From c271e934e0e701dcc06f341a1ee2b09ecae14492 Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Fri, 1 Oct 2021 11:58:31 -0400 Subject: [PATCH] feat: add OAEP+SHA1 to the list of supported algorithms (#635) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat: add OAEP+SHA1 to the list of supported algorithms PiperOrigin-RevId: 399728217 Source-Link: https://github.com/googleapis/googleapis/commit/9d7c7433b1efd3df2fe6e32c6b9020e4d704d033 Source-Link: https://github.com/googleapis/googleapis-gen/commit/01eddbf183f5ed35fb416efd1b1beb5dbeb78944 Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiMDFlZGRiZjE4M2Y1ZWQzNWZiNDE2ZWZkMWIxYmViNWRiZWI3ODk0NCJ9 * 🦉 Updates from OwlBot See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md Co-authored-by: Owl Bot --- .../google/cloud/kms/v1/CryptoKeyVersion.java | 66 ++++++++++ .../cloud/kms/v1/KmsResourcesProto.java | 122 +++++++++--------- .../proto/google/cloud/kms/v1/resources.proto | 9 ++ 3 files changed, 137 insertions(+), 60 deletions(-) diff --git a/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/CryptoKeyVersion.java b/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/CryptoKeyVersion.java index 26bacda4..7ed85429 100644 --- a/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/CryptoKeyVersion.java +++ b/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/CryptoKeyVersion.java @@ -449,6 +449,36 @@ public enum CryptoKeyVersionAlgorithm implements com.google.protobuf.ProtocolMes * RSA_DECRYPT_OAEP_4096_SHA512 = 17; */ RSA_DECRYPT_OAEP_4096_SHA512(17), + /** + * + * + * 
+     * RSAES-OAEP 2048 bit key with a SHA1 digest.
+     *
+ * + * RSA_DECRYPT_OAEP_2048_SHA1 = 37; + */ + RSA_DECRYPT_OAEP_2048_SHA1(37), + /** + * + * + * 
+     * RSAES-OAEP 3072 bit key with a SHA1 digest.
+     *
+ * + * RSA_DECRYPT_OAEP_3072_SHA1 = 38; + */ + RSA_DECRYPT_OAEP_3072_SHA1(38), + /** + * + * + * 
+     * RSAES-OAEP 4096 bit key with a SHA1 digest.
+     *
+ * + * RSA_DECRYPT_OAEP_4096_SHA1 = 39; + */ + RSA_DECRYPT_OAEP_4096_SHA1(39), /** * * @@ -643,6 +673,36 @@ public enum CryptoKeyVersionAlgorithm implements com.google.protobuf.ProtocolMes * RSA_DECRYPT_OAEP_4096_SHA512 = 17; */ public static final int RSA_DECRYPT_OAEP_4096_SHA512_VALUE = 17; + /** + * + * + * 
+     * RSAES-OAEP 2048 bit key with a SHA1 digest.
+     *
+ * + * RSA_DECRYPT_OAEP_2048_SHA1 = 37; + */ + public static final int RSA_DECRYPT_OAEP_2048_SHA1_VALUE = 37; + /** + * + * + * 
+     * RSAES-OAEP 3072 bit key with a SHA1 digest.
+     *
+ * + * RSA_DECRYPT_OAEP_3072_SHA1 = 38; + */ + public static final int RSA_DECRYPT_OAEP_3072_SHA1_VALUE = 38; + /** + * + * + * 
+     * RSAES-OAEP 4096 bit key with a SHA1 digest.
+     *
+ * + * RSA_DECRYPT_OAEP_4096_SHA1 = 39; + */ + public static final int RSA_DECRYPT_OAEP_4096_SHA1_VALUE = 39; /** * * @@ -747,6 +807,12 @@ public static CryptoKeyVersionAlgorithm forNumber(int value) { return RSA_DECRYPT_OAEP_4096_SHA256; case 17: return RSA_DECRYPT_OAEP_4096_SHA512; + case 37: + return RSA_DECRYPT_OAEP_2048_SHA1; + case 38: + return RSA_DECRYPT_OAEP_3072_SHA1; + case 39: + return RSA_DECRYPT_OAEP_4096_SHA1; case 12: return EC_SIGN_P256_SHA256; case 13: diff --git a/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsResourcesProto.java b/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsResourcesProto.java index e150daf9..9ffdee60 100644 --- a/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsResourcesProto.java +++ b/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsResourcesProto.java @@ -119,7 +119,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() { + "B\003\340A\003\022\024\n\007content\030\005 \001(\014B\003\340A\003\"k\n\021Attestati" + "onFormat\022\"\n\036ATTESTATION_FORMAT_UNSPECIFI" + "ED\020\000\022\030\n\024CAVIUM_V1_COMPRESSED\020\003\022\030\n\024CAVIUM" - + "_V2_COMPRESSED\020\004\"\331\016\n\020CryptoKeyVersion\022\021\n" + + "_V2_COMPRESSED\020\004\"\271\017\n\020CryptoKeyVersion\022\021\n" + "\004name\030\001 \001(\tB\003\340A\003\022J\n\005state\030\003 \001(\0162;.google" + ".cloud.kms.v1.CryptoKeyVersion.CryptoKey" + "VersionState\022C\n\020protection_level\030\007 \001(\0162$" @@ -139,7 +139,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() { + "ilure_reason\030\020 \001(\tB\003\340A\003\022^\n!external_prot" + "ection_level_options\030\021 \001(\01323.google.clou" + "d.kms.v1.ExternalProtectionLevelOptions\022" - + "\036\n\021reimport_eligible\030\022 \001(\010B\003\340A\003\"\356\004\n\031Cryp" + + "\036\n\021reimport_eligible\030\022 \001(\010B\003\340A\003\"\316\005\n\031Cryp" + "toKeyVersionAlgorithm\022,\n(CRYPTO_KEY_VERS" + "ION_ALGORITHM_UNSPECIFIED\020\000\022\037\n\033GOOGLE_SY" + "MMETRIC_ENCRYPTION\020\001\022\034\n\030RSA_SIGN_PSS_204" @@ -152,64 +152,66 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() { + "YPT_OAEP_2048_SHA256\020\010\022 \n\034RSA_DECRYPT_OA" + "EP_3072_SHA256\020\t\022 \n\034RSA_DECRYPT_OAEP_409" + "6_SHA256\020\n\022 \n\034RSA_DECRYPT_OAEP_4096_SHA5" - + "12\020\021\022\027\n\023EC_SIGN_P256_SHA256\020\014\022\027\n\023EC_SIGN" - + "_P384_SHA384\020\r\022\034\n\030EC_SIGN_SECP256K1_SHA2" - + "56\020\037\022\017\n\013HMAC_SHA256\020 \022!\n\035EXTERNAL_SYMMET" - + "RIC_ENCRYPTION\020\022\"\301\001\n\025CryptoKeyVersionSta" - + "te\022(\n$CRYPTO_KEY_VERSION_STATE_UNSPECIFI" - + "ED\020\000\022\026\n\022PENDING_GENERATION\020\005\022\013\n\007ENABLED\020" - + "\001\022\014\n\010DISABLED\020\002\022\r\n\tDESTROYED\020\003\022\025\n\021DESTRO" - + "Y_SCHEDULED\020\004\022\022\n\016PENDING_IMPORT\020\006\022\021\n\rIMP" - + "ORT_FAILED\020\007\"I\n\024CryptoKeyVersionView\022\'\n#" - + "CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED\020\000\022\010\n" - + "\004FULL\020\001:\252\001\352A\246\001\n(cloudkms.googleapis.com/" - + "CryptoKeyVersion\022zprojects/{project}/loc" - + "ations/{location}/keyRings/{key_ring}/cr" - + "yptoKeys/{crypto_key}/cryptoKeyVersions/" - + "{crypto_key_version}\"\234\003\n\tPublicKey\022\013\n\003pe" - + "m\030\001 \001(\t\022R\n\talgorithm\030\002 \001(\0162?.google.clou" - + "d.kms.v1.CryptoKeyVersion.CryptoKeyVersi" - + "onAlgorithm\022/\n\npem_crc32c\030\003 \001(\0132\033.google" - + ".protobuf.Int64Value\022\014\n\004name\030\004 \001(\t\022>\n\020pr" - + "otection_level\030\005 \001(\0162$.google.cloud.kms." - + "v1.ProtectionLevel:\256\001\352A\252\001\n!cloudkms.goog" - + "leapis.com/PublicKey\022\204\001projects/{project" - + "}/locations/{location}/keyRings/{key_rin" - + "g}/cryptoKeys/{crypto_key}/cryptoKeyVers" - + "ions/{crypto_key_version}/publicKey\"\333\007\n\t" - + "ImportJob\022\021\n\004name\030\001 \001(\tB\003\340A\003\022J\n\rimport_m" - + "ethod\030\002 \001(\0162+.google.cloud.kms.v1.Import" - + "Job.ImportMethodB\006\340A\002\340A\005\022F\n\020protection_l" - + "evel\030\t \001(\0162$.google.cloud.kms.v1.Protect" - + "ionLevelB\006\340A\002\340A\005\0224\n\013create_time\030\003 \001(\0132\032." - + "google.protobuf.TimestampB\003\340A\003\0226\n\rgenera" - + "te_time\030\004 \001(\0132\032.google.protobuf.Timestam" - + "pB\003\340A\003\0224\n\013expire_time\030\005 \001(\0132\032.google.pro" - + "tobuf.TimestampB\003\340A\003\022:\n\021expire_event_tim" - + "e\030\n \001(\0132\032.google.protobuf.TimestampB\003\340A\003" - + "\022A\n\005state\030\006 \001(\0162-.google.cloud.kms.v1.Im" - + "portJob.ImportJobStateB\003\340A\003\022I\n\npublic_ke" - + "y\030\007 \001(\01320.google.cloud.kms.v1.ImportJob." - + "WrappingPublicKeyB\003\340A\003\022F\n\013attestation\030\010 " - + "\001(\0132,.google.cloud.kms.v1.KeyOperationAt" - + "testationB\003\340A\003\032 \n\021WrappingPublicKey\022\013\n\003p" - + "em\030\001 \001(\t\"m\n\014ImportMethod\022\035\n\031IMPORT_METHO" - + "D_UNSPECIFIED\020\000\022\036\n\032RSA_OAEP_3072_SHA1_AE" - + "S_256\020\001\022\036\n\032RSA_OAEP_4096_SHA1_AES_256\020\002\"" - + "c\n\016ImportJobState\022 \n\034IMPORT_JOB_STATE_UN" - + "SPECIFIED\020\000\022\026\n\022PENDING_GENERATION\020\001\022\n\n\006A" - + "CTIVE\020\002\022\013\n\007EXPIRED\020\003:{\352Ax\n!cloudkms.goog" - + "leapis.com/ImportJob\022Sprojects/{project}" - + "/locations/{location}/keyRings/{key_ring" - + "}/importJobs/{import_job}\":\n\036ExternalPro" - + "tectionLevelOptions\022\030\n\020external_key_uri\030" - + "\001 \001(\t*X\n\017ProtectionLevel\022 \n\034PROTECTION_L" - + "EVEL_UNSPECIFIED\020\000\022\014\n\010SOFTWARE\020\001\022\007\n\003HSM\020" - + "\002\022\014\n\010EXTERNAL\020\003B\225\001\n\027com.google.cloud.kms" - + ".v1B\021KmsResourcesProtoP\001Z6google.golang." - + "org/genproto/googleapis/cloud/kms/v1;kms" - + "\370\001\001\252\002\023Google.Cloud.Kms.V1\312\002\023Google\\Cloud" - + "\\Kms\\V1b\006proto3" + + "12\020\021\022\036\n\032RSA_DECRYPT_OAEP_2048_SHA1\020%\022\036\n\032" + + "RSA_DECRYPT_OAEP_3072_SHA1\020&\022\036\n\032RSA_DECR" + + "YPT_OAEP_4096_SHA1\020\'\022\027\n\023EC_SIGN_P256_SHA" + + "256\020\014\022\027\n\023EC_SIGN_P384_SHA384\020\r\022\034\n\030EC_SIG" + + "N_SECP256K1_SHA256\020\037\022\017\n\013HMAC_SHA256\020 \022!\n" + + "\035EXTERNAL_SYMMETRIC_ENCRYPTION\020\022\"\301\001\n\025Cry" + + "ptoKeyVersionState\022(\n$CRYPTO_KEY_VERSION" + + "_STATE_UNSPECIFIED\020\000\022\026\n\022PENDING_GENERATI" + + "ON\020\005\022\013\n\007ENABLED\020\001\022\014\n\010DISABLED\020\002\022\r\n\tDESTR" + + "OYED\020\003\022\025\n\021DESTROY_SCHEDULED\020\004\022\022\n\016PENDING" + + "_IMPORT\020\006\022\021\n\rIMPORT_FAILED\020\007\"I\n\024CryptoKe" + + "yVersionView\022\'\n#CRYPTO_KEY_VERSION_VIEW_" + + "UNSPECIFIED\020\000\022\010\n\004FULL\020\001:\252\001\352A\246\001\n(cloudkms" + + ".googleapis.com/CryptoKeyVersion\022zprojec" + + "ts/{project}/locations/{location}/keyRin" + + "gs/{key_ring}/cryptoKeys/{crypto_key}/cr" + + "yptoKeyVersions/{crypto_key_version}\"\234\003\n" + + "\tPublicKey\022\013\n\003pem\030\001 \001(\t\022R\n\talgorithm\030\002 \001" + + "(\0162?.google.cloud.kms.v1.CryptoKeyVersio" + + "n.CryptoKeyVersionAlgorithm\022/\n\npem_crc32" + + "c\030\003 \001(\0132\033.google.protobuf.Int64Value\022\014\n\004" + + "name\030\004 \001(\t\022>\n\020protection_level\030\005 \001(\0162$.g" + + "oogle.cloud.kms.v1.ProtectionLevel:\256\001\352A\252" + + "\001\n!cloudkms.googleapis.com/PublicKey\022\204\001p" + + "rojects/{project}/locations/{location}/k" + + "eyRings/{key_ring}/cryptoKeys/{crypto_ke" + + "y}/cryptoKeyVersions/{crypto_key_version" + + "}/publicKey\"\333\007\n\tImportJob\022\021\n\004name\030\001 \001(\tB" + + "\003\340A\003\022J\n\rimport_method\030\002 \001(\0162+.google.clo" + + "ud.kms.v1.ImportJob.ImportMethodB\006\340A\002\340A\005" + + "\022F\n\020protection_level\030\t \001(\0162$.google.clou" + + "d.kms.v1.ProtectionLevelB\006\340A\002\340A\005\0224\n\013crea" + + "te_time\030\003 \001(\0132\032.google.protobuf.Timestam" + + "pB\003\340A\003\0226\n\rgenerate_time\030\004 \001(\0132\032.google.p" + + "rotobuf.TimestampB\003\340A\003\0224\n\013expire_time\030\005 " + + "\001(\0132\032.google.protobuf.TimestampB\003\340A\003\022:\n\021" + + "expire_event_time\030\n \001(\0132\032.google.protobu" + + "f.TimestampB\003\340A\003\022A\n\005state\030\006 \001(\0162-.google" + + ".cloud.kms.v1.ImportJob.ImportJobStateB\003" + + "\340A\003\022I\n\npublic_key\030\007 \001(\01320.google.cloud.k" + + "ms.v1.ImportJob.WrappingPublicKeyB\003\340A\003\022F" + + "\n\013attestation\030\010 \001(\0132,.google.cloud.kms.v" + + "1.KeyOperationAttestationB\003\340A\003\032 \n\021Wrappi" + + "ngPublicKey\022\013\n\003pem\030\001 \001(\t\"m\n\014ImportMethod" + + "\022\035\n\031IMPORT_METHOD_UNSPECIFIED\020\000\022\036\n\032RSA_O" + + "AEP_3072_SHA1_AES_256\020\001\022\036\n\032RSA_OAEP_4096" + + "_SHA1_AES_256\020\002\"c\n\016ImportJobState\022 \n\034IMP" + + "ORT_JOB_STATE_UNSPECIFIED\020\000\022\026\n\022PENDING_G" + + "ENERATION\020\001\022\n\n\006ACTIVE\020\002\022\013\n\007EXPIRED\020\003:{\352A" + + "x\n!cloudkms.googleapis.com/ImportJob\022Spr" + + "ojects/{project}/locations/{location}/ke" + + "yRings/{key_ring}/importJobs/{import_job" + + "}\":\n\036ExternalProtectionLevelOptions\022\030\n\020e" + + "xternal_key_uri\030\001 \001(\t*X\n\017ProtectionLevel" + + "\022 \n\034PROTECTION_LEVEL_UNSPECIFIED\020\000\022\014\n\010SO" + + "FTWARE\020\001\022\007\n\003HSM\020\002\022\014\n\010EXTERNAL\020\003B\225\001\n\027com." + + "google.cloud.kms.v1B\021KmsResourcesProtoP\001" + + "Z6google.golang.org/genproto/googleapis/" + + "cloud/kms/v1;kms\370\001\001\252\002\023Google.Cloud.Kms.V" + + "1\312\002\023Google\\Cloud\\Kms\\V1b\006proto3" }; descriptor = com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom( diff --git a/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/resources.proto b/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/resources.proto index 47a5c63a..c3aa320f 100644 --- a/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/resources.proto +++ b/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/resources.proto @@ -300,6 +300,15 @@ message CryptoKeyVersion { // RSAES-OAEP 4096 bit key with a SHA512 digest. RSA_DECRYPT_OAEP_4096_SHA512 = 17; + // RSAES-OAEP 2048 bit key with a SHA1 digest. + RSA_DECRYPT_OAEP_2048_SHA1 = 37; + + // RSAES-OAEP 3072 bit key with a SHA1 digest. + RSA_DECRYPT_OAEP_3072_SHA1 = 38; + + // RSAES-OAEP 4096 bit key with a SHA1 digest. + RSA_DECRYPT_OAEP_4096_SHA1 = 39; + // ECDSA on the NIST P-256 curve with a SHA256 digest. EC_SIGN_P256_SHA256 = 12;