google_cloud_kms/grpc/apiv1/
kms_client.rs

1use std::sync::Arc;
2use std::time::Duration;
3
4use crate::grpc::apiv1::conn_pool::ConnectionManager;
5
6use google_cloud_gax::create_request;
7use google_cloud_gax::grpc::{Code, Status};
8use google_cloud_gax::retry::{invoke, MapErr, RetrySetting};
9
10use crate::grpc::kms::v1::CreateCryptoKeyVersionRequest;
11use crate::grpc::kms::v1::CreateKeyRingRequest;
12use crate::grpc::kms::v1::CryptoKey;
13use crate::grpc::kms::v1::CryptoKeyVersion;
14use crate::grpc::kms::v1::DestroyCryptoKeyVersionRequest;
15use crate::grpc::kms::v1::GenerateRandomBytesRequest;
16use crate::grpc::kms::v1::GenerateRandomBytesResponse;
17use crate::grpc::kms::v1::GetCryptoKeyRequest;
18use crate::grpc::kms::v1::GetCryptoKeyVersionRequest;
19use crate::grpc::kms::v1::GetKeyRingRequest;
20use crate::grpc::kms::v1::KeyRing;
21use crate::grpc::kms::v1::ListCryptoKeyVersionsRequest;
22use crate::grpc::kms::v1::ListCryptoKeyVersionsResponse;
23use crate::grpc::kms::v1::ListCryptoKeysRequest;
24use crate::grpc::kms::v1::ListCryptoKeysResponse;
25use crate::grpc::kms::v1::ListKeyRingsRequest;
26use crate::grpc::kms::v1::ListKeyRingsResponse;
27use crate::grpc::kms::v1::{
28    AsymmetricSignRequest, AsymmetricSignResponse, CreateCryptoKeyRequest, DecryptRequest, DecryptResponse,
29    EncryptRequest, EncryptResponse, GetPublicKeyRequest, MacSignRequest, MacSignResponse, MacVerifyRequest,
30    MacVerifyResponse, PublicKey,
31};
32
33fn default_setting() -> RetrySetting {
34    RetrySetting {
35        from_millis: 50,
36        max_delay: Some(Duration::from_secs(60)),
37        factor: 1u64,
38        take: 20,
39        codes: vec![Code::Unavailable, Code::Unknown],
40    }
41}
42
43#[derive(Clone, Debug)]
44pub struct Client {
45    cm: Arc<ConnectionManager>,
46}
47
48impl Client {
49    pub fn new(cm: Arc<ConnectionManager>) -> Self {
50        Self { cm }
51    }
52
53    /// Generate random bytes
54    ///
55    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.GenerateRandomBytes>
56    ///
57    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
58    pub async fn generate_random_bytes(
59        &self,
60        req: GenerateRandomBytesRequest,
61        retry: Option<RetrySetting>,
62    ) -> Result<GenerateRandomBytesResponse, Status> {
63        let action = || async {
64            let request = create_request(format!("location={}", req.location), req.clone());
65            self.cm.conn().generate_random_bytes(request).await.map_transient_err()
66        };
67        invoke(Some(retry.unwrap_or_else(default_setting)), action)
68            .await
69            .map(|r| r.into_inner())
70    }
71
72    /// Create crypto key
73    ///
74    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.CreateCryptoKey>
75    ///
76    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
77    pub async fn create_crypto_key(
78        &self,
79        req: CreateCryptoKeyRequest,
80        retry: Option<RetrySetting>,
81    ) -> Result<CryptoKey, Status> {
82        let action = || async {
83            let request = create_request(format!("parent={}", req.parent), req.clone());
84            self.cm.conn().create_crypto_key(request).await.map_transient_err()
85        };
86        invoke(Some(retry.unwrap_or_else(default_setting)), action)
87            .await
88            .map(|r| r.into_inner())
89    }
90
91    /// Create crypto key version
92    ///
93    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion>
94    ///
95    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
96    pub async fn create_crypto_key_version(
97        &self,
98        req: CreateCryptoKeyVersionRequest,
99        retry: Option<RetrySetting>,
100    ) -> Result<CryptoKeyVersion, Status> {
101        let action = || async {
102            let request = create_request(format!("parent={}", req.parent), req.clone());
103            self.cm
104                .conn()
105                .create_crypto_key_version(request)
106                .await
107                .map_transient_err()
108        };
109        invoke(Some(retry.unwrap_or_else(default_setting)), action)
110            .await
111            .map(|r| r.into_inner())
112    }
113
114    /// Create key ring
115    ///
116    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.CreateKeyRing>
117    ///
118    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
119    pub async fn create_key_ring(
120        &self,
121        req: CreateKeyRingRequest,
122        retry: Option<RetrySetting>,
123    ) -> Result<KeyRing, Status> {
124        let action = || async {
125            let request = create_request(format!("parent={}", req.parent), req.clone());
126            self.cm.conn().create_key_ring(request).await.map_transient_err()
127        };
128        invoke(Some(retry.unwrap_or_else(default_setting)), action)
129            .await
130            .map(|r| r.into_inner())
131    }
132
133    /// Destroy crypto key version
134    ///
135    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion>
136    ///
137    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
138    pub async fn destroy_crypto_key_version(
139        &self,
140        req: DestroyCryptoKeyVersionRequest,
141        retry: Option<RetrySetting>,
142    ) -> Result<CryptoKeyVersion, Status> {
143        let action = || async {
144            let request = create_request(format!("name={}", req.name), req.clone());
145            self.cm
146                .conn()
147                .destroy_crypto_key_version(request)
148                .await
149                .map_transient_err()
150        };
151        invoke(Some(retry.unwrap_or_else(default_setting)), action)
152            .await
153            .map(|r| r.into_inner())
154    }
155
156    /// Get crypto key
157    ///
158    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.GetCryptoKey>
159    ///
160    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
161    pub async fn get_crypto_key(
162        &self,
163        req: GetCryptoKeyRequest,
164        retry: Option<RetrySetting>,
165    ) -> Result<CryptoKey, Status> {
166        let action = || async {
167            let request = create_request(format!("name={}", req.name), req.clone());
168            self.cm.conn().get_crypto_key(request).await.map_transient_err()
169        };
170        invoke(Some(retry.unwrap_or_else(default_setting)), action)
171            .await
172            .map(|r| r.into_inner())
173    }
174
175    /// Get crypto key version
176    ///
177    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.GetCryptoKeyVersion>
178    ///
179    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
180    pub async fn get_crypto_key_version(
181        &self,
182        req: GetCryptoKeyVersionRequest,
183        retry: Option<RetrySetting>,
184    ) -> Result<CryptoKeyVersion, Status> {
185        let action = || async {
186            let request = create_request(format!("name={}", req.name), req.clone());
187            self.cm.conn().get_crypto_key_version(request).await.map_transient_err()
188        };
189        invoke(Some(retry.unwrap_or_else(default_setting)), action)
190            .await
191            .map(|r| r.into_inner())
192    }
193
194    /// Get key ring
195    ///
196    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.GetKeyRing>
197    ///
198    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
199    pub async fn get_key_ring(&self, req: GetKeyRingRequest, retry: Option<RetrySetting>) -> Result<KeyRing, Status> {
200        let action = || async {
201            let request = create_request(format!("name={}", req.name), req.clone());
202            self.cm.conn().get_key_ring(request).await.map_transient_err()
203        };
204        invoke(Some(retry.unwrap_or_else(default_setting)), action)
205            .await
206            .map(|r| r.into_inner())
207    }
208
209    /// List crypto key versions
210    ///
211    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.ListCryptoKeyVersions>
212    ///
213    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
214    pub async fn list_crypto_key_versions(
215        &self,
216        req: ListCryptoKeyVersionsRequest,
217        retry: Option<RetrySetting>,
218    ) -> Result<ListCryptoKeyVersionsResponse, Status> {
219        let action = || async {
220            let request = create_request(format!("parent={}", req.parent), req.clone());
221            self.cm
222                .conn()
223                .list_crypto_key_versions(request)
224                .await
225                .map_transient_err()
226        };
227        invoke(Some(retry.unwrap_or_else(default_setting)), action)
228            .await
229            .map(|r| r.into_inner())
230    }
231
232    /// List crypto keys
233    ///
234    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.ListCryptoKeys>
235    ///
236    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
237    pub async fn list_crypto_keys(
238        &self,
239        req: ListCryptoKeysRequest,
240        retry: Option<RetrySetting>,
241    ) -> Result<ListCryptoKeysResponse, Status> {
242        let action = || async {
243            let request = create_request(format!("parent={}", req.parent), req.clone());
244            self.cm.conn().list_crypto_keys(request).await.map_transient_err()
245        };
246        invoke(Some(retry.unwrap_or_else(default_setting)), action)
247            .await
248            .map(|r| r.into_inner())
249    }
250
251    /// List key rings
252    ///
253    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.ListKeyRings>
254    ///
255    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
256    pub async fn list_key_rings(
257        &self,
258        req: ListKeyRingsRequest,
259        retry: Option<RetrySetting>,
260    ) -> Result<ListKeyRingsResponse, Status> {
261        let action = || async {
262            let request = create_request(format!("parent={}", req.parent), req.clone());
263            self.cm.conn().list_key_rings(request).await.map_transient_err()
264        };
265        invoke(Some(retry.unwrap_or_else(default_setting)), action)
266            .await
267            .map(|r| r.into_inner())
268    }
269
270    /// Encrypt
271    ///
272    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.Encrypt>
273    ///
274    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
275    pub async fn encrypt(&self, req: EncryptRequest, retry: Option<RetrySetting>) -> Result<EncryptResponse, Status> {
276        let action = || async {
277            let request = create_request(format!("name={}", req.name), req.clone());
278            self.cm.conn().encrypt(request).await.map_transient_err()
279        };
280        invoke(Some(retry.unwrap_or_else(default_setting)), action)
281            .await
282            .map(|r| r.into_inner())
283    }
284
285    /// Decrypt
286    ///
287    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.Decrypt>
288    ///
289    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
290    pub async fn decrypt(&self, req: DecryptRequest, retry: Option<RetrySetting>) -> Result<DecryptResponse, Status> {
291        let action = || async {
292            let request = create_request(format!("name={}", req.name), req.clone());
293            self.cm.conn().decrypt(request).await.map_transient_err()
294        };
295        invoke(Some(retry.unwrap_or_else(default_setting)), action)
296            .await
297            .map(|r| r.into_inner())
298    }
299
300    /// AsymmetricSign
301    ///
302    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.AsymmetricSign>
303    ///
304    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
305    pub async fn asymmetric_sign(
306        &self,
307        req: AsymmetricSignRequest,
308        retry: Option<RetrySetting>,
309    ) -> Result<AsymmetricSignResponse, Status> {
310        let action = || async {
311            let request = create_request(format!("name={}", req.name), req.clone());
312            self.cm.conn().asymmetric_sign(request).await.map_transient_err()
313        };
314        invoke(Some(retry.unwrap_or_else(default_setting)), action)
315            .await
316            .map(|r| r.into_inner())
317    }
318
319    /// MacSign
320    ///
321    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.MacSign>
322    ///
323    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
324    pub async fn mac_sign(&self, req: MacSignRequest, retry: Option<RetrySetting>) -> Result<MacSignResponse, Status> {
325        let action = || async {
326            let request = create_request(format!("name={}", req.name), req.clone());
327            self.cm.conn().mac_sign(request).await.map_transient_err()
328        };
329        invoke(Some(retry.unwrap_or_else(default_setting)), action)
330            .await
331            .map(|r| r.into_inner())
332    }
333
334    /// MacVerify
335    ///
336    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.KeyManagementService.MacVerify>
337    ///
338    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
339    pub async fn mac_verify(
340        &self,
341        req: MacVerifyRequest,
342        retry: Option<RetrySetting>,
343    ) -> Result<MacVerifyResponse, Status> {
344        let action = || async {
345            let request = create_request(format!("name={}", req.name), req.clone());
346            self.cm.conn().mac_verify(request).await.map_transient_err()
347        };
348        invoke(Some(retry.unwrap_or_else(default_setting)), action)
349            .await
350            .map(|r| r.into_inner())
351    }
352
353    /// PublicKey
354    ///
355    /// <https://cloud.google.com/kms/docs/reference/rpc/google.cloud.kms.v1#google.cloud.kms.v1.PublicKey>
356    ///
357    #[cfg_attr(feature = "trace", tracing::instrument(skip_all))]
358    pub async fn get_public_key(
359        &self,
360        req: GetPublicKeyRequest,
361        retry: Option<RetrySetting>,
362    ) -> Result<PublicKey, Status> {
363        let action = || async {
364            let request = create_request(format!("name={}", req.name), req.clone());
365            self.cm.conn().get_public_key(request).await.map_transient_err()
366        };
367        invoke(Some(retry.unwrap_or_else(default_setting)), action)
368            .await
369            .map(|r| r.into_inner())
370    }
371}
google_cloud_kms/grpc/apiv1/kms_client.rs

google_cloud_kms/grpc/apiv1/
kms_client.rs
