feat: Automated regeneration of cloudkms v1 client (googleapis#23889)

yoshi-code-bot · web-flow · commit 6d0eaee85e12 · 2025-08-10T09:58:28.000Z
Auto-created at 2025-08-10 09:49:37 +0000 using the toys pull request generator.
diff --git a/api_names_out.yaml b/api_names_out.yaml
@@ -75033,6 +75033,15 @@
 "/cloudkms:v1/CryptoKeyVersionTemplate/protectionLevel": protection_level
 "/cloudkms:v1/DataAccessOptions": data_access_options
 "/cloudkms:v1/DataAccessOptions/logMode": log_mode
+"/cloudkms:v1/DecapsulateRequest": decapsulate_request
+"/cloudkms:v1/DecapsulateRequest/ciphertext": ciphertext
+"/cloudkms:v1/DecapsulateRequest/ciphertextCrc32c": ciphertext_crc32c
+"/cloudkms:v1/DecapsulateResponse": decapsulate_response
+"/cloudkms:v1/DecapsulateResponse/name": name
+"/cloudkms:v1/DecapsulateResponse/protectionLevel": protection_level
+"/cloudkms:v1/DecapsulateResponse/sharedSecret": shared_secret
+"/cloudkms:v1/DecapsulateResponse/sharedSecretCrc32c": shared_secret_crc32c
+"/cloudkms:v1/DecapsulateResponse/verifiedCiphertextCrc32c": verified_ciphertext_crc32c
 "/cloudkms:v1/DecryptRequest": decrypt_request
 "/cloudkms:v1/DecryptRequest/additionalAuthenticatedData": additional_authenticated_data
 "/cloudkms:v1/DecryptRequest/additionalAuthenticatedDataCrc32c": additional_authenticated_data_crc32c
@@ -75374,6 +75383,8 @@
 "/cloudkms:v1/cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.asymmetricSign/name": name
 "/cloudkms:v1/cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.create": create_project_location_key_ring_crypto_key_crypto_key_version
 "/cloudkms:v1/cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.create/parent": parent
+"/cloudkms:v1/cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.decapsulate": decapsulate_crypto_key_version
+"/cloudkms:v1/cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.decapsulate/name": name
 "/cloudkms:v1/cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.destroy": destroy_crypto_key_version
 "/cloudkms:v1/cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.destroy/name": name
 "/cloudkms:v1/cloudkms.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.get": get_project_location_key_ring_crypto_key_crypto_key_version
diff --git a/generated/google-apis-cloudkms_v1/CHANGELOG.md b/generated/google-apis-cloudkms_v1/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Release history for google-apis-cloudkms_v1
 
+### v0.60.0 (2025-08-10)
+
+* Regenerated from discovery document revision 20250731
+
 ### v0.59.0 (2025-05-25)
 
 * Regenerated from discovery document revision 20250516
diff --git a/generated/google-apis-cloudkms_v1/lib/google/apis/cloudkms_v1/classes.rb b/generated/google-apis-cloudkms_v1/lib/google/apis/cloudkms_v1/classes.rb
@@ -886,6 +886,107 @@ def update!(**args)
         end
       end
       
+      # Request message for KeyManagementService.Decapsulate.
+      class DecapsulateRequest
+        include Google::Apis::Core::Hashable
+      
+        # Required. The ciphertext produced from encapsulation with the named
+        # CryptoKeyVersion public key(s).
+        # Corresponds to the JSON property `ciphertext`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :ciphertext
+      
+        # Optional. A CRC32C checksum of the DecapsulateRequest.ciphertext. If specified,
+        # KeyManagementService will verify the integrity of the received
+        # DecapsulateRequest.ciphertext using this checksum. KeyManagementService will
+        # report an error if the checksum verification fails. If you receive a checksum
+        # error, your client should verify that CRC32C(DecapsulateRequest.ciphertext) is
+        # equal to DecapsulateRequest.ciphertext_crc32c, and if so, perform a limited
+        # number of retries. A persistent mismatch may indicate an issue in your
+        # computation of the CRC32C checksum. Note: This field is defined as int64 for
+        # reasons of compatibility across different languages. However, it is a non-
+        # negative integer, which will never exceed 2^32-1, and can be safely
+        # downconverted to uint32 in languages that support this type.
+        # Corresponds to the JSON property `ciphertextCrc32c`
+        # @return [Fixnum]
+        attr_accessor :ciphertext_crc32c
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @ciphertext = args[:ciphertext] if args.key?(:ciphertext)
+          @ciphertext_crc32c = args[:ciphertext_crc32c] if args.key?(:ciphertext_crc32c)
+        end
+      end
+      
+      # Response message for KeyManagementService.Decapsulate.
+      class DecapsulateResponse
+        include Google::Apis::Core::Hashable
+      
+        # The resource name of the CryptoKeyVersion used for decapsulation. Check this
+        # field to verify that the intended resource was used for decapsulation.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # The ProtectionLevel of the CryptoKeyVersion used in decapsulation.
+        # Corresponds to the JSON property `protectionLevel`
+        # @return [String]
+        attr_accessor :protection_level
+      
+        # The decapsulated shared_secret originally encapsulated with the matching
+        # public key.
+        # Corresponds to the JSON property `sharedSecret`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :shared_secret
+      
+        # Integrity verification field. A CRC32C checksum of the returned
+        # DecapsulateResponse.shared_secret. An integrity check of DecapsulateResponse.
+        # shared_secret can be performed by computing the CRC32C checksum of
+        # DecapsulateResponse.shared_secret and comparing your results to this field.
+        # Discard the response in case of non-matching checksum values, and perform a
+        # limited number of retries. A persistent mismatch may indicate an issue in your
+        # computation of the CRC32C checksum. Note: receiving this response message
+        # indicates that KeyManagementService is able to successfully decrypt the
+        # ciphertext. Note: This field is defined as int64 for reasons of compatibility
+        # across different languages. However, it is a non-negative integer, which will
+        # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
+        # that support this type.
+        # Corresponds to the JSON property `sharedSecretCrc32c`
+        # @return [Fixnum]
+        attr_accessor :shared_secret_crc32c
+      
+        # Integrity verification field. A flag indicating whether DecapsulateRequest.
+        # ciphertext_crc32c was received by KeyManagementService and used for the
+        # integrity verification of the ciphertext. A false value of this field
+        # indicates either that DecapsulateRequest.ciphertext_crc32c was left unset or
+        # that it was not delivered to KeyManagementService. If you've set
+        # DecapsulateRequest.ciphertext_crc32c but this field is still false, discard
+        # the response and perform a limited number of retries.
+        # Corresponds to the JSON property `verifiedCiphertextCrc32c`
+        # @return [Boolean]
+        attr_accessor :verified_ciphertext_crc32c
+        alias_method :verified_ciphertext_crc32c?, :verified_ciphertext_crc32c
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+          @protection_level = args[:protection_level] if args.key?(:protection_level)
+          @shared_secret = args[:shared_secret] if args.key?(:shared_secret)
+          @shared_secret_crc32c = args[:shared_secret_crc32c] if args.key?(:shared_secret_crc32c)
+          @verified_ciphertext_crc32c = args[:verified_ciphertext_crc32c] if args.key?(:verified_ciphertext_crc32c)
+        end
+      end
+      
       # Request message for KeyManagementService.Decrypt.
       class DecryptRequest
         include Google::Apis::Core::Hashable
diff --git a/generated/google-apis-cloudkms_v1/lib/google/apis/cloudkms_v1/gem_version.rb b/generated/google-apis-cloudkms_v1/lib/google/apis/cloudkms_v1/gem_version.rb
@@ -16,13 +16,13 @@ module Google
   module Apis
     module CloudkmsV1
       # Version of the google-apis-cloudkms_v1 gem
-      GEM_VERSION = "0.59.0"
+      GEM_VERSION = "0.60.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.18.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20250516"
+      REVISION = "20250731"
     end
   end
 end
diff --git a/generated/google-apis-cloudkms_v1/lib/google/apis/cloudkms_v1/representations.rb b/generated/google-apis-cloudkms_v1/lib/google/apis/cloudkms_v1/representations.rb
@@ -106,6 +106,18 @@ class Representation < Google::Apis::Core::JsonRepresentation; end
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class DecapsulateRequest
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class DecapsulateResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class DecryptRequest
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -581,6 +593,25 @@ class Representation < Google::Apis::Core::JsonRepresentation
         end
       end
       
+      class DecapsulateRequest
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :ciphertext, :base64 => true, as: 'ciphertext'
+          property :ciphertext_crc32c, :numeric_string => true, as: 'ciphertextCrc32c'
+        end
+      end
+      
+      class DecapsulateResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :name, as: 'name'
+          property :protection_level, as: 'protectionLevel'
+          property :shared_secret, :base64 => true, as: 'sharedSecret'
+          property :shared_secret_crc32c, :numeric_string => true, as: 'sharedSecretCrc32c'
+          property :verified_ciphertext_crc32c, as: 'verifiedCiphertextCrc32c'
+        end
+      end
+      
       class DecryptRequest
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
diff --git a/generated/google-apis-cloudkms_v1/lib/google/apis/cloudkms_v1/service.rb b/generated/google-apis-cloudkms_v1/lib/google/apis/cloudkms_v1/service.rb
@@ -1893,6 +1893,41 @@ def create_project_location_key_ring_crypto_key_crypto_key_version(parent, crypt
           execute_or_queue_command(command, &block)
         end
         
+        # Decapsulates data that was encapsulated with a public key retrieved from
+        # GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose
+        # KEY_ENCAPSULATION.
+        # @param [String] name
+        #   Required. The resource name of the CryptoKeyVersion to use for decapsulation.
+        # @param [Google::Apis::CloudkmsV1::DecapsulateRequest] decapsulate_request_object
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::CloudkmsV1::DecapsulateResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::CloudkmsV1::DecapsulateResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def decapsulate_crypto_key_version(name, decapsulate_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/{+name}:decapsulate', options)
+          command.request_representation = Google::Apis::CloudkmsV1::DecapsulateRequest::Representation
+          command.request_object = decapsulate_request_object
+          command.response_representation = Google::Apis::CloudkmsV1::DecapsulateResponse::Representation
+          command.response_class = Google::Apis::CloudkmsV1::DecapsulateResponse
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
         # Schedule a CryptoKeyVersion for destruction. Upon calling this method,
         # CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will
         # be set to the time destroy_scheduled_duration in the future. At that time, the
