Skip to content

Commit 4e1147b

Browse files
dpebottseaver
dpebot
authored and
tseaver
committed
Re-generate library using kms/synth.py (googleapis#5951)
1 parent e4319cd commit 4e1147b

20 files changed

Lines changed: 1757 additions & 127 deletions

kms/README.rst

Lines changed: 11 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,14 @@
1-
Python Client for Google Cloud Key Management Service (KMS) API (`Alpha`_)
2-
==========================================================================
1+
Python Client for Cloud Key Management Service (KMS) API (`Alpha`_)
2+
===================================================================
33

4-
`Google Cloud Key Management Service (KMS) API`_: Manages encryption for your cloud services the same way you do on-premises.
5-
You can generate, use, rotate, and destroy AES256 encryption keys.
4+
`Cloud Key Management Service (KMS) API`_: Manages keys and performs cryptographic operations in a central cloud
5+
service, for direct use by other cloud resources and applications.
66

77
- `Client Library Documentation`_
88
- `Product Documentation`_
99

1010
.. _Alpha: https://github.com/GoogleCloudPlatform/google-cloud-python/blob/master/README.rst
11-
.. _Google Cloud Key Management Service (KMS) API: https://cloud.google.com/kms
11+
.. _Cloud Key Management Service (KMS) API: https://cloud.google.com/kms
1212
.. _Client Library Documentation: https://googlecloudplatform.github.io/google-cloud-python/latest/kms/index.html
1313
.. _Product Documentation: https://cloud.google.com/kms
1414

@@ -19,12 +19,12 @@ In order to use this library, you first need to go through the following steps:
1919

2020
1. `Select or create a Cloud Platform project.`_
2121
2. `Enable billing for your project.`_
22-
3. `Enable the Google Cloud Key Management Service (KMS) API.`_
22+
3. `Enable the Cloud Key Management Service (KMS) API.`_
2323
4. `Setup Authentication.`_
2424

2525
.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project
2626
.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project
27-
.. _Enable the Google Cloud Key Management Service (KMS) API.: https://cloud.google.com/kms
27+
.. _Enable the Cloud Key Management Service (KMS) API.: https://cloud.google.com/kms
2828
.. _Setup Authentication.: https://googlecloudplatform.github.io/google-cloud-python/latest/core/auth.html
2929

3030
Installation
@@ -65,12 +65,8 @@ Windows
6565
Next Steps
6666
~~~~~~~~~~
6767

68-
- Read the `Client Library Documentation`_ for Google Cloud Key Management Service (KMS) API
69-
API to see other available methods on the client.
70-
- Read the `Google Cloud Key Management Service (KMS) API Product documentation`_ to learn
71-
more about the product and see How-to Guides.
72-
- View this `repository’s main README`_ to see the full list of Cloud
73-
APIs that we cover.
68+
- Read the `Client Library Documentation`_ to see other available methods on
69+
the client.
70+
- Read the `Product Documentation`_ to learn more about the product and see
71+
How-to Guides.
7472

75-
.. _Google Cloud Key Management Service (KMS) API Product documentation: https://cloud.google.com/kms
76-
.. _repository’s main README: https://github.com/GoogleCloudPlatform/google-cloud-python/blob/master/README.rst

kms/docs/gapic/v1/api.rst

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
1-
Client for Google Cloud Key Management Service (KMS) API
2-
========================================================
1+
Client for Cloud Key Management Service (KMS) API
2+
=================================================
33

44
.. automodule:: google.cloud.kms_v1
55
:members:

kms/docs/gapic/v1/types.rst

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
1-
Types for Google Cloud Key Management Service (KMS) API Client
2-
==============================================================
1+
Types for Cloud Key Management Service (KMS) API Client
2+
=======================================================
33

44
.. automodule:: google.cloud.kms_v1.types
55
:members:

kms/docs/index.rst

Lines changed: 76 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,79 @@
1-
.. include:: /../kms/README.rst
1+
Python Client for Cloud Key Management Service (KMS) API (`Alpha`_)
2+
===================================================================
3+
4+
`Cloud Key Management Service (KMS) API`_: Manages keys and performs cryptographic operations in a central cloud
5+
service, for direct use by other cloud resources and applications.
6+
7+
- `Client Library Documentation`_
8+
- `Product Documentation`_
9+
10+
.. _Alpha: https://github.com/GoogleCloudPlatform/google-cloud-python/blob/master/README.rst
11+
.. _Cloud Key Management Service (KMS) API: https://cloud.google.com/kms
12+
.. _Client Library Documentation: https://googlecloudplatform.github.io/google-cloud-python/latest/kms/index.html
13+
.. _Product Documentation: https://cloud.google.com/kms
14+
15+
Quick Start
16+
-----------
17+
18+
In order to use this library, you first need to go through the following steps:
19+
20+
1. `Select or create a Cloud Platform project.`_
21+
2. `Enable billing for your project.`_
22+
3. `Enable the Cloud Key Management Service (KMS) API.`_
23+
4. `Setup Authentication.`_
24+
25+
.. _Select or create a Cloud Platform project.: https://console.cloud.google.com/project
26+
.. _Enable billing for your project.: https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project
27+
.. _Enable the Cloud Key Management Service (KMS) API.: https://cloud.google.com/kms
28+
.. _Setup Authentication.: https://googlecloudplatform.github.io/google-cloud-python/latest/core/auth.html
29+
30+
Installation
31+
~~~~~~~~~~~~
32+
33+
Install this library in a `virtualenv`_ using pip. `virtualenv`_ is a tool to
34+
create isolated Python environments. The basic problem it addresses is one of
35+
dependencies and versions, and indirectly permissions.
36+
37+
With `virtualenv`_, it's possible to install this library without needing system
38+
install permissions, and without clashing with the installed system
39+
dependencies.
40+
41+
.. _`virtualenv`: https://virtualenv.pypa.io/en/latest/
42+
43+
44+
Mac/Linux
45+
^^^^^^^^^
46+
47+
.. code-block:: console
48+
49+
pip install virtualenv
50+
virtualenv <your-env>
51+
source <your-env>/bin/activate
52+
<your-env>/bin/pip install google-cloud-kms
53+
54+
55+
Windows
56+
^^^^^^^
57+
58+
.. code-block:: console
59+
60+
pip install virtualenv
61+
virtualenv <your-env>
62+
<your-env>\Scripts\activate
63+
<your-env>\Scripts\pip.exe install google-cloud-kms
64+
65+
Next Steps
66+
~~~~~~~~~~
67+
68+
- Read the `Client Library Documentation`_ for Cloud Key Management Service (KMS) API
69+
API to see other available methods on the client.
70+
- Read the `Cloud Key Management Service (KMS) API Product documentation`_ to learn
71+
more about the product and see How-to Guides.
72+
- View this `repository’s main README`_ to see the full list of Cloud
73+
APIs that we cover.
74+
75+
.. _Cloud Key Management Service (KMS) API Product documentation: https://cloud.google.com/kms
76+
.. _repository’s main README: https://github.com/GoogleCloudPlatform/google-cloud-python/blob/master/README.rst
277

378
Api Reference
479
-------------

kms/google/__init__.py

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
# -*- coding: utf-8 -*-
2+
#
13
# Copyright 2018 Google LLC
24
#
35
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,4 +19,4 @@
1719
pkg_resources.declare_namespace(__name__)
1820
except ImportError:
1921
import pkgutil
20-
__path__ = pkgutil.extend_path(__path__, __name__)
22+
__path__ = pkgutil.extend_path(__path__, __name__)

kms/google/cloud/__init__.py

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
# -*- coding: utf-8 -*-
2+
#
13
# Copyright 2018 Google LLC
24
#
35
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,4 +19,4 @@
1719
pkg_resources.declare_namespace(__name__)
1820
except ImportError:
1921
import pkgutil
20-
__path__ = pkgutil.extend_path(__path__, __name__)
22+
__path__ = pkgutil.extend_path(__path__, __name__)

kms/google/cloud/kms.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
# -*- coding: utf-8 -*-
2+
#
13
# Copyright 2018 Google LLC
24
#
35
# Licensed under the Apache License, Version 2.0 (the "License");

kms/google/cloud/kms_v1/__init__.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
# -*- coding: utf-8 -*-
2+
#
13
# Copyright 2018 Google LLC
24
#
35
# Licensed under the Apache License, Version 2.0 (the "License");

kms/google/cloud/kms_v1/gapic/enums.py

Lines changed: 125 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
# -*- coding: utf-8 -*-
2+
#
13
# Copyright 2018 Google LLC
24
#
35
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -16,32 +18,133 @@
1618
import enum
1719

1820

21+
class ProtectionLevel(enum.IntEnum):
22+
"""
23+
``ProtectionLevel`` specifies how cryptographic operations are performed.
24+
25+
Attributes:
26+
PROTECTION_LEVEL_UNSPECIFIED (int): Not specified.
27+
SOFTWARE (int): Crypto operations are performed in software.
28+
HSM (int): Crypto operations are performed in a Hardware Security Module.
29+
"""
30+
PROTECTION_LEVEL_UNSPECIFIED = 0
31+
SOFTWARE = 1
32+
HSM = 2
33+
34+
1935
class CryptoKey(object):
2036
class CryptoKeyPurpose(enum.IntEnum):
2137
"""
22-
``CryptoKeyPurpose`` describes the capabilities of a ``CryptoKey``. Two
23-
keys with the same purpose may use different underlying algorithms, but
24-
must support the same set of operations.
38+
``CryptoKeyPurpose`` describes the cryptographic capabilities of a
39+
``CryptoKey``. A given key can only be used for the operations allowed by
40+
its purpose.
2541
2642
Attributes:
2743
CRYPTO_KEY_PURPOSE_UNSPECIFIED (int): Not specified.
2844
ENCRYPT_DECRYPT (int): ``CryptoKeys`` with this purpose may be used with
2945
``Encrypt`` and
3046
``Decrypt``.
47+
ASYMMETRIC_SIGN (int): ``CryptoKeys`` with this purpose may be used with
48+
``AsymmetricSign`` and
49+
``GetPublicKey``.
50+
ASYMMETRIC_DECRYPT (int): ``CryptoKeys`` with this purpose may be used with
51+
``AsymmetricDecrypt`` and
52+
``GetPublicKey``.
3153
"""
3254
CRYPTO_KEY_PURPOSE_UNSPECIFIED = 0
3355
ENCRYPT_DECRYPT = 1
56+
ASYMMETRIC_SIGN = 5
57+
ASYMMETRIC_DECRYPT = 6
58+
59+
60+
class KeyOperationAttestation(object):
61+
class AttestationFormat(enum.IntEnum):
62+
"""
63+
Attestion formats provided by the HSM.
64+
65+
Attributes:
66+
ATTESTATION_FORMAT_UNSPECIFIED (int)
67+
CAVIUM_V1_COMPRESSED (int): Cavium HSM attestation compressed with gzip. Note that this format is
68+
defined by Cavium and subject to change at any time.
69+
"""
70+
ATTESTATION_FORMAT_UNSPECIFIED = 0
71+
CAVIUM_V1_COMPRESSED = 3
3472

3573

3674
class CryptoKeyVersion(object):
75+
class CryptoKeyVersionAlgorithm(enum.IntEnum):
76+
"""
77+
The algorithm of the ``CryptoKeyVersion``, indicating what
78+
parameters must be used for each cryptographic operation.
79+
80+
The
81+
``GOOGLE_SYMMETRIC_ENCRYPTION``
82+
algorithm is usable with ``CryptoKey.purpose``
83+
``ENCRYPT_DECRYPT``.
84+
85+
Algorithms beginning with \"RSA_SIGN_\" are usable with ``CryptoKey.purpose``
86+
``ASYMMETRIC_SIGN``.
87+
88+
The fields in the name after \"RSA_SIGN_\" correspond to the following
89+
parameters: padding algorithm, modulus bit length, and digest algorithm.
90+
91+
For PSS, the salt length used is equal to the length of digest
92+
algorithm. For example,
93+
``RSA_SIGN_PSS_2048_SHA256``
94+
will use PSS with a salt length of 256 bits or 32 bytes.
95+
96+
Algorithms beginning with \"RSA_DECRYPT_\" are usable with
97+
``CryptoKey.purpose``
98+
``ASYMMETRIC_DECRYPT``.
99+
100+
The fields in the name after \"RSA_DECRYPT_\" correspond to the following
101+
parameters: padding algorithm, modulus bit length, and digest algorithm.
102+
103+
Algorithms beginning with \"EC_SIGN_\" are usable with ``CryptoKey.purpose``
104+
``ASYMMETRIC_SIGN``.
105+
106+
The fields in the name after \"EC_SIGN_\" correspond to the following
107+
parameters: elliptic curve, digest algorithm.
108+
109+
Attributes:
110+
CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED (int): Not specified.
111+
GOOGLE_SYMMETRIC_ENCRYPTION (int): Creates symmetric encryption keys.
112+
RSA_SIGN_PSS_2048_SHA256 (int): RSASSA-PSS 2048 bit key with a SHA256 digest.
113+
RSA_SIGN_PSS_3072_SHA256 (int): RSASSA-PSS 3072 bit key with a SHA256 digest.
114+
RSA_SIGN_PSS_4096_SHA256 (int): RSASSA-PSS 4096 bit key with a SHA256 digest.
115+
RSA_SIGN_PKCS1_2048_SHA256 (int): RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest.
116+
RSA_SIGN_PKCS1_3072_SHA256 (int): RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest.
117+
RSA_SIGN_PKCS1_4096_SHA256 (int): RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest.
118+
RSA_DECRYPT_OAEP_2048_SHA256 (int): RSAES-OAEP 2048 bit key with a SHA256 digest.
119+
RSA_DECRYPT_OAEP_3072_SHA256 (int): RSAES-OAEP 3072 bit key with a SHA256 digest.
120+
RSA_DECRYPT_OAEP_4096_SHA256 (int): RSAES-OAEP 4096 bit key with a SHA256 digest.
121+
EC_SIGN_P256_SHA256 (int): ECDSA on the NIST P-256 curve with a SHA256 digest.
122+
EC_SIGN_P384_SHA384 (int): ECDSA on the NIST P-384 curve with a SHA384 digest.
123+
"""
124+
CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED = 0
125+
GOOGLE_SYMMETRIC_ENCRYPTION = 1
126+
RSA_SIGN_PSS_2048_SHA256 = 2
127+
RSA_SIGN_PSS_3072_SHA256 = 3
128+
RSA_SIGN_PSS_4096_SHA256 = 4
129+
RSA_SIGN_PKCS1_2048_SHA256 = 5
130+
RSA_SIGN_PKCS1_3072_SHA256 = 6
131+
RSA_SIGN_PKCS1_4096_SHA256 = 7
132+
RSA_DECRYPT_OAEP_2048_SHA256 = 8
133+
RSA_DECRYPT_OAEP_3072_SHA256 = 9
134+
RSA_DECRYPT_OAEP_4096_SHA256 = 10
135+
EC_SIGN_P256_SHA256 = 12
136+
EC_SIGN_P384_SHA384 = 13
137+
37138
class CryptoKeyVersionState(enum.IntEnum):
38139
"""
39140
The state of a ``CryptoKeyVersion``, indicating if it can be used.
40141
41142
Attributes:
42143
CRYPTO_KEY_VERSION_STATE_UNSPECIFIED (int): Not specified.
43-
ENABLED (int): This version may be used in ``Encrypt`` and
44-
``Decrypt`` requests.
144+
PENDING_GENERATION (int): This version is still being generated. It may not be used, enabled,
145+
disabled, or destroyed yet. Cloud KMS will automatically mark this
146+
version ``ENABLED`` as soon as the version is ready.
147+
ENABLED (int): This version may be used for cryptographic operations.
45148
DISABLED (int): This version may not be used, but the key material is still available,
46149
and the version can be placed back into the ``ENABLED`` state.
47150
DESTROYED (int): This version is destroyed, and the key material is no longer stored.
@@ -52,7 +155,24 @@ class CryptoKeyVersionState(enum.IntEnum):
52155
to put it back into the ``DISABLED`` state.
53156
"""
54157
CRYPTO_KEY_VERSION_STATE_UNSPECIFIED = 0
158+
PENDING_GENERATION = 5
55159
ENABLED = 1
56160
DISABLED = 2
57161
DESTROYED = 3
58162
DESTROY_SCHEDULED = 4
163+
164+
class CryptoKeyVersionView(enum.IntEnum):
165+
"""
166+
A view for ``CryptoKeyVersion``s. Controls the level of detail returned
167+
for ``CryptoKeyVersions`` in
168+
``KeyManagementService.ListCryptoKeyVersions`` and
169+
``KeyManagementService.ListCryptoKeys``.
170+
171+
Attributes:
172+
CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED (int): Default view for each ``CryptoKeyVersion``. Does not include
173+
the ``attestation`` field.
174+
FULL (int): Provides all fields in each ``CryptoKeyVersion``, including the
175+
``attestation``.
176+
"""
177+
CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED = 0
178+
FULL = 1

0 commit comments

Comments
 (0)