VersionList Event

Fires once for each key version when listing key versions.

Syntax

func onVersionList(name: String, versionId: String, state: String, algorithm: String, protectionLevel: String, creationDate: String, destructionDate: String)

Remarks

This event fires once for each key version returned when ListVersions or GetVersionInfo is called.

Name reflects the name of the key.

VersionId reflects the Id of the key version.

State reflects the state of the key version. Possible values are:

  • PENDING_GENERATION: The version is still being generated, and cannot be used yet. Once generation has finished, it will become ENABLED.
  • ENABLED: The version is enabled and available for use.
  • DISABLED: The version is disabled; it cannot be used unless it is enabled again. It may be destroyed.
  • DESTROY_SCHEDULED: The version's cryptographic material is scheduled for destruction, and will be destroyed at the time reflected by DestructionDate unless CancelDestruction before then.
  • DESTROYED: The version's cryptographic material has been destroyed, and the version is no longer usable. This state is permanent once entered.
  • PENDING_IMPORT*: Cryptographic material has not finished importing, and the version cannot be used yet. Once the import has finished, it will become ENABLED.
  • IMPORT_FAILED*: The version was not imported successfully; it cannot be used, and any imported cryptographic material has been discarded.
(* The class does not directly support importing key version material at this time; however, these states may still appear if an import job was initiated using SendCustomRequest or some external method.)

Algorithm reflects the key version's algorithm. For symmetric keys, this will always be GOOGLE_SYMMETRIC_ENCRYPTION. For asymmetric keys, this value describes both the key type and the algorithm that must be used during cryptographic operations, and possible values are:

  • RSA_SIGN_PSS_2048_SHA256: RSASSA-PSS 2048 bit key with a SHA256 digest
  • RSA_SIGN_PSS_3072_SHA256: RSASSA-PSS 3072 bit key with a SHA256 digest
  • RSA_SIGN_PSS_4096_SHA256: RSASSA-PSS 4096 bit key with a SHA256 digest
  • RSA_SIGN_PSS_4096_SHA512: RSASSA-PSS 4096 bit key with a SHA512 digest
  • RSA_SIGN_PKCS1_2048_SHA256: RSASSA-PKCS1-v1_5 with a 2048 bit key and a SHA256 digest
  • RSA_SIGN_PKCS1_3072_SHA256: RSASSA-PKCS1-v1_5 with a 3072 bit key and a SHA256 digest
  • RSA_SIGN_PKCS1_4096_SHA256: RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA256 digest
  • RSA_SIGN_PKCS1_4096_SHA512: RSASSA-PKCS1-v1_5 with a 4096 bit key and a SHA512 digest
  • RSA_DECRYPT_OAEP_2048_SHA256: RSAES-OAEP 2048 bit key with a SHA256 digest
  • RSA_DECRYPT_OAEP_3072_SHA256: RSAES-OAEP 3072 bit key with a SHA256 digest
  • RSA_DECRYPT_OAEP_4096_SHA256: RSAES-OAEP 4096 bit key with a SHA256 digest
  • RSA_DECRYPT_OAEP_4096_SHA512: RSAES-OAEP 4096 bit key with a SHA512 digest
  • EC_SIGN_P256_SHA256: ECDSA on the NIST P-256 curve with a SHA256 digest
  • EC_SIGN_P384_SHA384: ECDSA on the NIST P-384 curve with a SHA384 digest

Refer to Google's CryptoKeyVersionAlgorithm documentation page for more information.

ProtectionLevel reflects the key version's protection level. Possible values are:

  • SOFTWARE
  • HSM
  • EXTERNAL

CreationDate reflects the key version's creation date, formatted as an RFC 3339 UTC timestamp.

DestructionDate reflects the date at which the key version's cryptographic material was (or will be) destroyed, formatted as an RFC 3339 UTC timestamp; or empty string if the key version's cryptographic material has not been, and is not scheduled to be, destroyed.

 
 
Copyright (c) 2021 /n software inc. - All rights reserved.
Cloud Keys 2020 macOS Edition - Version 20.0 [Build 7876]