Skip to content

Commit 8d1d669

Browse files
Google APIscopybara-github
Google APIs
authored and
copybara-github
committed
feat: add ECDSA secp256k1 to the list of supported algorithms.
PiperOrigin-RevId: 379309757
1 parent ecc3ac6 commit 8d1d669

3 files changed

Lines changed: 28 additions & 4 deletions

File tree

google/cloud/kms/v1/cloudkms_v1.yaml

Lines changed: 20 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,6 @@ title: Cloud Key Management Service (KMS) API
55

66
apis:
77
- name: google.cloud.kms.v1.KeyManagementService
8-
- name: google.iam.v1.IAMPolicy
98

109
types:
1110
- name: google.cloud.kms.v1.LocationMetadata
@@ -15,6 +14,12 @@ documentation:
1514
Manages keys and performs cryptographic operations in a central cloud
1615
service, for direct use by other cloud resources and applications.
1716
rules:
17+
- selector: google.cloud.location.Locations.GetLocation
18+
description: Gets information about a location.
19+
20+
- selector: google.cloud.location.Locations.ListLocations
21+
description: Lists information about the supported locations for this service.
22+
1823
- selector: google.iam.v1.IAMPolicy.GetIamPolicy
1924
description: |-
2025
Gets the access control policy for a resource. Returns an empty policy
@@ -40,6 +45,10 @@ documentation:
4045
4146
http:
4247
rules:
48+
- selector: google.cloud.location.Locations.GetLocation
49+
get: '/v1/{name=projects/*/locations/*}'
50+
- selector: google.cloud.location.Locations.ListLocations
51+
get: '/v1/{name=projects/*}/locations'
4352
- selector: google.iam.v1.IAMPolicy.GetIamPolicy
4453
get: '/v1/{resource=projects/*/locations/*/keyRings/*}:getIamPolicy'
4554
additional_bindings:
@@ -69,6 +78,16 @@ authentication:
6978
canonical_scopes: |-
7079
https://www.googleapis.com/auth/cloud-platform,
7180
https://www.googleapis.com/auth/cloudkms
81+
- selector: google.cloud.location.Locations.GetLocation
82+
oauth:
83+
canonical_scopes: |-
84+
https://www.googleapis.com/auth/cloud-platform,
85+
https://www.googleapis.com/auth/cloudkms
86+
- selector: google.cloud.location.Locations.ListLocations
87+
oauth:
88+
canonical_scopes: |-
89+
https://www.googleapis.com/auth/cloud-platform,
90+
https://www.googleapis.com/auth/cloudkms
7291
- selector: 'google.iam.v1.IAMPolicy.*'
7392
oauth:
7493
canonical_scopes: |-

google/cloud/kms/v1/resources.proto

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2020 Google LLC
1+
// Copyright 2021 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.
@@ -286,6 +286,10 @@ message CryptoKeyVersion {
286286
// ECDSA on the NIST P-384 curve with a SHA384 digest.
287287
EC_SIGN_P384_SHA384 = 13;
288288

289+
// ECDSA on the non-NIST secp256k1 curve. This curve is only supported for
290+
// HSM protection level.
291+
EC_SIGN_SECP256K1_SHA256 = 31;
292+
289293
// Algorithm representing symmetric encryption by an external key manager.
290294
EXTERNAL_SYMMETRIC_ENCRYPTION = 18;
291295
}

google/cloud/kms/v1/service.proto

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2020 Google LLC
1+
// Copyright 2021 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.
@@ -253,7 +253,8 @@ service KeyManagementService {
253253

254254
// Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
255255
//
256-
// Returns an error if called on an asymmetric key.
256+
// Returns an error if called on a key whose purpose is not
257+
// [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
257258
rpc UpdateCryptoKeyPrimaryVersion(UpdateCryptoKeyPrimaryVersionRequest) returns (CryptoKey) {
258259
option (google.api.http) = {
259260
post: "/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/*}:updatePrimaryVersion"

0 commit comments

Comments
 (0)