Reference documentation and code samples for the Cloud Key Management Service (KMS) V1 API module Google::Cloud::Kms::V1::ImportJob::ImportMethod.
ImportMethod describes the key wrapping method chosen for this ImportJob.
Constants
IMPORT_METHOD_UNSPECIFIED
value: 0
Not specified.
RSA_OAEP_3072_SHA1_AES_256
value: 1
This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping
scheme defined in the PKCS #11 standard. In summary, this involves
wrapping the raw key with an ephemeral AES key, and wrapping the
ephemeral AES key with a 3072 bit RSA key. For more details, see
RSA AES key wrap
mechanism.
RSA_OAEP_4096_SHA1_AES_256
value: 2
This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping
scheme defined in the PKCS #11 standard. In summary, this involves
wrapping the raw key with an ephemeral AES key, and wrapping the
ephemeral AES key with a 4096 bit RSA key. For more details, see
RSA AES key wrap
mechanism.
RSA_OAEP_3072_SHA256_AES_256
value: 3
This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping
scheme defined in the PKCS #11 standard. In summary, this involves
wrapping the raw key with an ephemeral AES key, and wrapping the
ephemeral AES key with a 3072 bit RSA key. For more details, see
RSA AES key wrap
mechanism.
RSA_OAEP_4096_SHA256_AES_256
value: 4
This ImportMethod represents the CKM_RSA_AES_KEY_WRAP key wrapping
scheme defined in the PKCS #11 standard. In summary, this involves
wrapping the raw key with an ephemeral AES key, and wrapping the
ephemeral AES key with a 4096 bit RSA key. For more details, see
RSA AES key wrap
mechanism.
RSA_OAEP_3072_SHA256
value: 5
This ImportMethod represents RSAES-OAEP with a 3072 bit RSA key. The
key material to be imported is wrapped directly with the RSA key. Due
to technical limitations of RSA wrapping, this method cannot be used to
wrap RSA keys for import.
RSA_OAEP_4096_SHA256
value: 6
This ImportMethod represents RSAES-OAEP with a 4096 bit RSA key. The
key material to be imported is wrapped directly with the RSA key. Due
to technical limitations of RSA wrapping, this method cannot be used to
wrap RSA keys for import.
HPKE_KEM_ML_KEM_768_HKDF_SHA256_AES_256_GCM
value: 8
Represents the Hybrid Public Key Encryption (HPKE) Scheme originally
defined in RFC 9180. It
involves wrapping the raw key with an ephemeral AES key, derived with
HKDF-SHA256 from an encryption context, that is, in turn obtained from
the receiver’s public key with the help of the ML-KEM-768 KEM. For more
details, see the ML-KEM HPKE
standard.
HPKE_KEM_ML_KEM_1024_HKDF_SHA256_AES_256_GCM
value: 9
Represents the Hybrid Public Key Encryption (HPKE) Scheme originally
defined in RFC 9180. It
involves wrapping the raw key with an ephemeral AES key, derived with
HKDF-SHA256 from an encryption context, that is, in turn obtained from
the receiver’s public key with the help of the ML-KEM-1024 KEM. For more
details, see the ML-KEM HPKE
standard.
HPKE_KEM_XWING_HKDF_SHA256_AES_256_GCM
value: 10
Represents the Hybrid Public Key Encryption (HPKE) Scheme originally
defined in RFC 9180. It
involves wrapping the raw key with an ephemeral AES key, derived with
HKDF-SHA256 from an encryption context, that is, in turn obtained from
the receiver’s public key with the help of the X-Wing hybrid KEM. For
more details, see the X-Wing
standard.