An optional parameter to set the Customer-Supplied Encryption key for rewrite source object.
Application developers can generate their own encryption keys to protect the data in GCS. This is known as a Customer-Supplied Encryption key (CSEK). If the application provides a CSEK, GCS does not retain the key. The object data, the object CRC32 checksum, and its MD5 hash (if applicable) are all encrypted with this key, and the key is required to read any of these elements back.
Care must be taken to save and protect these keys, if lost, the data is not recoverable. Also, applications should avoid generating predictable keys, as this weakens the encryption.
This option is used only in rewrite operations and it defines the key used for the source object.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-14 UTC."],[[["\u003cp\u003eThis document provides versioned documentation for the \u003ccode\u003eSourceEncryptionKey\u003c/code\u003e struct within the Google Cloud Storage C++ client library, ranging from version 2.11.0 to the latest release candidate 2.37.0-rc.\u003c/p\u003e\n"],["\u003cp\u003e\u003ccode\u003eSourceEncryptionKey\u003c/code\u003e is used to specify a Customer-Supplied Encryption Key (CSEK) for rewrite source objects within Google Cloud Storage (GCS) operations, enhancing data security by allowing users to manage their encryption keys.\u003c/p\u003e\n"],["\u003cp\u003eThe use of CSEK in GCS ensures that GCS does not store the encryption keys, encrypting object data, CRC32 checksums, and MD5 hashes with the user-supplied key, requiring the same key to read the elements.\u003c/p\u003e\n"],["\u003cp\u003eThe document details the functions \u003ccode\u003eFromBinaryKey()\u003c/code\u003e and \u003ccode\u003eFromBase64Key()\u003c/code\u003e for creating a \u003ccode\u003eSourceEncryptionKey\u003c/code\u003e object, either from a raw binary key (32 bytes) or from a base64-encoded string representation.\u003c/p\u003e\n"],["\u003cp\u003eThere is a static method prefix() that exists but with no information other than it exists and returns a char pointer.\u003c/p\u003e\n"]]],[],null,[]]
