get | SELECT | cryptoKeyVersionsId, cryptoKeysId, keyRingsId, locationsId, projectsId | Returns metadata for a given CryptoKeyVersion. |
list | SELECT | cryptoKeysId, keyRingsId, locationsId, projectsId | Lists CryptoKeyVersions. |
create | INSERT | cryptoKeysId, keyRingsId, locationsId, projectsId | Create a new CryptoKeyVersion in a CryptoKey. The server will assign the next sequential id. If unset, state will be set to ENABLED. |
_list | EXEC | cryptoKeysId, keyRingsId, locationsId, projectsId | Lists CryptoKeyVersions. |
asymmetric_decrypt | EXEC | cryptoKeyVersionsId, cryptoKeysId, keyRingsId, locationsId, projectsId | Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT. |
asymmetric_sign | EXEC | cryptoKeyVersionsId, cryptoKeysId, keyRingsId, locationsId, projectsId | Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey. |
destroy | EXEC | cryptoKeyVersionsId, cryptoKeysId, keyRingsId, locationsId, projectsId | Schedule a CryptoKeyVersion for destruction. Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will be set to the time destroy_scheduled_duration in the future. At that time, the state will automatically change to DESTROYED, and the key material will be irrevocably destroyed. Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process. |
import | EXEC | cryptoKeysId, keyRingsId, locationsId, projectsId | Import wrapped key material into a CryptoKeyVersion. All requests must specify a CryptoKey. If a CryptoKeyVersion is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the CryptoKey. |
mac_sign | EXEC | cryptoKeyVersionsId, cryptoKeysId, keyRingsId, locationsId, projectsId | Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a tag that can be verified by another source with the same key. |
mac_verify | EXEC | cryptoKeyVersionsId, cryptoKeysId, keyRingsId, locationsId, projectsId | Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and returns a response that indicates whether or not the verification was successful. |
patch | EXEC | cryptoKeyVersionsId, cryptoKeysId, keyRingsId, locationsId, projectsId | Update a CryptoKeyVersion's metadata. state may be changed between ENABLED and DISABLED using this method. See DestroyCryptoKeyVersion and RestoreCryptoKeyVersion to move between other states. |
raw_decrypt | EXEC | cryptoKeyVersionsId, cryptoKeysId, keyRingsId, locationsId, projectsId | Decrypts data that was originally encrypted using a raw cryptographic mechanism. The CryptoKey.purpose must be RAW_ENCRYPT_DECRYPT. |
raw_encrypt | EXEC | cryptoKeyVersionsId, cryptoKeysId, keyRingsId, locationsId, projectsId | Encrypts data using portable cryptographic primitives. Most users should choose Encrypt and Decrypt rather than their raw counterparts. The CryptoKey.purpose must be RAW_ENCRYPT_DECRYPT. |
restore | EXEC | cryptoKeyVersionsId, cryptoKeysId, keyRingsId, locationsId, projectsId | Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state. Upon restoration of the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be cleared. |