feat: [cloudkms] add support for additional HMAC algorithms (#8792)

* feat: add support for additional HMAC algorithms PiperOrigin-RevId: 488651504 Source-Link: googleapis/googleapis@dde2e5c Source-Link: https://github.com/googleapis/googleapis-gen/commit/07b28d916b490e926d49f413b0dece67bb43c17f Copy-Tag: eyJwIjoiamF2YS1rbXMvLk93bEJvdC55YW1sIiwiaCI6IjA3YjI4ZDkxNmI0OTBlOTI2ZDQ5ZjQxM2IwZGVjZTY3YmI0M2MxN2YifQ== * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
googleapis · Nov 17, 2022 · ba8a75f · ba8a75f
1 parent 5360184
commit ba8a75f
Show file tree

Hide file tree

Showing 4 changed files with 176 additions and 75 deletions.
diff --git a/java-kms/README.md b/java-kms/README.md
@@ -19,20 +19,20 @@ If you are using Maven, add this to your pom.xml file:
 <dependency>
   <groupId>com.google.cloud</groupId>
   <artifactId>google-cloud-kms</artifactId>
-  <version>2.8.0</version>
+  <version>2.9.0</version>
 </dependency>
 ```
 
 If you are using Gradle without BOM, add this to your dependencies:
 
 ```Groovy
-implementation 'com.google.cloud:google-cloud-kms:2.8.0'
+implementation 'com.google.cloud:google-cloud-kms:2.9.0'
 ```
 
 If you are using SBT, add this to your dependencies:
 
 ```Scala
-libraryDependencies += "com.google.cloud" % "google-cloud-kms" % "2.8.0"
+libraryDependencies += "com.google.cloud" % "google-cloud-kms" % "2.9.0"
 ```
 
 ## Authentication
@@ -159,16 +159,16 @@ Java is a registered trademark of Oracle and/or its affiliates.
 
 [product-docs]: https://cloud.google.com/kms
 [javadocs]: https://cloud.google.com/java/docs/reference/google-cloud-kms/latest/overview
-[kokoro-badge-image-1]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-kms/java7.svg
-[kokoro-badge-link-1]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-kms/java7.html
-[kokoro-badge-image-2]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-kms/java8.svg
-[kokoro-badge-link-2]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-kms/java8.html
-[kokoro-badge-image-3]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-kms/java8-osx.svg
-[kokoro-badge-link-3]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-kms/java8-osx.html
-[kokoro-badge-image-4]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-kms/java8-win.svg
-[kokoro-badge-link-4]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-kms/java8-win.html
-[kokoro-badge-image-5]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-kms/java11.svg
-[kokoro-badge-link-5]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-kms/java11.html
+[kokoro-badge-image-1]: http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/java7.svg
+[kokoro-badge-link-1]: http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/java7.html
+[kokoro-badge-image-2]: http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/java8.svg
+[kokoro-badge-link-2]: http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/java8.html
+[kokoro-badge-image-3]: http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/java8-osx.svg
+[kokoro-badge-link-3]: http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/java8-osx.html
+[kokoro-badge-image-4]: http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/java8-win.svg
+[kokoro-badge-link-4]: http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/java8-win.html
+[kokoro-badge-image-5]: http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/java11.svg
+[kokoro-badge-link-5]: http://storage.googleapis.com/cloud-devrel-public/java/badges/google-cloud-java/java11.html
 [stability-image]: https://img.shields.io/badge/stability-stable-green
 [maven-version-image]: https://img.shields.io/maven-central/v/com.google.cloud/google-cloud-kms.svg
 [maven-version-link]: https://search.maven.org/search?q=g:com.google.cloud%20AND%20a:google-cloud-kms&core=gav
@@ -180,9 +180,9 @@ Java is a registered trademark of Oracle and/or its affiliates.
 [create-project]: https://cloud.google.com/resource-manager/docs/creating-managing-projects
 [cloud-sdk]: https://cloud.google.com/sdk/
 [troubleshooting]: https://github.com/googleapis/google-cloud-common/blob/main/troubleshooting/readme.md#troubleshooting
-[contributing]: https://github.com/googleapis/java-kms/blob/main/CONTRIBUTING.md
-[code-of-conduct]: https://github.com/googleapis/java-kms/blob/main/CODE_OF_CONDUCT.md#contributor-code-of-conduct
-[license]: https://github.com/googleapis/java-kms/blob/main/LICENSE
+[contributing]: https://github.com/googleapis/google-cloud-java/blob/main/CONTRIBUTING.md
+[code-of-conduct]: https://github.com/googleapis/google-cloud-java/blob/main/CODE_OF_CONDUCT.md#contributor-code-of-conduct
+[license]: https://github.com/googleapis/google-cloud-java/blob/main/LICENSE
 [enable-billing]: https://cloud.google.com/apis/docs/getting-started#enabling_billing
 [enable-api]: https://console.cloud.google.com/flows/enableapi?apiid=cloudkms.googleapis.com
 [libraries-bom]: https://github.com/GoogleCloudPlatform/cloud-opensource-java/wiki/The-Google-Cloud-Platform-Libraries-BOM

diff --git a/...kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/CryptoKeyVersion.java b/...kms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/CryptoKeyVersion.java
@@ -364,6 +364,46 @@ public enum CryptoKeyVersionAlgorithm implements com.google.protobuf.ProtocolMes
      * <code>HMAC_SHA256 = 32;</code>
      */
     HMAC_SHA256(32),
+    /**
+     *
+     *
+     * <pre>
+     * HMAC-SHA1 signing with a 160 bit key.
+     * </pre>
+     *
+     * <code>HMAC_SHA1 = 33;</code>
+     */
+    HMAC_SHA1(33),
+    /**
+     *
+     *
+     * <pre>
+     * HMAC-SHA384 signing with a 384 bit key.
+     * </pre>
+     *
+     * <code>HMAC_SHA384 = 34;</code>
+     */
+    HMAC_SHA384(34),
+    /**
+     *
+     *
+     * <pre>
+     * HMAC-SHA512 signing with a 512 bit key.
+     * </pre>
+     *
+     * <code>HMAC_SHA512 = 35;</code>
+     */
+    HMAC_SHA512(35),
+    /**
+     *
+     *
+     * <pre>
+     * HMAC-SHA224 signing with a 224 bit key.
+     * </pre>
+     *
+     * <code>HMAC_SHA224 = 36;</code>
+     */
+    HMAC_SHA224(36),
     /**
      *
      *
@@ -618,6 +658,46 @@ public enum CryptoKeyVersionAlgorithm implements com.google.protobuf.ProtocolMes
      * <code>HMAC_SHA256 = 32;</code>
      */
     public static final int HMAC_SHA256_VALUE = 32;
+    /**
+     *
+     *
+     * <pre>
+     * HMAC-SHA1 signing with a 160 bit key.
+     * </pre>
+     *
+     * <code>HMAC_SHA1 = 33;</code>
+     */
+    public static final int HMAC_SHA1_VALUE = 33;
+    /**
+     *
+     *
+     * <pre>
+     * HMAC-SHA384 signing with a 384 bit key.
+     * </pre>
+     *
+     * <code>HMAC_SHA384 = 34;</code>
+     */
+    public static final int HMAC_SHA384_VALUE = 34;
+    /**
+     *
+     *
+     * <pre>
+     * HMAC-SHA512 signing with a 512 bit key.
+     * </pre>
+     *
+     * <code>HMAC_SHA512 = 35;</code>
+     */
+    public static final int HMAC_SHA512_VALUE = 35;
+    /**
+     *
+     *
+     * <pre>
+     * HMAC-SHA224 signing with a 224 bit key.
+     * </pre>
+     *
+     * <code>HMAC_SHA224 = 36;</code>
+     */
+    public static final int HMAC_SHA224_VALUE = 36;
     /**
      *
      *
@@ -701,6 +781,14 @@ public static CryptoKeyVersionAlgorithm forNumber(int value) {
           return EC_SIGN_SECP256K1_SHA256;
         case 32:
           return HMAC_SHA256;
+        case 33:
+          return HMAC_SHA1;
+        case 34:
+          return HMAC_SHA384;
+        case 35:
+          return HMAC_SHA512;
+        case 36:
+          return HMAC_SHA224;
         case 18:
           return EXTERNAL_SYMMETRIC_ENCRYPTION;
         default:

diff --git a/...ms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsResourcesProto.java b/...ms/proto-google-cloud-kms-v1/src/main/java/com/google/cloud/kms/v1/KmsResourcesProto.java
@@ -128,7 +128,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
           + "google_partition_certs\030\003 \003(\t\"k\n\021Attestat"
           + "ionFormat\022\"\n\036ATTESTATION_FORMAT_UNSPECIF"
           + "IED\020\000\022\030\n\024CAVIUM_V1_COMPRESSED\020\003\022\030\n\024CAVIU"
-          + "M_V2_COMPRESSED\020\004\"\220\020\n\020CryptoKeyVersion\022\021"
+          + "M_V2_COMPRESSED\020\004\"\322\020\n\020CryptoKeyVersion\022\021"
           + "\n\004name\030\001 \001(\tB\003\340A\003\022J\n\005state\030\003 \001(\0162;.googl"
           + "e.cloud.kms.v1.CryptoKeyVersion.CryptoKe"
           + "yVersionState\022C\n\020protection_level\030\007 \001(\0162"
@@ -148,7 +148,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
           + "ailure_reason\030\020 \001(\tB\003\340A\003\022^\n!external_pro"
           + "tection_level_options\030\021 \001(\01323.google.clo"
           + "ud.kms.v1.ExternalProtectionLevelOptions"
-          + "\022\036\n\021reimport_eligible\030\022 \001(\010B\003\340A\003\"\245\006\n\031Cry"
+          + "\022\036\n\021reimport_eligible\030\022 \001(\010B\003\340A\003\"\347\006\n\031Cry"
           + "ptoKeyVersionAlgorithm\022,\n(CRYPTO_KEY_VER"
           + "SION_ALGORITHM_UNSPECIFIED\020\000\022\037\n\033GOOGLE_S"
           + "YMMETRIC_ENCRYPTION\020\001\022\034\n\030RSA_SIGN_PSS_20"
@@ -168,63 +168,64 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
           + "RSA_DECRYPT_OAEP_4096_SHA1\020\'\022\027\n\023EC_SIGN_"
           + "P256_SHA256\020\014\022\027\n\023EC_SIGN_P384_SHA384\020\r\022\034"
           + "\n\030EC_SIGN_SECP256K1_SHA256\020\037\022\017\n\013HMAC_SHA"
-          + "256\020 \022!\n\035EXTERNAL_SYMMETRIC_ENCRYPTION\020\022"
-          + "\"\301\001\n\025CryptoKeyVersionState\022(\n$CRYPTO_KEY"
-          + "_VERSION_STATE_UNSPECIFIED\020\000\022\026\n\022PENDING_"
-          + "GENERATION\020\005\022\013\n\007ENABLED\020\001\022\014\n\010DISABLED\020\002\022"
-          + "\r\n\tDESTROYED\020\003\022\025\n\021DESTROY_SCHEDULED\020\004\022\022\n"
-          + "\016PENDING_IMPORT\020\006\022\021\n\rIMPORT_FAILED\020\007\"I\n\024"
-          + "CryptoKeyVersionView\022\'\n#CRYPTO_KEY_VERSI"
-          + "ON_VIEW_UNSPECIFIED\020\000\022\010\n\004FULL\020\001:\252\001\352A\246\001\n("
-          + "cloudkms.googleapis.com/CryptoKeyVersion"
-          + "\022zprojects/{project}/locations/{location"
-          + "}/keyRings/{key_ring}/cryptoKeys/{crypto"
-          + "_key}/cryptoKeyVersions/{crypto_key_vers"
-          + "ion}\"\234\003\n\tPublicKey\022\013\n\003pem\030\001 \001(\t\022R\n\talgor"
-          + "ithm\030\002 \001(\0162?.google.cloud.kms.v1.CryptoK"
-          + "eyVersion.CryptoKeyVersionAlgorithm\022/\n\np"
-          + "em_crc32c\030\003 \001(\0132\033.google.protobuf.Int64V"
-          + "alue\022\014\n\004name\030\004 \001(\t\022>\n\020protection_level\030\005"
-          + " \001(\0162$.google.cloud.kms.v1.ProtectionLev"
-          + "el:\256\001\352A\252\001\n!cloudkms.googleapis.com/Publi"
-          + "cKey\022\204\001projects/{project}/locations/{loc"
-          + "ation}/keyRings/{key_ring}/cryptoKeys/{c"
-          + "rypto_key}/cryptoKeyVersions/{crypto_key"
-          + "_version}/publicKey\"\333\007\n\tImportJob\022\021\n\004nam"
-          + "e\030\001 \001(\tB\003\340A\003\022J\n\rimport_method\030\002 \001(\0162+.go"
-          + "ogle.cloud.kms.v1.ImportJob.ImportMethod"
-          + "B\006\340A\002\340A\005\022F\n\020protection_level\030\t \001(\0162$.goo"
-          + "gle.cloud.kms.v1.ProtectionLevelB\006\340A\002\340A\005"
-          + "\0224\n\013create_time\030\003 \001(\0132\032.google.protobuf."
-          + "TimestampB\003\340A\003\0226\n\rgenerate_time\030\004 \001(\0132\032."
-          + "google.protobuf.TimestampB\003\340A\003\0224\n\013expire"
-          + "_time\030\005 \001(\0132\032.google.protobuf.TimestampB"
-          + "\003\340A\003\022:\n\021expire_event_time\030\n \001(\0132\032.google"
-          + ".protobuf.TimestampB\003\340A\003\022A\n\005state\030\006 \001(\0162"
-          + "-.google.cloud.kms.v1.ImportJob.ImportJo"
-          + "bStateB\003\340A\003\022I\n\npublic_key\030\007 \001(\01320.google"
-          + ".cloud.kms.v1.ImportJob.WrappingPublicKe"
-          + "yB\003\340A\003\022F\n\013attestation\030\010 \001(\0132,.google.clo"
-          + "ud.kms.v1.KeyOperationAttestationB\003\340A\003\032 "
-          + "\n\021WrappingPublicKey\022\013\n\003pem\030\001 \001(\t\"m\n\014Impo"
-          + "rtMethod\022\035\n\031IMPORT_METHOD_UNSPECIFIED\020\000\022"
-          + "\036\n\032RSA_OAEP_3072_SHA1_AES_256\020\001\022\036\n\032RSA_O"
-          + "AEP_4096_SHA1_AES_256\020\002\"c\n\016ImportJobStat"
-          + "e\022 \n\034IMPORT_JOB_STATE_UNSPECIFIED\020\000\022\026\n\022P"
-          + "ENDING_GENERATION\020\001\022\n\n\006ACTIVE\020\002\022\013\n\007EXPIR"
-          + "ED\020\003:{\352Ax\n!cloudkms.googleapis.com/Impor"
-          + "tJob\022Sprojects/{project}/locations/{loca"
-          + "tion}/keyRings/{key_ring}/importJobs/{im"
-          + "port_job}\"[\n\036ExternalProtectionLevelOpti"
-          + "ons\022\030\n\020external_key_uri\030\001 \001(\t\022\037\n\027ekm_con"
-          + "nection_key_path\030\002 \001(\t*j\n\017ProtectionLeve"
-          + "l\022 \n\034PROTECTION_LEVEL_UNSPECIFIED\020\000\022\014\n\010S"
-          + "OFTWARE\020\001\022\007\n\003HSM\020\002\022\014\n\010EXTERNAL\020\003\022\020\n\014EXTE"
-          + "RNAL_VPC\020\004B\225\001\n\027com.google.cloud.kms.v1B\021"
-          + "KmsResourcesProtoP\001Z6google.golang.org/g"
-          + "enproto/googleapis/cloud/kms/v1;kms\370\001\001\252\002"
-          + "\023Google.Cloud.Kms.V1\312\002\023Google\\Cloud\\Kms\\"
-          + "V1b\006proto3"
+          + "256\020 \022\r\n\tHMAC_SHA1\020!\022\017\n\013HMAC_SHA384\020\"\022\017\n"
+          + "\013HMAC_SHA512\020#\022\017\n\013HMAC_SHA224\020$\022!\n\035EXTER"
+          + "NAL_SYMMETRIC_ENCRYPTION\020\022\"\301\001\n\025CryptoKey"
+          + "VersionState\022(\n$CRYPTO_KEY_VERSION_STATE"
+          + "_UNSPECIFIED\020\000\022\026\n\022PENDING_GENERATION\020\005\022\013"
+          + "\n\007ENABLED\020\001\022\014\n\010DISABLED\020\002\022\r\n\tDESTROYED\020\003"
+          + "\022\025\n\021DESTROY_SCHEDULED\020\004\022\022\n\016PENDING_IMPOR"
+          + "T\020\006\022\021\n\rIMPORT_FAILED\020\007\"I\n\024CryptoKeyVersi"
+          + "onView\022\'\n#CRYPTO_KEY_VERSION_VIEW_UNSPEC"
+          + "IFIED\020\000\022\010\n\004FULL\020\001:\252\001\352A\246\001\n(cloudkms.googl"
+          + "eapis.com/CryptoKeyVersion\022zprojects/{pr"
+          + "oject}/locations/{location}/keyRings/{ke"
+          + "y_ring}/cryptoKeys/{crypto_key}/cryptoKe"
+          + "yVersions/{crypto_key_version}\"\234\003\n\tPubli"
+          + "cKey\022\013\n\003pem\030\001 \001(\t\022R\n\talgorithm\030\002 \001(\0162?.g"
+          + "oogle.cloud.kms.v1.CryptoKeyVersion.Cryp"
+          + "toKeyVersionAlgorithm\022/\n\npem_crc32c\030\003 \001("
+          + "\0132\033.google.protobuf.Int64Value\022\014\n\004name\030\004"
+          + " \001(\t\022>\n\020protection_level\030\005 \001(\0162$.google."
+          + "cloud.kms.v1.ProtectionLevel:\256\001\352A\252\001\n!clo"
+          + "udkms.googleapis.com/PublicKey\022\204\001project"
+          + "s/{project}/locations/{location}/keyRing"
+          + "s/{key_ring}/cryptoKeys/{crypto_key}/cry"
+          + "ptoKeyVersions/{crypto_key_version}/publ"
+          + "icKey\"\333\007\n\tImportJob\022\021\n\004name\030\001 \001(\tB\003\340A\003\022J"
+          + "\n\rimport_method\030\002 \001(\0162+.google.cloud.kms"
+          + ".v1.ImportJob.ImportMethodB\006\340A\002\340A\005\022F\n\020pr"
+          + "otection_level\030\t \001(\0162$.google.cloud.kms."
+          + "v1.ProtectionLevelB\006\340A\002\340A\005\0224\n\013create_tim"
+          + "e\030\003 \001(\0132\032.google.protobuf.TimestampB\003\340A\003"
+          + "\0226\n\rgenerate_time\030\004 \001(\0132\032.google.protobu"
+          + "f.TimestampB\003\340A\003\0224\n\013expire_time\030\005 \001(\0132\032."
+          + "google.protobuf.TimestampB\003\340A\003\022:\n\021expire"
+          + "_event_time\030\n \001(\0132\032.google.protobuf.Time"
+          + "stampB\003\340A\003\022A\n\005state\030\006 \001(\0162-.google.cloud"
+          + ".kms.v1.ImportJob.ImportJobStateB\003\340A\003\022I\n"
+          + "\npublic_key\030\007 \001(\01320.google.cloud.kms.v1."
+          + "ImportJob.WrappingPublicKeyB\003\340A\003\022F\n\013atte"
+          + "station\030\010 \001(\0132,.google.cloud.kms.v1.KeyO"
+          + "perationAttestationB\003\340A\003\032 \n\021WrappingPubl"
+          + "icKey\022\013\n\003pem\030\001 \001(\t\"m\n\014ImportMethod\022\035\n\031IM"
+          + "PORT_METHOD_UNSPECIFIED\020\000\022\036\n\032RSA_OAEP_30"
+          + "72_SHA1_AES_256\020\001\022\036\n\032RSA_OAEP_4096_SHA1_"
+          + "AES_256\020\002\"c\n\016ImportJobState\022 \n\034IMPORT_JO"
+          + "B_STATE_UNSPECIFIED\020\000\022\026\n\022PENDING_GENERAT"
+          + "ION\020\001\022\n\n\006ACTIVE\020\002\022\013\n\007EXPIRED\020\003:{\352Ax\n!clo"
+          + "udkms.googleapis.com/ImportJob\022Sprojects"
+          + "/{project}/locations/{location}/keyRings"
+          + "/{key_ring}/importJobs/{import_job}\"[\n\036E"
+          + "xternalProtectionLevelOptions\022\030\n\020externa"
+          + "l_key_uri\030\001 \001(\t\022\037\n\027ekm_connection_key_pa"
+          + "th\030\002 \001(\t*j\n\017ProtectionLevel\022 \n\034PROTECTIO"
+          + "N_LEVEL_UNSPECIFIED\020\000\022\014\n\010SOFTWARE\020\001\022\007\n\003H"
+          + "SM\020\002\022\014\n\010EXTERNAL\020\003\022\020\n\014EXTERNAL_VPC\020\004B\225\001\n"
+          + "\027com.google.cloud.kms.v1B\021KmsResourcesPr"
+          + "otoP\001Z6google.golang.org/genproto/google"
+          + "apis/cloud/kms/v1;kms\370\001\001\252\002\023Google.Cloud."
+          + "Kms.V1\312\002\023Google\\Cloud\\Kms\\V1b\006proto3"
     };
     descriptor =
         com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(

diff --git a/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/resources.proto b/java-kms/proto-google-cloud-kms-v1/src/main/proto/google/cloud/kms/v1/resources.proto
@@ -403,6 +403,18 @@ message CryptoKeyVersion {
     // HMAC-SHA256 signing with a 256 bit key.
     HMAC_SHA256 = 32;
 
+    // HMAC-SHA1 signing with a 160 bit key.
+    HMAC_SHA1 = 33;
+
+    // HMAC-SHA384 signing with a 384 bit key.
+    HMAC_SHA384 = 34;
+
+    // HMAC-SHA512 signing with a 512 bit key.
+    HMAC_SHA512 = 35;
+
+    // HMAC-SHA224 signing with a 224 bit key.
+    HMAC_SHA224 = 36;
+
     // Algorithm representing symmetric encryption by an external key manager.
     EXTERNAL_SYMMETRIC_ENCRYPTION = 18;
   }