.on('data', (response: protos.google.cloud.kms.v1.CryptoKey) => { + responses.push(response); + }); + stream.on('end', () => { + resolve(responses); + }); + stream.on('error', (err: Error) => { + reject(err); + }); + }); + await assert.rejects(promise, expectedError); + assert((client.descriptors.page.listCryptoKeys.createStream as SinonStub) + .getCall(0).calledWith(client.innerApiCalls.listCryptoKeys, request)); + assert.strictEqual( + (client.descriptors.page.listCryptoKeys.createStream as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('uses async iteration with listCryptoKeys without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), + ]; + client.descriptors.page.listCryptoKeys.asyncIterate = stubAsyncIterationCall(expectedResponse); + const responses: protos.google.cloud.kms.v1.ICryptoKey[] = []; + const iterable = client.listCryptoKeysAsync(request); + for await (const resource of iterable) { + responses.push(resource!); + } + assert.deepStrictEqual(responses, expectedResponse); + assert.deepStrictEqual( + (client.descriptors.page.listCryptoKeys.asyncIterate as SinonStub) + .getCall(0).args[1], request); + assert.strictEqual( + (client.descriptors.page.listCryptoKeys.asyncIterate as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('uses async iteration with listCryptoKeys with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent=";const expectedError = new Error('expected'); + client.descriptors.page.listCryptoKeys.asyncIterate = stubAsyncIterationCall(undefined, expectedError); + const iterable = client.listCryptoKeysAsync(request); + await assert.rejects(async () => { + const responses: protos.google.cloud.kms.v1.ICryptoKey[] = []; + for await (const resource of iterable) { + responses.push(resource!); + } + }); + assert.deepStrictEqual( + (client.descriptors.page.listCryptoKeys.asyncIterate as SinonStub) + .getCall(0).args[1], request); + assert.strictEqual( + (client.descriptors.page.listCryptoKeys.asyncIterate as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + }); + + describe('listCryptoKeyVersions', () => { + it('invokes listCryptoKeyVersions without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), + ]; + client.innerApiCalls.listCryptoKeyVersions = stubSimpleCall(expectedResponse); + const [response] = await client.listCryptoKeyVersions(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.listCryptoKeyVersions as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes listCryptoKeyVersions without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), + ]; + client.innerApiCalls.listCryptoKeyVersions = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.listCryptoKeyVersions( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion[]|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.listCryptoKeyVersions as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes listCryptoKeyVersions with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.listCryptoKeyVersions = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.listCryptoKeyVersions(request), expectedError); + assert((client.innerApiCalls.listCryptoKeyVersions as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes listCryptoKeyVersionsStream without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), + ]; + client.descriptors.page.listCryptoKeyVersions.createStream = stubPageStreamingCall(expectedResponse); + const stream = client.listCryptoKeyVersionsStream(request); + const promise = new Promise((resolve, reject) => { + const responses: protos.google.cloud.kms.v1.CryptoKeyVersion[] = []; + stream.on('data', (response: protos.google.cloud.kms.v1.CryptoKeyVersion) => { + responses.push(response); + }); + stream.on('end', () => { + resolve(responses); + }); + stream.on('error', (err: Error) => { + reject(err); + }); + }); + const responses = await promise; + assert.deepStrictEqual(responses, expectedResponse); + assert((client.descriptors.page.listCryptoKeyVersions.createStream as SinonStub) + .getCall(0).calledWith(client.innerApiCalls.listCryptoKeyVersions, request)); + assert.strictEqual( + (client.descriptors.page.listCryptoKeyVersions.createStream as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('invokes listCryptoKeyVersionsStream with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedError = new Error('expected'); + client.descriptors.page.listCryptoKeyVersions.createStream = stubPageStreamingCall(undefined, expectedError); + const stream = client.listCryptoKeyVersionsStream(request); + const promise = new Promise((resolve, reject) => { + const responses: protos.google.cloud.kms.v1.CryptoKeyVersion[] = []; + stream.on('data', (response: protos.google.cloud.kms.v1.CryptoKeyVersion) => { + responses.push(response); + }); + stream.on('end', () => { + resolve(responses); + }); + stream.on('error', (err: Error) => { + reject(err); + }); + }); + await assert.rejects(promise, expectedError); + assert((client.descriptors.page.listCryptoKeyVersions.createStream as SinonStub) + .getCall(0).calledWith(client.innerApiCalls.listCryptoKeyVersions, request)); + assert.strictEqual( + (client.descriptors.page.listCryptoKeyVersions.createStream as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('uses async iteration with listCryptoKeyVersions without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), + generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), + ]; + client.descriptors.page.listCryptoKeyVersions.asyncIterate = stubAsyncIterationCall(expectedResponse); + const responses: protos.google.cloud.kms.v1.ICryptoKeyVersion[] = []; + const iterable = client.listCryptoKeyVersionsAsync(request); + for await (const resource of iterable) { + responses.push(resource!); + } + assert.deepStrictEqual(responses, expectedResponse); + assert.deepStrictEqual( + (client.descriptors.page.listCryptoKeyVersions.asyncIterate as SinonStub) + .getCall(0).args[1], request); + assert.strictEqual( + (client.descriptors.page.listCryptoKeyVersions.asyncIterate as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('uses async iteration with listCryptoKeyVersions with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent=";const expectedError = new Error('expected'); + client.descriptors.page.listCryptoKeyVersions.asyncIterate = stubAsyncIterationCall(undefined, expectedError); + const iterable = client.listCryptoKeyVersionsAsync(request); + await assert.rejects(async () => { + const responses: protos.google.cloud.kms.v1.ICryptoKeyVersion[] = []; + for await (const resource of iterable) { + responses.push(resource!); + } + }); + assert.deepStrictEqual( + (client.descriptors.page.listCryptoKeyVersions.asyncIterate as SinonStub) + .getCall(0).args[1], request); + assert.strictEqual( + (client.descriptors.page.listCryptoKeyVersions.asyncIterate as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + }); + + describe('listImportJobs', () => { + it('invokes listImportJobs without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), + generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), + generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), + ]; + client.innerApiCalls.listImportJobs = stubSimpleCall(expectedResponse); + const [response] = await client.listImportJobs(request); + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.listImportJobs as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes listImportJobs without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), + generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), + generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), + ]; + client.innerApiCalls.listImportJobs = stubSimpleCallWithCallback(expectedResponse); + const promise = new Promise((resolve, reject) => { + client.listImportJobs( + request, + (err?: Error|null, result?: protos.google.cloud.kms.v1.IImportJob[]|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.innerApiCalls.listImportJobs as SinonStub) + .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); + }); + + it('invokes listImportJobs with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.innerApiCalls.listImportJobs = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.listImportJobs(request), expectedError); + assert((client.innerApiCalls.listImportJobs as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + + it('invokes listImportJobsStream without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), + generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), + generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), + ]; + client.descriptors.page.listImportJobs.createStream = stubPageStreamingCall(expectedResponse); + const stream = client.listImportJobsStream(request); + const promise = new Promise((resolve, reject) => { + const responses: protos.google.cloud.kms.v1.ImportJob[] = []; + stream.on('data', (response: protos.google.cloud.kms.v1.ImportJob) => { + responses.push(response); + }); + stream.on('end', () => { + resolve(responses); + }); + stream.on('error', (err: Error) => { + reject(err); + }); + }); + const responses = await promise; + assert.deepStrictEqual(responses, expectedResponse); + assert((client.descriptors.page.listImportJobs.createStream as SinonStub) + .getCall(0).calledWith(client.innerApiCalls.listImportJobs, request)); + assert.strictEqual( + (client.descriptors.page.listImportJobs.createStream as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('invokes listImportJobsStream with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedError = new Error('expected'); + client.descriptors.page.listImportJobs.createStream = stubPageStreamingCall(undefined, expectedError); + const stream = client.listImportJobsStream(request); + const promise = new Promise((resolve, reject) => { + const responses: protos.google.cloud.kms.v1.ImportJob[] = []; + stream.on('data', (response: protos.google.cloud.kms.v1.ImportJob) => { + responses.push(response); + }); + stream.on('end', () => { + resolve(responses); + }); + stream.on('error', (err: Error) => { + reject(err); + }); + }); + await assert.rejects(promise, expectedError); + assert((client.descriptors.page.listImportJobs.createStream as SinonStub) + .getCall(0).calledWith(client.innerApiCalls.listImportJobs, request)); + assert.strictEqual( + (client.descriptors.page.listImportJobs.createStream as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('uses async iteration with listImportJobs without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent="; + const expectedResponse = [ + generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), + generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), + generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), + ]; + client.descriptors.page.listImportJobs.asyncIterate = stubAsyncIterationCall(expectedResponse); + const responses: protos.google.cloud.kms.v1.IImportJob[] = []; + const iterable = client.listImportJobsAsync(request); + for await (const resource of iterable) { + responses.push(resource!); + } + assert.deepStrictEqual(responses, expectedResponse); + assert.deepStrictEqual( + (client.descriptors.page.listImportJobs.asyncIterate as SinonStub) + .getCall(0).args[1], request); + assert.strictEqual( + (client.descriptors.page.listImportJobs.asyncIterate as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + + it('uses async iteration with listImportJobs with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); + request.parent = ''; + const expectedHeaderRequestParams = "parent=";const expectedError = new Error('expected'); + client.descriptors.page.listImportJobs.asyncIterate = stubAsyncIterationCall(undefined, expectedError); + const iterable = client.listImportJobsAsync(request); + await assert.rejects(async () => { + const responses: protos.google.cloud.kms.v1.IImportJob[] = []; + for await (const resource of iterable) { + responses.push(resource!); + } + }); + assert.deepStrictEqual( + (client.descriptors.page.listImportJobs.asyncIterate as SinonStub) + .getCall(0).args[1], request); + assert.strictEqual( + (client.descriptors.page.listImportJobs.asyncIterate as SinonStub) + .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], + expectedHeaderRequestParams + ); + }); + }); + describe('getIamPolicy', () => { + it('invokes getIamPolicy without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new IamProtos.google.iam.v1.GetIamPolicyRequest() + ); + request.resource = ''; + const expectedHeaderRequestParams = 'resource='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage( + new IamProtos.google.iam.v1.Policy() + ); + client.iamClient.getIamPolicy = stubSimpleCall(expectedResponse); + const response = await client.getIamPolicy(request, expectedOptions); + assert.deepStrictEqual(response, [expectedResponse]); + assert((client.iamClient.getIamPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + it('invokes getIamPolicy without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new IamProtos.google.iam.v1.GetIamPolicyRequest() + ); + request.resource = ''; + const expectedHeaderRequestParams = 'resource='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage( + new IamProtos.google.iam.v1.Policy() + ); + client.iamClient.getIamPolicy = sinon.stub().callsArgWith(2, null, expectedResponse); + const promise = new Promise((resolve, reject) => { + client.getIamPolicy( + request, + expectedOptions, + (err?: Error|null, result?: IamProtos.google.iam.v1.Policy|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.iamClient.getIamPolicy as SinonStub) + .getCall(0)); + }); + it('invokes getIamPolicy with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new IamProtos.google.iam.v1.GetIamPolicyRequest() + ); + request.resource = ''; + const expectedHeaderRequestParams = 'resource='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.iamClient.getIamPolicy = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.getIamPolicy(request, expectedOptions), expectedError); + assert((client.iamClient.getIamPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + describe('setIamPolicy', () => { + it('invokes setIamPolicy without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new IamProtos.google.iam.v1.SetIamPolicyRequest() + ); + request.resource = ''; + const expectedHeaderRequestParams = 'resource='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage( + new IamProtos.google.iam.v1.Policy() + ); + client.iamClient.setIamPolicy = stubSimpleCall(expectedResponse); + const response = await client.setIamPolicy(request, expectedOptions); + assert.deepStrictEqual(response, [expectedResponse]); + assert((client.iamClient.setIamPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + it('invokes setIamPolicy without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new IamProtos.google.iam.v1.SetIamPolicyRequest() + ); + request.resource = ''; + const expectedHeaderRequestParams = 'resource='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage( + new IamProtos.google.iam.v1.Policy() + ); + client.iamClient.setIamPolicy = sinon.stub().callsArgWith(2, null, expectedResponse); + const promise = new Promise((resolve, reject) => { + client.setIamPolicy( + request, + expectedOptions, + (err?: Error|null, result?: IamProtos.google.iam.v1.Policy|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.iamClient.setIamPolicy as SinonStub) + .getCall(0)); + }); + it('invokes setIamPolicy with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new IamProtos.google.iam.v1.SetIamPolicyRequest() + ); + request.resource = ''; + const expectedHeaderRequestParams = 'resource='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.iamClient.setIamPolicy = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.setIamPolicy(request, expectedOptions), expectedError); + assert((client.iamClient.setIamPolicy as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + describe('testIamPermissions', () => { + it('invokes testIamPermissions without error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new IamProtos.google.iam.v1.TestIamPermissionsRequest() + ); + request.resource = ''; + const expectedHeaderRequestParams = 'resource='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage( + new IamProtos.google.iam.v1.TestIamPermissionsResponse() + ); + client.iamClient.testIamPermissions = stubSimpleCall(expectedResponse); + const response = await client.testIamPermissions(request, expectedOptions); + assert.deepStrictEqual(response, [expectedResponse]); + assert((client.iamClient.testIamPermissions as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + it('invokes testIamPermissions without error using callback', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new IamProtos.google.iam.v1.TestIamPermissionsRequest() + ); + request.resource = ''; + const expectedHeaderRequestParams = 'resource='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedResponse = generateSampleMessage( + new IamProtos.google.iam.v1.TestIamPermissionsResponse() + ); + client.iamClient.testIamPermissions = sinon.stub().callsArgWith(2, null, expectedResponse); + const promise = new Promise((resolve, reject) => { + client.testIamPermissions( + request, + expectedOptions, + (err?: Error|null, result?: IamProtos.google.iam.v1.TestIamPermissionsResponse|null) => { + if (err) { + reject(err); + } else { + resolve(result); + } + }); + }); + const response = await promise; + assert.deepStrictEqual(response, expectedResponse); + assert((client.iamClient.testIamPermissions as SinonStub) + .getCall(0)); + }); + it('invokes testIamPermissions with error', async () => { + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + const request = generateSampleMessage( + new IamProtos.google.iam.v1.TestIamPermissionsRequest() + ); + request.resource = ''; + const expectedHeaderRequestParams = 'resource='; + const expectedOptions = { + otherArgs: { + headers: { + 'x-goog-request-params': expectedHeaderRequestParams, + }, + }, + }; + const expectedError = new Error('expected'); + client.iamClient.testIamPermissions = stubSimpleCall(undefined, expectedError); + await assert.rejects(client.testIamPermissions(request, expectedOptions), expectedError); + assert((client.iamClient.testIamPermissions as SinonStub) + .getCall(0).calledWith(request, expectedOptions, undefined)); + }); + }); + + describe('Path templates', () => { + + describe('cryptoKey', () => { + const fakePath = "/rendered/path/cryptoKey"; + const expectedParameters = { + project: "projectValue", + location: "locationValue", + key_ring: "keyRingValue", + crypto_key: "cryptoKeyValue", + }; + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.cryptoKeyPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.cryptoKeyPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('cryptoKeyPath', () => { + const result = client.cryptoKeyPath("projectValue", "locationValue", "keyRingValue", "cryptoKeyValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.cryptoKeyPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromCryptoKeyName', () => { + const result = client.matchProjectFromCryptoKeyName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.cryptoKeyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchLocationFromCryptoKeyName', () => { + const result = client.matchLocationFromCryptoKeyName(fakePath); + assert.strictEqual(result, "locationValue"); + assert((client.pathTemplates.cryptoKeyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchKeyRingFromCryptoKeyName', () => { + const result = client.matchKeyRingFromCryptoKeyName(fakePath); + assert.strictEqual(result, "keyRingValue"); + assert((client.pathTemplates.cryptoKeyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchCryptoKeyFromCryptoKeyName', () => { + const result = client.matchCryptoKeyFromCryptoKeyName(fakePath); + assert.strictEqual(result, "cryptoKeyValue"); + assert((client.pathTemplates.cryptoKeyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('cryptoKeyVersion', () => { + const fakePath = "/rendered/path/cryptoKeyVersion"; + const expectedParameters = { + project: "projectValue", + location: "locationValue", + key_ring: "keyRingValue", + crypto_key: "cryptoKeyValue", + crypto_key_version: "cryptoKeyVersionValue", + }; + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.cryptoKeyVersionPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.cryptoKeyVersionPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('cryptoKeyVersionPath', () => { + const result = client.cryptoKeyVersionPath("projectValue", "locationValue", "keyRingValue", "cryptoKeyValue", "cryptoKeyVersionValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.cryptoKeyVersionPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromCryptoKeyVersionName', () => { + const result = client.matchProjectFromCryptoKeyVersionName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.cryptoKeyVersionPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchLocationFromCryptoKeyVersionName', () => { + const result = client.matchLocationFromCryptoKeyVersionName(fakePath); + assert.strictEqual(result, "locationValue"); + assert((client.pathTemplates.cryptoKeyVersionPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchKeyRingFromCryptoKeyVersionName', () => { + const result = client.matchKeyRingFromCryptoKeyVersionName(fakePath); + assert.strictEqual(result, "keyRingValue"); + assert((client.pathTemplates.cryptoKeyVersionPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchCryptoKeyFromCryptoKeyVersionName', () => { + const result = client.matchCryptoKeyFromCryptoKeyVersionName(fakePath); + assert.strictEqual(result, "cryptoKeyValue"); + assert((client.pathTemplates.cryptoKeyVersionPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchCryptoKeyVersionFromCryptoKeyVersionName', () => { + const result = client.matchCryptoKeyVersionFromCryptoKeyVersionName(fakePath); + assert.strictEqual(result, "cryptoKeyVersionValue"); + assert((client.pathTemplates.cryptoKeyVersionPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('importJob', () => { + const fakePath = "/rendered/path/importJob"; + const expectedParameters = { + project: "projectValue", + location: "locationValue", + key_ring: "keyRingValue", + import_job: "importJobValue", + }; + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.importJobPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.importJobPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('importJobPath', () => { + const result = client.importJobPath("projectValue", "locationValue", "keyRingValue", "importJobValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.importJobPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromImportJobName', () => { + const result = client.matchProjectFromImportJobName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.importJobPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchLocationFromImportJobName', () => { + const result = client.matchLocationFromImportJobName(fakePath); + assert.strictEqual(result, "locationValue"); + assert((client.pathTemplates.importJobPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchKeyRingFromImportJobName', () => { + const result = client.matchKeyRingFromImportJobName(fakePath); + assert.strictEqual(result, "keyRingValue"); + assert((client.pathTemplates.importJobPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchImportJobFromImportJobName', () => { + const result = client.matchImportJobFromImportJobName(fakePath); + assert.strictEqual(result, "importJobValue"); + assert((client.pathTemplates.importJobPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('keyRing', () => { + const fakePath = "/rendered/path/keyRing"; + const expectedParameters = { + project: "projectValue", + location: "locationValue", + key_ring: "keyRingValue", + }; + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.keyRingPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.keyRingPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('keyRingPath', () => { + const result = client.keyRingPath("projectValue", "locationValue", "keyRingValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.keyRingPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromKeyRingName', () => { + const result = client.matchProjectFromKeyRingName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.keyRingPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchLocationFromKeyRingName', () => { + const result = client.matchLocationFromKeyRingName(fakePath); + assert.strictEqual(result, "locationValue"); + assert((client.pathTemplates.keyRingPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchKeyRingFromKeyRingName', () => { + const result = client.matchKeyRingFromKeyRingName(fakePath); + assert.strictEqual(result, "keyRingValue"); + assert((client.pathTemplates.keyRingPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('location', () => { + const fakePath = "/rendered/path/location"; + const expectedParameters = { + project: "projectValue", + location: "locationValue", + }; + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.locationPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.locationPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('locationPath', () => { + const result = client.locationPath("projectValue", "locationValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.locationPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromLocationName', () => { + const result = client.matchProjectFromLocationName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.locationPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchLocationFromLocationName', () => { + const result = client.matchLocationFromLocationName(fakePath); + assert.strictEqual(result, "locationValue"); + assert((client.pathTemplates.locationPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + + describe('publicKey', () => { + const fakePath = "/rendered/path/publicKey"; + const expectedParameters = { + project: "projectValue", + location: "locationValue", + key_ring: "keyRingValue", + crypto_key: "cryptoKeyValue", + crypto_key_version: "cryptoKeyVersionValue", + }; + const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ + credentials: {client_email: 'bogus', private_key: 'bogus'}, + projectId: 'bogus', + }); + client.initialize(); + client.pathTemplates.publicKeyPathTemplate.render = + sinon.stub().returns(fakePath); + client.pathTemplates.publicKeyPathTemplate.match = + sinon.stub().returns(expectedParameters); + + it('publicKeyPath', () => { + const result = client.publicKeyPath("projectValue", "locationValue", "keyRingValue", "cryptoKeyValue", "cryptoKeyVersionValue"); + assert.strictEqual(result, fakePath); + assert((client.pathTemplates.publicKeyPathTemplate.render as SinonStub) + .getCall(-1).calledWith(expectedParameters)); + }); + + it('matchProjectFromPublicKeyName', () => { + const result = client.matchProjectFromPublicKeyName(fakePath); + assert.strictEqual(result, "projectValue"); + assert((client.pathTemplates.publicKeyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchLocationFromPublicKeyName', () => { + const result = client.matchLocationFromPublicKeyName(fakePath); + assert.strictEqual(result, "locationValue"); + assert((client.pathTemplates.publicKeyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchKeyRingFromPublicKeyName', () => { + const result = client.matchKeyRingFromPublicKeyName(fakePath); + assert.strictEqual(result, "keyRingValue"); + assert((client.pathTemplates.publicKeyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchCryptoKeyFromPublicKeyName', () => { + const result = client.matchCryptoKeyFromPublicKeyName(fakePath); + assert.strictEqual(result, "cryptoKeyValue"); + assert((client.pathTemplates.publicKeyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + + it('matchCryptoKeyVersionFromPublicKeyName', () => { + const result = client.matchCryptoKeyVersionFromPublicKeyName(fakePath); + assert.strictEqual(result, "cryptoKeyVersionValue"); + assert((client.pathTemplates.publicKeyPathTemplate.match as SinonStub) + .getCall(-1).calledWith(fakePath)); + }); + }); + }); +}); diff --git a/owl-bot-staging/v1/tsconfig.json b/owl-bot-staging/v1/tsconfig.json new file mode 100644 index 00000000..c78f1c88 --- /dev/null +++ b/owl-bot-staging/v1/tsconfig.json @@ -0,0 +1,19 @@ +{ + "extends": "./node_modules/gts/tsconfig-google.json", + "compilerOptions": { + "rootDir": ".", + "outDir": "build", + "resolveJsonModule": true, + "lib": [ + "es2018", + "dom" + ] + }, + "include": [ + "src/*.ts", + "src/**/*.ts", + "test/*.ts", + "test/**/*.ts", + "system-test/*.ts" + ] +} diff --git a/owl-bot-staging/v1/webpack.config.js b/owl-bot-staging/v1/webpack.config.js new file mode 100644 index 00000000..5ecb7a05 --- /dev/null +++ b/owl-bot-staging/v1/webpack.config.js @@ -0,0 +1,64 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// https://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +const path = require('path'); + +module.exports = { + entry: './src/index.ts', + output: { + library: 'KeyManagementService', + filename: './key-management-service.js', + }, + node: { + child_process: 'empty', + fs: 'empty', + crypto: 'empty', + }, + resolve: { + alias: { + '../../../package.json': path.resolve(__dirname, 'package.json'), + }, + extensions: ['.js', '.json', '.ts'], + }, + module: { + rules: [ + { + test: /\.tsx?$/, + use: 'ts-loader', + exclude: /node_modules/ + }, + { + test: /node_modules[\\/]@grpc[\\/]grpc-js/, + use: 'null-loader' + }, + { + test: /node_modules[\\/]grpc/, + use: 'null-loader' + }, + { + test: /node_modules[\\/]retry-request/, + use: 'null-loader' + }, + { + test: /node_modules[\\/]https?-proxy-agent/, + use: 'null-loader' + }, + { + test: /node_modules[\\/]gtoken/, + use: 'null-loader' + }, + ], + }, + mode: 'production', +}; From 26ef8dfe89baa864fabd7f5eec5fa26c785161e7 Mon Sep 17 00:00:00 2001 From: Owl Bot Date: Fri, 20 Aug 2021 23:13:27 +0000 Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=A6=89=20Updates=20from=20OwlBot?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --- owl-bot-staging/v1/.eslintignore | 6 - owl-bot-staging/v1/.eslintrc.json | 3 - owl-bot-staging/v1/.gitignore | 14 - owl-bot-staging/v1/.jsdoc.js | 55 - owl-bot-staging/v1/.mocharc.js | 33 - owl-bot-staging/v1/.prettierrc.js | 22 - owl-bot-staging/v1/README.md | 1 - owl-bot-staging/v1/linkinator.config.json | 10 - owl-bot-staging/v1/package.json | 64 - .../google/cloud/kms/v1/resources.proto | 634 --- .../protos/google/cloud/kms/v1/service.proto | 1307 ------ owl-bot-staging/v1/src/index.ts | 25 - owl-bot-staging/v1/src/v1/gapic_metadata.json | 299 -- owl-bot-staging/v1/src/v1/index.ts | 19 - .../src/v1/key_management_service_client.ts | 3615 ----------------- .../key_management_service_client_config.json | 153 - .../v1/key_management_service_proto_list.json | 4 - .../system-test/fixtures/sample/src/index.js | 27 - .../system-test/fixtures/sample/src/index.ts | 32 - owl-bot-staging/v1/system-test/install.ts | 49 - .../test/gapic_key_management_service_v1.ts | 3508 ---------------- owl-bot-staging/v1/tsconfig.json | 19 - owl-bot-staging/v1/webpack.config.js | 64 - src/v1/key_management_service_client.ts | 7 + 24 files changed, 7 insertions(+), 9963 deletions(-) delete mode 100644 owl-bot-staging/v1/.eslintignore delete mode 100644 owl-bot-staging/v1/.eslintrc.json delete mode 100644 owl-bot-staging/v1/.gitignore delete mode 100644 owl-bot-staging/v1/.jsdoc.js delete mode 100644 owl-bot-staging/v1/.mocharc.js delete mode 100644 owl-bot-staging/v1/.prettierrc.js delete mode 100644 owl-bot-staging/v1/README.md delete mode 100644 owl-bot-staging/v1/linkinator.config.json delete mode 100644 owl-bot-staging/v1/package.json delete mode 100644 owl-bot-staging/v1/protos/google/cloud/kms/v1/resources.proto delete mode 100644 owl-bot-staging/v1/protos/google/cloud/kms/v1/service.proto delete mode 100644 owl-bot-staging/v1/src/index.ts delete mode 100644 owl-bot-staging/v1/src/v1/gapic_metadata.json delete mode 100644 owl-bot-staging/v1/src/v1/index.ts delete mode 100644 owl-bot-staging/v1/src/v1/key_management_service_client.ts delete mode 100644 owl-bot-staging/v1/src/v1/key_management_service_client_config.json delete mode 100644 owl-bot-staging/v1/src/v1/key_management_service_proto_list.json delete mode 100644 owl-bot-staging/v1/system-test/fixtures/sample/src/index.js delete mode 100644 owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts delete mode 100644 owl-bot-staging/v1/system-test/install.ts delete mode 100644 owl-bot-staging/v1/test/gapic_key_management_service_v1.ts delete mode 100644 owl-bot-staging/v1/tsconfig.json delete mode 100644 owl-bot-staging/v1/webpack.config.js diff --git a/owl-bot-staging/v1/.eslintignore b/owl-bot-staging/v1/.eslintignore deleted file mode 100644 index 521dc25a..00000000 --- a/owl-bot-staging/v1/.eslintignore +++ /dev/null @@ -1,6 +0,0 @@ -**/node_modules -**/.coverage -build/ -docs/ -protos/ -system-test/ diff --git a/owl-bot-staging/v1/.eslintrc.json b/owl-bot-staging/v1/.eslintrc.json deleted file mode 100644 index 78215349..00000000 --- a/owl-bot-staging/v1/.eslintrc.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "extends": "./node_modules/gts" -} diff --git a/owl-bot-staging/v1/.gitignore b/owl-bot-staging/v1/.gitignore deleted file mode 100644 index 5d32b237..00000000 --- a/owl-bot-staging/v1/.gitignore +++ /dev/null @@ -1,14 +0,0 @@ -**/*.log -**/node_modules -.coverage -coverage -.nyc_output -docs/ -out/ -build/ -system-test/secrets.js -system-test/*key.json -*.lock -.DS_Store -package-lock.json -__pycache__ diff --git a/owl-bot-staging/v1/.jsdoc.js b/owl-bot-staging/v1/.jsdoc.js deleted file mode 100644 index c7ff7c6b..00000000 --- a/owl-bot-staging/v1/.jsdoc.js +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -'use strict'; - -module.exports = { - opts: { - readme: './README.md', - package: './package.json', - template: './node_modules/jsdoc-fresh', - recurse: true, - verbose: true, - destination: './docs/' - }, - plugins: [ - 'plugins/markdown', - 'jsdoc-region-tag' - ], - source: { - excludePattern: '(^|\\/|\\\\)[._]', - include: [ - 'build/src', - 'protos' - ], - includePattern: '\\.js$' - }, - templates: { - copyright: 'Copyright 2021 Google LLC', - includeDate: false, - sourceFiles: false, - systemName: '@google-cloud/kms', - theme: 'lumen', - default: { - outputSourceFiles: false - } - }, - markdown: { - idInHeadings: true - } -}; diff --git a/owl-bot-staging/v1/.mocharc.js b/owl-bot-staging/v1/.mocharc.js deleted file mode 100644 index 50bc7f79..00000000 --- a/owl-bot-staging/v1/.mocharc.js +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -const config = { - "enable-source-maps": true, - "throw-deprecation": true, - "timeout": 10000 -} -if (process.env.MOCHA_THROW_DEPRECATION === 'false') { - delete config['throw-deprecation']; -} -if (process.env.MOCHA_REPORTER) { - config.reporter = process.env.MOCHA_REPORTER; -} -if (process.env.MOCHA_REPORTER_OUTPUT) { - config['reporter-option'] = `output=${process.env.MOCHA_REPORTER_OUTPUT}`; -} -module.exports = config diff --git a/owl-bot-staging/v1/.prettierrc.js b/owl-bot-staging/v1/.prettierrc.js deleted file mode 100644 index 84f4713a..00000000 --- a/owl-bot-staging/v1/.prettierrc.js +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - -module.exports = { - ...require('gts/.prettierrc.json') -} diff --git a/owl-bot-staging/v1/README.md b/owl-bot-staging/v1/README.md deleted file mode 100644 index ea8e413e..00000000 --- a/owl-bot-staging/v1/README.md +++ /dev/null @@ -1 +0,0 @@ -Kms: Nodejs Client diff --git a/owl-bot-staging/v1/linkinator.config.json b/owl-bot-staging/v1/linkinator.config.json deleted file mode 100644 index 29a223b6..00000000 --- a/owl-bot-staging/v1/linkinator.config.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "recurse": true, - "skip": [ - "https://codecov.io/gh/googleapis/", - "www.googleapis.com", - "img.shields.io" - ], - "silent": true, - "concurrency": 10 -} diff --git a/owl-bot-staging/v1/package.json b/owl-bot-staging/v1/package.json deleted file mode 100644 index c867c563..00000000 --- a/owl-bot-staging/v1/package.json +++ /dev/null @@ -1,64 +0,0 @@ -{ - "name": "@google-cloud/kms", - "version": "0.1.0", - "description": "Kms client for Node.js", - "repository": "googleapis/nodejs-kms", - "license": "Apache-2.0", - "author": "Google LLC", - "main": "build/src/index.js", - "files": [ - "build/src", - "build/protos" - ], - "keywords": [ - "google apis client", - "google api client", - "google apis", - "google api", - "google", - "google cloud platform", - "google cloud", - "cloud", - "google kms", - "kms", - "key management service" - ], - "scripts": { - "clean": "gts clean", - "compile": "tsc -p . && cp -r protos build/", - "compile-protos": "compileProtos src", - "docs": "jsdoc -c .jsdoc.js", - "predocs-test": "npm run docs", - "docs-test": "linkinator docs", - "fix": "gts fix", - "lint": "gts check", - "prepare": "npm run compile-protos && npm run compile", - "system-test": "c8 mocha build/system-test", - "test": "c8 mocha build/test" - }, - "dependencies": { - "google-gax": "^2.19.0" - }, - "devDependencies": { - "@types/mocha": "^9.0.0", - "@types/node": "^14.17.3", - "@types/sinon": "^10.0.2", - "c8": "^7.7.3", - "gts": "^3.1.0", - "jsdoc": "^3.6.7", - "jsdoc-fresh": "^1.1.0", - "jsdoc-region-tag": "^1.1.0", - "linkinator": "^2.13.6", - "mocha": "^9.0.2", - "null-loader": "^4.0.1", - "pack-n-play": "^1.0.0-2", - "sinon": "^11.1.1", - "ts-loader": "^9.2.3", - "typescript": "^4.3.4", - "webpack": "^5.39.1", - "webpack-cli": "^4.7.2" - }, - "engines": { - "node": ">=v10.24.0" - } -} diff --git a/owl-bot-staging/v1/protos/google/cloud/kms/v1/resources.proto b/owl-bot-staging/v1/protos/google/cloud/kms/v1/resources.proto deleted file mode 100644 index b03e22b9..00000000 --- a/owl-bot-staging/v1/protos/google/cloud/kms/v1/resources.proto +++ /dev/null @@ -1,634 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package google.cloud.kms.v1; - -import "google/api/field_behavior.proto"; -import "google/api/resource.proto"; -import "google/protobuf/duration.proto"; -import "google/protobuf/timestamp.proto"; -import "google/protobuf/wrappers.proto"; -import "google/api/annotations.proto"; - -option cc_enable_arenas = true; -option csharp_namespace = "Google.Cloud.Kms.V1"; -option go_package = "google.golang.org/genproto/googleapis/cloud/kms/v1;kms"; -option java_multiple_files = true; -option java_outer_classname = "KmsResourcesProto"; -option java_package = "com.google.cloud.kms.v1"; -option php_namespace = "Google\\Cloud\\Kms\\V1"; - -// A [KeyRing][google.cloud.kms.v1.KeyRing] is a toplevel logical grouping of [CryptoKeys][google.cloud.kms.v1.CryptoKey]. -message KeyRing { - option (google.api.resource) = { - type: "cloudkms.googleapis.com/KeyRing" - pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}" - }; - - // Output only. The resource name for the [KeyRing][google.cloud.kms.v1.KeyRing] in the format - // `projects/*/locations/*/keyRings/*`. - string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The time at which this [KeyRing][google.cloud.kms.v1.KeyRing] was created. - google.protobuf.Timestamp create_time = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; -} - -// A [CryptoKey][google.cloud.kms.v1.CryptoKey] represents a logical key that can be used for cryptographic -// operations. -// -// A [CryptoKey][google.cloud.kms.v1.CryptoKey] is made up of zero or more [versions][google.cloud.kms.v1.CryptoKeyVersion], -// which represent the actual key material used in cryptographic operations. -message CryptoKey { - option (google.api.resource) = { - type: "cloudkms.googleapis.com/CryptoKey" - pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}" - }; - - // [CryptoKeyPurpose][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose] describes the cryptographic capabilities of a - // [CryptoKey][google.cloud.kms.v1.CryptoKey]. A given key can only be used for the operations allowed by - // its purpose. For more information, see - // [Key purposes](https://cloud.google.com/kms/docs/algorithms#key_purposes). - enum CryptoKeyPurpose { - // Not specified. - CRYPTO_KEY_PURPOSE_UNSPECIFIED = 0; - - // [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used with - // [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and - // [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. - ENCRYPT_DECRYPT = 1; - - // [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used with - // [AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign] and - // [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]. - ASYMMETRIC_SIGN = 5; - - // [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used with - // [AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt] and - // [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]. - ASYMMETRIC_DECRYPT = 6; - - // [CryptoKeys][google.cloud.kms.v1.CryptoKey] with this purpose may be used with - // [MacSign][google.cloud.kms.v1.KeyManagementService.MacSign]. - MAC = 9; - } - - // Output only. The resource name for this [CryptoKey][google.cloud.kms.v1.CryptoKey] in the format - // `projects/*/locations/*/keyRings/*/cryptoKeys/*`. - string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. A copy of the "primary" [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] that will be used - // by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] when this [CryptoKey][google.cloud.kms.v1.CryptoKey] is given - // in [EncryptRequest.name][google.cloud.kms.v1.EncryptRequest.name]. - // - // The [CryptoKey][google.cloud.kms.v1.CryptoKey]'s primary version can be updated via - // [UpdateCryptoKeyPrimaryVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVersion]. - // - // Keys with [purpose][google.cloud.kms.v1.CryptoKey.purpose] - // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT] may have a - // primary. For other keys, this field will be omitted. - CryptoKeyVersion primary = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Immutable. The immutable purpose of this [CryptoKey][google.cloud.kms.v1.CryptoKey]. - CryptoKeyPurpose purpose = 3 [(google.api.field_behavior) = IMMUTABLE]; - - // Output only. The time at which this [CryptoKey][google.cloud.kms.v1.CryptoKey] was created. - google.protobuf.Timestamp create_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // At [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time], the Key Management Service will automatically: - // - // 1. Create a new version of this [CryptoKey][google.cloud.kms.v1.CryptoKey]. - // 2. Mark the new version as primary. - // - // Key rotations performed manually via - // [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] and - // [UpdateCryptoKeyPrimaryVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVersion] - // do not affect [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time]. - // - // Keys with [purpose][google.cloud.kms.v1.CryptoKey.purpose] - // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT] support - // automatic rotation. For other keys, this field must be omitted. - google.protobuf.Timestamp next_rotation_time = 7; - - // Controls the rate of automatic rotation. - oneof rotation_schedule { - // [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time] will be advanced by this period when the service - // automatically rotates a key. Must be at least 24 hours and at most - // 876,000 hours. - // - // If [rotation_period][google.cloud.kms.v1.CryptoKey.rotation_period] is set, [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time] must also be set. - // - // Keys with [purpose][google.cloud.kms.v1.CryptoKey.purpose] - // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT] support - // automatic rotation. For other keys, this field must be omitted. - google.protobuf.Duration rotation_period = 8; - } - - // A template describing settings for new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] instances. - // The properties of new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] instances created by either - // [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] or - // auto-rotation are controlled by this template. - CryptoKeyVersionTemplate version_template = 11; - - // Labels with user-defined metadata. For more information, see - // [Labeling Keys](https://cloud.google.com/kms/docs/labeling-keys). - map labels = 10; - - // Immutable. Whether this key may contain imported versions only. - bool import_only = 13 [(google.api.field_behavior) = IMMUTABLE]; - - // Immutable. The period of time that versions of this key spend in the - // [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] - // state before transitioning to - // [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED]. If not - // specified at creation time, the default duration is 24 hours. - google.protobuf.Duration destroy_scheduled_duration = 14 [(google.api.field_behavior) = IMMUTABLE]; -} - -// A [CryptoKeyVersionTemplate][google.cloud.kms.v1.CryptoKeyVersionTemplate] specifies the properties to use when creating -// a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], either manually with -// [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] or -// automatically as a result of auto-rotation. -message CryptoKeyVersionTemplate { - // [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] to use when creating a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] based on - // this template. Immutable. Defaults to [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE]. - ProtectionLevel protection_level = 1; - - // Required. [Algorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] to use - // when creating a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] based on this template. - // - // For backwards compatibility, GOOGLE_SYMMETRIC_ENCRYPTION is implied if both - // this field is omitted and [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] is - // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]. - CryptoKeyVersion.CryptoKeyVersionAlgorithm algorithm = 3 [(google.api.field_behavior) = REQUIRED]; -} - -// Contains an HSM-generated attestation about a key operation. For more -// information, see [Verifying attestations] -// (https://cloud.google.com/kms/docs/attest-key). -message KeyOperationAttestation { - // Attestation formats provided by the HSM. - enum AttestationFormat { - // Not specified. - ATTESTATION_FORMAT_UNSPECIFIED = 0; - - // Cavium HSM attestation compressed with gzip. Note that this format is - // defined by Cavium and subject to change at any time. - CAVIUM_V1_COMPRESSED = 3; - - // Cavium HSM attestation V2 compressed with gzip. This is a new format - // introduced in Cavium's version 3.2-08. - CAVIUM_V2_COMPRESSED = 4; - } - - // Output only. The format of the attestation data. - AttestationFormat format = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The attestation data provided by the HSM when the key - // operation was performed. - bytes content = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; -} - -// A [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] represents an individual cryptographic key, and the -// associated key material. -// -// An [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] version can be -// used for cryptographic operations. -// -// For security reasons, the raw cryptographic key material represented by a -// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] can never be viewed or exported. It can only be used to -// encrypt, decrypt, or sign data when an authorized user or application invokes -// Cloud KMS. -message CryptoKeyVersion { - option (google.api.resource) = { - type: "cloudkms.googleapis.com/CryptoKeyVersion" - pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}" - }; - - // The algorithm of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], indicating what - // parameters must be used for each cryptographic operation. - // - // The - // [GOOGLE_SYMMETRIC_ENCRYPTION][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm.GOOGLE_SYMMETRIC_ENCRYPTION] - // algorithm is usable with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] - // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]. - // - // Algorithms beginning with "RSA_SIGN_" are usable with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] - // [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN]. - // - // The fields in the name after "RSA_SIGN_" correspond to the following - // parameters: padding algorithm, modulus bit length, and digest algorithm. - // - // For PSS, the salt length used is equal to the length of digest - // algorithm. For example, - // [RSA_SIGN_PSS_2048_SHA256][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256] - // will use PSS with a salt length of 256 bits or 32 bytes. - // - // Algorithms beginning with "RSA_DECRYPT_" are usable with - // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] - // [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT]. - // - // The fields in the name after "RSA_DECRYPT_" correspond to the following - // parameters: padding algorithm, modulus bit length, and digest algorithm. - // - // Algorithms beginning with "EC_SIGN_" are usable with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] - // [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN]. - // - // The fields in the name after "EC_SIGN_" correspond to the following - // parameters: elliptic curve, digest algorithm. - // - // Algorithms beginning with "HMAC_" are usable with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] - // [MAC][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.MAC]. - // - // The suffix following "HMAC_" corresponds to the hash algorithm being used - // (eg. SHA256). - // - // For more information, see [Key purposes and algorithms] - // (https://cloud.google.com/kms/docs/algorithms). - enum CryptoKeyVersionAlgorithm { - // Not specified. - CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED = 0; - - // Creates symmetric encryption keys. - GOOGLE_SYMMETRIC_ENCRYPTION = 1; - - // RSASSA-PSS 2048 bit key with a SHA256 digest. - RSA_SIGN_PSS_2048_SHA256 = 2; - - // RSASSA-PSS 3072 bit key with a SHA256 digest. - RSA_SIGN_PSS_3072_SHA256 = 3; - - // RSASSA-PSS 4096 bit key with a SHA256 digest. - RSA_SIGN_PSS_4096_SHA256 = 4; - - // RSASSA-PSS 4096 bit key with a SHA512 digest. - RSA_SIGN_PSS_4096_SHA512 = 15; - - // RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest. - RSA_SIGN_PKCS1_2048_SHA256 = 5; - - // RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest. - RSA_SIGN_PKCS1_3072_SHA256 = 6; - - // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest. - RSA_SIGN_PKCS1_4096_SHA256 = 7; - - // RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest. - RSA_SIGN_PKCS1_4096_SHA512 = 16; - - // RSAES-OAEP 2048 bit key with a SHA256 digest. - RSA_DECRYPT_OAEP_2048_SHA256 = 8; - - // RSAES-OAEP 3072 bit key with a SHA256 digest. - RSA_DECRYPT_OAEP_3072_SHA256 = 9; - - // RSAES-OAEP 4096 bit key with a SHA256 digest. - RSA_DECRYPT_OAEP_4096_SHA256 = 10; - - // RSAES-OAEP 4096 bit key with a SHA512 digest. - RSA_DECRYPT_OAEP_4096_SHA512 = 17; - - // ECDSA on the NIST P-256 curve with a SHA256 digest. - EC_SIGN_P256_SHA256 = 12; - - // ECDSA on the NIST P-384 curve with a SHA384 digest. - EC_SIGN_P384_SHA384 = 13; - - // ECDSA on the non-NIST secp256k1 curve. This curve is only supported for - // HSM protection level. - EC_SIGN_SECP256K1_SHA256 = 31; - - // HMAC-SHA256 signing with a 256 bit key. - HMAC_SHA256 = 32; - - // Algorithm representing symmetric encryption by an external key manager. - EXTERNAL_SYMMETRIC_ENCRYPTION = 18; - } - - // The state of a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], indicating if it can be used. - enum CryptoKeyVersionState { - // Not specified. - CRYPTO_KEY_VERSION_STATE_UNSPECIFIED = 0; - - // This version is still being generated. It may not be used, enabled, - // disabled, or destroyed yet. Cloud KMS will automatically mark this - // version [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] as soon as the version is ready. - PENDING_GENERATION = 5; - - // This version may be used for cryptographic operations. - ENABLED = 1; - - // This version may not be used, but the key material is still available, - // and the version can be placed back into the [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] state. - DISABLED = 2; - - // This version is destroyed, and the key material is no longer stored. - DESTROYED = 3; - - // This version is scheduled for destruction, and will be destroyed soon. - // Call - // [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] - // to put it back into the [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] state. - DESTROY_SCHEDULED = 4; - - // This version is still being imported. It may not be used, enabled, - // disabled, or destroyed yet. Cloud KMS will automatically mark this - // version [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] as soon as the version is ready. - PENDING_IMPORT = 6; - - // This version was not imported successfully. It may not be used, enabled, - // disabled, or destroyed. The submitted key material has been discarded. - // Additional details can be found in - // [CryptoKeyVersion.import_failure_reason][google.cloud.kms.v1.CryptoKeyVersion.import_failure_reason]. - IMPORT_FAILED = 7; - } - - // A view for [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]s. Controls the level of detail returned - // for [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] in - // [KeyManagementService.ListCryptoKeyVersions][google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions] and - // [KeyManagementService.ListCryptoKeys][google.cloud.kms.v1.KeyManagementService.ListCryptoKeys]. - enum CryptoKeyVersionView { - // Default view for each [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Does not include - // the [attestation][google.cloud.kms.v1.CryptoKeyVersion.attestation] field. - CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED = 0; - - // Provides all fields in each [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], including the - // [attestation][google.cloud.kms.v1.CryptoKeyVersion.attestation]. - FULL = 1; - } - - // Output only. The resource name for this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the format - // `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. - string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // The current state of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. - CryptoKeyVersionState state = 3; - - // Output only. The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] describing how crypto operations are - // performed with this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. - ProtectionLevel protection_level = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The [CryptoKeyVersionAlgorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] that this - // [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] supports. - CryptoKeyVersionAlgorithm algorithm = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. Statement that was generated and signed by the HSM at key - // creation time. Use this statement to verify attributes of the key as stored - // on the HSM, independently of Google. Only provided for key versions with - // [protection_level][google.cloud.kms.v1.CryptoKeyVersion.protection_level] [HSM][google.cloud.kms.v1.ProtectionLevel.HSM]. - KeyOperationAttestation attestation = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The time at which this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] was created. - google.protobuf.Timestamp create_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The time this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s key material was - // generated. - google.protobuf.Timestamp generate_time = 11 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The time this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s key material is scheduled - // for destruction. Only present if [state][google.cloud.kms.v1.CryptoKeyVersion.state] is - // [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]. - google.protobuf.Timestamp destroy_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The time this CryptoKeyVersion's key material was - // destroyed. Only present if [state][google.cloud.kms.v1.CryptoKeyVersion.state] is - // [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED]. - google.protobuf.Timestamp destroy_event_time = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The name of the [ImportJob][google.cloud.kms.v1.ImportJob] used to import this - // [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Only present if the underlying key material was - // imported. - string import_job = 14 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The time at which this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s key material - // was imported. - google.protobuf.Timestamp import_time = 15 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The root cause of an import failure. Only present if - // [state][google.cloud.kms.v1.CryptoKeyVersion.state] is - // [IMPORT_FAILED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.IMPORT_FAILED]. - string import_failure_reason = 16 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // ExternalProtectionLevelOptions stores a group of additional fields for - // configuring a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] that are specific to the - // [EXTERNAL][google.cloud.kms.v1.ProtectionLevel.EXTERNAL] protection level. - ExternalProtectionLevelOptions external_protection_level_options = 17; -} - -// The public key for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Obtained via -// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]. -message PublicKey { - option (google.api.resource) = { - type: "cloudkms.googleapis.com/PublicKey" - pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}/publicKey" - }; - - // The public key, encoded in PEM format. For more information, see the - // [RFC 7468](https://tools.ietf.org/html/rfc7468) sections for - // [General Considerations](https://tools.ietf.org/html/rfc7468#section-2) and - // [Textual Encoding of Subject Public Key Info] - // (https://tools.ietf.org/html/rfc7468#section-13). - string pem = 1; - - // The [Algorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] associated - // with this key. - CryptoKeyVersion.CryptoKeyVersionAlgorithm algorithm = 2; - - // Integrity verification field. A CRC32C checksum of the returned - // [PublicKey.pem][google.cloud.kms.v1.PublicKey.pem]. An integrity check of [PublicKey.pem][google.cloud.kms.v1.PublicKey.pem] can be performed - // by computing the CRC32C checksum of [PublicKey.pem][google.cloud.kms.v1.PublicKey.pem] and - // comparing your results to this field. Discard the response in case of - // non-matching checksum values, and perform a limited number of retries. A - // persistent mismatch may indicate an issue in your computation of the CRC32C - // checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - // - // NOTE: This field is in Beta. - google.protobuf.Int64Value pem_crc32c = 3; - - // The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] public key. - // Provided here for verification. - // - // NOTE: This field is in Beta. - string name = 4; - - // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] public key. - ProtectionLevel protection_level = 5; -} - -// An [ImportJob][google.cloud.kms.v1.ImportJob] can be used to create [CryptoKeys][google.cloud.kms.v1.CryptoKey] and -// [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] using pre-existing key material, -// generated outside of Cloud KMS. -// -// When an [ImportJob][google.cloud.kms.v1.ImportJob] is created, Cloud KMS will generate a "wrapping key", -// which is a public/private key pair. You use the wrapping key to encrypt (also -// known as wrap) the pre-existing key material to protect it during the import -// process. The nature of the wrapping key depends on the choice of -// [import_method][google.cloud.kms.v1.ImportJob.import_method]. When the wrapping key generation -// is complete, the [state][google.cloud.kms.v1.ImportJob.state] will be set to -// [ACTIVE][google.cloud.kms.v1.ImportJob.ImportJobState.ACTIVE] and the [public_key][google.cloud.kms.v1.ImportJob.public_key] -// can be fetched. The fetched public key can then be used to wrap your -// pre-existing key material. -// -// Once the key material is wrapped, it can be imported into a new -// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in an existing [CryptoKey][google.cloud.kms.v1.CryptoKey] by calling -// [ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion]. -// Multiple [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] can be imported with a single -// [ImportJob][google.cloud.kms.v1.ImportJob]. Cloud KMS uses the private key portion of the wrapping key to -// unwrap the key material. Only Cloud KMS has access to the private key. -// -// An [ImportJob][google.cloud.kms.v1.ImportJob] expires 3 days after it is created. Once expired, Cloud KMS -// will no longer be able to import or unwrap any key material that was wrapped -// with the [ImportJob][google.cloud.kms.v1.ImportJob]'s public key. -// -// For more information, see -// [Importing a key](https://cloud.google.com/kms/docs/importing-a-key). -message ImportJob { - option (google.api.resource) = { - type: "cloudkms.googleapis.com/ImportJob" - pattern: "projects/{project}/locations/{location}/keyRings/{key_ring}/importJobs/{import_job}" - }; - - // The public key component of the wrapping key. For details of the type of - // key this public key corresponds to, see the [ImportMethod][google.cloud.kms.v1.ImportJob.ImportMethod]. - message WrappingPublicKey { - // The public key, encoded in PEM format. For more information, see the [RFC - // 7468](https://tools.ietf.org/html/rfc7468) sections for [General - // Considerations](https://tools.ietf.org/html/rfc7468#section-2) and - // [Textual Encoding of Subject Public Key Info] - // (https://tools.ietf.org/html/rfc7468#section-13). - string pem = 1; - } - - // [ImportMethod][google.cloud.kms.v1.ImportJob.ImportMethod] describes the key wrapping method chosen for this - // [ImportJob][google.cloud.kms.v1.ImportJob]. - enum ImportMethod { - // Not specified. - IMPORT_METHOD_UNSPECIFIED = 0; - - // This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping - // scheme defined in the PKCS #11 standard. In summary, this involves - // wrapping the raw key with an ephemeral AES key, and wrapping the - // ephemeral AES key with a 3072 bit RSA key. For more details, see - // [RSA AES key wrap - // mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908). - RSA_OAEP_3072_SHA1_AES_256 = 1; - - // This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping - // scheme defined in the PKCS #11 standard. In summary, this involves - // wrapping the raw key with an ephemeral AES key, and wrapping the - // ephemeral AES key with a 4096 bit RSA key. For more details, see - // [RSA AES key wrap - // mechanism](http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc408226908). - RSA_OAEP_4096_SHA1_AES_256 = 2; - } - - // The state of the [ImportJob][google.cloud.kms.v1.ImportJob], indicating if it can be used. - enum ImportJobState { - // Not specified. - IMPORT_JOB_STATE_UNSPECIFIED = 0; - - // The wrapping key for this job is still being generated. It may not be - // used. Cloud KMS will automatically mark this job as - // [ACTIVE][google.cloud.kms.v1.ImportJob.ImportJobState.ACTIVE] as soon as the wrapping key is generated. - PENDING_GENERATION = 1; - - // This job may be used in - // [CreateCryptoKey][google.cloud.kms.v1.KeyManagementService.CreateCryptoKey] and - // [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] - // requests. - ACTIVE = 2; - - // This job can no longer be used and may not leave this state once entered. - EXPIRED = 3; - } - - // Output only. The resource name for this [ImportJob][google.cloud.kms.v1.ImportJob] in the format - // `projects/*/locations/*/keyRings/*/importJobs/*`. - string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Required. Immutable. The wrapping method to be used for incoming key material. - ImportMethod import_method = 2 [ - (google.api.field_behavior) = REQUIRED, - (google.api.field_behavior) = IMMUTABLE - ]; - - // Required. Immutable. The protection level of the [ImportJob][google.cloud.kms.v1.ImportJob]. This must match the - // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level] of the - // [version_template][google.cloud.kms.v1.CryptoKey.version_template] on the [CryptoKey][google.cloud.kms.v1.CryptoKey] you - // attempt to import into. - ProtectionLevel protection_level = 9 [ - (google.api.field_behavior) = REQUIRED, - (google.api.field_behavior) = IMMUTABLE - ]; - - // Output only. The time at which this [ImportJob][google.cloud.kms.v1.ImportJob] was created. - google.protobuf.Timestamp create_time = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The time this [ImportJob][google.cloud.kms.v1.ImportJob]'s key material was generated. - google.protobuf.Timestamp generate_time = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The time at which this [ImportJob][google.cloud.kms.v1.ImportJob] is scheduled for - // expiration and can no longer be used to import key material. - google.protobuf.Timestamp expire_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The time this [ImportJob][google.cloud.kms.v1.ImportJob] expired. Only present if - // [state][google.cloud.kms.v1.ImportJob.state] is [EXPIRED][google.cloud.kms.v1.ImportJob.ImportJobState.EXPIRED]. - google.protobuf.Timestamp expire_event_time = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The current state of the [ImportJob][google.cloud.kms.v1.ImportJob], indicating if it can - // be used. - ImportJobState state = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. The public key with which to wrap key material prior to - // import. Only returned if [state][google.cloud.kms.v1.ImportJob.state] is - // [ACTIVE][google.cloud.kms.v1.ImportJob.ImportJobState.ACTIVE]. - WrappingPublicKey public_key = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // Output only. Statement that was generated and signed by the key creator - // (for example, an HSM) at key creation time. Use this statement to verify - // attributes of the key as stored on the HSM, independently of Google. - // Only present if the chosen [ImportMethod][google.cloud.kms.v1.ImportJob.ImportMethod] is one with a protection - // level of [HSM][google.cloud.kms.v1.ProtectionLevel.HSM]. - KeyOperationAttestation attestation = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; -} - -// [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] specifies how cryptographic operations are performed. -// For more information, see [Protection levels] -// (https://cloud.google.com/kms/docs/algorithms#protection_levels). -enum ProtectionLevel { - // Not specified. - PROTECTION_LEVEL_UNSPECIFIED = 0; - - // Crypto operations are performed in software. - SOFTWARE = 1; - - // Crypto operations are performed in a Hardware Security Module. - HSM = 2; - - // Crypto operations are performed by an external key manager. - EXTERNAL = 3; -} - -// ExternalProtectionLevelOptions stores a group of additional fields for -// configuring a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] that are specific to the -// [EXTERNAL][google.cloud.kms.v1.ProtectionLevel.EXTERNAL] protection level. -message ExternalProtectionLevelOptions { - // The URI for an external resource that this [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] represents. - string external_key_uri = 1; -} diff --git a/owl-bot-staging/v1/protos/google/cloud/kms/v1/service.proto b/owl-bot-staging/v1/protos/google/cloud/kms/v1/service.proto deleted file mode 100644 index ba3baf28..00000000 --- a/owl-bot-staging/v1/protos/google/cloud/kms/v1/service.proto +++ /dev/null @@ -1,1307 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -syntax = "proto3"; - -package google.cloud.kms.v1; - -import "google/api/annotations.proto"; -import "google/api/client.proto"; -import "google/api/field_behavior.proto"; -import "google/api/resource.proto"; -import "google/cloud/kms/v1/resources.proto"; -import "google/protobuf/field_mask.proto"; -import "google/protobuf/wrappers.proto"; - -option cc_enable_arenas = true; -option csharp_namespace = "Google.Cloud.Kms.V1"; -option go_package = "google.golang.org/genproto/googleapis/cloud/kms/v1;kms"; -option java_multiple_files = true; -option java_outer_classname = "KmsProto"; -option java_package = "com.google.cloud.kms.v1"; -option php_namespace = "Google\\Cloud\\Kms\\V1"; - -// Google Cloud Key Management Service -// -// Manages cryptographic keys and operations using those keys. Implements a REST -// model with the following objects: -// -// * [KeyRing][google.cloud.kms.v1.KeyRing] -// * [CryptoKey][google.cloud.kms.v1.CryptoKey] -// * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] -// * [ImportJob][google.cloud.kms.v1.ImportJob] -// -// If you are using manual gRPC libraries, see -// [Using gRPC with Cloud KMS](https://cloud.google.com/kms/docs/grpc). -service KeyManagementService { - option (google.api.default_host) = "cloudkms.googleapis.com"; - option (google.api.oauth_scopes) = - "https://www.googleapis.com/auth/cloud-platform," - "https://www.googleapis.com/auth/cloudkms"; - - // Lists [KeyRings][google.cloud.kms.v1.KeyRing]. - rpc ListKeyRings(ListKeyRingsRequest) returns (ListKeyRingsResponse) { - option (google.api.http) = { - get: "/v1/{parent=projects/*/locations/*}/keyRings" - }; - option (google.api.method_signature) = "parent"; - } - - // Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey]. - rpc ListCryptoKeys(ListCryptoKeysRequest) returns (ListCryptoKeysResponse) { - option (google.api.http) = { - get: "/v1/{parent=projects/*/locations/*/keyRings/*}/cryptoKeys" - }; - option (google.api.method_signature) = "parent"; - } - - // Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion]. - rpc ListCryptoKeyVersions(ListCryptoKeyVersionsRequest) returns (ListCryptoKeyVersionsResponse) { - option (google.api.http) = { - get: "/v1/{parent=projects/*/locations/*/keyRings/*/cryptoKeys/*}/cryptoKeyVersions" - }; - option (google.api.method_signature) = "parent"; - } - - // Lists [ImportJobs][google.cloud.kms.v1.ImportJob]. - rpc ListImportJobs(ListImportJobsRequest) returns (ListImportJobsResponse) { - option (google.api.http) = { - get: "/v1/{parent=projects/*/locations/*/keyRings/*}/importJobs" - }; - option (google.api.method_signature) = "parent"; - } - - // Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing]. - rpc GetKeyRing(GetKeyRingRequest) returns (KeyRing) { - option (google.api.http) = { - get: "/v1/{name=projects/*/locations/*/keyRings/*}" - }; - option (google.api.method_signature) = "name"; - } - - // Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its - // [primary][google.cloud.kms.v1.CryptoKey.primary] [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. - rpc GetCryptoKey(GetCryptoKeyRequest) returns (CryptoKey) { - option (google.api.http) = { - get: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*}" - }; - option (google.api.method_signature) = "name"; - } - - // Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. - rpc GetCryptoKeyVersion(GetCryptoKeyVersionRequest) returns (CryptoKeyVersion) { - option (google.api.http) = { - get: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}" - }; - option (google.api.method_signature) = "name"; - } - - // Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The - // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be - // [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN] or - // [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT]. - rpc GetPublicKey(GetPublicKeyRequest) returns (PublicKey) { - option (google.api.http) = { - get: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}/publicKey" - }; - option (google.api.method_signature) = "name"; - } - - // Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob]. - rpc GetImportJob(GetImportJobRequest) returns (ImportJob) { - option (google.api.http) = { - get: "/v1/{name=projects/*/locations/*/keyRings/*/importJobs/*}" - }; - option (google.api.method_signature) = "name"; - } - - // Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location. - rpc CreateKeyRing(CreateKeyRingRequest) returns (KeyRing) { - option (google.api.http) = { - post: "/v1/{parent=projects/*/locations/*}/keyRings" - body: "key_ring" - }; - option (google.api.method_signature) = "parent,key_ring_id,key_ring"; - } - - // Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a [KeyRing][google.cloud.kms.v1.KeyRing]. - // - // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and - // [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm] - // are required. - rpc CreateCryptoKey(CreateCryptoKeyRequest) returns (CryptoKey) { - option (google.api.http) = { - post: "/v1/{parent=projects/*/locations/*/keyRings/*}/cryptoKeys" - body: "crypto_key" - }; - option (google.api.method_signature) = "parent,crypto_key_id,crypto_key"; - } - - // Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a [CryptoKey][google.cloud.kms.v1.CryptoKey]. - // - // The server will assign the next sequential id. If unset, - // [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to - // [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]. - rpc CreateCryptoKeyVersion(CreateCryptoKeyVersionRequest) returns (CryptoKeyVersion) { - option (google.api.http) = { - post: "/v1/{parent=projects/*/locations/*/keyRings/*/cryptoKeys/*}/cryptoKeyVersions" - body: "crypto_key_version" - }; - option (google.api.method_signature) = "parent,crypto_key_version"; - } - - // Imports a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] into an existing [CryptoKey][google.cloud.kms.v1.CryptoKey] using the - // wrapped key material provided in the request. - // - // The version ID will be assigned the next sequential id within the - // [CryptoKey][google.cloud.kms.v1.CryptoKey]. - rpc ImportCryptoKeyVersion(ImportCryptoKeyVersionRequest) returns (CryptoKeyVersion) { - option (google.api.http) = { - post: "/v1/{parent=projects/*/locations/*/keyRings/*/cryptoKeys/*}/cryptoKeyVersions:import" - body: "*" - }; - } - - // Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a [KeyRing][google.cloud.kms.v1.KeyRing]. - // - // [ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is required. - rpc CreateImportJob(CreateImportJobRequest) returns (ImportJob) { - option (google.api.http) = { - post: "/v1/{parent=projects/*/locations/*/keyRings/*}/importJobs" - body: "import_job" - }; - option (google.api.method_signature) = "parent,import_job_id,import_job"; - } - - // Update a [CryptoKey][google.cloud.kms.v1.CryptoKey]. - rpc UpdateCryptoKey(UpdateCryptoKeyRequest) returns (CryptoKey) { - option (google.api.http) = { - patch: "/v1/{crypto_key.name=projects/*/locations/*/keyRings/*/cryptoKeys/*}" - body: "crypto_key" - }; - option (google.api.method_signature) = "crypto_key,update_mask"; - } - - // Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s metadata. - // - // [state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between - // [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] and - // [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this - // method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to - // move between other states. - rpc UpdateCryptoKeyVersion(UpdateCryptoKeyVersionRequest) returns (CryptoKeyVersion) { - option (google.api.http) = { - patch: "/v1/{crypto_key_version.name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}" - body: "crypto_key_version" - }; - option (google.api.method_signature) = "crypto_key_version,update_mask"; - } - - // Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. - // - // Returns an error if called on a key whose purpose is not - // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]. - rpc UpdateCryptoKeyPrimaryVersion(UpdateCryptoKeyPrimaryVersionRequest) returns (CryptoKey) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*}:updatePrimaryVersion" - body: "*" - }; - option (google.api.method_signature) = "name,crypto_key_version_id"; - } - - // Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction. - // - // Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to - // [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] - // and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be set to a time 24 - // hours in the future, at which point the [state][google.cloud.kms.v1.CryptoKeyVersion.state] - // will be changed to - // [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED], and the key - // material will be irrevocably destroyed. - // - // Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached, - // [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process. - rpc DestroyCryptoKeyVersion(DestroyCryptoKeyVersionRequest) returns (CryptoKeyVersion) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:destroy" - body: "*" - }; - option (google.api.method_signature) = "name"; - } - - // Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the - // [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] - // state. - // - // Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state] - // will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED], - // and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared. - rpc RestoreCryptoKeyVersion(RestoreCryptoKeyVersionRequest) returns (CryptoKeyVersion) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:restore" - body: "*" - }; - option (google.api.method_signature) = "name"; - } - - // Encrypts data, so that it can only be recovered by a call to [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. - // The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be - // [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]. - rpc Encrypt(EncryptRequest) returns (EncryptResponse) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/**}:encrypt" - body: "*" - }; - option (google.api.method_signature) = "name,plaintext"; - } - - // Decrypts data that was protected by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] - // must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]. - rpc Decrypt(DecryptRequest) returns (DecryptResponse) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*}:decrypt" - body: "*" - }; - option (google.api.method_signature) = "name,ciphertext"; - } - - // Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] - // ASYMMETRIC_SIGN, producing a signature that can be verified with the public - // key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]. - rpc AsymmetricSign(AsymmetricSignRequest) returns (AsymmetricSignResponse) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:asymmetricSign" - body: "*" - }; - option (google.api.method_signature) = "name,digest"; - } - - // Decrypts data that was encrypted with a public key retrieved from - // [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with - // [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT. - rpc AsymmetricDecrypt(AsymmetricDecryptRequest) returns (AsymmetricDecryptResponse) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:asymmetricDecrypt" - body: "*" - }; - option (google.api.method_signature) = "name,ciphertext"; - } - - // Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] - // MAC, producing a tag that can be verified by another source with the - // same key. - rpc MacSign(MacSignRequest) returns (MacSignResponse) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:macSign" - body: "*" - }; - option (google.api.method_signature) = "name,data"; - } - - // Verifies MAC tag using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] - // MAC, and returns a response that indicates whether or not the verification - // was successful. - rpc MacVerify(MacVerifyRequest) returns (MacVerifyResponse) { - option (google.api.http) = { - post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*}:macVerify" - body: "*" - }; - option (google.api.method_signature) = "name,data,mac"; - } - - // Generate random bytes using the Cloud KMS randomness source in the provided - // location. - rpc GenerateRandomBytes(GenerateRandomBytesRequest) returns (GenerateRandomBytesResponse) { - option (google.api.http) = { - post: "/v1/{location=projects/*/locations/*}:generateRandomBytes" - body: "*" - }; - option (google.api.method_signature) = "location,length_bytes,protection_level"; - } -} - -// Request message for [KeyManagementService.ListKeyRings][google.cloud.kms.v1.KeyManagementService.ListKeyRings]. -message ListKeyRingsRequest { - // Required. The resource name of the location associated with the - // [KeyRings][google.cloud.kms.v1.KeyRing], in the format `projects/*/locations/*`. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "locations.googleapis.com/Location" - } - ]; - - // Optional. Optional limit on the number of [KeyRings][google.cloud.kms.v1.KeyRing] to include in the - // response. Further [KeyRings][google.cloud.kms.v1.KeyRing] can subsequently be obtained by - // including the [ListKeyRingsResponse.next_page_token][google.cloud.kms.v1.ListKeyRingsResponse.next_page_token] in a subsequent - // request. If unspecified, the server will pick an appropriate default. - int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Optional pagination token, returned earlier via - // [ListKeyRingsResponse.next_page_token][google.cloud.kms.v1.ListKeyRingsResponse.next_page_token]. - string page_token = 3 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Only include resources that match the filter in the response. For - // more information, see - // [Sorting and filtering list - // results](https://cloud.google.com/kms/docs/sorting-and-filtering). - string filter = 4 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Specify how the results should be sorted. If not specified, the - // results will be sorted in the default order. For more information, see - // [Sorting and filtering list - // results](https://cloud.google.com/kms/docs/sorting-and-filtering). - string order_by = 5 [(google.api.field_behavior) = OPTIONAL]; -} - -// Request message for [KeyManagementService.ListCryptoKeys][google.cloud.kms.v1.KeyManagementService.ListCryptoKeys]. -message ListCryptoKeysRequest { - // Required. The resource name of the [KeyRing][google.cloud.kms.v1.KeyRing] to list, in the format - // `projects/*/locations/*/keyRings/*`. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/KeyRing" - } - ]; - - // Optional. Optional limit on the number of [CryptoKeys][google.cloud.kms.v1.CryptoKey] to include in the - // response. Further [CryptoKeys][google.cloud.kms.v1.CryptoKey] can subsequently be obtained by - // including the [ListCryptoKeysResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token] in a subsequent - // request. If unspecified, the server will pick an appropriate default. - int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Optional pagination token, returned earlier via - // [ListCryptoKeysResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token]. - string page_token = 3 [(google.api.field_behavior) = OPTIONAL]; - - // The fields of the primary version to include in the response. - CryptoKeyVersion.CryptoKeyVersionView version_view = 4; - - // Optional. Only include resources that match the filter in the response. For - // more information, see - // [Sorting and filtering list - // results](https://cloud.google.com/kms/docs/sorting-and-filtering). - string filter = 5 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Specify how the results should be sorted. If not specified, the - // results will be sorted in the default order. For more information, see - // [Sorting and filtering list - // results](https://cloud.google.com/kms/docs/sorting-and-filtering). - string order_by = 6 [(google.api.field_behavior) = OPTIONAL]; -} - -// Request message for [KeyManagementService.ListCryptoKeyVersions][google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions]. -message ListCryptoKeyVersionsRequest { - // Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to list, in the format - // `projects/*/locations/*/keyRings/*/cryptoKeys/*`. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKey" - } - ]; - - // Optional. Optional limit on the number of [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] to - // include in the response. Further [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] can - // subsequently be obtained by including the - // [ListCryptoKeyVersionsResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token] in a subsequent request. - // If unspecified, the server will pick an appropriate default. - int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Optional pagination token, returned earlier via - // [ListCryptoKeyVersionsResponse.next_page_token][google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token]. - string page_token = 3 [(google.api.field_behavior) = OPTIONAL]; - - // The fields to include in the response. - CryptoKeyVersion.CryptoKeyVersionView view = 4; - - // Optional. Only include resources that match the filter in the response. For - // more information, see - // [Sorting and filtering list - // results](https://cloud.google.com/kms/docs/sorting-and-filtering). - string filter = 5 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Specify how the results should be sorted. If not specified, the - // results will be sorted in the default order. For more information, see - // [Sorting and filtering list - // results](https://cloud.google.com/kms/docs/sorting-and-filtering). - string order_by = 6 [(google.api.field_behavior) = OPTIONAL]; -} - -// Request message for [KeyManagementService.ListImportJobs][google.cloud.kms.v1.KeyManagementService.ListImportJobs]. -message ListImportJobsRequest { - // Required. The resource name of the [KeyRing][google.cloud.kms.v1.KeyRing] to list, in the format - // `projects/*/locations/*/keyRings/*`. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/KeyRing" - } - ]; - - // Optional. Optional limit on the number of [ImportJobs][google.cloud.kms.v1.ImportJob] to include in the - // response. Further [ImportJobs][google.cloud.kms.v1.ImportJob] can subsequently be obtained by - // including the [ListImportJobsResponse.next_page_token][google.cloud.kms.v1.ListImportJobsResponse.next_page_token] in a subsequent - // request. If unspecified, the server will pick an appropriate default. - int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Optional pagination token, returned earlier via - // [ListImportJobsResponse.next_page_token][google.cloud.kms.v1.ListImportJobsResponse.next_page_token]. - string page_token = 3 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Only include resources that match the filter in the response. For - // more information, see - // [Sorting and filtering list - // results](https://cloud.google.com/kms/docs/sorting-and-filtering). - string filter = 4 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. Specify how the results should be sorted. If not specified, the - // results will be sorted in the default order. For more information, see - // [Sorting and filtering list - // results](https://cloud.google.com/kms/docs/sorting-and-filtering). - string order_by = 5 [(google.api.field_behavior) = OPTIONAL]; -} - -// Response message for [KeyManagementService.ListKeyRings][google.cloud.kms.v1.KeyManagementService.ListKeyRings]. -message ListKeyRingsResponse { - // The list of [KeyRings][google.cloud.kms.v1.KeyRing]. - repeated KeyRing key_rings = 1; - - // A token to retrieve next page of results. Pass this value in - // [ListKeyRingsRequest.page_token][google.cloud.kms.v1.ListKeyRingsRequest.page_token] to retrieve the next page of results. - string next_page_token = 2; - - // The total number of [KeyRings][google.cloud.kms.v1.KeyRing] that matched the query. - int32 total_size = 3; -} - -// Response message for [KeyManagementService.ListCryptoKeys][google.cloud.kms.v1.KeyManagementService.ListCryptoKeys]. -message ListCryptoKeysResponse { - // The list of [CryptoKeys][google.cloud.kms.v1.CryptoKey]. - repeated CryptoKey crypto_keys = 1; - - // A token to retrieve next page of results. Pass this value in - // [ListCryptoKeysRequest.page_token][google.cloud.kms.v1.ListCryptoKeysRequest.page_token] to retrieve the next page of results. - string next_page_token = 2; - - // The total number of [CryptoKeys][google.cloud.kms.v1.CryptoKey] that matched the query. - int32 total_size = 3; -} - -// Response message for [KeyManagementService.ListCryptoKeyVersions][google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions]. -message ListCryptoKeyVersionsResponse { - // The list of [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion]. - repeated CryptoKeyVersion crypto_key_versions = 1; - - // A token to retrieve next page of results. Pass this value in - // [ListCryptoKeyVersionsRequest.page_token][google.cloud.kms.v1.ListCryptoKeyVersionsRequest.page_token] to retrieve the next page of - // results. - string next_page_token = 2; - - // The total number of [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] that matched the - // query. - int32 total_size = 3; -} - -// Response message for [KeyManagementService.ListImportJobs][google.cloud.kms.v1.KeyManagementService.ListImportJobs]. -message ListImportJobsResponse { - // The list of [ImportJobs][google.cloud.kms.v1.ImportJob]. - repeated ImportJob import_jobs = 1; - - // A token to retrieve next page of results. Pass this value in - // [ListImportJobsRequest.page_token][google.cloud.kms.v1.ListImportJobsRequest.page_token] to retrieve the next page of results. - string next_page_token = 2; - - // The total number of [ImportJobs][google.cloud.kms.v1.ImportJob] that matched the query. - int32 total_size = 3; -} - -// Request message for [KeyManagementService.GetKeyRing][google.cloud.kms.v1.KeyManagementService.GetKeyRing]. -message GetKeyRingRequest { - // Required. The [name][google.cloud.kms.v1.KeyRing.name] of the [KeyRing][google.cloud.kms.v1.KeyRing] to get. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/KeyRing" - } - ]; -} - -// Request message for [KeyManagementService.GetCryptoKey][google.cloud.kms.v1.KeyManagementService.GetCryptoKey]. -message GetCryptoKeyRequest { - // Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to get. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKey" - } - ]; -} - -// Request message for [KeyManagementService.GetCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.GetCryptoKeyVersion]. -message GetCryptoKeyVersionRequest { - // Required. The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to get. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKeyVersion" - } - ]; -} - -// Request message for [KeyManagementService.GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]. -message GetPublicKeyRequest { - // Required. The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] public key to - // get. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKeyVersion" - } - ]; -} - -// Request message for [KeyManagementService.GetImportJob][google.cloud.kms.v1.KeyManagementService.GetImportJob]. -message GetImportJobRequest { - // Required. The [name][google.cloud.kms.v1.ImportJob.name] of the [ImportJob][google.cloud.kms.v1.ImportJob] to get. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/ImportJob" - } - ]; -} - -// Request message for [KeyManagementService.CreateKeyRing][google.cloud.kms.v1.KeyManagementService.CreateKeyRing]. -message CreateKeyRingRequest { - // Required. The resource name of the location associated with the - // [KeyRings][google.cloud.kms.v1.KeyRing], in the format `projects/*/locations/*`. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "locations.googleapis.com/Location" - } - ]; - - // Required. It must be unique within a location and match the regular - // expression `[a-zA-Z0-9_-]{1,63}` - string key_ring_id = 2 [(google.api.field_behavior) = REQUIRED]; - - // Required. A [KeyRing][google.cloud.kms.v1.KeyRing] with initial field values. - KeyRing key_ring = 3 [(google.api.field_behavior) = REQUIRED]; -} - -// Request message for [KeyManagementService.CreateCryptoKey][google.cloud.kms.v1.KeyManagementService.CreateCryptoKey]. -message CreateCryptoKeyRequest { - // Required. The [name][google.cloud.kms.v1.KeyRing.name] of the KeyRing associated with the - // [CryptoKeys][google.cloud.kms.v1.CryptoKey]. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/KeyRing" - } - ]; - - // Required. It must be unique within a KeyRing and match the regular - // expression `[a-zA-Z0-9_-]{1,63}` - string crypto_key_id = 2 [(google.api.field_behavior) = REQUIRED]; - - // Required. A [CryptoKey][google.cloud.kms.v1.CryptoKey] with initial field values. - CryptoKey crypto_key = 3 [(google.api.field_behavior) = REQUIRED]; - - // If set to true, the request will create a [CryptoKey][google.cloud.kms.v1.CryptoKey] without any - // [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion]. You must manually call - // [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] or - // [ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion] - // before you can use this [CryptoKey][google.cloud.kms.v1.CryptoKey]. - bool skip_initial_version_creation = 5; -} - -// Request message for [KeyManagementService.CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion]. -message CreateCryptoKeyVersionRequest { - // Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] associated with - // the [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion]. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKey" - } - ]; - - // Required. A [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with initial field values. - CryptoKeyVersion crypto_key_version = 2 [(google.api.field_behavior) = REQUIRED]; -} - -// Request message for [KeyManagementService.ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion]. -message ImportCryptoKeyVersionRequest { - // Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to - // be imported into. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKey" - } - ]; - - // Required. The [algorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] of - // the key being imported. This does not need to match the - // [version_template][google.cloud.kms.v1.CryptoKey.version_template] of the [CryptoKey][google.cloud.kms.v1.CryptoKey] this - // version imports into. - CryptoKeyVersion.CryptoKeyVersionAlgorithm algorithm = 2 [(google.api.field_behavior) = REQUIRED]; - - // Required. The [name][google.cloud.kms.v1.ImportJob.name] of the [ImportJob][google.cloud.kms.v1.ImportJob] that was used to - // wrap this key material. - string import_job = 4 [(google.api.field_behavior) = REQUIRED]; - - // Required. The incoming wrapped key material that is to be imported. - oneof wrapped_key_material { - // Wrapped key material produced with - // [RSA_OAEP_3072_SHA1_AES_256][google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_3072_SHA1_AES_256] - // or - // [RSA_OAEP_4096_SHA1_AES_256][google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_4096_SHA1_AES_256]. - // - // This field contains the concatenation of two wrapped keys: - //
    - //
  1. An ephemeral AES-256 wrapping key wrapped with the - // [public_key][google.cloud.kms.v1.ImportJob.public_key] using RSAES-OAEP with SHA-1, - // MGF1 with SHA-1, and an empty label. - //
    2. - //
  2. The key to be imported, wrapped with the ephemeral AES-256 key - // using AES-KWP (RFC 5649). - //
    3. - //
- // - // If importing symmetric key material, it is expected that the unwrapped - // key contains plain bytes. If importing asymmetric key material, it is - // expected that the unwrapped key is in PKCS#8-encoded DER format (the - // PrivateKeyInfo structure from RFC 5208). - // - // This format is the same as the format produced by PKCS#11 mechanism - // CKM_RSA_AES_KEY_WRAP. - bytes rsa_aes_wrapped_key = 5; - } -} - -// Request message for [KeyManagementService.CreateImportJob][google.cloud.kms.v1.KeyManagementService.CreateImportJob]. -message CreateImportJobRequest { - // Required. The [name][google.cloud.kms.v1.KeyRing.name] of the [KeyRing][google.cloud.kms.v1.KeyRing] associated with the - // [ImportJobs][google.cloud.kms.v1.ImportJob]. - string parent = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/KeyRing" - } - ]; - - // Required. It must be unique within a KeyRing and match the regular - // expression `[a-zA-Z0-9_-]{1,63}` - string import_job_id = 2 [(google.api.field_behavior) = REQUIRED]; - - // Required. An [ImportJob][google.cloud.kms.v1.ImportJob] with initial field values. - ImportJob import_job = 3 [(google.api.field_behavior) = REQUIRED]; -} - -// Request message for [KeyManagementService.UpdateCryptoKey][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKey]. -message UpdateCryptoKeyRequest { - // Required. [CryptoKey][google.cloud.kms.v1.CryptoKey] with updated values. - CryptoKey crypto_key = 1 [(google.api.field_behavior) = REQUIRED]; - - // Required. List of fields to be updated in this request. - google.protobuf.FieldMask update_mask = 2 [(google.api.field_behavior) = REQUIRED]; -} - -// Request message for [KeyManagementService.UpdateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyVersion]. -message UpdateCryptoKeyVersionRequest { - // Required. [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with updated values. - CryptoKeyVersion crypto_key_version = 1 [(google.api.field_behavior) = REQUIRED]; - - // Required. List of fields to be updated in this request. - google.protobuf.FieldMask update_mask = 2 [(google.api.field_behavior) = REQUIRED]; -} - -// Request message for [KeyManagementService.UpdateCryptoKeyPrimaryVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVersion]. -message UpdateCryptoKeyPrimaryVersionRequest { - // Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to update. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKey" - } - ]; - - // Required. The id of the child [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use as primary. - string crypto_key_version_id = 2 [(google.api.field_behavior) = REQUIRED]; -} - -// Request message for [KeyManagementService.DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion]. -message DestroyCryptoKeyVersionRequest { - // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to destroy. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKeyVersion" - } - ]; -} - -// Request message for [KeyManagementService.RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]. -message RestoreCryptoKeyVersionRequest { - // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to restore. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKeyVersion" - } - ]; -} - -// Request message for [KeyManagementService.Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. -message EncryptRequest { - // Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] or [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] - // to use for encryption. - // - // If a [CryptoKey][google.cloud.kms.v1.CryptoKey] is specified, the server will use its - // [primary version][google.cloud.kms.v1.CryptoKey.primary]. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "*" - } - ]; - - // Required. The data to encrypt. Must be no larger than 64KiB. - // - // The maximum size depends on the key version's - // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. For - // [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the plaintext must be no larger - // than 64KiB. For [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of the - // plaintext and additional_authenticated_data fields must be no larger than - // 8KiB. - bytes plaintext = 2 [(google.api.field_behavior) = REQUIRED]; - - // Optional. Optional data that, if specified, must also be provided during decryption - // through [DecryptRequest.additional_authenticated_data][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data]. - // - // The maximum size depends on the key version's - // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. For - // [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the AAD must be no larger than - // 64KiB. For [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of the - // plaintext and additional_authenticated_data fields must be no larger than - // 8KiB. - bytes additional_authenticated_data = 3 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. An optional CRC32C checksum of the [EncryptRequest.plaintext][google.cloud.kms.v1.EncryptRequest.plaintext]. If - // specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the - // received [EncryptRequest.plaintext][google.cloud.kms.v1.EncryptRequest.plaintext] using this checksum. - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification - // fails. If you receive a checksum error, your client should verify that - // CRC32C([EncryptRequest.plaintext][google.cloud.kms.v1.EncryptRequest.plaintext]) is equal to - // [EncryptRequest.plaintext_crc32c][google.cloud.kms.v1.EncryptRequest.plaintext_crc32c], and if so, perform a limited number of - // retries. A persistent mismatch may indicate an issue in your computation of - // the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value plaintext_crc32c = 7 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. An optional CRC32C checksum of the - // [EncryptRequest.additional_authenticated_data][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data]. If specified, - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received - // [EncryptRequest.additional_authenticated_data][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data] using this checksum. - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification - // fails. If you receive a checksum error, your client should verify that - // CRC32C([EncryptRequest.additional_authenticated_data][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data]) is equal to - // [EncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c], and if so, perform - // a limited number of retries. A persistent mismatch may indicate an issue in - // your computation of the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value additional_authenticated_data_crc32c = 8 [(google.api.field_behavior) = OPTIONAL]; -} - -// Request message for [KeyManagementService.Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. -message DecryptRequest { - // Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to use for decryption. - // The server will choose the appropriate version. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKey" - } - ]; - - // Required. The encrypted data originally returned in - // [EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext]. - bytes ciphertext = 2 [(google.api.field_behavior) = REQUIRED]; - - // Optional. Optional data that must match the data originally supplied in - // [EncryptRequest.additional_authenticated_data][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data]. - bytes additional_authenticated_data = 3 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. An optional CRC32C checksum of the [DecryptRequest.ciphertext][google.cloud.kms.v1.DecryptRequest.ciphertext]. If - // specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the - // received [DecryptRequest.ciphertext][google.cloud.kms.v1.DecryptRequest.ciphertext] using this checksum. - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification - // fails. If you receive a checksum error, your client should verify that - // CRC32C([DecryptRequest.ciphertext][google.cloud.kms.v1.DecryptRequest.ciphertext]) is equal to - // [DecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.DecryptRequest.ciphertext_crc32c], and if so, perform a limited number - // of retries. A persistent mismatch may indicate an issue in your computation - // of the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value ciphertext_crc32c = 5 [(google.api.field_behavior) = OPTIONAL]; - - // Optional. An optional CRC32C checksum of the - // [DecryptRequest.additional_authenticated_data][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data]. If specified, - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the received - // [DecryptRequest.additional_authenticated_data][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data] using this checksum. - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification - // fails. If you receive a checksum error, your client should verify that - // CRC32C([DecryptRequest.additional_authenticated_data][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data]) is equal to - // [DecryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.DecryptRequest.additional_authenticated_data_crc32c], and if so, perform - // a limited number of retries. A persistent mismatch may indicate an issue in - // your computation of the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value additional_authenticated_data_crc32c = 6 [(google.api.field_behavior) = OPTIONAL]; -} - -// Request message for [KeyManagementService.AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign]. -message AsymmetricSignRequest { - // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for signing. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKeyVersion" - } - ]; - - // Required. The digest of the data to sign. The digest must be produced with - // the same digest algorithm as specified by the key version's - // [algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm]. - Digest digest = 3 [(google.api.field_behavior) = REQUIRED]; - - // Optional. An optional CRC32C checksum of the [AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest]. If - // specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the - // received [AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest] using this checksum. - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification - // fails. If you receive a checksum error, your client should verify that - // CRC32C([AsymmetricSignRequest.digest][google.cloud.kms.v1.AsymmetricSignRequest.digest]) is equal to - // [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c], and if so, perform a limited - // number of retries. A persistent mismatch may indicate an issue in your - // computation of the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value digest_crc32c = 4 [(google.api.field_behavior) = OPTIONAL]; -} - -// Request message for [KeyManagementService.AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt]. -message AsymmetricDecryptRequest { - // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for - // decryption. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKeyVersion" - } - ]; - - // Required. The data encrypted with the named [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s public - // key using OAEP. - bytes ciphertext = 3 [(google.api.field_behavior) = REQUIRED]; - - // Optional. An optional CRC32C checksum of the [AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext]. - // If specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the - // received [AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext] using this checksum. - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification - // fails. If you receive a checksum error, your client should verify that - // CRC32C([AsymmetricDecryptRequest.ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext]) is equal to - // [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c], and if so, perform a - // limited number of retries. A persistent mismatch may indicate an issue in - // your computation of the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value ciphertext_crc32c = 4 [(google.api.field_behavior) = OPTIONAL]; -} - -// Request message for [KeyManagementService.MacSign][google.cloud.kms.v1.KeyManagementService.MacSign]. -message MacSignRequest { - // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for signing. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKeyVersion" - } - ]; - - // Required. The data to sign. The MAC tag is computed over this data field based on - // the specific algorithm. - bytes data = 2 [(google.api.field_behavior) = REQUIRED]; - - // Optional. An optional CRC32C checksum of the [MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data]. If - // specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the - // received [MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data] using this checksum. - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification - // fails. If you receive a checksum error, your client should verify that - // CRC32C([MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data]) is equal to - // [MacSignRequest.data_crc32c][google.cloud.kms.v1.MacSignRequest.data_crc32c], and if so, perform a limited - // number of retries. A persistent mismatch may indicate an issue in your - // computation of the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value data_crc32c = 3 [(google.api.field_behavior) = OPTIONAL]; -} - -// Request message for [KeyManagementService.MacVerify][google.cloud.kms.v1.KeyManagementService.MacVerify]. -message MacVerifyRequest { - // Required. The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for verification. - string name = 1 [ - (google.api.field_behavior) = REQUIRED, - (google.api.resource_reference) = { - type: "cloudkms.googleapis.com/CryptoKeyVersion" - } - ]; - - // Required. The data used previously as a [MacSignRequest.data][google.cloud.kms.v1.MacSignRequest.data] to generate the MAC - // tag. - bytes data = 2 [(google.api.field_behavior) = REQUIRED]; - - // Optional. An optional CRC32C checksum of the [MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data]. If - // specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the - // received [MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data] using this checksum. - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification - // fails. If you receive a checksum error, your client should verify that - // CRC32C([MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data]) is equal to - // [MacVerifyRequest.data_crc32c][google.cloud.kms.v1.MacVerifyRequest.data_crc32c], and if so, perform a limited - // number of retries. A persistent mismatch may indicate an issue in your - // computation of the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value data_crc32c = 3 [(google.api.field_behavior) = OPTIONAL]; - - // Required. The signature to verify. - bytes mac = 4 [(google.api.field_behavior) = REQUIRED]; - - // Optional. An optional CRC32C checksum of the [MacVerifyRequest.mac][google.cloud.kms.v1.MacVerifyRequest.mac]. If - // specified, [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will verify the integrity of the - // received [MacVerifyRequest.mac][google.cloud.kms.v1.MacVerifyRequest.mac] using this checksum. - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] will report an error if the checksum verification - // fails. If you receive a checksum error, your client should verify that - // CRC32C([MacVerifyRequest.tag][]) is equal to - // [MacVerifyRequest.mac_crc32c][google.cloud.kms.v1.MacVerifyRequest.mac_crc32c], and if so, perform a limited - // number of retries. A persistent mismatch may indicate an issue in your - // computation of the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value mac_crc32c = 5 [(google.api.field_behavior) = OPTIONAL]; -} - -// Request message for [KeyManagementService.GenerateRandomBytes][google.cloud.kms.v1.KeyManagementService.GenerateRandomBytes]. -message GenerateRandomBytesRequest { - // The project-specific location in which to generate random bytes. - // For example, "projects/my-project/locations/us-central1". - string location = 1; - - // The length in bytes of the amount of randomness to retrieve. Minimum 8 - // bytes, maximum 1024 bytes. - int32 length_bytes = 2; - - // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] to use when generating the random data. Defaults to - // [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE]. - ProtectionLevel protection_level = 3; -} - -// Response message for [KeyManagementService.Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. -message EncryptResponse { - // The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in encryption. Check - // this field to verify that the intended resource was used for encryption. - string name = 1; - - // The encrypted data. - bytes ciphertext = 2; - - // Integrity verification field. A CRC32C checksum of the returned - // [EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext]. An integrity check of - // [EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext] can be performed by computing the CRC32C - // checksum of [EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext] and comparing your results to - // this field. Discard the response in case of non-matching checksum values, - // and perform a limited number of retries. A persistent mismatch may indicate - // an issue in your computation of the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value ciphertext_crc32c = 4; - - // Integrity verification field. A flag indicating whether - // [EncryptRequest.plaintext_crc32c][google.cloud.kms.v1.EncryptRequest.plaintext_crc32c] was received by - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the - // [plaintext][google.cloud.kms.v1.EncryptRequest.plaintext]. A false value of this field - // indicates either that [EncryptRequest.plaintext_crc32c][google.cloud.kms.v1.EncryptRequest.plaintext_crc32c] was left unset or - // that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set - // [EncryptRequest.plaintext_crc32c][google.cloud.kms.v1.EncryptRequest.plaintext_crc32c] but this field is still false, discard - // the response and perform a limited number of retries. - bool verified_plaintext_crc32c = 5; - - // Integrity verification field. A flag indicating whether - // [EncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c] was received by - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the - // [AAD][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data]. A false value of this - // field indicates either that - // [EncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c] was left unset or - // that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've set - // [EncryptRequest.additional_authenticated_data_crc32c][google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c] but this field is - // still false, discard the response and perform a limited number of retries. - bool verified_additional_authenticated_data_crc32c = 6; - - // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in encryption. - ProtectionLevel protection_level = 7; -} - -// Response message for [KeyManagementService.Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. -message DecryptResponse { - // The decrypted data originally supplied in [EncryptRequest.plaintext][google.cloud.kms.v1.EncryptRequest.plaintext]. - bytes plaintext = 1; - - // Integrity verification field. A CRC32C checksum of the returned - // [DecryptResponse.plaintext][google.cloud.kms.v1.DecryptResponse.plaintext]. An integrity check of - // [DecryptResponse.plaintext][google.cloud.kms.v1.DecryptResponse.plaintext] can be performed by computing the CRC32C - // checksum of [DecryptResponse.plaintext][google.cloud.kms.v1.DecryptResponse.plaintext] and comparing your results to - // this field. Discard the response in case of non-matching checksum values, - // and perform a limited number of retries. A persistent mismatch may indicate - // an issue in your computation of the CRC32C checksum. Note: receiving this - // response message indicates that [KeyManagementService][google.cloud.kms.v1.KeyManagementService] is able to - // successfully decrypt the [ciphertext][google.cloud.kms.v1.DecryptRequest.ciphertext]. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value plaintext_crc32c = 2; - - // Whether the Decryption was performed using the primary key version. - bool used_primary = 3; - - // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in decryption. - ProtectionLevel protection_level = 4; -} - -// Response message for [KeyManagementService.AsymmetricSign][google.cloud.kms.v1.KeyManagementService.AsymmetricSign]. -message AsymmetricSignResponse { - // The created signature. - bytes signature = 1; - - // Integrity verification field. A CRC32C checksum of the returned - // [AsymmetricSignResponse.signature][google.cloud.kms.v1.AsymmetricSignResponse.signature]. An integrity check of - // [AsymmetricSignResponse.signature][google.cloud.kms.v1.AsymmetricSignResponse.signature] can be performed by computing the - // CRC32C checksum of [AsymmetricSignResponse.signature][google.cloud.kms.v1.AsymmetricSignResponse.signature] and comparing your - // results to this field. Discard the response in case of non-matching - // checksum values, and perform a limited number of retries. A persistent - // mismatch may indicate an issue in your computation of the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value signature_crc32c = 2; - - // Integrity verification field. A flag indicating whether - // [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c] was received by - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the - // [digest][google.cloud.kms.v1.AsymmetricSignRequest.digest]. A false value of this field - // indicates either that [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c] was left - // unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've - // set [AsymmetricSignRequest.digest_crc32c][google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c] but this field is still false, - // discard the response and perform a limited number of retries. - bool verified_digest_crc32c = 3; - - // The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for signing. Check - // this field to verify that the intended resource was used for signing. - string name = 4; - - // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for signing. - ProtectionLevel protection_level = 6; -} - -// Response message for [KeyManagementService.AsymmetricDecrypt][google.cloud.kms.v1.KeyManagementService.AsymmetricDecrypt]. -message AsymmetricDecryptResponse { - // The decrypted data originally encrypted with the matching public key. - bytes plaintext = 1; - - // Integrity verification field. A CRC32C checksum of the returned - // [AsymmetricDecryptResponse.plaintext][google.cloud.kms.v1.AsymmetricDecryptResponse.plaintext]. An integrity check of - // [AsymmetricDecryptResponse.plaintext][google.cloud.kms.v1.AsymmetricDecryptResponse.plaintext] can be performed by computing the - // CRC32C checksum of [AsymmetricDecryptResponse.plaintext][google.cloud.kms.v1.AsymmetricDecryptResponse.plaintext] and comparing - // your results to this field. Discard the response in case of non-matching - // checksum values, and perform a limited number of retries. A persistent - // mismatch may indicate an issue in your computation of the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value plaintext_crc32c = 2; - - // Integrity verification field. A flag indicating whether - // [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c] was received by - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the - // [ciphertext][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext]. A false value of this - // field indicates either that [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c] - // was left unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If - // you've set [AsymmetricDecryptRequest.ciphertext_crc32c][google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c] but this field is - // still false, discard the response and perform a limited number of retries. - bool verified_ciphertext_crc32c = 3; - - // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used in decryption. - ProtectionLevel protection_level = 4; -} - -// Response message for [KeyManagementService.MacSign][google.cloud.kms.v1.KeyManagementService.MacSign]. -message MacSignResponse { - // The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for signing. Check - // this field to verify that the intended resource was used for signing. - string name = 1; - - // The created signature. - bytes mac = 2; - - // Integrity verification field. A CRC32C checksum of the returned - // [MacSignResponse.mac][google.cloud.kms.v1.MacSignResponse.mac]. An integrity check of - // [MacSignResponse.mac][google.cloud.kms.v1.MacSignResponse.mac] can be performed by computing the - // CRC32C checksum of [MacSignResponse.mac][google.cloud.kms.v1.MacSignResponse.mac] and comparing your - // results to this field. Discard the response in case of non-matching - // checksum values, and perform a limited number of retries. A persistent - // mismatch may indicate an issue in your computation of the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value mac_crc32c = 3; - - // Integrity verification field. A flag indicating whether - // [MacSignRequest.data_crc32c][google.cloud.kms.v1.MacSignRequest.data_crc32c] was received by - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the - // [data][google.cloud.kms.v1.MacSignRequest.data]. A false value of this field - // indicates either that [MacSignRequest.data_crc32c][google.cloud.kms.v1.MacSignRequest.data_crc32c] was left - // unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've - // set [MacSignRequest.data_crc32c][google.cloud.kms.v1.MacSignRequest.data_crc32c] but this field is still false, - // discard the response and perform a limited number of retries. - bool verified_data_crc32c = 4; - - // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for signing. - ProtectionLevel protection_level = 5; -} - -// Response message for [KeyManagementService.MacVerify][google.cloud.kms.v1.KeyManagementService.MacVerify]. -message MacVerifyResponse { - // The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for verification. - // Check this field to verify that the intended resource was used for - // verification. - string name = 1; - - // This field indicates whether or not the verification operation for - // [MacVerifyRequest.mac][google.cloud.kms.v1.MacVerifyRequest.mac] over [MacVerifyRequest.data][google.cloud.kms.v1.MacVerifyRequest.data] was successful. - bool success = 2; - - // Integrity verification field. A flag indicating whether - // [MacVerifyRequest.data_crc32c][google.cloud.kms.v1.MacVerifyRequest.data_crc32c] was received by - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the - // [data][google.cloud.kms.v1.MacVerifyRequest.data]. A false value of this field - // indicates either that [MacVerifyRequest.data_crc32c][google.cloud.kms.v1.MacVerifyRequest.data_crc32c] was left - // unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've - // set [MacVerifyRequest.data_crc32c][google.cloud.kms.v1.MacVerifyRequest.data_crc32c] but this field is still false, - // discard the response and perform a limited number of retries. - bool verified_data_crc32c = 3; - - // Integrity verification field. A flag indicating whether - // [MacVerifyRequest.mac_crc32c][google.cloud.kms.v1.MacVerifyRequest.mac_crc32c] was received by - // [KeyManagementService][google.cloud.kms.v1.KeyManagementService] and used for the integrity verification of the - // [data][google.cloud.kms.v1.MacVerifyRequest.mac]. A false value of this field - // indicates either that [MacVerifyRequest.mac_crc32c][google.cloud.kms.v1.MacVerifyRequest.mac_crc32c] was left - // unset or that it was not delivered to [KeyManagementService][google.cloud.kms.v1.KeyManagementService]. If you've - // set [MacVerifyRequest.mac_crc32c][google.cloud.kms.v1.MacVerifyRequest.mac_crc32c] but this field is still false, - // discard the response and perform a limited number of retries. - bool verified_mac_crc32c = 4; - - // Integrity verification field. This value is used for the integrity - // verification of [MacVerifyResponse.success]. If the value of this field - // contradicts the value of [MacVerifyResponse.success], discard the response - // and perform a limited number of retries. - bool verified_success_integrity = 5; - - // The [ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] used for verification. - ProtectionLevel protection_level = 6; -} - -// Response message for [KeyManagementService.GenerateRandomBytes][google.cloud.kms.v1.KeyManagementService.GenerateRandomBytes]. -message GenerateRandomBytesResponse { - // The generated data. - bytes data = 1; - - // Integrity verification field. A CRC32C checksum of the returned - // [GenerateRandomBytesResponse.data][google.cloud.kms.v1.GenerateRandomBytesResponse.data]. An integrity check of - // [GenerateRandomBytesResponse.data][google.cloud.kms.v1.GenerateRandomBytesResponse.data] can be performed by computing the - // CRC32C checksum of [GenerateRandomBytesResponse.data][google.cloud.kms.v1.GenerateRandomBytesResponse.data] and comparing your - // results to this field. Discard the response in case of non-matching - // checksum values, and perform a limited number of retries. A persistent - // mismatch may indicate an issue in your computation of the CRC32C checksum. - // Note: This field is defined as int64 for reasons of compatibility across - // different languages. However, it is a non-negative integer, which will - // never exceed 2^32-1, and can be safely downconverted to uint32 in languages - // that support this type. - google.protobuf.Int64Value data_crc32c = 3; -} - -// A [Digest][google.cloud.kms.v1.Digest] holds a cryptographic message digest. -message Digest { - // Required. The message digest. - oneof digest { - // A message digest produced with the SHA-256 algorithm. - bytes sha256 = 1; - - // A message digest produced with the SHA-384 algorithm. - bytes sha384 = 2; - - // A message digest produced with the SHA-512 algorithm. - bytes sha512 = 3; - } -} - -// Cloud KMS metadata for the given [google.cloud.location.Location][google.cloud.location.Location]. -message LocationMetadata { - // Indicates whether [CryptoKeys][google.cloud.kms.v1.CryptoKey] with - // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level] - // [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] can be created in this location. - bool hsm_available = 1; - - // Indicates whether [CryptoKeys][google.cloud.kms.v1.CryptoKey] with - // [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level] - // [EXTERNAL][google.cloud.kms.v1.ProtectionLevel.EXTERNAL] can be created in this location. - bool ekm_available = 2; -} diff --git a/owl-bot-staging/v1/src/index.ts b/owl-bot-staging/v1/src/index.ts deleted file mode 100644 index 8bd69410..00000000 --- a/owl-bot-staging/v1/src/index.ts +++ /dev/null @@ -1,25 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import * as v1 from './v1'; -const KeyManagementServiceClient = v1.KeyManagementServiceClient; -type KeyManagementServiceClient = v1.KeyManagementServiceClient; -export {v1, KeyManagementServiceClient}; -export default {v1, KeyManagementServiceClient}; -import * as protos from '../protos/protos'; -export {protos} diff --git a/owl-bot-staging/v1/src/v1/gapic_metadata.json b/owl-bot-staging/v1/src/v1/gapic_metadata.json deleted file mode 100644 index 2567548f..00000000 --- a/owl-bot-staging/v1/src/v1/gapic_metadata.json +++ /dev/null @@ -1,299 +0,0 @@ -{ - "schema": "1.0", - "comment": "This file maps proto services/RPCs to the corresponding library clients/methods", - "language": "typescript", - "protoPackage": "google.cloud.kms.v1", - "libraryPackage": "@google-cloud/kms", - "services": { - "KeyManagementService": { - "clients": { - "grpc": { - "libraryClient": "KeyManagementServiceClient", - "rpcs": { - "GetKeyRing": { - "methods": [ - "getKeyRing" - ] - }, - "GetCryptoKey": { - "methods": [ - "getCryptoKey" - ] - }, - "GetCryptoKeyVersion": { - "methods": [ - "getCryptoKeyVersion" - ] - }, - "GetPublicKey": { - "methods": [ - "getPublicKey" - ] - }, - "GetImportJob": { - "methods": [ - "getImportJob" - ] - }, - "CreateKeyRing": { - "methods": [ - "createKeyRing" - ] - }, - "CreateCryptoKey": { - "methods": [ - "createCryptoKey" - ] - }, - "CreateCryptoKeyVersion": { - "methods": [ - "createCryptoKeyVersion" - ] - }, - "ImportCryptoKeyVersion": { - "methods": [ - "importCryptoKeyVersion" - ] - }, - "CreateImportJob": { - "methods": [ - "createImportJob" - ] - }, - "UpdateCryptoKey": { - "methods": [ - "updateCryptoKey" - ] - }, - "UpdateCryptoKeyVersion": { - "methods": [ - "updateCryptoKeyVersion" - ] - }, - "UpdateCryptoKeyPrimaryVersion": { - "methods": [ - "updateCryptoKeyPrimaryVersion" - ] - }, - "DestroyCryptoKeyVersion": { - "methods": [ - "destroyCryptoKeyVersion" - ] - }, - "RestoreCryptoKeyVersion": { - "methods": [ - "restoreCryptoKeyVersion" - ] - }, - "Encrypt": { - "methods": [ - "encrypt" - ] - }, - "Decrypt": { - "methods": [ - "decrypt" - ] - }, - "AsymmetricSign": { - "methods": [ - "asymmetricSign" - ] - }, - "AsymmetricDecrypt": { - "methods": [ - "asymmetricDecrypt" - ] - }, - "MacSign": { - "methods": [ - "macSign" - ] - }, - "MacVerify": { - "methods": [ - "macVerify" - ] - }, - "GenerateRandomBytes": { - "methods": [ - "generateRandomBytes" - ] - }, - "ListKeyRings": { - "methods": [ - "listKeyRings", - "listKeyRingsStream", - "listKeyRingsAsync" - ] - }, - "ListCryptoKeys": { - "methods": [ - "listCryptoKeys", - "listCryptoKeysStream", - "listCryptoKeysAsync" - ] - }, - "ListCryptoKeyVersions": { - "methods": [ - "listCryptoKeyVersions", - "listCryptoKeyVersionsStream", - "listCryptoKeyVersionsAsync" - ] - }, - "ListImportJobs": { - "methods": [ - "listImportJobs", - "listImportJobsStream", - "listImportJobsAsync" - ] - } - } - }, - "grpc-fallback": { - "libraryClient": "KeyManagementServiceClient", - "rpcs": { - "GetKeyRing": { - "methods": [ - "getKeyRing" - ] - }, - "GetCryptoKey": { - "methods": [ - "getCryptoKey" - ] - }, - "GetCryptoKeyVersion": { - "methods": [ - "getCryptoKeyVersion" - ] - }, - "GetPublicKey": { - "methods": [ - "getPublicKey" - ] - }, - "GetImportJob": { - "methods": [ - "getImportJob" - ] - }, - "CreateKeyRing": { - "methods": [ - "createKeyRing" - ] - }, - "CreateCryptoKey": { - "methods": [ - "createCryptoKey" - ] - }, - "CreateCryptoKeyVersion": { - "methods": [ - "createCryptoKeyVersion" - ] - }, - "ImportCryptoKeyVersion": { - "methods": [ - "importCryptoKeyVersion" - ] - }, - "CreateImportJob": { - "methods": [ - "createImportJob" - ] - }, - "UpdateCryptoKey": { - "methods": [ - "updateCryptoKey" - ] - }, - "UpdateCryptoKeyVersion": { - "methods": [ - "updateCryptoKeyVersion" - ] - }, - "UpdateCryptoKeyPrimaryVersion": { - "methods": [ - "updateCryptoKeyPrimaryVersion" - ] - }, - "DestroyCryptoKeyVersion": { - "methods": [ - "destroyCryptoKeyVersion" - ] - }, - "RestoreCryptoKeyVersion": { - "methods": [ - "restoreCryptoKeyVersion" - ] - }, - "Encrypt": { - "methods": [ - "encrypt" - ] - }, - "Decrypt": { - "methods": [ - "decrypt" - ] - }, - "AsymmetricSign": { - "methods": [ - "asymmetricSign" - ] - }, - "AsymmetricDecrypt": { - "methods": [ - "asymmetricDecrypt" - ] - }, - "MacSign": { - "methods": [ - "macSign" - ] - }, - "MacVerify": { - "methods": [ - "macVerify" - ] - }, - "GenerateRandomBytes": { - "methods": [ - "generateRandomBytes" - ] - }, - "ListKeyRings": { - "methods": [ - "listKeyRings", - "listKeyRingsStream", - "listKeyRingsAsync" - ] - }, - "ListCryptoKeys": { - "methods": [ - "listCryptoKeys", - "listCryptoKeysStream", - "listCryptoKeysAsync" - ] - }, - "ListCryptoKeyVersions": { - "methods": [ - "listCryptoKeyVersions", - "listCryptoKeyVersionsStream", - "listCryptoKeyVersionsAsync" - ] - }, - "ListImportJobs": { - "methods": [ - "listImportJobs", - "listImportJobsStream", - "listImportJobsAsync" - ] - } - } - } - } - } - } -} diff --git a/owl-bot-staging/v1/src/v1/index.ts b/owl-bot-staging/v1/src/v1/index.ts deleted file mode 100644 index e07f7779..00000000 --- a/owl-bot-staging/v1/src/v1/index.ts +++ /dev/null @@ -1,19 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -export {KeyManagementServiceClient} from './key_management_service_client'; diff --git a/owl-bot-staging/v1/src/v1/key_management_service_client.ts b/owl-bot-staging/v1/src/v1/key_management_service_client.ts deleted file mode 100644 index 5ef96e7d..00000000 --- a/owl-bot-staging/v1/src/v1/key_management_service_client.ts +++ /dev/null @@ -1,3615 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -/* global window */ -import * as gax from 'google-gax'; -import {Callback, CallOptions, Descriptors, ClientOptions, PaginationCallback, GaxCall, IamClient, IamProtos} from 'google-gax'; - -import { Transform } from 'stream'; -import { RequestType } from 'google-gax/build/src/apitypes'; -import * as protos from '../../protos/protos'; -import jsonProtos = require('../../protos/protos.json'); -/** - * Client JSON configuration object, loaded from - * `src/v1/key_management_service_client_config.json`. - * This file defines retry strategy and timeouts for all API methods in this library. - */ -import * as gapicConfig from './key_management_service_client_config.json'; - -const version = require('../../../package.json').version; - -/** - * Google Cloud Key Management Service - * - * Manages cryptographic keys and operations using those keys. Implements a REST - * model with the following objects: - * - * * {@link google.cloud.kms.v1.KeyRing|KeyRing} - * * {@link google.cloud.kms.v1.CryptoKey|CryptoKey} - * * {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} - * * {@link google.cloud.kms.v1.ImportJob|ImportJob} - * - * If you are using manual gRPC libraries, see - * [Using gRPC with Cloud KMS](https://cloud.google.com/kms/docs/grpc). - * @class - * @memberof v1 - */ -export class KeyManagementServiceClient { - private _terminated = false; - private _opts: ClientOptions; - private _providedCustomServicePath: boolean; - private _gaxModule: typeof gax | typeof gax.fallback; - private _gaxGrpc: gax.GrpcClient | gax.fallback.GrpcClient; - private _protos: {}; - private _defaults: {[method: string]: gax.CallSettings}; - auth: gax.GoogleAuth; - descriptors: Descriptors = { - page: {}, - stream: {}, - longrunning: {}, - batching: {}, - }; - warn: (code: string, message: string, warnType?: string) => void; - innerApiCalls: {[name: string]: Function}; - iamClient: IamClient; - pathTemplates: {[name: string]: gax.PathTemplate}; - keyManagementServiceStub?: Promise<{[name: string]: Function}>; - - /** - * Construct an instance of KeyManagementServiceClient. - * - * @param {object} [options] - The configuration object. - * The options accepted by the constructor are described in detail - * in [this document](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#creating-the-client-instance). - * The common options are: - * @param {object} [options.credentials] - Credentials object. - * @param {string} [options.credentials.client_email] - * @param {string} [options.credentials.private_key] - * @param {string} [options.email] - Account email address. Required when - * using a .pem or .p12 keyFilename. - * @param {string} [options.keyFilename] - Full path to the a .json, .pem, or - * .p12 key downloaded from the Google Developers Console. If you provide - * a path to a JSON file, the projectId option below is not necessary. - * NOTE: .pem and .p12 require you to specify options.email as well. - * @param {number} [options.port] - The port on which to connect to - * the remote host. - * @param {string} [options.projectId] - The project ID from the Google - * Developer's Console, e.g. 'grape-spaceship-123'. We will also check - * the environment variable GCLOUD_PROJECT for your project ID. If your - * app is running in an environment which supports - * {@link https://developers.google.com/identity/protocols/application-default-credentials Application Default Credentials}, - * your project ID will be detected automatically. - * @param {string} [options.apiEndpoint] - The domain name of the - * API remote host. - * @param {gax.ClientConfig} [options.clientConfig] - Client configuration override. - * Follows the structure of {@link gapicConfig}. - * @param {boolean} [options.fallback] - Use HTTP fallback mode. - * In fallback mode, a special browser-compatible transport implementation is used - * instead of gRPC transport. In browser context (if the `window` object is defined) - * the fallback mode is enabled automatically; set `options.fallback` to `false` - * if you need to override this behavior. - */ - constructor(opts?: ClientOptions) { - // Ensure that options include all the required fields. - const staticMembers = this.constructor as typeof KeyManagementServiceClient; - const servicePath = opts?.servicePath || opts?.apiEndpoint || staticMembers.servicePath; - this._providedCustomServicePath = !!(opts?.servicePath || opts?.apiEndpoint); - const port = opts?.port || staticMembers.port; - const clientConfig = opts?.clientConfig ?? {}; - const fallback = opts?.fallback ?? (typeof window !== 'undefined' && typeof window?.fetch === 'function'); - opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); - - // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. - if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { - opts['scopes'] = staticMembers.scopes; - } - - // Choose either gRPC or proto-over-HTTP implementation of google-gax. - this._gaxModule = opts.fallback ? gax.fallback : gax; - - // Create a `gaxGrpc` object, with any grpc-specific options sent to the client. - this._gaxGrpc = new this._gaxModule.GrpcClient(opts); - - // Save options to use in initialize() method. - this._opts = opts; - - // Save the auth object to the client, for use by other methods. - this.auth = (this._gaxGrpc.auth as gax.GoogleAuth); - - // Set useJWTAccessWithScope on the auth object. - this.auth.useJWTAccessWithScope = true; - - // Set defaultServicePath on the auth object. - this.auth.defaultServicePath = staticMembers.servicePath; - - // Set the default scopes in auth client if needed. - if (servicePath === staticMembers.servicePath) { - this.auth.defaultScopes = staticMembers.scopes; - } - this.iamClient = new IamClient(this._gaxGrpc, opts); - - - // Determine the client header string. - const clientHeader = [ - `gax/${this._gaxModule.version}`, - `gapic/${version}`, - ]; - if (typeof process !== 'undefined' && 'versions' in process) { - clientHeader.push(`gl-node/${process.versions.node}`); - } else { - clientHeader.push(`gl-web/${this._gaxModule.version}`); - } - if (!opts.fallback) { - clientHeader.push(`grpc/${this._gaxGrpc.grpcVersion}`); - } else if (opts.fallback === 'rest' ) { - clientHeader.push(`rest/${this._gaxGrpc.grpcVersion}`); - } - if (opts.libName && opts.libVersion) { - clientHeader.push(`${opts.libName}/${opts.libVersion}`); - } - // Load the applicable protos. - this._protos = this._gaxGrpc.loadProtoJSON(jsonProtos); - - // This API contains "path templates"; forward-slash-separated - // identifiers to uniquely identify resources within the API. - // Create useful helper objects for these. - this.pathTemplates = { - cryptoKeyPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}' - ), - cryptoKeyVersionPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}' - ), - importJobPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/locations/{location}/keyRings/{key_ring}/importJobs/{import_job}' - ), - keyRingPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/locations/{location}/keyRings/{key_ring}' - ), - locationPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/locations/{location}' - ), - publicKeyPathTemplate: new this._gaxModule.PathTemplate( - 'projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}/publicKey' - ), - }; - - // Some of the methods on this service return "paged" results, - // (e.g. 50 results at a time, with tokens to get subsequent - // pages). Denote the keys used for pagination and results. - this.descriptors.page = { - listKeyRings: - new this._gaxModule.PageDescriptor('pageToken', 'nextPageToken', 'keyRings'), - listCryptoKeys: - new this._gaxModule.PageDescriptor('pageToken', 'nextPageToken', 'cryptoKeys'), - listCryptoKeyVersions: - new this._gaxModule.PageDescriptor('pageToken', 'nextPageToken', 'cryptoKeyVersions'), - listImportJobs: - new this._gaxModule.PageDescriptor('pageToken', 'nextPageToken', 'importJobs') - }; - - // Put together the default options sent with requests. - this._defaults = this._gaxGrpc.constructSettings( - 'google.cloud.kms.v1.KeyManagementService', gapicConfig as gax.ClientConfig, - opts.clientConfig || {}, {'x-goog-api-client': clientHeader.join(' ')}); - - // Set up a dictionary of "inner API calls"; the core implementation - // of calling the API is handled in `google-gax`, with this code - // merely providing the destination and request information. - this.innerApiCalls = {}; - - // Add a warn function to the client constructor so it can be easily tested. - this.warn = gax.warn; - } - - /** - * Initialize the client. - * Performs asynchronous operations (such as authentication) and prepares the client. - * This function will be called automatically when any class method is called for the - * first time, but if you need to initialize it before calling an actual method, - * feel free to call initialize() directly. - * - * You can await on this method if you want to make sure the client is initialized. - * - * @returns {Promise} A promise that resolves to an authenticated service stub. - */ - initialize() { - // If the client stub promise is already initialized, return immediately. - if (this.keyManagementServiceStub) { - return this.keyManagementServiceStub; - } - - // Put together the "service stub" for - // google.cloud.kms.v1.KeyManagementService. - this.keyManagementServiceStub = this._gaxGrpc.createStub( - this._opts.fallback ? - (this._protos as protobuf.Root).lookupService('google.cloud.kms.v1.KeyManagementService') : - // eslint-disable-next-line @typescript-eslint/no-explicit-any - (this._protos as any).google.cloud.kms.v1.KeyManagementService, - this._opts, this._providedCustomServicePath) as Promise<{[method: string]: Function}>; - - // Iterate over each of the methods that the service provides - // and create an API call method for each. - const keyManagementServiceStubMethods = - ['listKeyRings', 'listCryptoKeys', 'listCryptoKeyVersions', 'listImportJobs', 'getKeyRing', 'getCryptoKey', 'getCryptoKeyVersion', 'getPublicKey', 'getImportJob', 'createKeyRing', 'createCryptoKey', 'createCryptoKeyVersion', 'importCryptoKeyVersion', 'createImportJob', 'updateCryptoKey', 'updateCryptoKeyVersion', 'updateCryptoKeyPrimaryVersion', 'destroyCryptoKeyVersion', 'restoreCryptoKeyVersion', 'encrypt', 'decrypt', 'asymmetricSign', 'asymmetricDecrypt', 'macSign', 'macVerify', 'generateRandomBytes']; - for (const methodName of keyManagementServiceStubMethods) { - const callPromise = this.keyManagementServiceStub.then( - stub => (...args: Array<{}>) => { - if (this._terminated) { - return Promise.reject('The client has already been closed.'); - } - const func = stub[methodName]; - return func.apply(stub, args); - }, - (err: Error|null|undefined) => () => { - throw err; - }); - - const descriptor = - this.descriptors.page[methodName] || - undefined; - const apiCall = this._gaxModule.createApiCall( - callPromise, - this._defaults[methodName], - descriptor - ); - - this.innerApiCalls[methodName] = apiCall; - } - - return this.keyManagementServiceStub; - } - - /** - * The DNS address for this API service. - * @returns {string} The DNS address for this service. - */ - static get servicePath() { - return 'cloudkms.googleapis.com'; - } - - /** - * The DNS address for this API service - same as servicePath(), - * exists for compatibility reasons. - * @returns {string} The DNS address for this service. - */ - static get apiEndpoint() { - return 'cloudkms.googleapis.com'; - } - - /** - * The port for this API service. - * @returns {number} The default port for this service. - */ - static get port() { - return 443; - } - - /** - * The scopes needed to make gRPC calls for every method defined - * in this service. - * @returns {string[]} List of default scopes. - */ - static get scopes() { - return [ - 'https://www.googleapis.com/auth/cloud-platform', - 'https://www.googleapis.com/auth/cloudkms' - ]; - } - - getProjectId(): Promise; - getProjectId(callback: Callback): void; - /** - * Return the project ID used by this class. - * @returns {Promise} A promise that resolves to string containing the project ID. - */ - getProjectId(callback?: Callback): - Promise|void { - if (callback) { - this.auth.getProjectId(callback); - return; - } - return this.auth.getProjectId(); - } - - // ------------------- - // -- Service calls -- - // ------------------- - getKeyRing( - request?: protos.google.cloud.kms.v1.IGetKeyRingRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IKeyRing, - protos.google.cloud.kms.v1.IGetKeyRingRequest|undefined, {}|undefined - ]>; - getKeyRing( - request: protos.google.cloud.kms.v1.IGetKeyRingRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.IKeyRing, - protos.google.cloud.kms.v1.IGetKeyRingRequest|null|undefined, - {}|null|undefined>): void; - getKeyRing( - request: protos.google.cloud.kms.v1.IGetKeyRingRequest, - callback: Callback< - protos.google.cloud.kms.v1.IKeyRing, - protos.google.cloud.kms.v1.IGetKeyRingRequest|null|undefined, - {}|null|undefined>): void; -/** - * Returns metadata for a given {@link google.cloud.kms.v1.KeyRing|KeyRing}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The {@link google.cloud.kms.v1.KeyRing.name|name} of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to get. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [KeyRing]{@link google.cloud.kms.v1.KeyRing}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.getKeyRing(request); - */ - getKeyRing( - request?: protos.google.cloud.kms.v1.IGetKeyRingRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.IKeyRing, - protos.google.cloud.kms.v1.IGetKeyRingRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.IKeyRing, - protos.google.cloud.kms.v1.IGetKeyRingRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.IKeyRing, - protos.google.cloud.kms.v1.IGetKeyRingRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.getKeyRing(request, options, callback); - } - getCryptoKey( - request?: protos.google.cloud.kms.v1.IGetCryptoKeyRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IGetCryptoKeyRequest|undefined, {}|undefined - ]>; - getCryptoKey( - request: protos.google.cloud.kms.v1.IGetCryptoKeyRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IGetCryptoKeyRequest|null|undefined, - {}|null|undefined>): void; - getCryptoKey( - request: protos.google.cloud.kms.v1.IGetCryptoKeyRequest, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IGetCryptoKeyRequest|null|undefined, - {}|null|undefined>): void; -/** - * Returns metadata for a given {@link google.cloud.kms.v1.CryptoKey|CryptoKey}, as well as its - * {@link google.cloud.kms.v1.CryptoKey.primary|primary} {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The {@link google.cloud.kms.v1.CryptoKey.name|name} of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to get. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [CryptoKey]{@link google.cloud.kms.v1.CryptoKey}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.getCryptoKey(request); - */ - getCryptoKey( - request?: protos.google.cloud.kms.v1.IGetCryptoKeyRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IGetCryptoKeyRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IGetCryptoKeyRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IGetCryptoKeyRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.getCryptoKey(request, options, callback); - } - getCryptoKeyVersion( - request?: protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest|undefined, {}|undefined - ]>; - getCryptoKeyVersion( - request: protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): void; - getCryptoKeyVersion( - request: protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): void; -/** - * Returns metadata for a given {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The {@link google.cloud.kms.v1.CryptoKeyVersion.name|name} of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to get. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.getCryptoKeyVersion(request); - */ - getCryptoKeyVersion( - request?: protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IGetCryptoKeyVersionRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.getCryptoKeyVersion(request, options, callback); - } - getPublicKey( - request?: protos.google.cloud.kms.v1.IGetPublicKeyRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IPublicKey, - protos.google.cloud.kms.v1.IGetPublicKeyRequest|undefined, {}|undefined - ]>; - getPublicKey( - request: protos.google.cloud.kms.v1.IGetPublicKeyRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.IPublicKey, - protos.google.cloud.kms.v1.IGetPublicKeyRequest|null|undefined, - {}|null|undefined>): void; - getPublicKey( - request: protos.google.cloud.kms.v1.IGetPublicKeyRequest, - callback: Callback< - protos.google.cloud.kms.v1.IPublicKey, - protos.google.cloud.kms.v1.IGetPublicKeyRequest|null|undefined, - {}|null|undefined>): void; -/** - * Returns the public key for the given {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion}. The - * {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} must be - * {@link google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN|ASYMMETRIC_SIGN} or - * {@link google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT|ASYMMETRIC_DECRYPT}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The {@link google.cloud.kms.v1.CryptoKeyVersion.name|name} of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} public key to - * get. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [PublicKey]{@link google.cloud.kms.v1.PublicKey}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.getPublicKey(request); - */ - getPublicKey( - request?: protos.google.cloud.kms.v1.IGetPublicKeyRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.IPublicKey, - protos.google.cloud.kms.v1.IGetPublicKeyRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.IPublicKey, - protos.google.cloud.kms.v1.IGetPublicKeyRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.IPublicKey, - protos.google.cloud.kms.v1.IGetPublicKeyRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.getPublicKey(request, options, callback); - } - getImportJob( - request?: protos.google.cloud.kms.v1.IGetImportJobRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IImportJob, - protos.google.cloud.kms.v1.IGetImportJobRequest|undefined, {}|undefined - ]>; - getImportJob( - request: protos.google.cloud.kms.v1.IGetImportJobRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.IImportJob, - protos.google.cloud.kms.v1.IGetImportJobRequest|null|undefined, - {}|null|undefined>): void; - getImportJob( - request: protos.google.cloud.kms.v1.IGetImportJobRequest, - callback: Callback< - protos.google.cloud.kms.v1.IImportJob, - protos.google.cloud.kms.v1.IGetImportJobRequest|null|undefined, - {}|null|undefined>): void; -/** - * Returns metadata for a given {@link google.cloud.kms.v1.ImportJob|ImportJob}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The {@link google.cloud.kms.v1.ImportJob.name|name} of the {@link google.cloud.kms.v1.ImportJob|ImportJob} to get. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [ImportJob]{@link google.cloud.kms.v1.ImportJob}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.getImportJob(request); - */ - getImportJob( - request?: protos.google.cloud.kms.v1.IGetImportJobRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.IImportJob, - protos.google.cloud.kms.v1.IGetImportJobRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.IImportJob, - protos.google.cloud.kms.v1.IGetImportJobRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.IImportJob, - protos.google.cloud.kms.v1.IGetImportJobRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.getImportJob(request, options, callback); - } - createKeyRing( - request?: protos.google.cloud.kms.v1.ICreateKeyRingRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IKeyRing, - protos.google.cloud.kms.v1.ICreateKeyRingRequest|undefined, {}|undefined - ]>; - createKeyRing( - request: protos.google.cloud.kms.v1.ICreateKeyRingRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.IKeyRing, - protos.google.cloud.kms.v1.ICreateKeyRingRequest|null|undefined, - {}|null|undefined>): void; - createKeyRing( - request: protos.google.cloud.kms.v1.ICreateKeyRingRequest, - callback: Callback< - protos.google.cloud.kms.v1.IKeyRing, - protos.google.cloud.kms.v1.ICreateKeyRingRequest|null|undefined, - {}|null|undefined>): void; -/** - * Create a new {@link google.cloud.kms.v1.KeyRing|KeyRing} in a given Project and Location. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the location associated with the - * {@link google.cloud.kms.v1.KeyRing|KeyRings}, in the format `projects/* /locations/*`. - * @param {string} request.keyRingId - * Required. It must be unique within a location and match the regular - * expression `[a-zA-Z0-9_-]{1,63}` - * @param {google.cloud.kms.v1.KeyRing} request.keyRing - * Required. A {@link google.cloud.kms.v1.KeyRing|KeyRing} with initial field values. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [KeyRing]{@link google.cloud.kms.v1.KeyRing}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.createKeyRing(request); - */ - createKeyRing( - request?: protos.google.cloud.kms.v1.ICreateKeyRingRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.IKeyRing, - protos.google.cloud.kms.v1.ICreateKeyRingRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.IKeyRing, - protos.google.cloud.kms.v1.ICreateKeyRingRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.IKeyRing, - protos.google.cloud.kms.v1.ICreateKeyRingRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - this.initialize(); - return this.innerApiCalls.createKeyRing(request, options, callback); - } - createCryptoKey( - request?: protos.google.cloud.kms.v1.ICreateCryptoKeyRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.ICreateCryptoKeyRequest|undefined, {}|undefined - ]>; - createCryptoKey( - request: protos.google.cloud.kms.v1.ICreateCryptoKeyRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.ICreateCryptoKeyRequest|null|undefined, - {}|null|undefined>): void; - createCryptoKey( - request: protos.google.cloud.kms.v1.ICreateCryptoKeyRequest, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.ICreateCryptoKeyRequest|null|undefined, - {}|null|undefined>): void; -/** - * Create a new {@link google.cloud.kms.v1.CryptoKey|CryptoKey} within a {@link google.cloud.kms.v1.KeyRing|KeyRing}. - * - * {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} and - * {@link google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm|CryptoKey.version_template.algorithm} - * are required. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The {@link google.cloud.kms.v1.KeyRing.name|name} of the KeyRing associated with the - * {@link google.cloud.kms.v1.CryptoKey|CryptoKeys}. - * @param {string} request.cryptoKeyId - * Required. It must be unique within a KeyRing and match the regular - * expression `[a-zA-Z0-9_-]{1,63}` - * @param {google.cloud.kms.v1.CryptoKey} request.cryptoKey - * Required. A {@link google.cloud.kms.v1.CryptoKey|CryptoKey} with initial field values. - * @param {boolean} request.skipInitialVersionCreation - * If set to true, the request will create a {@link google.cloud.kms.v1.CryptoKey|CryptoKey} without any - * {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions}. You must manually call - * {@link google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion|CreateCryptoKeyVersion} or - * {@link google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion|ImportCryptoKeyVersion} - * before you can use this {@link google.cloud.kms.v1.CryptoKey|CryptoKey}. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [CryptoKey]{@link google.cloud.kms.v1.CryptoKey}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.createCryptoKey(request); - */ - createCryptoKey( - request?: protos.google.cloud.kms.v1.ICreateCryptoKeyRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.ICreateCryptoKeyRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.ICreateCryptoKeyRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.ICreateCryptoKeyRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - this.initialize(); - return this.innerApiCalls.createCryptoKey(request, options, callback); - } - createCryptoKeyVersion( - request?: protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest|undefined, {}|undefined - ]>; - createCryptoKeyVersion( - request: protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): void; - createCryptoKeyVersion( - request: protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): void; -/** - * Create a new {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} in a {@link google.cloud.kms.v1.CryptoKey|CryptoKey}. - * - * The server will assign the next sequential id. If unset, - * {@link google.cloud.kms.v1.CryptoKeyVersion.state|state} will be set to - * {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED|ENABLED}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The {@link google.cloud.kms.v1.CryptoKey.name|name} of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} associated with - * the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions}. - * @param {google.cloud.kms.v1.CryptoKeyVersion} request.cryptoKeyVersion - * Required. A {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} with initial field values. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.createCryptoKeyVersion(request); - */ - createCryptoKeyVersion( - request?: protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.ICreateCryptoKeyVersionRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - this.initialize(); - return this.innerApiCalls.createCryptoKeyVersion(request, options, callback); - } - importCryptoKeyVersion( - request?: protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest|undefined, {}|undefined - ]>; - importCryptoKeyVersion( - request: protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): void; - importCryptoKeyVersion( - request: protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): void; -/** - * Imports a new {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} into an existing {@link google.cloud.kms.v1.CryptoKey|CryptoKey} using the - * wrapped key material provided in the request. - * - * The version ID will be assigned the next sequential id within the - * {@link google.cloud.kms.v1.CryptoKey|CryptoKey}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The {@link google.cloud.kms.v1.CryptoKey.name|name} of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to - * be imported into. - * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm} request.algorithm - * Required. The {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm|algorithm} of - * the key being imported. This does not need to match the - * {@link google.cloud.kms.v1.CryptoKey.version_template|version_template} of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} this - * version imports into. - * @param {string} request.importJob - * Required. The {@link google.cloud.kms.v1.ImportJob.name|name} of the {@link google.cloud.kms.v1.ImportJob|ImportJob} that was used to - * wrap this key material. - * @param {Buffer} request.rsaAesWrappedKey - * Wrapped key material produced with - * {@link google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_3072_SHA1_AES_256|RSA_OAEP_3072_SHA1_AES_256} - * or - * {@link google.cloud.kms.v1.ImportJob.ImportMethod.RSA_OAEP_4096_SHA1_AES_256|RSA_OAEP_4096_SHA1_AES_256}. - * - * This field contains the concatenation of two wrapped keys: - *
    - *
  1. An ephemeral AES-256 wrapping key wrapped with the - * {@link google.cloud.kms.v1.ImportJob.public_key|public_key} using RSAES-OAEP with SHA-1, - * MGF1 with SHA-1, and an empty label. - *
    2. - *
  2. The key to be imported, wrapped with the ephemeral AES-256 key - * using AES-KWP (RFC 5649). - *
    3. - *
- * - * If importing symmetric key material, it is expected that the unwrapped - * key contains plain bytes. If importing asymmetric key material, it is - * expected that the unwrapped key is in PKCS#8-encoded DER format (the - * PrivateKeyInfo structure from RFC 5208). - * - * This format is the same as the format produced by PKCS#11 mechanism - * CKM_RSA_AES_KEY_WRAP. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.importCryptoKeyVersion(request); - */ - importCryptoKeyVersion( - request?: protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IImportCryptoKeyVersionRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - this.initialize(); - return this.innerApiCalls.importCryptoKeyVersion(request, options, callback); - } - createImportJob( - request?: protos.google.cloud.kms.v1.ICreateImportJobRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IImportJob, - protos.google.cloud.kms.v1.ICreateImportJobRequest|undefined, {}|undefined - ]>; - createImportJob( - request: protos.google.cloud.kms.v1.ICreateImportJobRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.IImportJob, - protos.google.cloud.kms.v1.ICreateImportJobRequest|null|undefined, - {}|null|undefined>): void; - createImportJob( - request: protos.google.cloud.kms.v1.ICreateImportJobRequest, - callback: Callback< - protos.google.cloud.kms.v1.IImportJob, - protos.google.cloud.kms.v1.ICreateImportJobRequest|null|undefined, - {}|null|undefined>): void; -/** - * Create a new {@link google.cloud.kms.v1.ImportJob|ImportJob} within a {@link google.cloud.kms.v1.KeyRing|KeyRing}. - * - * {@link google.cloud.kms.v1.ImportJob.import_method|ImportJob.import_method} is required. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The {@link google.cloud.kms.v1.KeyRing.name|name} of the {@link google.cloud.kms.v1.KeyRing|KeyRing} associated with the - * {@link google.cloud.kms.v1.ImportJob|ImportJobs}. - * @param {string} request.importJobId - * Required. It must be unique within a KeyRing and match the regular - * expression `[a-zA-Z0-9_-]{1,63}` - * @param {google.cloud.kms.v1.ImportJob} request.importJob - * Required. An {@link google.cloud.kms.v1.ImportJob|ImportJob} with initial field values. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [ImportJob]{@link google.cloud.kms.v1.ImportJob}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.createImportJob(request); - */ - createImportJob( - request?: protos.google.cloud.kms.v1.ICreateImportJobRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.IImportJob, - protos.google.cloud.kms.v1.ICreateImportJobRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.IImportJob, - protos.google.cloud.kms.v1.ICreateImportJobRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.IImportJob, - protos.google.cloud.kms.v1.ICreateImportJobRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - this.initialize(); - return this.innerApiCalls.createImportJob(request, options, callback); - } - updateCryptoKey( - request?: protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest|undefined, {}|undefined - ]>; - updateCryptoKey( - request: protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest|null|undefined, - {}|null|undefined>): void; - updateCryptoKey( - request: protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest|null|undefined, - {}|null|undefined>): void; -/** - * Update a {@link google.cloud.kms.v1.CryptoKey|CryptoKey}. - * - * @param {Object} request - * The request object that will be sent. - * @param {google.cloud.kms.v1.CryptoKey} request.cryptoKey - * Required. {@link google.cloud.kms.v1.CryptoKey|CryptoKey} with updated values. - * @param {google.protobuf.FieldMask} request.updateMask - * Required. List of fields to be updated in this request. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [CryptoKey]{@link google.cloud.kms.v1.CryptoKey}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.updateCryptoKey(request); - */ - updateCryptoKey( - request?: protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IUpdateCryptoKeyRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'crypto_key.name': request.cryptoKey!.name || '', - }); - this.initialize(); - return this.innerApiCalls.updateCryptoKey(request, options, callback); - } - updateCryptoKeyVersion( - request?: protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest|undefined, {}|undefined - ]>; - updateCryptoKeyVersion( - request: protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): void; - updateCryptoKeyVersion( - request: protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): void; -/** - * Update a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion}'s metadata. - * - * {@link google.cloud.kms.v1.CryptoKeyVersion.state|state} may be changed between - * {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED|ENABLED} and - * {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED|DISABLED} using this - * method. See {@link google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion|DestroyCryptoKeyVersion} and {@link google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion|RestoreCryptoKeyVersion} to - * move between other states. - * - * @param {Object} request - * The request object that will be sent. - * @param {google.cloud.kms.v1.CryptoKeyVersion} request.cryptoKeyVersion - * Required. {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} with updated values. - * @param {google.protobuf.FieldMask} request.updateMask - * Required. List of fields to be updated in this request. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.updateCryptoKeyVersion(request); - */ - updateCryptoKeyVersion( - request?: protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IUpdateCryptoKeyVersionRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'crypto_key_version.name': request.cryptoKeyVersion!.name || '', - }); - this.initialize(); - return this.innerApiCalls.updateCryptoKeyVersion(request, options, callback); - } - updateCryptoKeyPrimaryVersion( - request?: protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest|undefined, {}|undefined - ]>; - updateCryptoKeyPrimaryVersion( - request: protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest|null|undefined, - {}|null|undefined>): void; - updateCryptoKeyPrimaryVersion( - request: protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest|null|undefined, - {}|null|undefined>): void; -/** - * Update the version of a {@link google.cloud.kms.v1.CryptoKey|CryptoKey} that will be used in {@link google.cloud.kms.v1.KeyManagementService.Encrypt|Encrypt}. - * - * Returns an error if called on a key whose purpose is not - * {@link google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT|ENCRYPT_DECRYPT}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to update. - * @param {string} request.cryptoKeyVersionId - * Required. The id of the child {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to use as primary. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [CryptoKey]{@link google.cloud.kms.v1.CryptoKey}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.updateCryptoKeyPrimaryVersion(request); - */ - updateCryptoKeyPrimaryVersion( - request?: protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKey, - protos.google.cloud.kms.v1.IUpdateCryptoKeyPrimaryVersionRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.updateCryptoKeyPrimaryVersion(request, options, callback); - } - destroyCryptoKeyVersion( - request?: protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest|undefined, {}|undefined - ]>; - destroyCryptoKeyVersion( - request: protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): void; - destroyCryptoKeyVersion( - request: protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): void; -/** - * Schedule a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} for destruction. - * - * Upon calling this method, {@link google.cloud.kms.v1.CryptoKeyVersion.state|CryptoKeyVersion.state} will be set to - * {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED|DESTROY_SCHEDULED} - * and {@link google.cloud.kms.v1.CryptoKeyVersion.destroy_time|destroy_time} will be set to a time 24 - * hours in the future, at which point the {@link google.cloud.kms.v1.CryptoKeyVersion.state|state} - * will be changed to - * {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED|DESTROYED}, and the key - * material will be irrevocably destroyed. - * - * Before the {@link google.cloud.kms.v1.CryptoKeyVersion.destroy_time|destroy_time} is reached, - * {@link google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion|RestoreCryptoKeyVersion} may be called to reverse the process. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to destroy. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.destroyCryptoKeyVersion(request); - */ - destroyCryptoKeyVersion( - request?: protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IDestroyCryptoKeyVersionRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.destroyCryptoKeyVersion(request, options, callback); - } - restoreCryptoKeyVersion( - request?: protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest|undefined, {}|undefined - ]>; - restoreCryptoKeyVersion( - request: protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): void; - restoreCryptoKeyVersion( - request: protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest, - callback: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): void; -/** - * Restore a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} in the - * {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED|DESTROY_SCHEDULED} - * state. - * - * Upon restoration of the CryptoKeyVersion, {@link google.cloud.kms.v1.CryptoKeyVersion.state|state} - * will be set to {@link google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED|DISABLED}, - * and {@link google.cloud.kms.v1.CryptoKeyVersion.destroy_time|destroy_time} will be cleared. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to restore. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.restoreCryptoKeyVersion(request); - */ - restoreCryptoKeyVersion( - request?: protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion, - protos.google.cloud.kms.v1.IRestoreCryptoKeyVersionRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.restoreCryptoKeyVersion(request, options, callback); - } - encrypt( - request?: protos.google.cloud.kms.v1.IEncryptRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IEncryptResponse, - protos.google.cloud.kms.v1.IEncryptRequest|undefined, {}|undefined - ]>; - encrypt( - request: protos.google.cloud.kms.v1.IEncryptRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.IEncryptResponse, - protos.google.cloud.kms.v1.IEncryptRequest|null|undefined, - {}|null|undefined>): void; - encrypt( - request: protos.google.cloud.kms.v1.IEncryptRequest, - callback: Callback< - protos.google.cloud.kms.v1.IEncryptResponse, - protos.google.cloud.kms.v1.IEncryptRequest|null|undefined, - {}|null|undefined>): void; -/** - * Encrypts data, so that it can only be recovered by a call to {@link google.cloud.kms.v1.KeyManagementService.Decrypt|Decrypt}. - * The {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} must be - * {@link google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT|ENCRYPT_DECRYPT}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} or {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} - * to use for encryption. - * - * If a {@link google.cloud.kms.v1.CryptoKey|CryptoKey} is specified, the server will use its - * {@link google.cloud.kms.v1.CryptoKey.primary|primary version}. - * @param {Buffer} request.plaintext - * Required. The data to encrypt. Must be no larger than 64KiB. - * - * The maximum size depends on the key version's - * {@link google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level|protection_level}. For - * {@link google.cloud.kms.v1.ProtectionLevel.SOFTWARE|SOFTWARE} keys, the plaintext must be no larger - * than 64KiB. For {@link google.cloud.kms.v1.ProtectionLevel.HSM|HSM} keys, the combined length of the - * plaintext and additional_authenticated_data fields must be no larger than - * 8KiB. - * @param {Buffer} [request.additionalAuthenticatedData] - * Optional. Optional data that, if specified, must also be provided during decryption - * through {@link google.cloud.kms.v1.DecryptRequest.additional_authenticated_data|DecryptRequest.additional_authenticated_data}. - * - * The maximum size depends on the key version's - * {@link google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level|protection_level}. For - * {@link google.cloud.kms.v1.ProtectionLevel.SOFTWARE|SOFTWARE} keys, the AAD must be no larger than - * 64KiB. For {@link google.cloud.kms.v1.ProtectionLevel.HSM|HSM} keys, the combined length of the - * plaintext and additional_authenticated_data fields must be no larger than - * 8KiB. - * @param {google.protobuf.Int64Value} [request.plaintextCrc32c] - * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.EncryptRequest.plaintext|EncryptRequest.plaintext}. If - * specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the - * received {@link google.cloud.kms.v1.EncryptRequest.plaintext|EncryptRequest.plaintext} using this checksum. - * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification - * fails. If you receive a checksum error, your client should verify that - * CRC32C({@link google.cloud.kms.v1.EncryptRequest.plaintext|EncryptRequest.plaintext}) is equal to - * {@link google.cloud.kms.v1.EncryptRequest.plaintext_crc32c|EncryptRequest.plaintext_crc32c}, and if so, perform a limited number of - * retries. A persistent mismatch may indicate an issue in your computation of - * the CRC32C checksum. - * Note: This field is defined as int64 for reasons of compatibility across - * different languages. However, it is a non-negative integer, which will - * never exceed 2^32-1, and can be safely downconverted to uint32 in languages - * that support this type. - * @param {google.protobuf.Int64Value} [request.additionalAuthenticatedDataCrc32c] - * Optional. An optional CRC32C checksum of the - * {@link google.cloud.kms.v1.EncryptRequest.additional_authenticated_data|EncryptRequest.additional_authenticated_data}. If specified, - * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the received - * {@link google.cloud.kms.v1.EncryptRequest.additional_authenticated_data|EncryptRequest.additional_authenticated_data} using this checksum. - * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification - * fails. If you receive a checksum error, your client should verify that - * CRC32C({@link google.cloud.kms.v1.EncryptRequest.additional_authenticated_data|EncryptRequest.additional_authenticated_data}) is equal to - * {@link google.cloud.kms.v1.EncryptRequest.additional_authenticated_data_crc32c|EncryptRequest.additional_authenticated_data_crc32c}, and if so, perform - * a limited number of retries. A persistent mismatch may indicate an issue in - * your computation of the CRC32C checksum. - * Note: This field is defined as int64 for reasons of compatibility across - * different languages. However, it is a non-negative integer, which will - * never exceed 2^32-1, and can be safely downconverted to uint32 in languages - * that support this type. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [EncryptResponse]{@link google.cloud.kms.v1.EncryptResponse}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.encrypt(request); - */ - encrypt( - request?: protos.google.cloud.kms.v1.IEncryptRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.IEncryptResponse, - protos.google.cloud.kms.v1.IEncryptRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.IEncryptResponse, - protos.google.cloud.kms.v1.IEncryptRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.IEncryptResponse, - protos.google.cloud.kms.v1.IEncryptRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.encrypt(request, options, callback); - } - decrypt( - request?: protos.google.cloud.kms.v1.IDecryptRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IDecryptResponse, - protos.google.cloud.kms.v1.IDecryptRequest|undefined, {}|undefined - ]>; - decrypt( - request: protos.google.cloud.kms.v1.IDecryptRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.IDecryptResponse, - protos.google.cloud.kms.v1.IDecryptRequest|null|undefined, - {}|null|undefined>): void; - decrypt( - request: protos.google.cloud.kms.v1.IDecryptRequest, - callback: Callback< - protos.google.cloud.kms.v1.IDecryptResponse, - protos.google.cloud.kms.v1.IDecryptRequest|null|undefined, - {}|null|undefined>): void; -/** - * Decrypts data that was protected by {@link google.cloud.kms.v1.KeyManagementService.Encrypt|Encrypt}. The {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} - * must be {@link google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT|ENCRYPT_DECRYPT}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to use for decryption. - * The server will choose the appropriate version. - * @param {Buffer} request.ciphertext - * Required. The encrypted data originally returned in - * {@link google.cloud.kms.v1.EncryptResponse.ciphertext|EncryptResponse.ciphertext}. - * @param {Buffer} [request.additionalAuthenticatedData] - * Optional. Optional data that must match the data originally supplied in - * {@link google.cloud.kms.v1.EncryptRequest.additional_authenticated_data|EncryptRequest.additional_authenticated_data}. - * @param {google.protobuf.Int64Value} [request.ciphertextCrc32c] - * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.DecryptRequest.ciphertext|DecryptRequest.ciphertext}. If - * specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the - * received {@link google.cloud.kms.v1.DecryptRequest.ciphertext|DecryptRequest.ciphertext} using this checksum. - * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification - * fails. If you receive a checksum error, your client should verify that - * CRC32C({@link google.cloud.kms.v1.DecryptRequest.ciphertext|DecryptRequest.ciphertext}) is equal to - * {@link google.cloud.kms.v1.DecryptRequest.ciphertext_crc32c|DecryptRequest.ciphertext_crc32c}, and if so, perform a limited number - * of retries. A persistent mismatch may indicate an issue in your computation - * of the CRC32C checksum. - * Note: This field is defined as int64 for reasons of compatibility across - * different languages. However, it is a non-negative integer, which will - * never exceed 2^32-1, and can be safely downconverted to uint32 in languages - * that support this type. - * @param {google.protobuf.Int64Value} [request.additionalAuthenticatedDataCrc32c] - * Optional. An optional CRC32C checksum of the - * {@link google.cloud.kms.v1.DecryptRequest.additional_authenticated_data|DecryptRequest.additional_authenticated_data}. If specified, - * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the received - * {@link google.cloud.kms.v1.DecryptRequest.additional_authenticated_data|DecryptRequest.additional_authenticated_data} using this checksum. - * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification - * fails. If you receive a checksum error, your client should verify that - * CRC32C({@link google.cloud.kms.v1.DecryptRequest.additional_authenticated_data|DecryptRequest.additional_authenticated_data}) is equal to - * {@link google.cloud.kms.v1.DecryptRequest.additional_authenticated_data_crc32c|DecryptRequest.additional_authenticated_data_crc32c}, and if so, perform - * a limited number of retries. A persistent mismatch may indicate an issue in - * your computation of the CRC32C checksum. - * Note: This field is defined as int64 for reasons of compatibility across - * different languages. However, it is a non-negative integer, which will - * never exceed 2^32-1, and can be safely downconverted to uint32 in languages - * that support this type. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [DecryptResponse]{@link google.cloud.kms.v1.DecryptResponse}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.decrypt(request); - */ - decrypt( - request?: protos.google.cloud.kms.v1.IDecryptRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.IDecryptResponse, - protos.google.cloud.kms.v1.IDecryptRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.IDecryptResponse, - protos.google.cloud.kms.v1.IDecryptRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.IDecryptResponse, - protos.google.cloud.kms.v1.IDecryptRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.decrypt(request, options, callback); - } - asymmetricSign( - request?: protos.google.cloud.kms.v1.IAsymmetricSignRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IAsymmetricSignResponse, - protos.google.cloud.kms.v1.IAsymmetricSignRequest|undefined, {}|undefined - ]>; - asymmetricSign( - request: protos.google.cloud.kms.v1.IAsymmetricSignRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.IAsymmetricSignResponse, - protos.google.cloud.kms.v1.IAsymmetricSignRequest|null|undefined, - {}|null|undefined>): void; - asymmetricSign( - request: protos.google.cloud.kms.v1.IAsymmetricSignRequest, - callback: Callback< - protos.google.cloud.kms.v1.IAsymmetricSignResponse, - protos.google.cloud.kms.v1.IAsymmetricSignRequest|null|undefined, - {}|null|undefined>): void; -/** - * Signs data using a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} with {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} - * ASYMMETRIC_SIGN, producing a signature that can be verified with the public - * key retrieved from {@link google.cloud.kms.v1.KeyManagementService.GetPublicKey|GetPublicKey}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to use for signing. - * @param {google.cloud.kms.v1.Digest} request.digest - * Required. The digest of the data to sign. The digest must be produced with - * the same digest algorithm as specified by the key version's - * {@link google.cloud.kms.v1.CryptoKeyVersion.algorithm|algorithm}. - * @param {google.protobuf.Int64Value} [request.digestCrc32c] - * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.AsymmetricSignRequest.digest|AsymmetricSignRequest.digest}. If - * specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the - * received {@link google.cloud.kms.v1.AsymmetricSignRequest.digest|AsymmetricSignRequest.digest} using this checksum. - * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification - * fails. If you receive a checksum error, your client should verify that - * CRC32C({@link google.cloud.kms.v1.AsymmetricSignRequest.digest|AsymmetricSignRequest.digest}) is equal to - * {@link google.cloud.kms.v1.AsymmetricSignRequest.digest_crc32c|AsymmetricSignRequest.digest_crc32c}, and if so, perform a limited - * number of retries. A persistent mismatch may indicate an issue in your - * computation of the CRC32C checksum. - * Note: This field is defined as int64 for reasons of compatibility across - * different languages. However, it is a non-negative integer, which will - * never exceed 2^32-1, and can be safely downconverted to uint32 in languages - * that support this type. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [AsymmetricSignResponse]{@link google.cloud.kms.v1.AsymmetricSignResponse}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.asymmetricSign(request); - */ - asymmetricSign( - request?: protos.google.cloud.kms.v1.IAsymmetricSignRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.IAsymmetricSignResponse, - protos.google.cloud.kms.v1.IAsymmetricSignRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.IAsymmetricSignResponse, - protos.google.cloud.kms.v1.IAsymmetricSignRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.IAsymmetricSignResponse, - protos.google.cloud.kms.v1.IAsymmetricSignRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.asymmetricSign(request, options, callback); - } - asymmetricDecrypt( - request?: protos.google.cloud.kms.v1.IAsymmetricDecryptRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IAsymmetricDecryptResponse, - protos.google.cloud.kms.v1.IAsymmetricDecryptRequest|undefined, {}|undefined - ]>; - asymmetricDecrypt( - request: protos.google.cloud.kms.v1.IAsymmetricDecryptRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.IAsymmetricDecryptResponse, - protos.google.cloud.kms.v1.IAsymmetricDecryptRequest|null|undefined, - {}|null|undefined>): void; - asymmetricDecrypt( - request: protos.google.cloud.kms.v1.IAsymmetricDecryptRequest, - callback: Callback< - protos.google.cloud.kms.v1.IAsymmetricDecryptResponse, - protos.google.cloud.kms.v1.IAsymmetricDecryptRequest|null|undefined, - {}|null|undefined>): void; -/** - * Decrypts data that was encrypted with a public key retrieved from - * {@link google.cloud.kms.v1.KeyManagementService.GetPublicKey|GetPublicKey} corresponding to a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} with - * {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} ASYMMETRIC_DECRYPT. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to use for - * decryption. - * @param {Buffer} request.ciphertext - * Required. The data encrypted with the named {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion}'s public - * key using OAEP. - * @param {google.protobuf.Int64Value} [request.ciphertextCrc32c] - * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext|AsymmetricDecryptRequest.ciphertext}. - * If specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the - * received {@link google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext|AsymmetricDecryptRequest.ciphertext} using this checksum. - * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification - * fails. If you receive a checksum error, your client should verify that - * CRC32C({@link google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext|AsymmetricDecryptRequest.ciphertext}) is equal to - * {@link google.cloud.kms.v1.AsymmetricDecryptRequest.ciphertext_crc32c|AsymmetricDecryptRequest.ciphertext_crc32c}, and if so, perform a - * limited number of retries. A persistent mismatch may indicate an issue in - * your computation of the CRC32C checksum. - * Note: This field is defined as int64 for reasons of compatibility across - * different languages. However, it is a non-negative integer, which will - * never exceed 2^32-1, and can be safely downconverted to uint32 in languages - * that support this type. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [AsymmetricDecryptResponse]{@link google.cloud.kms.v1.AsymmetricDecryptResponse}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.asymmetricDecrypt(request); - */ - asymmetricDecrypt( - request?: protos.google.cloud.kms.v1.IAsymmetricDecryptRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.IAsymmetricDecryptResponse, - protos.google.cloud.kms.v1.IAsymmetricDecryptRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.IAsymmetricDecryptResponse, - protos.google.cloud.kms.v1.IAsymmetricDecryptRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.IAsymmetricDecryptResponse, - protos.google.cloud.kms.v1.IAsymmetricDecryptRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.asymmetricDecrypt(request, options, callback); - } - macSign( - request?: protos.google.cloud.kms.v1.IMacSignRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IMacSignResponse, - protos.google.cloud.kms.v1.IMacSignRequest|undefined, {}|undefined - ]>; - macSign( - request: protos.google.cloud.kms.v1.IMacSignRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.IMacSignResponse, - protos.google.cloud.kms.v1.IMacSignRequest|null|undefined, - {}|null|undefined>): void; - macSign( - request: protos.google.cloud.kms.v1.IMacSignRequest, - callback: Callback< - protos.google.cloud.kms.v1.IMacSignResponse, - protos.google.cloud.kms.v1.IMacSignRequest|null|undefined, - {}|null|undefined>): void; -/** - * Signs data using a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} with {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} - * MAC, producing a tag that can be verified by another source with the - * same key. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to use for signing. - * @param {Buffer} request.data - * Required. The data to sign. The MAC tag is computed over this data field based on - * the specific algorithm. - * @param {google.protobuf.Int64Value} [request.dataCrc32c] - * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.MacSignRequest.data|MacSignRequest.data}. If - * specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the - * received {@link google.cloud.kms.v1.MacSignRequest.data|MacSignRequest.data} using this checksum. - * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification - * fails. If you receive a checksum error, your client should verify that - * CRC32C({@link google.cloud.kms.v1.MacSignRequest.data|MacSignRequest.data}) is equal to - * {@link google.cloud.kms.v1.MacSignRequest.data_crc32c|MacSignRequest.data_crc32c}, and if so, perform a limited - * number of retries. A persistent mismatch may indicate an issue in your - * computation of the CRC32C checksum. - * Note: This field is defined as int64 for reasons of compatibility across - * different languages. However, it is a non-negative integer, which will - * never exceed 2^32-1, and can be safely downconverted to uint32 in languages - * that support this type. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [MacSignResponse]{@link google.cloud.kms.v1.MacSignResponse}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.macSign(request); - */ - macSign( - request?: protos.google.cloud.kms.v1.IMacSignRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.IMacSignResponse, - protos.google.cloud.kms.v1.IMacSignRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.IMacSignResponse, - protos.google.cloud.kms.v1.IMacSignRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.IMacSignResponse, - protos.google.cloud.kms.v1.IMacSignRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.macSign(request, options, callback); - } - macVerify( - request?: protos.google.cloud.kms.v1.IMacVerifyRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IMacVerifyResponse, - protos.google.cloud.kms.v1.IMacVerifyRequest|undefined, {}|undefined - ]>; - macVerify( - request: protos.google.cloud.kms.v1.IMacVerifyRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.IMacVerifyResponse, - protos.google.cloud.kms.v1.IMacVerifyRequest|null|undefined, - {}|null|undefined>): void; - macVerify( - request: protos.google.cloud.kms.v1.IMacVerifyRequest, - callback: Callback< - protos.google.cloud.kms.v1.IMacVerifyResponse, - protos.google.cloud.kms.v1.IMacVerifyRequest|null|undefined, - {}|null|undefined>): void; -/** - * Verifies MAC tag using a {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} with {@link google.cloud.kms.v1.CryptoKey.purpose|CryptoKey.purpose} - * MAC, and returns a response that indicates whether or not the verification - * was successful. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.name - * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersion} to use for verification. - * @param {Buffer} request.data - * Required. The data used previously as a {@link google.cloud.kms.v1.MacSignRequest.data|MacSignRequest.data} to generate the MAC - * tag. - * @param {google.protobuf.Int64Value} [request.dataCrc32c] - * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.MacVerifyRequest.data|MacVerifyRequest.data}. If - * specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the - * received {@link google.cloud.kms.v1.MacVerifyRequest.data|MacVerifyRequest.data} using this checksum. - * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification - * fails. If you receive a checksum error, your client should verify that - * CRC32C({@link google.cloud.kms.v1.MacVerifyRequest.data|MacVerifyRequest.data}) is equal to - * {@link google.cloud.kms.v1.MacVerifyRequest.data_crc32c|MacVerifyRequest.data_crc32c}, and if so, perform a limited - * number of retries. A persistent mismatch may indicate an issue in your - * computation of the CRC32C checksum. - * Note: This field is defined as int64 for reasons of compatibility across - * different languages. However, it is a non-negative integer, which will - * never exceed 2^32-1, and can be safely downconverted to uint32 in languages - * that support this type. - * @param {Buffer} request.mac - * Required. The signature to verify. - * @param {google.protobuf.Int64Value} [request.macCrc32c] - * Optional. An optional CRC32C checksum of the {@link google.cloud.kms.v1.MacVerifyRequest.mac|MacVerifyRequest.mac}. If - * specified, {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will verify the integrity of the - * received {@link google.cloud.kms.v1.MacVerifyRequest.mac|MacVerifyRequest.mac} using this checksum. - * {@link google.cloud.kms.v1.KeyManagementService|KeyManagementService} will report an error if the checksum verification - * fails. If you receive a checksum error, your client should verify that - * CRC32C({@link |MacVerifyRequest.tag}) is equal to - * {@link google.cloud.kms.v1.MacVerifyRequest.mac_crc32c|MacVerifyRequest.mac_crc32c}, and if so, perform a limited - * number of retries. A persistent mismatch may indicate an issue in your - * computation of the CRC32C checksum. - * Note: This field is defined as int64 for reasons of compatibility across - * different languages. However, it is a non-negative integer, which will - * never exceed 2^32-1, and can be safely downconverted to uint32 in languages - * that support this type. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [MacVerifyResponse]{@link google.cloud.kms.v1.MacVerifyResponse}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.macVerify(request); - */ - macVerify( - request?: protos.google.cloud.kms.v1.IMacVerifyRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.IMacVerifyResponse, - protos.google.cloud.kms.v1.IMacVerifyRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.IMacVerifyResponse, - protos.google.cloud.kms.v1.IMacVerifyRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.IMacVerifyResponse, - protos.google.cloud.kms.v1.IMacVerifyRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'name': request.name || '', - }); - this.initialize(); - return this.innerApiCalls.macVerify(request, options, callback); - } - generateRandomBytes( - request?: protos.google.cloud.kms.v1.IGenerateRandomBytesRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IGenerateRandomBytesResponse, - protos.google.cloud.kms.v1.IGenerateRandomBytesRequest|undefined, {}|undefined - ]>; - generateRandomBytes( - request: protos.google.cloud.kms.v1.IGenerateRandomBytesRequest, - options: CallOptions, - callback: Callback< - protos.google.cloud.kms.v1.IGenerateRandomBytesResponse, - protos.google.cloud.kms.v1.IGenerateRandomBytesRequest|null|undefined, - {}|null|undefined>): void; - generateRandomBytes( - request: protos.google.cloud.kms.v1.IGenerateRandomBytesRequest, - callback: Callback< - protos.google.cloud.kms.v1.IGenerateRandomBytesResponse, - protos.google.cloud.kms.v1.IGenerateRandomBytesRequest|null|undefined, - {}|null|undefined>): void; -/** - * Generate random bytes using the Cloud KMS randomness source in the provided - * location. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.location - * The project-specific location in which to generate random bytes. - * For example, "projects/my-project/locations/us-central1". - * @param {number} request.lengthBytes - * The length in bytes of the amount of randomness to retrieve. Minimum 8 - * bytes, maximum 1024 bytes. - * @param {google.cloud.kms.v1.ProtectionLevel} request.protectionLevel - * The {@link google.cloud.kms.v1.ProtectionLevel|ProtectionLevel} to use when generating the random data. Defaults to - * {@link google.cloud.kms.v1.ProtectionLevel.SOFTWARE|SOFTWARE}. - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [GenerateRandomBytesResponse]{@link google.cloud.kms.v1.GenerateRandomBytesResponse}. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#regular-methods) - * for more details and examples. - * @example - * const [response] = await client.generateRandomBytes(request); - */ - generateRandomBytes( - request?: protos.google.cloud.kms.v1.IGenerateRandomBytesRequest, - optionsOrCallback?: CallOptions|Callback< - protos.google.cloud.kms.v1.IGenerateRandomBytesResponse, - protos.google.cloud.kms.v1.IGenerateRandomBytesRequest|null|undefined, - {}|null|undefined>, - callback?: Callback< - protos.google.cloud.kms.v1.IGenerateRandomBytesResponse, - protos.google.cloud.kms.v1.IGenerateRandomBytesRequest|null|undefined, - {}|null|undefined>): - Promise<[ - protos.google.cloud.kms.v1.IGenerateRandomBytesResponse, - protos.google.cloud.kms.v1.IGenerateRandomBytesRequest|undefined, {}|undefined - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'location': request.location || '', - }); - this.initialize(); - return this.innerApiCalls.generateRandomBytes(request, options, callback); - } - - listKeyRings( - request?: protos.google.cloud.kms.v1.IListKeyRingsRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IKeyRing[], - protos.google.cloud.kms.v1.IListKeyRingsRequest|null, - protos.google.cloud.kms.v1.IListKeyRingsResponse - ]>; - listKeyRings( - request: protos.google.cloud.kms.v1.IListKeyRingsRequest, - options: CallOptions, - callback: PaginationCallback< - protos.google.cloud.kms.v1.IListKeyRingsRequest, - protos.google.cloud.kms.v1.IListKeyRingsResponse|null|undefined, - protos.google.cloud.kms.v1.IKeyRing>): void; - listKeyRings( - request: protos.google.cloud.kms.v1.IListKeyRingsRequest, - callback: PaginationCallback< - protos.google.cloud.kms.v1.IListKeyRingsRequest, - protos.google.cloud.kms.v1.IListKeyRingsResponse|null|undefined, - protos.google.cloud.kms.v1.IKeyRing>): void; -/** - * Lists {@link google.cloud.kms.v1.KeyRing|KeyRings}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the location associated with the - * {@link google.cloud.kms.v1.KeyRing|KeyRings}, in the format `projects/* /locations/*`. - * @param {number} [request.pageSize] - * Optional. Optional limit on the number of {@link google.cloud.kms.v1.KeyRing|KeyRings} to include in the - * response. Further {@link google.cloud.kms.v1.KeyRing|KeyRings} can subsequently be obtained by - * including the {@link google.cloud.kms.v1.ListKeyRingsResponse.next_page_token|ListKeyRingsResponse.next_page_token} in a subsequent - * request. If unspecified, the server will pick an appropriate default. - * @param {string} [request.pageToken] - * Optional. Optional pagination token, returned earlier via - * {@link google.cloud.kms.v1.ListKeyRingsResponse.next_page_token|ListKeyRingsResponse.next_page_token}. - * @param {string} [request.filter] - * Optional. Only include resources that match the filter in the response. For - * more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {string} [request.orderBy] - * Optional. Specify how the results should be sorted. If not specified, the - * results will be sorted in the default order. For more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is Array of [KeyRing]{@link google.cloud.kms.v1.KeyRing}. - * The client library will perform auto-pagination by default: it will call the API as many - * times as needed and will merge results from all the pages into this array. - * Note that it can affect your quota. - * We recommend using `listKeyRingsAsync()` - * method described below for async iteration which you can stop as needed. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - */ - listKeyRings( - request?: protos.google.cloud.kms.v1.IListKeyRingsRequest, - optionsOrCallback?: CallOptions|PaginationCallback< - protos.google.cloud.kms.v1.IListKeyRingsRequest, - protos.google.cloud.kms.v1.IListKeyRingsResponse|null|undefined, - protos.google.cloud.kms.v1.IKeyRing>, - callback?: PaginationCallback< - protos.google.cloud.kms.v1.IListKeyRingsRequest, - protos.google.cloud.kms.v1.IListKeyRingsResponse|null|undefined, - protos.google.cloud.kms.v1.IKeyRing>): - Promise<[ - protos.google.cloud.kms.v1.IKeyRing[], - protos.google.cloud.kms.v1.IListKeyRingsRequest|null, - protos.google.cloud.kms.v1.IListKeyRingsResponse - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - this.initialize(); - return this.innerApiCalls.listKeyRings(request, options, callback); - } - -/** - * Equivalent to `method.name.toCamelCase()`, but returns a NodeJS Stream object. - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the location associated with the - * {@link google.cloud.kms.v1.KeyRing|KeyRings}, in the format `projects/* /locations/*`. - * @param {number} [request.pageSize] - * Optional. Optional limit on the number of {@link google.cloud.kms.v1.KeyRing|KeyRings} to include in the - * response. Further {@link google.cloud.kms.v1.KeyRing|KeyRings} can subsequently be obtained by - * including the {@link google.cloud.kms.v1.ListKeyRingsResponse.next_page_token|ListKeyRingsResponse.next_page_token} in a subsequent - * request. If unspecified, the server will pick an appropriate default. - * @param {string} [request.pageToken] - * Optional. Optional pagination token, returned earlier via - * {@link google.cloud.kms.v1.ListKeyRingsResponse.next_page_token|ListKeyRingsResponse.next_page_token}. - * @param {string} [request.filter] - * Optional. Only include resources that match the filter in the response. For - * more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {string} [request.orderBy] - * Optional. Specify how the results should be sorted. If not specified, the - * results will be sorted in the default order. For more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Stream} - * An object stream which emits an object representing [KeyRing]{@link google.cloud.kms.v1.KeyRing} on 'data' event. - * The client library will perform auto-pagination by default: it will call the API as many - * times as needed. Note that it can affect your quota. - * We recommend using `listKeyRingsAsync()` - * method described below for async iteration which you can stop as needed. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - */ - listKeyRingsStream( - request?: protos.google.cloud.kms.v1.IListKeyRingsRequest, - options?: CallOptions): - Transform{ - request = request || {}; - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - const callSettings = new gax.CallSettings(options); - this.initialize(); - return this.descriptors.page.listKeyRings.createStream( - this.innerApiCalls.listKeyRings as gax.GaxCall, - request, - callSettings - ); - } - -/** - * Equivalent to `listKeyRings`, but returns an iterable object. - * - * `for`-`await`-`of` syntax is used with the iterable to get response elements on-demand. - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the location associated with the - * {@link google.cloud.kms.v1.KeyRing|KeyRings}, in the format `projects/* /locations/*`. - * @param {number} [request.pageSize] - * Optional. Optional limit on the number of {@link google.cloud.kms.v1.KeyRing|KeyRings} to include in the - * response. Further {@link google.cloud.kms.v1.KeyRing|KeyRings} can subsequently be obtained by - * including the {@link google.cloud.kms.v1.ListKeyRingsResponse.next_page_token|ListKeyRingsResponse.next_page_token} in a subsequent - * request. If unspecified, the server will pick an appropriate default. - * @param {string} [request.pageToken] - * Optional. Optional pagination token, returned earlier via - * {@link google.cloud.kms.v1.ListKeyRingsResponse.next_page_token|ListKeyRingsResponse.next_page_token}. - * @param {string} [request.filter] - * Optional. Only include resources that match the filter in the response. For - * more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {string} [request.orderBy] - * Optional. Specify how the results should be sorted. If not specified, the - * results will be sorted in the default order. For more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Object} - * An iterable Object that allows [async iteration](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols). - * When you iterate the returned iterable, each element will be an object representing - * [KeyRing]{@link google.cloud.kms.v1.KeyRing}. The API will be called under the hood as needed, once per the page, - * so you can stop the iteration when you don't need more results. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - * @example - * const iterable = client.listKeyRingsAsync(request); - * for await (const response of iterable) { - * // process response - * } - */ - listKeyRingsAsync( - request?: protos.google.cloud.kms.v1.IListKeyRingsRequest, - options?: CallOptions): - AsyncIterable{ - request = request || {}; - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - options = options || {}; - const callSettings = new gax.CallSettings(options); - this.initialize(); - return this.descriptors.page.listKeyRings.asyncIterate( - this.innerApiCalls['listKeyRings'] as GaxCall, - request as unknown as RequestType, - callSettings - ) as AsyncIterable; - } - listCryptoKeys( - request?: protos.google.cloud.kms.v1.IListCryptoKeysRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKey[], - protos.google.cloud.kms.v1.IListCryptoKeysRequest|null, - protos.google.cloud.kms.v1.IListCryptoKeysResponse - ]>; - listCryptoKeys( - request: protos.google.cloud.kms.v1.IListCryptoKeysRequest, - options: CallOptions, - callback: PaginationCallback< - protos.google.cloud.kms.v1.IListCryptoKeysRequest, - protos.google.cloud.kms.v1.IListCryptoKeysResponse|null|undefined, - protos.google.cloud.kms.v1.ICryptoKey>): void; - listCryptoKeys( - request: protos.google.cloud.kms.v1.IListCryptoKeysRequest, - callback: PaginationCallback< - protos.google.cloud.kms.v1.IListCryptoKeysRequest, - protos.google.cloud.kms.v1.IListCryptoKeysResponse|null|undefined, - protos.google.cloud.kms.v1.ICryptoKey>): void; -/** - * Lists {@link google.cloud.kms.v1.CryptoKey|CryptoKeys}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to list, in the format - * `projects/* /locations/* /keyRings/*`. - * @param {number} [request.pageSize] - * Optional. Optional limit on the number of {@link google.cloud.kms.v1.CryptoKey|CryptoKeys} to include in the - * response. Further {@link google.cloud.kms.v1.CryptoKey|CryptoKeys} can subsequently be obtained by - * including the {@link google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token|ListCryptoKeysResponse.next_page_token} in a subsequent - * request. If unspecified, the server will pick an appropriate default. - * @param {string} [request.pageToken] - * Optional. Optional pagination token, returned earlier via - * {@link google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token|ListCryptoKeysResponse.next_page_token}. - * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView} request.versionView - * The fields of the primary version to include in the response. - * @param {string} [request.filter] - * Optional. Only include resources that match the filter in the response. For - * more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {string} [request.orderBy] - * Optional. Specify how the results should be sorted. If not specified, the - * results will be sorted in the default order. For more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is Array of [CryptoKey]{@link google.cloud.kms.v1.CryptoKey}. - * The client library will perform auto-pagination by default: it will call the API as many - * times as needed and will merge results from all the pages into this array. - * Note that it can affect your quota. - * We recommend using `listCryptoKeysAsync()` - * method described below for async iteration which you can stop as needed. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - */ - listCryptoKeys( - request?: protos.google.cloud.kms.v1.IListCryptoKeysRequest, - optionsOrCallback?: CallOptions|PaginationCallback< - protos.google.cloud.kms.v1.IListCryptoKeysRequest, - protos.google.cloud.kms.v1.IListCryptoKeysResponse|null|undefined, - protos.google.cloud.kms.v1.ICryptoKey>, - callback?: PaginationCallback< - protos.google.cloud.kms.v1.IListCryptoKeysRequest, - protos.google.cloud.kms.v1.IListCryptoKeysResponse|null|undefined, - protos.google.cloud.kms.v1.ICryptoKey>): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKey[], - protos.google.cloud.kms.v1.IListCryptoKeysRequest|null, - protos.google.cloud.kms.v1.IListCryptoKeysResponse - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - this.initialize(); - return this.innerApiCalls.listCryptoKeys(request, options, callback); - } - -/** - * Equivalent to `method.name.toCamelCase()`, but returns a NodeJS Stream object. - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to list, in the format - * `projects/* /locations/* /keyRings/*`. - * @param {number} [request.pageSize] - * Optional. Optional limit on the number of {@link google.cloud.kms.v1.CryptoKey|CryptoKeys} to include in the - * response. Further {@link google.cloud.kms.v1.CryptoKey|CryptoKeys} can subsequently be obtained by - * including the {@link google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token|ListCryptoKeysResponse.next_page_token} in a subsequent - * request. If unspecified, the server will pick an appropriate default. - * @param {string} [request.pageToken] - * Optional. Optional pagination token, returned earlier via - * {@link google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token|ListCryptoKeysResponse.next_page_token}. - * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView} request.versionView - * The fields of the primary version to include in the response. - * @param {string} [request.filter] - * Optional. Only include resources that match the filter in the response. For - * more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {string} [request.orderBy] - * Optional. Specify how the results should be sorted. If not specified, the - * results will be sorted in the default order. For more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Stream} - * An object stream which emits an object representing [CryptoKey]{@link google.cloud.kms.v1.CryptoKey} on 'data' event. - * The client library will perform auto-pagination by default: it will call the API as many - * times as needed. Note that it can affect your quota. - * We recommend using `listCryptoKeysAsync()` - * method described below for async iteration which you can stop as needed. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - */ - listCryptoKeysStream( - request?: protos.google.cloud.kms.v1.IListCryptoKeysRequest, - options?: CallOptions): - Transform{ - request = request || {}; - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - const callSettings = new gax.CallSettings(options); - this.initialize(); - return this.descriptors.page.listCryptoKeys.createStream( - this.innerApiCalls.listCryptoKeys as gax.GaxCall, - request, - callSettings - ); - } - -/** - * Equivalent to `listCryptoKeys`, but returns an iterable object. - * - * `for`-`await`-`of` syntax is used with the iterable to get response elements on-demand. - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to list, in the format - * `projects/* /locations/* /keyRings/*`. - * @param {number} [request.pageSize] - * Optional. Optional limit on the number of {@link google.cloud.kms.v1.CryptoKey|CryptoKeys} to include in the - * response. Further {@link google.cloud.kms.v1.CryptoKey|CryptoKeys} can subsequently be obtained by - * including the {@link google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token|ListCryptoKeysResponse.next_page_token} in a subsequent - * request. If unspecified, the server will pick an appropriate default. - * @param {string} [request.pageToken] - * Optional. Optional pagination token, returned earlier via - * {@link google.cloud.kms.v1.ListCryptoKeysResponse.next_page_token|ListCryptoKeysResponse.next_page_token}. - * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView} request.versionView - * The fields of the primary version to include in the response. - * @param {string} [request.filter] - * Optional. Only include resources that match the filter in the response. For - * more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {string} [request.orderBy] - * Optional. Specify how the results should be sorted. If not specified, the - * results will be sorted in the default order. For more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Object} - * An iterable Object that allows [async iteration](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols). - * When you iterate the returned iterable, each element will be an object representing - * [CryptoKey]{@link google.cloud.kms.v1.CryptoKey}. The API will be called under the hood as needed, once per the page, - * so you can stop the iteration when you don't need more results. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - * @example - * const iterable = client.listCryptoKeysAsync(request); - * for await (const response of iterable) { - * // process response - * } - */ - listCryptoKeysAsync( - request?: protos.google.cloud.kms.v1.IListCryptoKeysRequest, - options?: CallOptions): - AsyncIterable{ - request = request || {}; - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - options = options || {}; - const callSettings = new gax.CallSettings(options); - this.initialize(); - return this.descriptors.page.listCryptoKeys.asyncIterate( - this.innerApiCalls['listCryptoKeys'] as GaxCall, - request as unknown as RequestType, - callSettings - ) as AsyncIterable; - } - listCryptoKeyVersions( - request?: protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion[], - protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest|null, - protos.google.cloud.kms.v1.IListCryptoKeyVersionsResponse - ]>; - listCryptoKeyVersions( - request: protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, - options: CallOptions, - callback: PaginationCallback< - protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, - protos.google.cloud.kms.v1.IListCryptoKeyVersionsResponse|null|undefined, - protos.google.cloud.kms.v1.ICryptoKeyVersion>): void; - listCryptoKeyVersions( - request: protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, - callback: PaginationCallback< - protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, - protos.google.cloud.kms.v1.IListCryptoKeyVersionsResponse|null|undefined, - protos.google.cloud.kms.v1.ICryptoKeyVersion>): void; -/** - * Lists {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to list, in the format - * `projects/* /locations/* /keyRings/* /cryptoKeys/*`. - * @param {number} [request.pageSize] - * Optional. Optional limit on the number of {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions} to - * include in the response. Further {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions} can - * subsequently be obtained by including the - * {@link google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token|ListCryptoKeyVersionsResponse.next_page_token} in a subsequent request. - * If unspecified, the server will pick an appropriate default. - * @param {string} [request.pageToken] - * Optional. Optional pagination token, returned earlier via - * {@link google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token|ListCryptoKeyVersionsResponse.next_page_token}. - * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView} request.view - * The fields to include in the response. - * @param {string} [request.filter] - * Optional. Only include resources that match the filter in the response. For - * more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {string} [request.orderBy] - * Optional. Specify how the results should be sorted. If not specified, the - * results will be sorted in the default order. For more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is Array of [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. - * The client library will perform auto-pagination by default: it will call the API as many - * times as needed and will merge results from all the pages into this array. - * Note that it can affect your quota. - * We recommend using `listCryptoKeyVersionsAsync()` - * method described below for async iteration which you can stop as needed. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - */ - listCryptoKeyVersions( - request?: protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, - optionsOrCallback?: CallOptions|PaginationCallback< - protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, - protos.google.cloud.kms.v1.IListCryptoKeyVersionsResponse|null|undefined, - protos.google.cloud.kms.v1.ICryptoKeyVersion>, - callback?: PaginationCallback< - protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, - protos.google.cloud.kms.v1.IListCryptoKeyVersionsResponse|null|undefined, - protos.google.cloud.kms.v1.ICryptoKeyVersion>): - Promise<[ - protos.google.cloud.kms.v1.ICryptoKeyVersion[], - protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest|null, - protos.google.cloud.kms.v1.IListCryptoKeyVersionsResponse - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - this.initialize(); - return this.innerApiCalls.listCryptoKeyVersions(request, options, callback); - } - -/** - * Equivalent to `method.name.toCamelCase()`, but returns a NodeJS Stream object. - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to list, in the format - * `projects/* /locations/* /keyRings/* /cryptoKeys/*`. - * @param {number} [request.pageSize] - * Optional. Optional limit on the number of {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions} to - * include in the response. Further {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions} can - * subsequently be obtained by including the - * {@link google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token|ListCryptoKeyVersionsResponse.next_page_token} in a subsequent request. - * If unspecified, the server will pick an appropriate default. - * @param {string} [request.pageToken] - * Optional. Optional pagination token, returned earlier via - * {@link google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token|ListCryptoKeyVersionsResponse.next_page_token}. - * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView} request.view - * The fields to include in the response. - * @param {string} [request.filter] - * Optional. Only include resources that match the filter in the response. For - * more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {string} [request.orderBy] - * Optional. Specify how the results should be sorted. If not specified, the - * results will be sorted in the default order. For more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Stream} - * An object stream which emits an object representing [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion} on 'data' event. - * The client library will perform auto-pagination by default: it will call the API as many - * times as needed. Note that it can affect your quota. - * We recommend using `listCryptoKeyVersionsAsync()` - * method described below for async iteration which you can stop as needed. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - */ - listCryptoKeyVersionsStream( - request?: protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, - options?: CallOptions): - Transform{ - request = request || {}; - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - const callSettings = new gax.CallSettings(options); - this.initialize(); - return this.descriptors.page.listCryptoKeyVersions.createStream( - this.innerApiCalls.listCryptoKeyVersions as gax.GaxCall, - request, - callSettings - ); - } - -/** - * Equivalent to `listCryptoKeyVersions`, but returns an iterable object. - * - * `for`-`await`-`of` syntax is used with the iterable to get response elements on-demand. - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the {@link google.cloud.kms.v1.CryptoKey|CryptoKey} to list, in the format - * `projects/* /locations/* /keyRings/* /cryptoKeys/*`. - * @param {number} [request.pageSize] - * Optional. Optional limit on the number of {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions} to - * include in the response. Further {@link google.cloud.kms.v1.CryptoKeyVersion|CryptoKeyVersions} can - * subsequently be obtained by including the - * {@link google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token|ListCryptoKeyVersionsResponse.next_page_token} in a subsequent request. - * If unspecified, the server will pick an appropriate default. - * @param {string} [request.pageToken] - * Optional. Optional pagination token, returned earlier via - * {@link google.cloud.kms.v1.ListCryptoKeyVersionsResponse.next_page_token|ListCryptoKeyVersionsResponse.next_page_token}. - * @param {google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView} request.view - * The fields to include in the response. - * @param {string} [request.filter] - * Optional. Only include resources that match the filter in the response. For - * more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {string} [request.orderBy] - * Optional. Specify how the results should be sorted. If not specified, the - * results will be sorted in the default order. For more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Object} - * An iterable Object that allows [async iteration](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols). - * When you iterate the returned iterable, each element will be an object representing - * [CryptoKeyVersion]{@link google.cloud.kms.v1.CryptoKeyVersion}. The API will be called under the hood as needed, once per the page, - * so you can stop the iteration when you don't need more results. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - * @example - * const iterable = client.listCryptoKeyVersionsAsync(request); - * for await (const response of iterable) { - * // process response - * } - */ - listCryptoKeyVersionsAsync( - request?: protos.google.cloud.kms.v1.IListCryptoKeyVersionsRequest, - options?: CallOptions): - AsyncIterable{ - request = request || {}; - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - options = options || {}; - const callSettings = new gax.CallSettings(options); - this.initialize(); - return this.descriptors.page.listCryptoKeyVersions.asyncIterate( - this.innerApiCalls['listCryptoKeyVersions'] as GaxCall, - request as unknown as RequestType, - callSettings - ) as AsyncIterable; - } - listImportJobs( - request?: protos.google.cloud.kms.v1.IListImportJobsRequest, - options?: CallOptions): - Promise<[ - protos.google.cloud.kms.v1.IImportJob[], - protos.google.cloud.kms.v1.IListImportJobsRequest|null, - protos.google.cloud.kms.v1.IListImportJobsResponse - ]>; - listImportJobs( - request: protos.google.cloud.kms.v1.IListImportJobsRequest, - options: CallOptions, - callback: PaginationCallback< - protos.google.cloud.kms.v1.IListImportJobsRequest, - protos.google.cloud.kms.v1.IListImportJobsResponse|null|undefined, - protos.google.cloud.kms.v1.IImportJob>): void; - listImportJobs( - request: protos.google.cloud.kms.v1.IListImportJobsRequest, - callback: PaginationCallback< - protos.google.cloud.kms.v1.IListImportJobsRequest, - protos.google.cloud.kms.v1.IListImportJobsResponse|null|undefined, - protos.google.cloud.kms.v1.IImportJob>): void; -/** - * Lists {@link google.cloud.kms.v1.ImportJob|ImportJobs}. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to list, in the format - * `projects/* /locations/* /keyRings/*`. - * @param {number} [request.pageSize] - * Optional. Optional limit on the number of {@link google.cloud.kms.v1.ImportJob|ImportJobs} to include in the - * response. Further {@link google.cloud.kms.v1.ImportJob|ImportJobs} can subsequently be obtained by - * including the {@link google.cloud.kms.v1.ListImportJobsResponse.next_page_token|ListImportJobsResponse.next_page_token} in a subsequent - * request. If unspecified, the server will pick an appropriate default. - * @param {string} [request.pageToken] - * Optional. Optional pagination token, returned earlier via - * {@link google.cloud.kms.v1.ListImportJobsResponse.next_page_token|ListImportJobsResponse.next_page_token}. - * @param {string} [request.filter] - * Optional. Only include resources that match the filter in the response. For - * more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {string} [request.orderBy] - * Optional. Specify how the results should be sorted. If not specified, the - * results will be sorted in the default order. For more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is Array of [ImportJob]{@link google.cloud.kms.v1.ImportJob}. - * The client library will perform auto-pagination by default: it will call the API as many - * times as needed and will merge results from all the pages into this array. - * Note that it can affect your quota. - * We recommend using `listImportJobsAsync()` - * method described below for async iteration which you can stop as needed. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - */ - listImportJobs( - request?: protos.google.cloud.kms.v1.IListImportJobsRequest, - optionsOrCallback?: CallOptions|PaginationCallback< - protos.google.cloud.kms.v1.IListImportJobsRequest, - protos.google.cloud.kms.v1.IListImportJobsResponse|null|undefined, - protos.google.cloud.kms.v1.IImportJob>, - callback?: PaginationCallback< - protos.google.cloud.kms.v1.IListImportJobsRequest, - protos.google.cloud.kms.v1.IListImportJobsResponse|null|undefined, - protos.google.cloud.kms.v1.IImportJob>): - Promise<[ - protos.google.cloud.kms.v1.IImportJob[], - protos.google.cloud.kms.v1.IListImportJobsRequest|null, - protos.google.cloud.kms.v1.IListImportJobsResponse - ]>|void { - request = request || {}; - let options: CallOptions; - if (typeof optionsOrCallback === 'function' && callback === undefined) { - callback = optionsOrCallback; - options = {}; - } - else { - options = optionsOrCallback as CallOptions; - } - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - this.initialize(); - return this.innerApiCalls.listImportJobs(request, options, callback); - } - -/** - * Equivalent to `method.name.toCamelCase()`, but returns a NodeJS Stream object. - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to list, in the format - * `projects/* /locations/* /keyRings/*`. - * @param {number} [request.pageSize] - * Optional. Optional limit on the number of {@link google.cloud.kms.v1.ImportJob|ImportJobs} to include in the - * response. Further {@link google.cloud.kms.v1.ImportJob|ImportJobs} can subsequently be obtained by - * including the {@link google.cloud.kms.v1.ListImportJobsResponse.next_page_token|ListImportJobsResponse.next_page_token} in a subsequent - * request. If unspecified, the server will pick an appropriate default. - * @param {string} [request.pageToken] - * Optional. Optional pagination token, returned earlier via - * {@link google.cloud.kms.v1.ListImportJobsResponse.next_page_token|ListImportJobsResponse.next_page_token}. - * @param {string} [request.filter] - * Optional. Only include resources that match the filter in the response. For - * more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {string} [request.orderBy] - * Optional. Specify how the results should be sorted. If not specified, the - * results will be sorted in the default order. For more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Stream} - * An object stream which emits an object representing [ImportJob]{@link google.cloud.kms.v1.ImportJob} on 'data' event. - * The client library will perform auto-pagination by default: it will call the API as many - * times as needed. Note that it can affect your quota. - * We recommend using `listImportJobsAsync()` - * method described below for async iteration which you can stop as needed. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - */ - listImportJobsStream( - request?: protos.google.cloud.kms.v1.IListImportJobsRequest, - options?: CallOptions): - Transform{ - request = request || {}; - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - const callSettings = new gax.CallSettings(options); - this.initialize(); - return this.descriptors.page.listImportJobs.createStream( - this.innerApiCalls.listImportJobs as gax.GaxCall, - request, - callSettings - ); - } - -/** - * Equivalent to `listImportJobs`, but returns an iterable object. - * - * `for`-`await`-`of` syntax is used with the iterable to get response elements on-demand. - * @param {Object} request - * The request object that will be sent. - * @param {string} request.parent - * Required. The resource name of the {@link google.cloud.kms.v1.KeyRing|KeyRing} to list, in the format - * `projects/* /locations/* /keyRings/*`. - * @param {number} [request.pageSize] - * Optional. Optional limit on the number of {@link google.cloud.kms.v1.ImportJob|ImportJobs} to include in the - * response. Further {@link google.cloud.kms.v1.ImportJob|ImportJobs} can subsequently be obtained by - * including the {@link google.cloud.kms.v1.ListImportJobsResponse.next_page_token|ListImportJobsResponse.next_page_token} in a subsequent - * request. If unspecified, the server will pick an appropriate default. - * @param {string} [request.pageToken] - * Optional. Optional pagination token, returned earlier via - * {@link google.cloud.kms.v1.ListImportJobsResponse.next_page_token|ListImportJobsResponse.next_page_token}. - * @param {string} [request.filter] - * Optional. Only include resources that match the filter in the response. For - * more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {string} [request.orderBy] - * Optional. Specify how the results should be sorted. If not specified, the - * results will be sorted in the default order. For more information, see - * [Sorting and filtering list - * results](https://cloud.google.com/kms/docs/sorting-and-filtering). - * @param {object} [options] - * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. - * @returns {Object} - * An iterable Object that allows [async iteration](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Iteration_protocols). - * When you iterate the returned iterable, each element will be an object representing - * [ImportJob]{@link google.cloud.kms.v1.ImportJob}. The API will be called under the hood as needed, once per the page, - * so you can stop the iteration when you don't need more results. - * Please see the - * [documentation](https://github.com/googleapis/gax-nodejs/blob/master/client-libraries.md#auto-pagination) - * for more details and examples. - * @example - * const iterable = client.listImportJobsAsync(request); - * for await (const response of iterable) { - * // process response - * } - */ - listImportJobsAsync( - request?: protos.google.cloud.kms.v1.IListImportJobsRequest, - options?: CallOptions): - AsyncIterable{ - request = request || {}; - options = options || {}; - options.otherArgs = options.otherArgs || {}; - options.otherArgs.headers = options.otherArgs.headers || {}; - options.otherArgs.headers[ - 'x-goog-request-params' - ] = gax.routingHeader.fromParams({ - 'parent': request.parent || '', - }); - options = options || {}; - const callSettings = new gax.CallSettings(options); - this.initialize(); - return this.descriptors.page.listImportJobs.asyncIterate( - this.innerApiCalls['listImportJobs'] as GaxCall, - request as unknown as RequestType, - callSettings - ) as AsyncIterable; - } -/** - * Gets the access control policy for a resource. Returns an empty policy - * if the resource exists and does not have a policy set. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.resource - * REQUIRED: The resource for which the policy is being requested. - * See the operation documentation for the appropriate value for this field. - * @param {Object} [request.options] - * OPTIONAL: A `GetPolicyOptions` object for specifying options to - * `GetIamPolicy`. This field is only used by Cloud IAM. - * - * This object should have the same structure as [GetPolicyOptions]{@link google.iam.v1.GetPolicyOptions} - * @param {Object} [options] - * Optional parameters. You can override the default settings for this call, e.g, timeout, - * retries, paginations, etc. See [gax.CallOptions]{@link https://googleapis.github.io/gax-nodejs/interfaces/CallOptions.html} for the details. - * @param {function(?Error, ?Object)} [callback] - * The function which will be called with the result of the API call. - * - * The second parameter to the callback is an object representing [Policy]{@link google.iam.v1.Policy}. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [Policy]{@link google.iam.v1.Policy}. - * The promise has a method named "cancel" which cancels the ongoing API call. - */ - getIamPolicy( - request: IamProtos.google.iam.v1.GetIamPolicyRequest, - options?: - | gax.CallOptions - | Callback< - IamProtos.google.iam.v1.Policy, - IamProtos.google.iam.v1.GetIamPolicyRequest | null | undefined, - {} | null | undefined - >, - callback?: Callback< - IamProtos.google.iam.v1.Policy, - IamProtos.google.iam.v1.GetIamPolicyRequest | null | undefined, - {} | null | undefined - > - ):Promise { - return this.iamClient.getIamPolicy(request, options, callback); - } - -/** - * Returns permissions that a caller has on the specified resource. If the - * resource does not exist, this will return an empty set of - * permissions, not a NOT_FOUND error. - * - * Note: This operation is designed to be used for building - * permission-aware UIs and command-line tools, not for authorization - * checking. This operation may "fail open" without warning. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.resource - * REQUIRED: The resource for which the policy detail is being requested. - * See the operation documentation for the appropriate value for this field. - * @param {string[]} request.permissions - * The set of permissions to check for the `resource`. Permissions with - * wildcards (such as '*' or 'storage.*') are not allowed. For more - * information see - * [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). - * @param {Object} [options] - * Optional parameters. You can override the default settings for this call, e.g, timeout, - * retries, paginations, etc. See [gax.CallOptions]{@link https://googleapis.github.io/gax-nodejs/interfaces/CallOptions.html} for the details. - * @param {function(?Error, ?Object)} [callback] - * The function which will be called with the result of the API call. - * - * The second parameter to the callback is an object representing [TestIamPermissionsResponse]{@link google.iam.v1.TestIamPermissionsResponse}. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [TestIamPermissionsResponse]{@link google.iam.v1.TestIamPermissionsResponse}. - * The promise has a method named "cancel" which cancels the ongoing API call. - */ - setIamPolicy( - request: IamProtos.google.iam.v1.SetIamPolicyRequest, - options?: - | gax.CallOptions - | Callback< - IamProtos.google.iam.v1.Policy, - IamProtos.google.iam.v1.SetIamPolicyRequest | null | undefined, - {} | null | undefined - >, - callback?: Callback< - IamProtos.google.iam.v1.Policy, - IamProtos.google.iam.v1.SetIamPolicyRequest | null | undefined, - {} | null | undefined - > - ):Promise { - return this.iamClient.setIamPolicy(request, options, callback); - } - -/** - * Returns permissions that a caller has on the specified resource. If the - * resource does not exist, this will return an empty set of - * permissions, not a NOT_FOUND error. - * - * Note: This operation is designed to be used for building - * permission-aware UIs and command-line tools, not for authorization - * checking. This operation may "fail open" without warning. - * - * @param {Object} request - * The request object that will be sent. - * @param {string} request.resource - * REQUIRED: The resource for which the policy detail is being requested. - * See the operation documentation for the appropriate value for this field. - * @param {string[]} request.permissions - * The set of permissions to check for the `resource`. Permissions with - * wildcards (such as '*' or 'storage.*') are not allowed. For more - * information see - * [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). - * @param {Object} [options] - * Optional parameters. You can override the default settings for this call, e.g, timeout, - * retries, paginations, etc. See [gax.CallOptions]{@link https://googleapis.github.io/gax-nodejs/interfaces/CallOptions.html} for the details. - * @param {function(?Error, ?Object)} [callback] - * The function which will be called with the result of the API call. - * - * The second parameter to the callback is an object representing [TestIamPermissionsResponse]{@link google.iam.v1.TestIamPermissionsResponse}. - * @returns {Promise} - The promise which resolves to an array. - * The first element of the array is an object representing [TestIamPermissionsResponse]{@link google.iam.v1.TestIamPermissionsResponse}. - * The promise has a method named "cancel" which cancels the ongoing API call. - * - */ - testIamPermissions( - request: IamProtos.google.iam.v1.TestIamPermissionsRequest, - options?: - | gax.CallOptions - | Callback< - IamProtos.google.iam.v1.TestIamPermissionsResponse, - IamProtos.google.iam.v1.TestIamPermissionsRequest | null | undefined, - {} | null | undefined - >, - callback?: Callback< - IamProtos.google.iam.v1.TestIamPermissionsResponse, - IamProtos.google.iam.v1.TestIamPermissionsRequest | null | undefined, - {} | null | undefined - > - ):Promise { - return this.iamClient.testIamPermissions(request, options, callback); - } - - // -------------------- - // -- Path templates -- - // -------------------- - - /** - * Return a fully-qualified cryptoKey resource name string. - * - * @param {string} project - * @param {string} location - * @param {string} key_ring - * @param {string} crypto_key - * @returns {string} Resource name string. - */ - cryptoKeyPath(project:string,location:string,keyRing:string,cryptoKey:string) { - return this.pathTemplates.cryptoKeyPathTemplate.render({ - project: project, - location: location, - key_ring: keyRing, - crypto_key: cryptoKey, - }); - } - - /** - * Parse the project from CryptoKey resource. - * - * @param {string} cryptoKeyName - * A fully-qualified path representing CryptoKey resource. - * @returns {string} A string representing the project. - */ - matchProjectFromCryptoKeyName(cryptoKeyName: string) { - return this.pathTemplates.cryptoKeyPathTemplate.match(cryptoKeyName).project; - } - - /** - * Parse the location from CryptoKey resource. - * - * @param {string} cryptoKeyName - * A fully-qualified path representing CryptoKey resource. - * @returns {string} A string representing the location. - */ - matchLocationFromCryptoKeyName(cryptoKeyName: string) { - return this.pathTemplates.cryptoKeyPathTemplate.match(cryptoKeyName).location; - } - - /** - * Parse the key_ring from CryptoKey resource. - * - * @param {string} cryptoKeyName - * A fully-qualified path representing CryptoKey resource. - * @returns {string} A string representing the key_ring. - */ - matchKeyRingFromCryptoKeyName(cryptoKeyName: string) { - return this.pathTemplates.cryptoKeyPathTemplate.match(cryptoKeyName).key_ring; - } - - /** - * Parse the crypto_key from CryptoKey resource. - * - * @param {string} cryptoKeyName - * A fully-qualified path representing CryptoKey resource. - * @returns {string} A string representing the crypto_key. - */ - matchCryptoKeyFromCryptoKeyName(cryptoKeyName: string) { - return this.pathTemplates.cryptoKeyPathTemplate.match(cryptoKeyName).crypto_key; - } - - /** - * Return a fully-qualified cryptoKeyVersion resource name string. - * - * @param {string} project - * @param {string} location - * @param {string} key_ring - * @param {string} crypto_key - * @param {string} crypto_key_version - * @returns {string} Resource name string. - */ - cryptoKeyVersionPath(project:string,location:string,keyRing:string,cryptoKey:string,cryptoKeyVersion:string) { - return this.pathTemplates.cryptoKeyVersionPathTemplate.render({ - project: project, - location: location, - key_ring: keyRing, - crypto_key: cryptoKey, - crypto_key_version: cryptoKeyVersion, - }); - } - - /** - * Parse the project from CryptoKeyVersion resource. - * - * @param {string} cryptoKeyVersionName - * A fully-qualified path representing CryptoKeyVersion resource. - * @returns {string} A string representing the project. - */ - matchProjectFromCryptoKeyVersionName(cryptoKeyVersionName: string) { - return this.pathTemplates.cryptoKeyVersionPathTemplate.match(cryptoKeyVersionName).project; - } - - /** - * Parse the location from CryptoKeyVersion resource. - * - * @param {string} cryptoKeyVersionName - * A fully-qualified path representing CryptoKeyVersion resource. - * @returns {string} A string representing the location. - */ - matchLocationFromCryptoKeyVersionName(cryptoKeyVersionName: string) { - return this.pathTemplates.cryptoKeyVersionPathTemplate.match(cryptoKeyVersionName).location; - } - - /** - * Parse the key_ring from CryptoKeyVersion resource. - * - * @param {string} cryptoKeyVersionName - * A fully-qualified path representing CryptoKeyVersion resource. - * @returns {string} A string representing the key_ring. - */ - matchKeyRingFromCryptoKeyVersionName(cryptoKeyVersionName: string) { - return this.pathTemplates.cryptoKeyVersionPathTemplate.match(cryptoKeyVersionName).key_ring; - } - - /** - * Parse the crypto_key from CryptoKeyVersion resource. - * - * @param {string} cryptoKeyVersionName - * A fully-qualified path representing CryptoKeyVersion resource. - * @returns {string} A string representing the crypto_key. - */ - matchCryptoKeyFromCryptoKeyVersionName(cryptoKeyVersionName: string) { - return this.pathTemplates.cryptoKeyVersionPathTemplate.match(cryptoKeyVersionName).crypto_key; - } - - /** - * Parse the crypto_key_version from CryptoKeyVersion resource. - * - * @param {string} cryptoKeyVersionName - * A fully-qualified path representing CryptoKeyVersion resource. - * @returns {string} A string representing the crypto_key_version. - */ - matchCryptoKeyVersionFromCryptoKeyVersionName(cryptoKeyVersionName: string) { - return this.pathTemplates.cryptoKeyVersionPathTemplate.match(cryptoKeyVersionName).crypto_key_version; - } - - /** - * Return a fully-qualified importJob resource name string. - * - * @param {string} project - * @param {string} location - * @param {string} key_ring - * @param {string} import_job - * @returns {string} Resource name string. - */ - importJobPath(project:string,location:string,keyRing:string,importJob:string) { - return this.pathTemplates.importJobPathTemplate.render({ - project: project, - location: location, - key_ring: keyRing, - import_job: importJob, - }); - } - - /** - * Parse the project from ImportJob resource. - * - * @param {string} importJobName - * A fully-qualified path representing ImportJob resource. - * @returns {string} A string representing the project. - */ - matchProjectFromImportJobName(importJobName: string) { - return this.pathTemplates.importJobPathTemplate.match(importJobName).project; - } - - /** - * Parse the location from ImportJob resource. - * - * @param {string} importJobName - * A fully-qualified path representing ImportJob resource. - * @returns {string} A string representing the location. - */ - matchLocationFromImportJobName(importJobName: string) { - return this.pathTemplates.importJobPathTemplate.match(importJobName).location; - } - - /** - * Parse the key_ring from ImportJob resource. - * - * @param {string} importJobName - * A fully-qualified path representing ImportJob resource. - * @returns {string} A string representing the key_ring. - */ - matchKeyRingFromImportJobName(importJobName: string) { - return this.pathTemplates.importJobPathTemplate.match(importJobName).key_ring; - } - - /** - * Parse the import_job from ImportJob resource. - * - * @param {string} importJobName - * A fully-qualified path representing ImportJob resource. - * @returns {string} A string representing the import_job. - */ - matchImportJobFromImportJobName(importJobName: string) { - return this.pathTemplates.importJobPathTemplate.match(importJobName).import_job; - } - - /** - * Return a fully-qualified keyRing resource name string. - * - * @param {string} project - * @param {string} location - * @param {string} key_ring - * @returns {string} Resource name string. - */ - keyRingPath(project:string,location:string,keyRing:string) { - return this.pathTemplates.keyRingPathTemplate.render({ - project: project, - location: location, - key_ring: keyRing, - }); - } - - /** - * Parse the project from KeyRing resource. - * - * @param {string} keyRingName - * A fully-qualified path representing KeyRing resource. - * @returns {string} A string representing the project. - */ - matchProjectFromKeyRingName(keyRingName: string) { - return this.pathTemplates.keyRingPathTemplate.match(keyRingName).project; - } - - /** - * Parse the location from KeyRing resource. - * - * @param {string} keyRingName - * A fully-qualified path representing KeyRing resource. - * @returns {string} A string representing the location. - */ - matchLocationFromKeyRingName(keyRingName: string) { - return this.pathTemplates.keyRingPathTemplate.match(keyRingName).location; - } - - /** - * Parse the key_ring from KeyRing resource. - * - * @param {string} keyRingName - * A fully-qualified path representing KeyRing resource. - * @returns {string} A string representing the key_ring. - */ - matchKeyRingFromKeyRingName(keyRingName: string) { - return this.pathTemplates.keyRingPathTemplate.match(keyRingName).key_ring; - } - - /** - * Return a fully-qualified location resource name string. - * - * @param {string} project - * @param {string} location - * @returns {string} Resource name string. - */ - locationPath(project:string,location:string) { - return this.pathTemplates.locationPathTemplate.render({ - project: project, - location: location, - }); - } - - /** - * Parse the project from Location resource. - * - * @param {string} locationName - * A fully-qualified path representing Location resource. - * @returns {string} A string representing the project. - */ - matchProjectFromLocationName(locationName: string) { - return this.pathTemplates.locationPathTemplate.match(locationName).project; - } - - /** - * Parse the location from Location resource. - * - * @param {string} locationName - * A fully-qualified path representing Location resource. - * @returns {string} A string representing the location. - */ - matchLocationFromLocationName(locationName: string) { - return this.pathTemplates.locationPathTemplate.match(locationName).location; - } - - /** - * Return a fully-qualified publicKey resource name string. - * - * @param {string} project - * @param {string} location - * @param {string} key_ring - * @param {string} crypto_key - * @param {string} crypto_key_version - * @returns {string} Resource name string. - */ - publicKeyPath(project:string,location:string,keyRing:string,cryptoKey:string,cryptoKeyVersion:string) { - return this.pathTemplates.publicKeyPathTemplate.render({ - project: project, - location: location, - key_ring: keyRing, - crypto_key: cryptoKey, - crypto_key_version: cryptoKeyVersion, - }); - } - - /** - * Parse the project from PublicKey resource. - * - * @param {string} publicKeyName - * A fully-qualified path representing PublicKey resource. - * @returns {string} A string representing the project. - */ - matchProjectFromPublicKeyName(publicKeyName: string) { - return this.pathTemplates.publicKeyPathTemplate.match(publicKeyName).project; - } - - /** - * Parse the location from PublicKey resource. - * - * @param {string} publicKeyName - * A fully-qualified path representing PublicKey resource. - * @returns {string} A string representing the location. - */ - matchLocationFromPublicKeyName(publicKeyName: string) { - return this.pathTemplates.publicKeyPathTemplate.match(publicKeyName).location; - } - - /** - * Parse the key_ring from PublicKey resource. - * - * @param {string} publicKeyName - * A fully-qualified path representing PublicKey resource. - * @returns {string} A string representing the key_ring. - */ - matchKeyRingFromPublicKeyName(publicKeyName: string) { - return this.pathTemplates.publicKeyPathTemplate.match(publicKeyName).key_ring; - } - - /** - * Parse the crypto_key from PublicKey resource. - * - * @param {string} publicKeyName - * A fully-qualified path representing PublicKey resource. - * @returns {string} A string representing the crypto_key. - */ - matchCryptoKeyFromPublicKeyName(publicKeyName: string) { - return this.pathTemplates.publicKeyPathTemplate.match(publicKeyName).crypto_key; - } - - /** - * Parse the crypto_key_version from PublicKey resource. - * - * @param {string} publicKeyName - * A fully-qualified path representing PublicKey resource. - * @returns {string} A string representing the crypto_key_version. - */ - matchCryptoKeyVersionFromPublicKeyName(publicKeyName: string) { - return this.pathTemplates.publicKeyPathTemplate.match(publicKeyName).crypto_key_version; - } - - /** - * Terminate the gRPC channel and close the client. - * - * The client will no longer be usable and all future behavior is undefined. - * @returns {Promise} A promise that resolves when the client is closed. - */ - close(): Promise { - this.initialize(); - if (!this._terminated) { - return this.keyManagementServiceStub!.then(stub => { - this._terminated = true; - stub.close(); - this.iamClient.close(); - }); - } - return Promise.resolve(); - } -} diff --git a/owl-bot-staging/v1/src/v1/key_management_service_client_config.json b/owl-bot-staging/v1/src/v1/key_management_service_client_config.json deleted file mode 100644 index 15426292..00000000 --- a/owl-bot-staging/v1/src/v1/key_management_service_client_config.json +++ /dev/null @@ -1,153 +0,0 @@ -{ - "interfaces": { - "google.cloud.kms.v1.KeyManagementService": { - "retry_codes": { - "non_idempotent": [], - "idempotent": [ - "DEADLINE_EXCEEDED", - "UNAVAILABLE" - ] - }, - "retry_params": { - "default": { - "initial_retry_delay_millis": 100, - "retry_delay_multiplier": 1.3, - "max_retry_delay_millis": 60000, - "initial_rpc_timeout_millis": 60000, - "rpc_timeout_multiplier": 1, - "max_rpc_timeout_millis": 60000, - "total_timeout_millis": 600000 - } - }, - "methods": { - "ListKeyRings": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "ListCryptoKeys": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "ListCryptoKeyVersions": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "ListImportJobs": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "GetKeyRing": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "GetCryptoKey": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "GetCryptoKeyVersion": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "GetPublicKey": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "GetImportJob": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "CreateKeyRing": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "CreateCryptoKey": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "CreateCryptoKeyVersion": { - "timeout_millis": 60000, - "retry_codes_name": "non_idempotent", - "retry_params_name": "default" - }, - "ImportCryptoKeyVersion": { - "timeout_millis": 60000, - "retry_codes_name": "non_idempotent", - "retry_params_name": "default" - }, - "CreateImportJob": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "UpdateCryptoKey": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "UpdateCryptoKeyVersion": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "UpdateCryptoKeyPrimaryVersion": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "DestroyCryptoKeyVersion": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "RestoreCryptoKeyVersion": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "Encrypt": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "Decrypt": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "AsymmetricSign": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "AsymmetricDecrypt": { - "timeout_millis": 60000, - "retry_codes_name": "idempotent", - "retry_params_name": "default" - }, - "MacSign": { - "retry_codes_name": "non_idempotent", - "retry_params_name": "default" - }, - "MacVerify": { - "retry_codes_name": "non_idempotent", - "retry_params_name": "default" - }, - "GenerateRandomBytes": { - "retry_codes_name": "non_idempotent", - "retry_params_name": "default" - } - } - } - } -} diff --git a/owl-bot-staging/v1/src/v1/key_management_service_proto_list.json b/owl-bot-staging/v1/src/v1/key_management_service_proto_list.json deleted file mode 100644 index b7e20599..00000000 --- a/owl-bot-staging/v1/src/v1/key_management_service_proto_list.json +++ /dev/null @@ -1,4 +0,0 @@ -[ - "../../protos/google/cloud/kms/v1/resources.proto", - "../../protos/google/cloud/kms/v1/service.proto" -] diff --git a/owl-bot-staging/v1/system-test/fixtures/sample/src/index.js b/owl-bot-staging/v1/system-test/fixtures/sample/src/index.js deleted file mode 100644 index 02b65ac2..00000000 --- a/owl-bot-staging/v1/system-test/fixtures/sample/src/index.js +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - - -/* eslint-disable node/no-missing-require, no-unused-vars */ -const kms = require('@google-cloud/kms'); - -function main() { - const keyManagementServiceClient = new kms.KeyManagementServiceClient(); -} - -main(); diff --git a/owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts b/owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts deleted file mode 100644 index bbefa665..00000000 --- a/owl-bot-staging/v1/system-test/fixtures/sample/src/index.ts +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import {KeyManagementServiceClient} from '@google-cloud/kms'; - -// check that the client class type name can be used -function doStuffWithKeyManagementServiceClient(client: KeyManagementServiceClient) { - client.close(); -} - -function main() { - // check that the client instance can be created - const keyManagementServiceClient = new KeyManagementServiceClient(); - doStuffWithKeyManagementServiceClient(keyManagementServiceClient); -} - -main(); diff --git a/owl-bot-staging/v1/system-test/install.ts b/owl-bot-staging/v1/system-test/install.ts deleted file mode 100644 index 1f850b52..00000000 --- a/owl-bot-staging/v1/system-test/install.ts +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import { packNTest } from 'pack-n-play'; -import { readFileSync } from 'fs'; -import { describe, it } from 'mocha'; - -describe('📦 pack-n-play test', () => { - - it('TypeScript code', async function() { - this.timeout(300000); - const options = { - packageDir: process.cwd(), - sample: { - description: 'TypeScript user can use the type definitions', - ts: readFileSync('./system-test/fixtures/sample/src/index.ts').toString() - } - }; - await packNTest(options); - }); - - it('JavaScript code', async function() { - this.timeout(300000); - const options = { - packageDir: process.cwd(), - sample: { - description: 'JavaScript user can use the library', - ts: readFileSync('./system-test/fixtures/sample/src/index.js').toString() - } - }; - await packNTest(options); - }); - -}); diff --git a/owl-bot-staging/v1/test/gapic_key_management_service_v1.ts b/owl-bot-staging/v1/test/gapic_key_management_service_v1.ts deleted file mode 100644 index fc5b613f..00000000 --- a/owl-bot-staging/v1/test/gapic_key_management_service_v1.ts +++ /dev/null @@ -1,3508 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// -// ** This file is automatically generated by gapic-generator-typescript. ** -// ** https://github.com/googleapis/gapic-generator-typescript ** -// ** All changes to this file may be overwritten. ** - -import * as protos from '../protos/protos'; -import * as assert from 'assert'; -import * as sinon from 'sinon'; -import {SinonStub} from 'sinon'; -import { describe, it } from 'mocha'; -import * as keymanagementserviceModule from '../src'; - -import {PassThrough} from 'stream'; - -import {protobuf, IamProtos} from 'google-gax'; - -function generateSampleMessage(instance: T) { - const filledObject = (instance.constructor as typeof protobuf.Message) - .toObject(instance as protobuf.Message, {defaults: true}); - return (instance.constructor as typeof protobuf.Message).fromObject(filledObject) as T; -} - -function stubSimpleCall(response?: ResponseType, error?: Error) { - return error ? sinon.stub().rejects(error) : sinon.stub().resolves([response]); -} - -function stubSimpleCallWithCallback(response?: ResponseType, error?: Error) { - return error ? sinon.stub().callsArgWith(2, error) : sinon.stub().callsArgWith(2, null, response); -} - -function stubPageStreamingCall(responses?: ResponseType[], error?: Error) { - const pagingStub = sinon.stub(); - if (responses) { - for (let i = 0; i < responses.length; ++i) { - pagingStub.onCall(i).callsArgWith(2, null, responses[i]); - } - } - const transformStub = error ? sinon.stub().callsArgWith(2, error) : pagingStub; - const mockStream = new PassThrough({ - objectMode: true, - transform: transformStub, - }); - // trigger as many responses as needed - if (responses) { - for (let i = 0; i < responses.length; ++i) { - setImmediate(() => { mockStream.write({}); }); - } - setImmediate(() => { mockStream.end(); }); - } else { - setImmediate(() => { mockStream.write({}); }); - setImmediate(() => { mockStream.end(); }); - } - return sinon.stub().returns(mockStream); -} - -function stubAsyncIterationCall(responses?: ResponseType[], error?: Error) { - let counter = 0; - const asyncIterable = { - [Symbol.asyncIterator]() { - return { - async next() { - if (error) { - return Promise.reject(error); - } - if (counter >= responses!.length) { - return Promise.resolve({done: true, value: undefined}); - } - return Promise.resolve({done: false, value: responses![counter++]}); - } - }; - } - }; - return sinon.stub().returns(asyncIterable); -} - -describe('v1.KeyManagementServiceClient', () => { - it('has servicePath', () => { - const servicePath = keymanagementserviceModule.v1.KeyManagementServiceClient.servicePath; - assert(servicePath); - }); - - it('has apiEndpoint', () => { - const apiEndpoint = keymanagementserviceModule.v1.KeyManagementServiceClient.apiEndpoint; - assert(apiEndpoint); - }); - - it('has port', () => { - const port = keymanagementserviceModule.v1.KeyManagementServiceClient.port; - assert(port); - assert(typeof port === 'number'); - }); - - it('should create a client with no option', () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient(); - assert(client); - }); - - it('should create a client with gRPC fallback', () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - fallback: true, - }); - assert(client); - }); - - it('has initialize method and supports deferred initialization', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - assert.strictEqual(client.keyManagementServiceStub, undefined); - await client.initialize(); - assert(client.keyManagementServiceStub); - }); - - it('has close method', () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.close(); - }); - - it('has getProjectId method', async () => { - const fakeProjectId = 'fake-project-id'; - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.auth.getProjectId = sinon.stub().resolves(fakeProjectId); - const result = await client.getProjectId(); - assert.strictEqual(result, fakeProjectId); - assert((client.auth.getProjectId as SinonStub).calledWithExactly()); - }); - - it('has getProjectId method with callback', async () => { - const fakeProjectId = 'fake-project-id'; - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.auth.getProjectId = sinon.stub().callsArgWith(0, null, fakeProjectId); - const promise = new Promise((resolve, reject) => { - client.getProjectId((err?: Error|null, projectId?: string|null) => { - if (err) { - reject(err); - } else { - resolve(projectId); - } - }); - }); - const result = await promise; - assert.strictEqual(result, fakeProjectId); - }); - - describe('getKeyRing', () => { - it('invokes getKeyRing without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetKeyRingRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()); - client.innerApiCalls.getKeyRing = stubSimpleCall(expectedResponse); - const [response] = await client.getKeyRing(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getKeyRing as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getKeyRing without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetKeyRingRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()); - client.innerApiCalls.getKeyRing = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.getKeyRing( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IKeyRing|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getKeyRing as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes getKeyRing with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetKeyRingRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.getKeyRing = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.getKeyRing(request), expectedError); - assert((client.innerApiCalls.getKeyRing as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('getCryptoKey', () => { - it('invokes getCryptoKey without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetCryptoKeyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); - client.innerApiCalls.getCryptoKey = stubSimpleCall(expectedResponse); - const [response] = await client.getCryptoKey(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getCryptoKey as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getCryptoKey without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetCryptoKeyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); - client.innerApiCalls.getCryptoKey = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.getCryptoKey( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKey|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getCryptoKey as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes getCryptoKey with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetCryptoKeyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.getCryptoKey = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.getCryptoKey(request), expectedError); - assert((client.innerApiCalls.getCryptoKey as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('getCryptoKeyVersion', () => { - it('invokes getCryptoKeyVersion without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetCryptoKeyVersionRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); - client.innerApiCalls.getCryptoKeyVersion = stubSimpleCall(expectedResponse); - const [response] = await client.getCryptoKeyVersion(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getCryptoKeyVersion without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetCryptoKeyVersionRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); - client.innerApiCalls.getCryptoKeyVersion = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.getCryptoKeyVersion( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes getCryptoKeyVersion with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetCryptoKeyVersionRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.getCryptoKeyVersion = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.getCryptoKeyVersion(request), expectedError); - assert((client.innerApiCalls.getCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('getPublicKey', () => { - it('invokes getPublicKey without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetPublicKeyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.PublicKey()); - client.innerApiCalls.getPublicKey = stubSimpleCall(expectedResponse); - const [response] = await client.getPublicKey(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getPublicKey as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getPublicKey without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetPublicKeyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.PublicKey()); - client.innerApiCalls.getPublicKey = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.getPublicKey( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IPublicKey|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getPublicKey as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes getPublicKey with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetPublicKeyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.getPublicKey = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.getPublicKey(request), expectedError); - assert((client.innerApiCalls.getPublicKey as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('getImportJob', () => { - it('invokes getImportJob without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetImportJobRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()); - client.innerApiCalls.getImportJob = stubSimpleCall(expectedResponse); - const [response] = await client.getImportJob(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getImportJob as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes getImportJob without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetImportJobRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()); - client.innerApiCalls.getImportJob = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.getImportJob( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IImportJob|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.getImportJob as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes getImportJob with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GetImportJobRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.getImportJob = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.getImportJob(request), expectedError); - assert((client.innerApiCalls.getImportJob as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('createKeyRing', () => { - it('invokes createKeyRing without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateKeyRingRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()); - client.innerApiCalls.createKeyRing = stubSimpleCall(expectedResponse); - const [response] = await client.createKeyRing(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.createKeyRing as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes createKeyRing without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateKeyRingRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()); - client.innerApiCalls.createKeyRing = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.createKeyRing( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IKeyRing|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.createKeyRing as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes createKeyRing with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateKeyRingRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.createKeyRing = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.createKeyRing(request), expectedError); - assert((client.innerApiCalls.createKeyRing as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('createCryptoKey', () => { - it('invokes createCryptoKey without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateCryptoKeyRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); - client.innerApiCalls.createCryptoKey = stubSimpleCall(expectedResponse); - const [response] = await client.createCryptoKey(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.createCryptoKey as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes createCryptoKey without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateCryptoKeyRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); - client.innerApiCalls.createCryptoKey = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.createCryptoKey( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKey|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.createCryptoKey as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes createCryptoKey with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateCryptoKeyRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.createCryptoKey = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.createCryptoKey(request), expectedError); - assert((client.innerApiCalls.createCryptoKey as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('createCryptoKeyVersion', () => { - it('invokes createCryptoKeyVersion without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateCryptoKeyVersionRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); - client.innerApiCalls.createCryptoKeyVersion = stubSimpleCall(expectedResponse); - const [response] = await client.createCryptoKeyVersion(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.createCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes createCryptoKeyVersion without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateCryptoKeyVersionRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); - client.innerApiCalls.createCryptoKeyVersion = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.createCryptoKeyVersion( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.createCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes createCryptoKeyVersion with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateCryptoKeyVersionRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.createCryptoKeyVersion = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.createCryptoKeyVersion(request), expectedError); - assert((client.innerApiCalls.createCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('importCryptoKeyVersion', () => { - it('invokes importCryptoKeyVersion without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ImportCryptoKeyVersionRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); - client.innerApiCalls.importCryptoKeyVersion = stubSimpleCall(expectedResponse); - const [response] = await client.importCryptoKeyVersion(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.importCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes importCryptoKeyVersion without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ImportCryptoKeyVersionRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); - client.innerApiCalls.importCryptoKeyVersion = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.importCryptoKeyVersion( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.importCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes importCryptoKeyVersion with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ImportCryptoKeyVersionRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.importCryptoKeyVersion = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.importCryptoKeyVersion(request), expectedError); - assert((client.innerApiCalls.importCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('createImportJob', () => { - it('invokes createImportJob without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateImportJobRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()); - client.innerApiCalls.createImportJob = stubSimpleCall(expectedResponse); - const [response] = await client.createImportJob(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.createImportJob as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes createImportJob without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateImportJobRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()); - client.innerApiCalls.createImportJob = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.createImportJob( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IImportJob|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.createImportJob as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes createImportJob with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.CreateImportJobRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.createImportJob = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.createImportJob(request), expectedError); - assert((client.innerApiCalls.createImportJob as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('updateCryptoKey', () => { - it('invokes updateCryptoKey without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyRequest()); - request.cryptoKey = {}; - request.cryptoKey.name = ''; - const expectedHeaderRequestParams = "crypto_key.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); - client.innerApiCalls.updateCryptoKey = stubSimpleCall(expectedResponse); - const [response] = await client.updateCryptoKey(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updateCryptoKey as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes updateCryptoKey without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyRequest()); - request.cryptoKey = {}; - request.cryptoKey.name = ''; - const expectedHeaderRequestParams = "crypto_key.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); - client.innerApiCalls.updateCryptoKey = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.updateCryptoKey( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKey|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updateCryptoKey as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes updateCryptoKey with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyRequest()); - request.cryptoKey = {}; - request.cryptoKey.name = ''; - const expectedHeaderRequestParams = "crypto_key.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.updateCryptoKey = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.updateCryptoKey(request), expectedError); - assert((client.innerApiCalls.updateCryptoKey as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('updateCryptoKeyVersion', () => { - it('invokes updateCryptoKeyVersion without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyVersionRequest()); - request.cryptoKeyVersion = {}; - request.cryptoKeyVersion.name = ''; - const expectedHeaderRequestParams = "crypto_key_version.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); - client.innerApiCalls.updateCryptoKeyVersion = stubSimpleCall(expectedResponse); - const [response] = await client.updateCryptoKeyVersion(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updateCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes updateCryptoKeyVersion without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyVersionRequest()); - request.cryptoKeyVersion = {}; - request.cryptoKeyVersion.name = ''; - const expectedHeaderRequestParams = "crypto_key_version.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); - client.innerApiCalls.updateCryptoKeyVersion = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.updateCryptoKeyVersion( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updateCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes updateCryptoKeyVersion with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyVersionRequest()); - request.cryptoKeyVersion = {}; - request.cryptoKeyVersion.name = ''; - const expectedHeaderRequestParams = "crypto_key_version.name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.updateCryptoKeyVersion = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.updateCryptoKeyVersion(request), expectedError); - assert((client.innerApiCalls.updateCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('updateCryptoKeyPrimaryVersion', () => { - it('invokes updateCryptoKeyPrimaryVersion without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyPrimaryVersionRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); - client.innerApiCalls.updateCryptoKeyPrimaryVersion = stubSimpleCall(expectedResponse); - const [response] = await client.updateCryptoKeyPrimaryVersion(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updateCryptoKeyPrimaryVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes updateCryptoKeyPrimaryVersion without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyPrimaryVersionRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()); - client.innerApiCalls.updateCryptoKeyPrimaryVersion = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.updateCryptoKeyPrimaryVersion( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKey|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.updateCryptoKeyPrimaryVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes updateCryptoKeyPrimaryVersion with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.UpdateCryptoKeyPrimaryVersionRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.updateCryptoKeyPrimaryVersion = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.updateCryptoKeyPrimaryVersion(request), expectedError); - assert((client.innerApiCalls.updateCryptoKeyPrimaryVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('destroyCryptoKeyVersion', () => { - it('invokes destroyCryptoKeyVersion without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.DestroyCryptoKeyVersionRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); - client.innerApiCalls.destroyCryptoKeyVersion = stubSimpleCall(expectedResponse); - const [response] = await client.destroyCryptoKeyVersion(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.destroyCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes destroyCryptoKeyVersion without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.DestroyCryptoKeyVersionRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); - client.innerApiCalls.destroyCryptoKeyVersion = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.destroyCryptoKeyVersion( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.destroyCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes destroyCryptoKeyVersion with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.DestroyCryptoKeyVersionRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.destroyCryptoKeyVersion = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.destroyCryptoKeyVersion(request), expectedError); - assert((client.innerApiCalls.destroyCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('restoreCryptoKeyVersion', () => { - it('invokes restoreCryptoKeyVersion without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.RestoreCryptoKeyVersionRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); - client.innerApiCalls.restoreCryptoKeyVersion = stubSimpleCall(expectedResponse); - const [response] = await client.restoreCryptoKeyVersion(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.restoreCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes restoreCryptoKeyVersion without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.RestoreCryptoKeyVersionRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()); - client.innerApiCalls.restoreCryptoKeyVersion = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.restoreCryptoKeyVersion( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.restoreCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes restoreCryptoKeyVersion with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.RestoreCryptoKeyVersionRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.restoreCryptoKeyVersion = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.restoreCryptoKeyVersion(request), expectedError); - assert((client.innerApiCalls.restoreCryptoKeyVersion as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('encrypt', () => { - it('invokes encrypt without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.EncryptRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.EncryptResponse()); - client.innerApiCalls.encrypt = stubSimpleCall(expectedResponse); - const [response] = await client.encrypt(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.encrypt as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes encrypt without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.EncryptRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.EncryptResponse()); - client.innerApiCalls.encrypt = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.encrypt( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IEncryptResponse|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.encrypt as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes encrypt with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.EncryptRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.encrypt = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.encrypt(request), expectedError); - assert((client.innerApiCalls.encrypt as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('decrypt', () => { - it('invokes decrypt without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.DecryptRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.DecryptResponse()); - client.innerApiCalls.decrypt = stubSimpleCall(expectedResponse); - const [response] = await client.decrypt(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.decrypt as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes decrypt without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.DecryptRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.DecryptResponse()); - client.innerApiCalls.decrypt = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.decrypt( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IDecryptResponse|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.decrypt as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes decrypt with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.DecryptRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.decrypt = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.decrypt(request), expectedError); - assert((client.innerApiCalls.decrypt as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('asymmetricSign', () => { - it('invokes asymmetricSign without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricSignRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricSignResponse()); - client.innerApiCalls.asymmetricSign = stubSimpleCall(expectedResponse); - const [response] = await client.asymmetricSign(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.asymmetricSign as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes asymmetricSign without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricSignRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricSignResponse()); - client.innerApiCalls.asymmetricSign = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.asymmetricSign( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IAsymmetricSignResponse|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.asymmetricSign as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes asymmetricSign with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricSignRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.asymmetricSign = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.asymmetricSign(request), expectedError); - assert((client.innerApiCalls.asymmetricSign as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('asymmetricDecrypt', () => { - it('invokes asymmetricDecrypt without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricDecryptRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricDecryptResponse()); - client.innerApiCalls.asymmetricDecrypt = stubSimpleCall(expectedResponse); - const [response] = await client.asymmetricDecrypt(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.asymmetricDecrypt as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes asymmetricDecrypt without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricDecryptRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricDecryptResponse()); - client.innerApiCalls.asymmetricDecrypt = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.asymmetricDecrypt( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IAsymmetricDecryptResponse|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.asymmetricDecrypt as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes asymmetricDecrypt with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.AsymmetricDecryptRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.asymmetricDecrypt = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.asymmetricDecrypt(request), expectedError); - assert((client.innerApiCalls.asymmetricDecrypt as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('macSign', () => { - it('invokes macSign without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.MacSignRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.MacSignResponse()); - client.innerApiCalls.macSign = stubSimpleCall(expectedResponse); - const [response] = await client.macSign(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.macSign as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes macSign without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.MacSignRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.MacSignResponse()); - client.innerApiCalls.macSign = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.macSign( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IMacSignResponse|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.macSign as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes macSign with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.MacSignRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.macSign = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.macSign(request), expectedError); - assert((client.innerApiCalls.macSign as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('macVerify', () => { - it('invokes macVerify without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.MacVerifyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.MacVerifyResponse()); - client.innerApiCalls.macVerify = stubSimpleCall(expectedResponse); - const [response] = await client.macVerify(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.macVerify as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes macVerify without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.MacVerifyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.MacVerifyResponse()); - client.innerApiCalls.macVerify = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.macVerify( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IMacVerifyResponse|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.macVerify as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes macVerify with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.MacVerifyRequest()); - request.name = ''; - const expectedHeaderRequestParams = "name="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.macVerify = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.macVerify(request), expectedError); - assert((client.innerApiCalls.macVerify as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('generateRandomBytes', () => { - it('invokes generateRandomBytes without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GenerateRandomBytesRequest()); - request.location = ''; - const expectedHeaderRequestParams = "location="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.GenerateRandomBytesResponse()); - client.innerApiCalls.generateRandomBytes = stubSimpleCall(expectedResponse); - const [response] = await client.generateRandomBytes(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.generateRandomBytes as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes generateRandomBytes without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GenerateRandomBytesRequest()); - request.location = ''; - const expectedHeaderRequestParams = "location="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage(new protos.google.cloud.kms.v1.GenerateRandomBytesResponse()); - client.innerApiCalls.generateRandomBytes = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.generateRandomBytes( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IGenerateRandomBytesResponse|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.generateRandomBytes as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes generateRandomBytes with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.GenerateRandomBytesRequest()); - request.location = ''; - const expectedHeaderRequestParams = "location="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.generateRandomBytes = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.generateRandomBytes(request), expectedError); - assert((client.innerApiCalls.generateRandomBytes as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('listKeyRings', () => { - it('invokes listKeyRings without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), - generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), - generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), - ]; - client.innerApiCalls.listKeyRings = stubSimpleCall(expectedResponse); - const [response] = await client.listKeyRings(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.listKeyRings as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes listKeyRings without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), - generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), - generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), - ]; - client.innerApiCalls.listKeyRings = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.listKeyRings( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IKeyRing[]|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.listKeyRings as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes listKeyRings with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.listKeyRings = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.listKeyRings(request), expectedError); - assert((client.innerApiCalls.listKeyRings as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes listKeyRingsStream without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), - generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), - generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), - ]; - client.descriptors.page.listKeyRings.createStream = stubPageStreamingCall(expectedResponse); - const stream = client.listKeyRingsStream(request); - const promise = new Promise((resolve, reject) => { - const responses: protos.google.cloud.kms.v1.KeyRing[] = []; - stream.on('data', (response: protos.google.cloud.kms.v1.KeyRing) => { - responses.push(response); - }); - stream.on('end', () => { - resolve(responses); - }); - stream.on('error', (err: Error) => { - reject(err); - }); - }); - const responses = await promise; - assert.deepStrictEqual(responses, expectedResponse); - assert((client.descriptors.page.listKeyRings.createStream as SinonStub) - .getCall(0).calledWith(client.innerApiCalls.listKeyRings, request)); - assert.strictEqual( - (client.descriptors.page.listKeyRings.createStream as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('invokes listKeyRingsStream with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedError = new Error('expected'); - client.descriptors.page.listKeyRings.createStream = stubPageStreamingCall(undefined, expectedError); - const stream = client.listKeyRingsStream(request); - const promise = new Promise((resolve, reject) => { - const responses: protos.google.cloud.kms.v1.KeyRing[] = []; - stream.on('data', (response: protos.google.cloud.kms.v1.KeyRing) => { - responses.push(response); - }); - stream.on('end', () => { - resolve(responses); - }); - stream.on('error', (err: Error) => { - reject(err); - }); - }); - await assert.rejects(promise, expectedError); - assert((client.descriptors.page.listKeyRings.createStream as SinonStub) - .getCall(0).calledWith(client.innerApiCalls.listKeyRings, request)); - assert.strictEqual( - (client.descriptors.page.listKeyRings.createStream as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('uses async iteration with listKeyRings without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), - generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), - generateSampleMessage(new protos.google.cloud.kms.v1.KeyRing()), - ]; - client.descriptors.page.listKeyRings.asyncIterate = stubAsyncIterationCall(expectedResponse); - const responses: protos.google.cloud.kms.v1.IKeyRing[] = []; - const iterable = client.listKeyRingsAsync(request); - for await (const resource of iterable) { - responses.push(resource!); - } - assert.deepStrictEqual(responses, expectedResponse); - assert.deepStrictEqual( - (client.descriptors.page.listKeyRings.asyncIterate as SinonStub) - .getCall(0).args[1], request); - assert.strictEqual( - (client.descriptors.page.listKeyRings.asyncIterate as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('uses async iteration with listKeyRings with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListKeyRingsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent=";const expectedError = new Error('expected'); - client.descriptors.page.listKeyRings.asyncIterate = stubAsyncIterationCall(undefined, expectedError); - const iterable = client.listKeyRingsAsync(request); - await assert.rejects(async () => { - const responses: protos.google.cloud.kms.v1.IKeyRing[] = []; - for await (const resource of iterable) { - responses.push(resource!); - } - }); - assert.deepStrictEqual( - (client.descriptors.page.listKeyRings.asyncIterate as SinonStub) - .getCall(0).args[1], request); - assert.strictEqual( - (client.descriptors.page.listKeyRings.asyncIterate as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - }); - - describe('listCryptoKeys', () => { - it('invokes listCryptoKeys without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), - ]; - client.innerApiCalls.listCryptoKeys = stubSimpleCall(expectedResponse); - const [response] = await client.listCryptoKeys(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.listCryptoKeys as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes listCryptoKeys without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), - ]; - client.innerApiCalls.listCryptoKeys = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.listCryptoKeys( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKey[]|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.listCryptoKeys as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes listCryptoKeys with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.listCryptoKeys = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.listCryptoKeys(request), expectedError); - assert((client.innerApiCalls.listCryptoKeys as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes listCryptoKeysStream without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), - ]; - client.descriptors.page.listCryptoKeys.createStream = stubPageStreamingCall(expectedResponse); - const stream = client.listCryptoKeysStream(request); - const promise = new Promise((resolve, reject) => { - const responses: protos.google.cloud.kms.v1.CryptoKey[] = []; - stream.on('data', (response: protos.google.cloud.kms.v1.CryptoKey) => { - responses.push(response); - }); - stream.on('end', () => { - resolve(responses); - }); - stream.on('error', (err: Error) => { - reject(err); - }); - }); - const responses = await promise; - assert.deepStrictEqual(responses, expectedResponse); - assert((client.descriptors.page.listCryptoKeys.createStream as SinonStub) - .getCall(0).calledWith(client.innerApiCalls.listCryptoKeys, request)); - assert.strictEqual( - (client.descriptors.page.listCryptoKeys.createStream as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('invokes listCryptoKeysStream with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedError = new Error('expected'); - client.descriptors.page.listCryptoKeys.createStream = stubPageStreamingCall(undefined, expectedError); - const stream = client.listCryptoKeysStream(request); - const promise = new Promise((resolve, reject) => { - const responses: protos.google.cloud.kms.v1.CryptoKey[] = []; - stream.on('data', (response: protos.google.cloud.kms.v1.CryptoKey) => { - responses.push(response); - }); - stream.on('end', () => { - resolve(responses); - }); - stream.on('error', (err: Error) => { - reject(err); - }); - }); - await assert.rejects(promise, expectedError); - assert((client.descriptors.page.listCryptoKeys.createStream as SinonStub) - .getCall(0).calledWith(client.innerApiCalls.listCryptoKeys, request)); - assert.strictEqual( - (client.descriptors.page.listCryptoKeys.createStream as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('uses async iteration with listCryptoKeys without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKey()), - ]; - client.descriptors.page.listCryptoKeys.asyncIterate = stubAsyncIterationCall(expectedResponse); - const responses: protos.google.cloud.kms.v1.ICryptoKey[] = []; - const iterable = client.listCryptoKeysAsync(request); - for await (const resource of iterable) { - responses.push(resource!); - } - assert.deepStrictEqual(responses, expectedResponse); - assert.deepStrictEqual( - (client.descriptors.page.listCryptoKeys.asyncIterate as SinonStub) - .getCall(0).args[1], request); - assert.strictEqual( - (client.descriptors.page.listCryptoKeys.asyncIterate as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('uses async iteration with listCryptoKeys with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeysRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent=";const expectedError = new Error('expected'); - client.descriptors.page.listCryptoKeys.asyncIterate = stubAsyncIterationCall(undefined, expectedError); - const iterable = client.listCryptoKeysAsync(request); - await assert.rejects(async () => { - const responses: protos.google.cloud.kms.v1.ICryptoKey[] = []; - for await (const resource of iterable) { - responses.push(resource!); - } - }); - assert.deepStrictEqual( - (client.descriptors.page.listCryptoKeys.asyncIterate as SinonStub) - .getCall(0).args[1], request); - assert.strictEqual( - (client.descriptors.page.listCryptoKeys.asyncIterate as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - }); - - describe('listCryptoKeyVersions', () => { - it('invokes listCryptoKeyVersions without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), - ]; - client.innerApiCalls.listCryptoKeyVersions = stubSimpleCall(expectedResponse); - const [response] = await client.listCryptoKeyVersions(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.listCryptoKeyVersions as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes listCryptoKeyVersions without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), - ]; - client.innerApiCalls.listCryptoKeyVersions = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.listCryptoKeyVersions( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.ICryptoKeyVersion[]|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.listCryptoKeyVersions as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes listCryptoKeyVersions with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.listCryptoKeyVersions = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.listCryptoKeyVersions(request), expectedError); - assert((client.innerApiCalls.listCryptoKeyVersions as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes listCryptoKeyVersionsStream without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), - ]; - client.descriptors.page.listCryptoKeyVersions.createStream = stubPageStreamingCall(expectedResponse); - const stream = client.listCryptoKeyVersionsStream(request); - const promise = new Promise((resolve, reject) => { - const responses: protos.google.cloud.kms.v1.CryptoKeyVersion[] = []; - stream.on('data', (response: protos.google.cloud.kms.v1.CryptoKeyVersion) => { - responses.push(response); - }); - stream.on('end', () => { - resolve(responses); - }); - stream.on('error', (err: Error) => { - reject(err); - }); - }); - const responses = await promise; - assert.deepStrictEqual(responses, expectedResponse); - assert((client.descriptors.page.listCryptoKeyVersions.createStream as SinonStub) - .getCall(0).calledWith(client.innerApiCalls.listCryptoKeyVersions, request)); - assert.strictEqual( - (client.descriptors.page.listCryptoKeyVersions.createStream as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('invokes listCryptoKeyVersionsStream with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedError = new Error('expected'); - client.descriptors.page.listCryptoKeyVersions.createStream = stubPageStreamingCall(undefined, expectedError); - const stream = client.listCryptoKeyVersionsStream(request); - const promise = new Promise((resolve, reject) => { - const responses: protos.google.cloud.kms.v1.CryptoKeyVersion[] = []; - stream.on('data', (response: protos.google.cloud.kms.v1.CryptoKeyVersion) => { - responses.push(response); - }); - stream.on('end', () => { - resolve(responses); - }); - stream.on('error', (err: Error) => { - reject(err); - }); - }); - await assert.rejects(promise, expectedError); - assert((client.descriptors.page.listCryptoKeyVersions.createStream as SinonStub) - .getCall(0).calledWith(client.innerApiCalls.listCryptoKeyVersions, request)); - assert.strictEqual( - (client.descriptors.page.listCryptoKeyVersions.createStream as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('uses async iteration with listCryptoKeyVersions without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), - generateSampleMessage(new protos.google.cloud.kms.v1.CryptoKeyVersion()), - ]; - client.descriptors.page.listCryptoKeyVersions.asyncIterate = stubAsyncIterationCall(expectedResponse); - const responses: protos.google.cloud.kms.v1.ICryptoKeyVersion[] = []; - const iterable = client.listCryptoKeyVersionsAsync(request); - for await (const resource of iterable) { - responses.push(resource!); - } - assert.deepStrictEqual(responses, expectedResponse); - assert.deepStrictEqual( - (client.descriptors.page.listCryptoKeyVersions.asyncIterate as SinonStub) - .getCall(0).args[1], request); - assert.strictEqual( - (client.descriptors.page.listCryptoKeyVersions.asyncIterate as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('uses async iteration with listCryptoKeyVersions with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListCryptoKeyVersionsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent=";const expectedError = new Error('expected'); - client.descriptors.page.listCryptoKeyVersions.asyncIterate = stubAsyncIterationCall(undefined, expectedError); - const iterable = client.listCryptoKeyVersionsAsync(request); - await assert.rejects(async () => { - const responses: protos.google.cloud.kms.v1.ICryptoKeyVersion[] = []; - for await (const resource of iterable) { - responses.push(resource!); - } - }); - assert.deepStrictEqual( - (client.descriptors.page.listCryptoKeyVersions.asyncIterate as SinonStub) - .getCall(0).args[1], request); - assert.strictEqual( - (client.descriptors.page.listCryptoKeyVersions.asyncIterate as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - }); - - describe('listImportJobs', () => { - it('invokes listImportJobs without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), - generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), - generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), - ]; - client.innerApiCalls.listImportJobs = stubSimpleCall(expectedResponse); - const [response] = await client.listImportJobs(request); - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.listImportJobs as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes listImportJobs without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), - generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), - generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), - ]; - client.innerApiCalls.listImportJobs = stubSimpleCallWithCallback(expectedResponse); - const promise = new Promise((resolve, reject) => { - client.listImportJobs( - request, - (err?: Error|null, result?: protos.google.cloud.kms.v1.IImportJob[]|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.innerApiCalls.listImportJobs as SinonStub) - .getCall(0).calledWith(request, expectedOptions /*, callback defined above */)); - }); - - it('invokes listImportJobs with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.innerApiCalls.listImportJobs = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.listImportJobs(request), expectedError); - assert((client.innerApiCalls.listImportJobs as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - - it('invokes listImportJobsStream without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), - generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), - generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), - ]; - client.descriptors.page.listImportJobs.createStream = stubPageStreamingCall(expectedResponse); - const stream = client.listImportJobsStream(request); - const promise = new Promise((resolve, reject) => { - const responses: protos.google.cloud.kms.v1.ImportJob[] = []; - stream.on('data', (response: protos.google.cloud.kms.v1.ImportJob) => { - responses.push(response); - }); - stream.on('end', () => { - resolve(responses); - }); - stream.on('error', (err: Error) => { - reject(err); - }); - }); - const responses = await promise; - assert.deepStrictEqual(responses, expectedResponse); - assert((client.descriptors.page.listImportJobs.createStream as SinonStub) - .getCall(0).calledWith(client.innerApiCalls.listImportJobs, request)); - assert.strictEqual( - (client.descriptors.page.listImportJobs.createStream as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('invokes listImportJobsStream with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedError = new Error('expected'); - client.descriptors.page.listImportJobs.createStream = stubPageStreamingCall(undefined, expectedError); - const stream = client.listImportJobsStream(request); - const promise = new Promise((resolve, reject) => { - const responses: protos.google.cloud.kms.v1.ImportJob[] = []; - stream.on('data', (response: protos.google.cloud.kms.v1.ImportJob) => { - responses.push(response); - }); - stream.on('end', () => { - resolve(responses); - }); - stream.on('error', (err: Error) => { - reject(err); - }); - }); - await assert.rejects(promise, expectedError); - assert((client.descriptors.page.listImportJobs.createStream as SinonStub) - .getCall(0).calledWith(client.innerApiCalls.listImportJobs, request)); - assert.strictEqual( - (client.descriptors.page.listImportJobs.createStream as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('uses async iteration with listImportJobs without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent="; - const expectedResponse = [ - generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), - generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), - generateSampleMessage(new protos.google.cloud.kms.v1.ImportJob()), - ]; - client.descriptors.page.listImportJobs.asyncIterate = stubAsyncIterationCall(expectedResponse); - const responses: protos.google.cloud.kms.v1.IImportJob[] = []; - const iterable = client.listImportJobsAsync(request); - for await (const resource of iterable) { - responses.push(resource!); - } - assert.deepStrictEqual(responses, expectedResponse); - assert.deepStrictEqual( - (client.descriptors.page.listImportJobs.asyncIterate as SinonStub) - .getCall(0).args[1], request); - assert.strictEqual( - (client.descriptors.page.listImportJobs.asyncIterate as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - - it('uses async iteration with listImportJobs with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage(new protos.google.cloud.kms.v1.ListImportJobsRequest()); - request.parent = ''; - const expectedHeaderRequestParams = "parent=";const expectedError = new Error('expected'); - client.descriptors.page.listImportJobs.asyncIterate = stubAsyncIterationCall(undefined, expectedError); - const iterable = client.listImportJobsAsync(request); - await assert.rejects(async () => { - const responses: protos.google.cloud.kms.v1.IImportJob[] = []; - for await (const resource of iterable) { - responses.push(resource!); - } - }); - assert.deepStrictEqual( - (client.descriptors.page.listImportJobs.asyncIterate as SinonStub) - .getCall(0).args[1], request); - assert.strictEqual( - (client.descriptors.page.listImportJobs.asyncIterate as SinonStub) - .getCall(0).args[2].otherArgs.headers['x-goog-request-params'], - expectedHeaderRequestParams - ); - }); - }); - describe('getIamPolicy', () => { - it('invokes getIamPolicy without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage( - new IamProtos.google.iam.v1.GetIamPolicyRequest() - ); - request.resource = ''; - const expectedHeaderRequestParams = 'resource='; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage( - new IamProtos.google.iam.v1.Policy() - ); - client.iamClient.getIamPolicy = stubSimpleCall(expectedResponse); - const response = await client.getIamPolicy(request, expectedOptions); - assert.deepStrictEqual(response, [expectedResponse]); - assert((client.iamClient.getIamPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - it('invokes getIamPolicy without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage( - new IamProtos.google.iam.v1.GetIamPolicyRequest() - ); - request.resource = ''; - const expectedHeaderRequestParams = 'resource='; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage( - new IamProtos.google.iam.v1.Policy() - ); - client.iamClient.getIamPolicy = sinon.stub().callsArgWith(2, null, expectedResponse); - const promise = new Promise((resolve, reject) => { - client.getIamPolicy( - request, - expectedOptions, - (err?: Error|null, result?: IamProtos.google.iam.v1.Policy|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.iamClient.getIamPolicy as SinonStub) - .getCall(0)); - }); - it('invokes getIamPolicy with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage( - new IamProtos.google.iam.v1.GetIamPolicyRequest() - ); - request.resource = ''; - const expectedHeaderRequestParams = 'resource='; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.iamClient.getIamPolicy = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.getIamPolicy(request, expectedOptions), expectedError); - assert((client.iamClient.getIamPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - describe('setIamPolicy', () => { - it('invokes setIamPolicy without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage( - new IamProtos.google.iam.v1.SetIamPolicyRequest() - ); - request.resource = ''; - const expectedHeaderRequestParams = 'resource='; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage( - new IamProtos.google.iam.v1.Policy() - ); - client.iamClient.setIamPolicy = stubSimpleCall(expectedResponse); - const response = await client.setIamPolicy(request, expectedOptions); - assert.deepStrictEqual(response, [expectedResponse]); - assert((client.iamClient.setIamPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - it('invokes setIamPolicy without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage( - new IamProtos.google.iam.v1.SetIamPolicyRequest() - ); - request.resource = ''; - const expectedHeaderRequestParams = 'resource='; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage( - new IamProtos.google.iam.v1.Policy() - ); - client.iamClient.setIamPolicy = sinon.stub().callsArgWith(2, null, expectedResponse); - const promise = new Promise((resolve, reject) => { - client.setIamPolicy( - request, - expectedOptions, - (err?: Error|null, result?: IamProtos.google.iam.v1.Policy|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.iamClient.setIamPolicy as SinonStub) - .getCall(0)); - }); - it('invokes setIamPolicy with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage( - new IamProtos.google.iam.v1.SetIamPolicyRequest() - ); - request.resource = ''; - const expectedHeaderRequestParams = 'resource='; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.iamClient.setIamPolicy = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.setIamPolicy(request, expectedOptions), expectedError); - assert((client.iamClient.setIamPolicy as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - describe('testIamPermissions', () => { - it('invokes testIamPermissions without error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage( - new IamProtos.google.iam.v1.TestIamPermissionsRequest() - ); - request.resource = ''; - const expectedHeaderRequestParams = 'resource='; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage( - new IamProtos.google.iam.v1.TestIamPermissionsResponse() - ); - client.iamClient.testIamPermissions = stubSimpleCall(expectedResponse); - const response = await client.testIamPermissions(request, expectedOptions); - assert.deepStrictEqual(response, [expectedResponse]); - assert((client.iamClient.testIamPermissions as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - it('invokes testIamPermissions without error using callback', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage( - new IamProtos.google.iam.v1.TestIamPermissionsRequest() - ); - request.resource = ''; - const expectedHeaderRequestParams = 'resource='; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedResponse = generateSampleMessage( - new IamProtos.google.iam.v1.TestIamPermissionsResponse() - ); - client.iamClient.testIamPermissions = sinon.stub().callsArgWith(2, null, expectedResponse); - const promise = new Promise((resolve, reject) => { - client.testIamPermissions( - request, - expectedOptions, - (err?: Error|null, result?: IamProtos.google.iam.v1.TestIamPermissionsResponse|null) => { - if (err) { - reject(err); - } else { - resolve(result); - } - }); - }); - const response = await promise; - assert.deepStrictEqual(response, expectedResponse); - assert((client.iamClient.testIamPermissions as SinonStub) - .getCall(0)); - }); - it('invokes testIamPermissions with error', async () => { - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - const request = generateSampleMessage( - new IamProtos.google.iam.v1.TestIamPermissionsRequest() - ); - request.resource = ''; - const expectedHeaderRequestParams = 'resource='; - const expectedOptions = { - otherArgs: { - headers: { - 'x-goog-request-params': expectedHeaderRequestParams, - }, - }, - }; - const expectedError = new Error('expected'); - client.iamClient.testIamPermissions = stubSimpleCall(undefined, expectedError); - await assert.rejects(client.testIamPermissions(request, expectedOptions), expectedError); - assert((client.iamClient.testIamPermissions as SinonStub) - .getCall(0).calledWith(request, expectedOptions, undefined)); - }); - }); - - describe('Path templates', () => { - - describe('cryptoKey', () => { - const fakePath = "/rendered/path/cryptoKey"; - const expectedParameters = { - project: "projectValue", - location: "locationValue", - key_ring: "keyRingValue", - crypto_key: "cryptoKeyValue", - }; - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.cryptoKeyPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.cryptoKeyPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('cryptoKeyPath', () => { - const result = client.cryptoKeyPath("projectValue", "locationValue", "keyRingValue", "cryptoKeyValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.cryptoKeyPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromCryptoKeyName', () => { - const result = client.matchProjectFromCryptoKeyName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.cryptoKeyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchLocationFromCryptoKeyName', () => { - const result = client.matchLocationFromCryptoKeyName(fakePath); - assert.strictEqual(result, "locationValue"); - assert((client.pathTemplates.cryptoKeyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchKeyRingFromCryptoKeyName', () => { - const result = client.matchKeyRingFromCryptoKeyName(fakePath); - assert.strictEqual(result, "keyRingValue"); - assert((client.pathTemplates.cryptoKeyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchCryptoKeyFromCryptoKeyName', () => { - const result = client.matchCryptoKeyFromCryptoKeyName(fakePath); - assert.strictEqual(result, "cryptoKeyValue"); - assert((client.pathTemplates.cryptoKeyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('cryptoKeyVersion', () => { - const fakePath = "/rendered/path/cryptoKeyVersion"; - const expectedParameters = { - project: "projectValue", - location: "locationValue", - key_ring: "keyRingValue", - crypto_key: "cryptoKeyValue", - crypto_key_version: "cryptoKeyVersionValue", - }; - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.cryptoKeyVersionPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.cryptoKeyVersionPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('cryptoKeyVersionPath', () => { - const result = client.cryptoKeyVersionPath("projectValue", "locationValue", "keyRingValue", "cryptoKeyValue", "cryptoKeyVersionValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.cryptoKeyVersionPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromCryptoKeyVersionName', () => { - const result = client.matchProjectFromCryptoKeyVersionName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.cryptoKeyVersionPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchLocationFromCryptoKeyVersionName', () => { - const result = client.matchLocationFromCryptoKeyVersionName(fakePath); - assert.strictEqual(result, "locationValue"); - assert((client.pathTemplates.cryptoKeyVersionPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchKeyRingFromCryptoKeyVersionName', () => { - const result = client.matchKeyRingFromCryptoKeyVersionName(fakePath); - assert.strictEqual(result, "keyRingValue"); - assert((client.pathTemplates.cryptoKeyVersionPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchCryptoKeyFromCryptoKeyVersionName', () => { - const result = client.matchCryptoKeyFromCryptoKeyVersionName(fakePath); - assert.strictEqual(result, "cryptoKeyValue"); - assert((client.pathTemplates.cryptoKeyVersionPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchCryptoKeyVersionFromCryptoKeyVersionName', () => { - const result = client.matchCryptoKeyVersionFromCryptoKeyVersionName(fakePath); - assert.strictEqual(result, "cryptoKeyVersionValue"); - assert((client.pathTemplates.cryptoKeyVersionPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('importJob', () => { - const fakePath = "/rendered/path/importJob"; - const expectedParameters = { - project: "projectValue", - location: "locationValue", - key_ring: "keyRingValue", - import_job: "importJobValue", - }; - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.importJobPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.importJobPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('importJobPath', () => { - const result = client.importJobPath("projectValue", "locationValue", "keyRingValue", "importJobValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.importJobPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromImportJobName', () => { - const result = client.matchProjectFromImportJobName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.importJobPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchLocationFromImportJobName', () => { - const result = client.matchLocationFromImportJobName(fakePath); - assert.strictEqual(result, "locationValue"); - assert((client.pathTemplates.importJobPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchKeyRingFromImportJobName', () => { - const result = client.matchKeyRingFromImportJobName(fakePath); - assert.strictEqual(result, "keyRingValue"); - assert((client.pathTemplates.importJobPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchImportJobFromImportJobName', () => { - const result = client.matchImportJobFromImportJobName(fakePath); - assert.strictEqual(result, "importJobValue"); - assert((client.pathTemplates.importJobPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('keyRing', () => { - const fakePath = "/rendered/path/keyRing"; - const expectedParameters = { - project: "projectValue", - location: "locationValue", - key_ring: "keyRingValue", - }; - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.keyRingPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.keyRingPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('keyRingPath', () => { - const result = client.keyRingPath("projectValue", "locationValue", "keyRingValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.keyRingPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromKeyRingName', () => { - const result = client.matchProjectFromKeyRingName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.keyRingPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchLocationFromKeyRingName', () => { - const result = client.matchLocationFromKeyRingName(fakePath); - assert.strictEqual(result, "locationValue"); - assert((client.pathTemplates.keyRingPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchKeyRingFromKeyRingName', () => { - const result = client.matchKeyRingFromKeyRingName(fakePath); - assert.strictEqual(result, "keyRingValue"); - assert((client.pathTemplates.keyRingPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('location', () => { - const fakePath = "/rendered/path/location"; - const expectedParameters = { - project: "projectValue", - location: "locationValue", - }; - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.locationPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.locationPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('locationPath', () => { - const result = client.locationPath("projectValue", "locationValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.locationPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromLocationName', () => { - const result = client.matchProjectFromLocationName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.locationPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchLocationFromLocationName', () => { - const result = client.matchLocationFromLocationName(fakePath); - assert.strictEqual(result, "locationValue"); - assert((client.pathTemplates.locationPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - - describe('publicKey', () => { - const fakePath = "/rendered/path/publicKey"; - const expectedParameters = { - project: "projectValue", - location: "locationValue", - key_ring: "keyRingValue", - crypto_key: "cryptoKeyValue", - crypto_key_version: "cryptoKeyVersionValue", - }; - const client = new keymanagementserviceModule.v1.KeyManagementServiceClient({ - credentials: {client_email: 'bogus', private_key: 'bogus'}, - projectId: 'bogus', - }); - client.initialize(); - client.pathTemplates.publicKeyPathTemplate.render = - sinon.stub().returns(fakePath); - client.pathTemplates.publicKeyPathTemplate.match = - sinon.stub().returns(expectedParameters); - - it('publicKeyPath', () => { - const result = client.publicKeyPath("projectValue", "locationValue", "keyRingValue", "cryptoKeyValue", "cryptoKeyVersionValue"); - assert.strictEqual(result, fakePath); - assert((client.pathTemplates.publicKeyPathTemplate.render as SinonStub) - .getCall(-1).calledWith(expectedParameters)); - }); - - it('matchProjectFromPublicKeyName', () => { - const result = client.matchProjectFromPublicKeyName(fakePath); - assert.strictEqual(result, "projectValue"); - assert((client.pathTemplates.publicKeyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchLocationFromPublicKeyName', () => { - const result = client.matchLocationFromPublicKeyName(fakePath); - assert.strictEqual(result, "locationValue"); - assert((client.pathTemplates.publicKeyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchKeyRingFromPublicKeyName', () => { - const result = client.matchKeyRingFromPublicKeyName(fakePath); - assert.strictEqual(result, "keyRingValue"); - assert((client.pathTemplates.publicKeyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchCryptoKeyFromPublicKeyName', () => { - const result = client.matchCryptoKeyFromPublicKeyName(fakePath); - assert.strictEqual(result, "cryptoKeyValue"); - assert((client.pathTemplates.publicKeyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - - it('matchCryptoKeyVersionFromPublicKeyName', () => { - const result = client.matchCryptoKeyVersionFromPublicKeyName(fakePath); - assert.strictEqual(result, "cryptoKeyVersionValue"); - assert((client.pathTemplates.publicKeyPathTemplate.match as SinonStub) - .getCall(-1).calledWith(fakePath)); - }); - }); - }); -}); diff --git a/owl-bot-staging/v1/tsconfig.json b/owl-bot-staging/v1/tsconfig.json deleted file mode 100644 index c78f1c88..00000000 --- a/owl-bot-staging/v1/tsconfig.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "extends": "./node_modules/gts/tsconfig-google.json", - "compilerOptions": { - "rootDir": ".", - "outDir": "build", - "resolveJsonModule": true, - "lib": [ - "es2018", - "dom" - ] - }, - "include": [ - "src/*.ts", - "src/**/*.ts", - "test/*.ts", - "test/**/*.ts", - "system-test/*.ts" - ] -} diff --git a/owl-bot-staging/v1/webpack.config.js b/owl-bot-staging/v1/webpack.config.js deleted file mode 100644 index 5ecb7a05..00000000 --- a/owl-bot-staging/v1/webpack.config.js +++ /dev/null @@ -1,64 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -const path = require('path'); - -module.exports = { - entry: './src/index.ts', - output: { - library: 'KeyManagementService', - filename: './key-management-service.js', - }, - node: { - child_process: 'empty', - fs: 'empty', - crypto: 'empty', - }, - resolve: { - alias: { - '../../../package.json': path.resolve(__dirname, 'package.json'), - }, - extensions: ['.js', '.json', '.ts'], - }, - module: { - rules: [ - { - test: /\.tsx?$/, - use: 'ts-loader', - exclude: /node_modules/ - }, - { - test: /node_modules[\\/]@grpc[\\/]grpc-js/, - use: 'null-loader' - }, - { - test: /node_modules[\\/]grpc/, - use: 'null-loader' - }, - { - test: /node_modules[\\/]retry-request/, - use: 'null-loader' - }, - { - test: /node_modules[\\/]https?-proxy-agent/, - use: 'null-loader' - }, - { - test: /node_modules[\\/]gtoken/, - use: 'null-loader' - }, - ], - }, - mode: 'production', -}; diff --git a/src/v1/key_management_service_client.ts b/src/v1/key_management_service_client.ts index 7fee8d4f..37aff480 100644 --- a/src/v1/key_management_service_client.ts +++ b/src/v1/key_management_service_client.ts @@ -145,6 +145,12 @@ export class KeyManagementServiceClient { // Save the auth object to the client, for use by other methods. this.auth = this._gaxGrpc.auth as gax.GoogleAuth; + // Set useJWTAccessWithScope on the auth object. + this.auth.useJWTAccessWithScope = true; + + // Set defaultServicePath on the auth object. + this.auth.defaultServicePath = staticMembers.servicePath; + // Set the default scopes in auth client if needed. if (servicePath === staticMembers.servicePath) { this.auth.defaultScopes = staticMembers.scopes; @@ -4090,6 +4096,7 @@ export class KeyManagementServiceClient { return this.keyManagementServiceStub!.then(stub => { this._terminated = true; stub.close(); + this.iamClient.close(); }); } return Promise.resolve();