HEX
Server: Apache/2.4.65 (Ubuntu)
System: Linux ielts-store-v2 6.8.0-1036-gcp #38~22.04.1-Ubuntu SMP Thu Aug 14 01:19:18 UTC 2025 x86_64
User: root (0)
PHP: 7.2.34-54+ubuntu20.04.1+deb.sury.org+1
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
$ pwd: /snap/google-cloud-cli/396/help/man/man1/
Upload Files
File: //snap/google-cloud-cli/396/help/man/man1/gcloud_kms_mac-verify.1
.TH "GCLOUD_KMS_MAC\-VERIFY" 1



.SH "NAME"
.HP
gcloud kms mac\-verify \- verify a user signature file using a MAC key version



.SH "SYNOPSIS"
.HP
\f5gcloud kms mac\-verify\fR \fB\-\-input\-file\fR=\fIINPUT_FILE\fR \fB\-\-signature\-file\fR=\fISIGNATURE_FILE\fR [\fB\-\-key\fR=\fIKEY\fR] [\fB\-\-keyring\fR=\fIKEYRING\fR] [\fB\-\-location\fR=\fILOCATION\fR] [\fB\-\-skip\-integrity\-verification\fR] [\fB\-\-version\fR=\fIVERSION\fR] [\fIGCLOUD_WIDE_FLAG\ ...\fR]



.SH "DESCRIPTION"

Verifies a digital signature using the provided MAC signing key version.

By default, the command performs integrity verification on data sent to and
received from Cloud KMS. Use \-\-skip\-integrity\-verification to disable
integrity verification.



.SH "EXAMPLES"

The following command will read the file '/tmp/my/file.to.verify', and verify it
using the symmetric MAC CryptoKey \f5dont\-panic\fR Version 3 and the file used
previously to generate the MAC tag ('/tmp/my/original.data.file').

.RS 2m
$ gcloud kms mac\-verify \-\-location=us\-central1 \e
    \-\-keyring=hitchhiker \-\-key=dont\-panic \-\-version=3 \e
    \-\-input\-file=/tmp/my/original.data.file \e
    \-\-signature\-file=/tmp/my/file.to.verify
.RE



.SH "REQUIRED FLAGS"

.RS 2m
.TP 2m
\fB\-\-input\-file\fR=\fIINPUT_FILE\fR

Path to the input file to use for verification.

.TP 2m
\fB\-\-signature\-file\fR=\fISIGNATURE_FILE\fR

Path to the signature file to be verified.


.RE
.sp

.SH "OPTIONAL FLAGS"

.RS 2m
.TP 2m
\fB\-\-key\fR=\fIKEY\fR

to use for signing.

.TP 2m
\fB\-\-keyring\fR=\fIKEYRING\fR

Key ring of the key.

.TP 2m
\fB\-\-location\fR=\fILOCATION\fR

Location of the keyring.

.TP 2m
\fB\-\-skip\-integrity\-verification\fR

Skip integrity verification on request and response API fields.

.TP 2m
\fB\-\-version\fR=\fIVERSION\fR

Version to use for signing.


.RE
.sp

.SH "GCLOUD WIDE FLAGS"

These flags are available to all commands: \-\-access\-token\-file, \-\-account,
\-\-billing\-project, \-\-configuration, \-\-flags\-file, \-\-flatten,
\-\-format, \-\-help, \-\-impersonate\-service\-account, \-\-log\-http,
\-\-project, \-\-quiet, \-\-trace\-token, \-\-user\-output\-enabled,
\-\-verbosity.

Run \fB$ gcloud help\fR for details.



.SH "NOTES"

These variants are also available:

.RS 2m
$ gcloud alpha kms mac\-verify
.RE

.RS 2m
$ gcloud beta kms mac\-verify
.RE
@ Telegram