google-apis-cloudkms_v1 0.39.0 → 0.40.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 07227dcaa6c725f3a74f766c920b8b7a730b46e3223f73e67c1a3a809328981c
-  data.tar.gz: 940716b79be0e42cacea06259b19a98698b31e02e53e7cc3b31229db6382cb91
+  metadata.gz: e6a3ec4770dd6380ec90662303f32ccd5259106ad103cda1b47008f1b8b6c255
+  data.tar.gz: a5d57e894cef9e3a58328f9122234fc490cd3b5b7a61487f61e545e03492894a
 SHA512:
-  metadata.gz: 9906ed83a19a59a9d95d16bc11ec9e15e779ce36cdfbfba580b2b6f91ead6619dae04bac69d3c8942e0e35250bc1354fbdc4ec689f838415b858a41247d0fb24
-  data.tar.gz: 22ef0feca855a43c8e6570728a54cd53cc0775a39bfe2e880eb1871ed9e224f20405e780531e86f2dc1bc624eea8b20f58d92ab5e2890dfeea3c08432662f88e
+  metadata.gz: e44040ed69f88f5ae735439176b22eb933f2de3547bff3706292f62245def54175a190a3c4163762886b85e0fd4cb7bdb0777f67ede79549af2e4ec7bd750817
+  data.tar.gz: 11c16a7861c189c77af1a15a8ab845bffe4f7245460ab018d3bc015bb5df8ccf89decc82018ad5004d7784a18636c9c997524e2c4ee862174436c80e33284a86

data/CHANGELOG.md

@@ -1,5 +1,9 @@
 # Release history for google-apis-cloudkms_v1
 
+### v0.40.0 (2023-07-02)
+
+* Regenerated from discovery document revision 20230625
+
 ### v0.39.0 (2023-04-30)
 
 * Regenerated from discovery document revision 20230421

data/lib/google/apis/cloudkms_v1/classes.rb

@@ -2170,6 +2170,394 @@ module Google
         end
       end
       
+      # Request message for KeyManagementService.RawDecrypt.
+      class RawDecryptRequest
+        include Google::Apis::Core::Hashable
+      
+        # Optional. Optional data that must match the data originally supplied in
+        # RawEncryptRequest.additional_authenticated_data.
+        # Corresponds to the JSON property `additionalAuthenticatedData`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :additional_authenticated_data
+      
+        # Optional. An optional CRC32C checksum of the RawDecryptRequest.
+        # additional_authenticated_data. If specified, KeyManagementService will verify
+        # the integrity of the received additional_authenticated_data using this
+        # checksum. KeyManagementService will report an error if the checksum
+        # verification fails. If you receive a checksum error, your client should verify
+        # that CRC32C(additional_authenticated_data) is equal to
+        # additional_authenticated_data_crc32c, and if so, perform a limited number of
+        # retries. A persistent mismatch may indicate an issue in your computation of
+        # the CRC32C checksum. Note: This field is defined as int64 for reasons of
+        # compatibility across different languages. However, it is a non-negative
+        # integer, which will never exceed 2^32-1, and can be safely downconverted to
+        # uint32 in languages that support this type.
+        # Corresponds to the JSON property `additionalAuthenticatedDataCrc32c`
+        # @return [Fixnum]
+        attr_accessor :additional_authenticated_data_crc32c
+      
+        # Required. The encrypted data originally returned in RawEncryptResponse.
+        # ciphertext.
+        # Corresponds to the JSON property `ciphertext`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :ciphertext
+      
+        # Optional. An optional CRC32C checksum of the RawDecryptRequest.ciphertext. If
+        # specified, KeyManagementService will verify the integrity of the received
+        # ciphertext using this checksum. KeyManagementService will report an error if
+        # the checksum verification fails. If you receive a checksum error, your client
+        # should verify that CRC32C(ciphertext) is equal to ciphertext_crc32c, and if so,
+        # perform a limited number of retries. A persistent mismatch may indicate an
+        # issue in your computation of the CRC32C checksum. Note: This field is defined
+        # as int64 for reasons of compatibility across different languages. However, it
+        # is a non-negative integer, which will never exceed 2^32-1, and can be safely
+        # downconverted to uint32 in languages that support this type.
+        # Corresponds to the JSON property `ciphertextCrc32c`
+        # @return [Fixnum]
+        attr_accessor :ciphertext_crc32c
+      
+        # Required. The initialization vector (IV) used during encryption, which must
+        # match the data originally provided in RawEncryptResponse.initialization_vector.
+        # Corresponds to the JSON property `initializationVector`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :initialization_vector
+      
+        # Optional. An optional CRC32C checksum of the RawDecryptRequest.
+        # initialization_vector. If specified, KeyManagementService will verify the
+        # integrity of the received initialization_vector using this checksum.
+        # KeyManagementService will report an error if the checksum verification fails.
+        # If you receive a checksum error, your client should verify that CRC32C(
+        # initialization_vector) is equal to initialization_vector_crc32c, and if so,
+        # perform a limited number of retries. A persistent mismatch may indicate an
+        # issue in your computation of the CRC32C checksum. Note: This field is defined
+        # as int64 for reasons of compatibility across different languages. However, it
+        # is a non-negative integer, which will never exceed 2^32-1, and can be safely
+        # downconverted to uint32 in languages that support this type.
+        # Corresponds to the JSON property `initializationVectorCrc32c`
+        # @return [Fixnum]
+        attr_accessor :initialization_vector_crc32c
+      
+        # The length of the authentication tag that is appended to the end of the
+        # ciphertext. If unspecified (0), the default value for the key's algorithm will
+        # be used (for AES-GCM, the default value is 16).
+        # Corresponds to the JSON property `tagLength`
+        # @return [Fixnum]
+        attr_accessor :tag_length
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @additional_authenticated_data = args[:additional_authenticated_data] if args.key?(:additional_authenticated_data)
+          @additional_authenticated_data_crc32c = args[:additional_authenticated_data_crc32c] if args.key?(:additional_authenticated_data_crc32c)
+          @ciphertext = args[:ciphertext] if args.key?(:ciphertext)
+          @ciphertext_crc32c = args[:ciphertext_crc32c] if args.key?(:ciphertext_crc32c)
+          @initialization_vector = args[:initialization_vector] if args.key?(:initialization_vector)
+          @initialization_vector_crc32c = args[:initialization_vector_crc32c] if args.key?(:initialization_vector_crc32c)
+          @tag_length = args[:tag_length] if args.key?(:tag_length)
+        end
+      end
+      
+      # Response message for KeyManagementService.RawDecrypt.
+      class RawDecryptResponse
+        include Google::Apis::Core::Hashable
+      
+        # The decrypted data.
+        # Corresponds to the JSON property `plaintext`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :plaintext
+      
+        # Integrity verification field. A CRC32C checksum of the returned
+        # RawDecryptResponse.plaintext. An integrity check of plaintext can be performed
+        # by computing the CRC32C checksum of plaintext and comparing your results to
+        # this field. Discard the response in case of non-matching checksum values, and
+        # perform a limited number of retries. A persistent mismatch may indicate an
+        # issue in your computation of the CRC32C checksum. Note: receiving this
+        # response message indicates that KeyManagementService is able to successfully
+        # decrypt the ciphertext. Note: This field is defined as int64 for reasons of
+        # compatibility across different languages. However, it is a non-negative
+        # integer, which will never exceed 2^32-1, and can be safely downconverted to
+        # uint32 in languages that support this type.
+        # Corresponds to the JSON property `plaintextCrc32c`
+        # @return [Fixnum]
+        attr_accessor :plaintext_crc32c
+      
+        # The ProtectionLevel of the CryptoKeyVersion used in decryption.
+        # Corresponds to the JSON property `protectionLevel`
+        # @return [String]
+        attr_accessor :protection_level
+      
+        # Integrity verification field. A flag indicating whether RawDecryptRequest.
+        # additional_authenticated_data_crc32c was received by KeyManagementService and
+        # used for the integrity verification of additional_authenticated_data. A false
+        # value of this field indicates either that // RawDecryptRequest.
+        # additional_authenticated_data_crc32c was left unset or that it was not
+        # delivered to KeyManagementService. If you've set RawDecryptRequest.
+        # additional_authenticated_data_crc32c but this field is still false, discard
+        # the response and perform a limited number of retries.
+        # Corresponds to the JSON property `verifiedAdditionalAuthenticatedDataCrc32c`
+        # @return [Boolean]
+        attr_accessor :verified_additional_authenticated_data_crc32c
+        alias_method :verified_additional_authenticated_data_crc32c?, :verified_additional_authenticated_data_crc32c
+      
+        # Integrity verification field. A flag indicating whether RawDecryptRequest.
+        # ciphertext_crc32c was received by KeyManagementService and used for the
+        # integrity verification of the ciphertext. A false value of this field
+        # indicates either that RawDecryptRequest.ciphertext_crc32c was left unset or
+        # that it was not delivered to KeyManagementService. If you've set
+        # RawDecryptRequest.ciphertext_crc32c but this field is still false, discard the
+        # response and perform a limited number of retries.
+        # Corresponds to the JSON property `verifiedCiphertextCrc32c`
+        # @return [Boolean]
+        attr_accessor :verified_ciphertext_crc32c
+        alias_method :verified_ciphertext_crc32c?, :verified_ciphertext_crc32c
+      
+        # Integrity verification field. A flag indicating whether RawDecryptRequest.
+        # initialization_vector_crc32c was received by KeyManagementService and used for
+        # the integrity verification of initialization_vector. A false value of this
+        # field indicates either that RawDecryptRequest.initialization_vector_crc32c was
+        # left unset or that it was not delivered to KeyManagementService. If you've set
+        # RawDecryptRequest.initialization_vector_crc32c but this field is still false,
+        # discard the response and perform a limited number of retries.
+        # Corresponds to the JSON property `verifiedInitializationVectorCrc32c`
+        # @return [Boolean]
+        attr_accessor :verified_initialization_vector_crc32c
+        alias_method :verified_initialization_vector_crc32c?, :verified_initialization_vector_crc32c
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @plaintext = args[:plaintext] if args.key?(:plaintext)
+          @plaintext_crc32c = args[:plaintext_crc32c] if args.key?(:plaintext_crc32c)
+          @protection_level = args[:protection_level] if args.key?(:protection_level)
+          @verified_additional_authenticated_data_crc32c = args[:verified_additional_authenticated_data_crc32c] if args.key?(:verified_additional_authenticated_data_crc32c)
+          @verified_ciphertext_crc32c = args[:verified_ciphertext_crc32c] if args.key?(:verified_ciphertext_crc32c)
+          @verified_initialization_vector_crc32c = args[:verified_initialization_vector_crc32c] if args.key?(:verified_initialization_vector_crc32c)
+        end
+      end
+      
+      # Request message for KeyManagementService.RawEncrypt.
+      class RawEncryptRequest
+        include Google::Apis::Core::Hashable
+      
+        # Optional. Optional data that, if specified, must also be provided during
+        # decryption through RawDecryptRequest.additional_authenticated_data. This field
+        # may only be used in conjunction with an algorithm that accepts additional
+        # authenticated data (for example, AES-GCM). The maximum size depends on the key
+        # version's protection_level. For SOFTWARE keys, the plaintext must be no larger
+        # than 64KiB. For HSM keys, the combined length of the plaintext and
+        # additional_authenticated_data fields must be no larger than 8KiB.
+        # Corresponds to the JSON property `additionalAuthenticatedData`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :additional_authenticated_data
+      
+        # Optional. An optional CRC32C checksum of the RawEncryptRequest.
+        # additional_authenticated_data. If specified, KeyManagementService will verify
+        # the integrity of the received additional_authenticated_data using this
+        # checksum. KeyManagementService will report an error if the checksum
+        # verification fails. If you receive a checksum error, your client should verify
+        # that CRC32C(additional_authenticated_data) is equal to
+        # additional_authenticated_data_crc32c, and if so, perform a limited number of
+        # retries. A persistent mismatch may indicate an issue in your computation of
+        # the CRC32C checksum. Note: This field is defined as int64 for reasons of
+        # compatibility across different languages. However, it is a non-negative
+        # integer, which will never exceed 2^32-1, and can be safely downconverted to
+        # uint32 in languages that support this type.
+        # Corresponds to the JSON property `additionalAuthenticatedDataCrc32c`
+        # @return [Fixnum]
+        attr_accessor :additional_authenticated_data_crc32c
+      
+        # Optional. A customer-supplied initialization vector that will be used for
+        # encryption. If it is not provided for AES-CBC and AES-CTR, one will be
+        # generated. It will be returned in RawEncryptResponse.initialization_vector.
+        # Corresponds to the JSON property `initializationVector`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :initialization_vector
+      
+        # Optional. An optional CRC32C checksum of the RawEncryptRequest.
+        # initialization_vector. If specified, KeyManagementService will verify the
+        # integrity of the received initialization_vector using this checksum.
+        # KeyManagementService will report an error if the checksum verification fails.
+        # If you receive a checksum error, your client should verify that CRC32C(
+        # initialization_vector) is equal to initialization_vector_crc32c, and if so,
+        # perform a limited number of retries. A persistent mismatch may indicate an
+        # issue in your computation of the CRC32C checksum. Note: This field is defined
+        # as int64 for reasons of compatibility across different languages. However, it
+        # is a non-negative integer, which will never exceed 2^32-1, and can be safely
+        # downconverted to uint32 in languages that support this type.
+        # Corresponds to the JSON property `initializationVectorCrc32c`
+        # @return [Fixnum]
+        attr_accessor :initialization_vector_crc32c
+      
+        # Required. The data to encrypt. Must be no larger than 64KiB. The maximum size
+        # depends on the key version's protection_level. For SOFTWARE keys, the
+        # plaintext must be no larger than 64KiB. For HSM keys, the combined length of
+        # the plaintext and additional_authenticated_data fields must be no larger than
+        # 8KiB.
+        # Corresponds to the JSON property `plaintext`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :plaintext
+      
+        # Optional. An optional CRC32C checksum of the RawEncryptRequest.plaintext. If
+        # specified, KeyManagementService will verify the integrity of the received
+        # plaintext using this checksum. KeyManagementService will report an error if
+        # the checksum verification fails. If you receive a checksum error, your client
+        # should verify that CRC32C(plaintext) is equal to plaintext_crc32c, and if so,
+        # perform a limited number of retries. A persistent mismatch may indicate an
+        # issue in your computation of the CRC32C checksum. Note: This field is defined
+        # as int64 for reasons of compatibility across different languages. However, it
+        # is a non-negative integer, which will never exceed 2^32-1, and can be safely
+        # downconverted to uint32 in languages that support this type.
+        # Corresponds to the JSON property `plaintextCrc32c`
+        # @return [Fixnum]
+        attr_accessor :plaintext_crc32c
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @additional_authenticated_data = args[:additional_authenticated_data] if args.key?(:additional_authenticated_data)
+          @additional_authenticated_data_crc32c = args[:additional_authenticated_data_crc32c] if args.key?(:additional_authenticated_data_crc32c)
+          @initialization_vector = args[:initialization_vector] if args.key?(:initialization_vector)
+          @initialization_vector_crc32c = args[:initialization_vector_crc32c] if args.key?(:initialization_vector_crc32c)
+          @plaintext = args[:plaintext] if args.key?(:plaintext)
+          @plaintext_crc32c = args[:plaintext_crc32c] if args.key?(:plaintext_crc32c)
+        end
+      end
+      
+      # Response message for KeyManagementService.RawEncrypt.
+      class RawEncryptResponse
+        include Google::Apis::Core::Hashable
+      
+        # The encrypted data. In the case of AES-GCM, the authentication tag is the
+        # tag_length bytes at the end of this field.
+        # Corresponds to the JSON property `ciphertext`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :ciphertext
+      
+        # Integrity verification field. A CRC32C checksum of the returned
+        # RawEncryptResponse.ciphertext. An integrity check of ciphertext can be
+        # performed by computing the CRC32C checksum of ciphertext and comparing your
+        # results to this field. Discard the response in case of non-matching checksum
+        # values, and perform a limited number of retries. A persistent mismatch may
+        # indicate an issue in your computation of the CRC32C checksum. Note: This field
+        # is defined as int64 for reasons of compatibility across different languages.
+        # However, it is a non-negative integer, which will never exceed 2^32-1, and can
+        # be safely downconverted to uint32 in languages that support this type.
+        # Corresponds to the JSON property `ciphertextCrc32c`
+        # @return [Fixnum]
+        attr_accessor :ciphertext_crc32c
+      
+        # The initialization vector (IV) generated by the service during encryption.
+        # This value must be stored and provided in RawDecryptRequest.
+        # initialization_vector at decryption time.
+        # Corresponds to the JSON property `initializationVector`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :initialization_vector
+      
+        # Integrity verification field. A CRC32C checksum of the returned
+        # RawEncryptResponse.initialization_vector. An integrity check of
+        # initialization_vector can be performed by computing the CRC32C checksum of
+        # initialization_vector and comparing your results to this field. Discard the
+        # response in case of non-matching checksum values, and perform a limited number
+        # of retries. A persistent mismatch may indicate an issue in your computation of
+        # the CRC32C checksum. Note: This field is defined as int64 for reasons of
+        # compatibility across different languages. However, it is a non-negative
+        # integer, which will never exceed 2^32-1, and can be safely downconverted to
+        # uint32 in languages that support this type.
+        # Corresponds to the JSON property `initializationVectorCrc32c`
+        # @return [Fixnum]
+        attr_accessor :initialization_vector_crc32c
+      
+        # The resource name of the CryptoKeyVersion used in encryption. Check this field
+        # to verify that the intended resource was used for encryption.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # The ProtectionLevel of the CryptoKeyVersion used in encryption.
+        # Corresponds to the JSON property `protectionLevel`
+        # @return [String]
+        attr_accessor :protection_level
+      
+        # The length of the authentication tag that is appended to the end of the
+        # ciphertext.
+        # Corresponds to the JSON property `tagLength`
+        # @return [Fixnum]
+        attr_accessor :tag_length
+      
+        # Integrity verification field. A flag indicating whether RawEncryptRequest.
+        # additional_authenticated_data_crc32c was received by KeyManagementService and
+        # used for the integrity verification of additional_authenticated_data. A false
+        # value of this field indicates either that // RawEncryptRequest.
+        # additional_authenticated_data_crc32c was left unset or that it was not
+        # delivered to KeyManagementService. If you've set RawEncryptRequest.
+        # additional_authenticated_data_crc32c but this field is still false, discard
+        # the response and perform a limited number of retries.
+        # Corresponds to the JSON property `verifiedAdditionalAuthenticatedDataCrc32c`
+        # @return [Boolean]
+        attr_accessor :verified_additional_authenticated_data_crc32c
+        alias_method :verified_additional_authenticated_data_crc32c?, :verified_additional_authenticated_data_crc32c
+      
+        # Integrity verification field. A flag indicating whether RawEncryptRequest.
+        # initialization_vector_crc32c was received by KeyManagementService and used for
+        # the integrity verification of initialization_vector. A false value of this
+        # field indicates either that RawEncryptRequest.initialization_vector_crc32c was
+        # left unset or that it was not delivered to KeyManagementService. If you've set
+        # RawEncryptRequest.initialization_vector_crc32c but this field is still false,
+        # discard the response and perform a limited number of retries.
+        # Corresponds to the JSON property `verifiedInitializationVectorCrc32c`
+        # @return [Boolean]
+        attr_accessor :verified_initialization_vector_crc32c
+        alias_method :verified_initialization_vector_crc32c?, :verified_initialization_vector_crc32c
+      
+        # Integrity verification field. A flag indicating whether RawEncryptRequest.
+        # plaintext_crc32c was received by KeyManagementService and used for the
+        # integrity verification of the plaintext. A false value of this field indicates
+        # either that RawEncryptRequest.plaintext_crc32c was left unset or that it was
+        # not delivered to KeyManagementService. If you've set RawEncryptRequest.
+        # plaintext_crc32c but this field is still false, discard the response and
+        # perform a limited number of retries.
+        # Corresponds to the JSON property `verifiedPlaintextCrc32c`
+        # @return [Boolean]
+        attr_accessor :verified_plaintext_crc32c
+        alias_method :verified_plaintext_crc32c?, :verified_plaintext_crc32c
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @ciphertext = args[:ciphertext] if args.key?(:ciphertext)
+          @ciphertext_crc32c = args[:ciphertext_crc32c] if args.key?(:ciphertext_crc32c)
+          @initialization_vector = args[:initialization_vector] if args.key?(:initialization_vector)
+          @initialization_vector_crc32c = args[:initialization_vector_crc32c] if args.key?(:initialization_vector_crc32c)
+          @name = args[:name] if args.key?(:name)
+          @protection_level = args[:protection_level] if args.key?(:protection_level)
+          @tag_length = args[:tag_length] if args.key?(:tag_length)
+          @verified_additional_authenticated_data_crc32c = args[:verified_additional_authenticated_data_crc32c] if args.key?(:verified_additional_authenticated_data_crc32c)
+          @verified_initialization_vector_crc32c = args[:verified_initialization_vector_crc32c] if args.key?(:verified_initialization_vector_crc32c)
+          @verified_plaintext_crc32c = args[:verified_plaintext_crc32c] if args.key?(:verified_plaintext_crc32c)
+        end
+      end
+      
       # Request message for KeyManagementService.RestoreCryptoKeyVersion.
       class RestoreCryptoKeyVersionRequest
         include Google::Apis::Core::Hashable

data/lib/google/apis/cloudkms_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module CloudkmsV1
       # Version of the google-apis-cloudkms_v1 gem
-      GEM_VERSION = "0.39.0"
+      GEM_VERSION = "0.40.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.12.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20230421"
+      REVISION = "20230625"
     end
   end
 end

data/lib/google/apis/cloudkms_v1/representations.rb

@@ -274,6 +274,30 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class RawDecryptRequest
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class RawDecryptResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class RawEncryptRequest
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class RawEncryptResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class RestoreCryptoKeyVersionRequest
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -766,6 +790,59 @@ module Google
         end
       end
       
+      class RawDecryptRequest
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :additional_authenticated_data, :base64 => true, as: 'additionalAuthenticatedData'
+          property :additional_authenticated_data_crc32c, :numeric_string => true, as: 'additionalAuthenticatedDataCrc32c'
+          property :ciphertext, :base64 => true, as: 'ciphertext'
+          property :ciphertext_crc32c, :numeric_string => true, as: 'ciphertextCrc32c'
+          property :initialization_vector, :base64 => true, as: 'initializationVector'
+          property :initialization_vector_crc32c, :numeric_string => true, as: 'initializationVectorCrc32c'
+          property :tag_length, as: 'tagLength'
+        end
+      end
+      
+      class RawDecryptResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :plaintext, :base64 => true, as: 'plaintext'
+          property :plaintext_crc32c, :numeric_string => true, as: 'plaintextCrc32c'
+          property :protection_level, as: 'protectionLevel'
+          property :verified_additional_authenticated_data_crc32c, as: 'verifiedAdditionalAuthenticatedDataCrc32c'
+          property :verified_ciphertext_crc32c, as: 'verifiedCiphertextCrc32c'
+          property :verified_initialization_vector_crc32c, as: 'verifiedInitializationVectorCrc32c'
+        end
+      end
+      
+      class RawEncryptRequest
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :additional_authenticated_data, :base64 => true, as: 'additionalAuthenticatedData'
+          property :additional_authenticated_data_crc32c, :numeric_string => true, as: 'additionalAuthenticatedDataCrc32c'
+          property :initialization_vector, :base64 => true, as: 'initializationVector'
+          property :initialization_vector_crc32c, :numeric_string => true, as: 'initializationVectorCrc32c'
+          property :plaintext, :base64 => true, as: 'plaintext'
+          property :plaintext_crc32c, :numeric_string => true, as: 'plaintextCrc32c'
+        end
+      end
+      
+      class RawEncryptResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :ciphertext, :base64 => true, as: 'ciphertext'
+          property :ciphertext_crc32c, :numeric_string => true, as: 'ciphertextCrc32c'
+          property :initialization_vector, :base64 => true, as: 'initializationVector'
+          property :initialization_vector_crc32c, :numeric_string => true, as: 'initializationVectorCrc32c'
+          property :name, as: 'name'
+          property :protection_level, as: 'protectionLevel'
+          property :tag_length, as: 'tagLength'
+          property :verified_additional_authenticated_data_crc32c, as: 'verifiedAdditionalAuthenticatedDataCrc32c'
+          property :verified_initialization_vector_crc32c, as: 'verifiedInitializationVectorCrc32c'
+          property :verified_plaintext_crc32c, as: 'verifiedPlaintextCrc32c'
+        end
+      end
+      
       class RestoreCryptoKeyVersionRequest
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation

data/lib/google/apis/cloudkms_v1/service.rb

@@ -1694,6 +1694,75 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
+        # Decrypts data that was originally encrypted using a raw cryptographic
+        # mechanism. The CryptoKey.purpose must be RAW_ENCRYPT_DECRYPT.
+        # @param [String] name
+        #   Required. The resource name of the CryptoKeyVersion to use for decryption.
+        # @param [Google::Apis::CloudkmsV1::RawDecryptRequest] raw_decrypt_request_object
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::CloudkmsV1::RawDecryptResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::CloudkmsV1::RawDecryptResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def raw_crypto_key_version_decrypt(name, raw_decrypt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/{+name}:rawDecrypt', options)
+          command.request_representation = Google::Apis::CloudkmsV1::RawDecryptRequest::Representation
+          command.request_object = raw_decrypt_request_object
+          command.response_representation = Google::Apis::CloudkmsV1::RawDecryptResponse::Representation
+          command.response_class = Google::Apis::CloudkmsV1::RawDecryptResponse
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Encrypts data using portable cryptographic primitives. Most users should
+        # choose Encrypt and Decrypt rather than their raw counterparts. The CryptoKey.
+        # purpose must be RAW_ENCRYPT_DECRYPT.
+        # @param [String] name
+        #   Required. The resource name of the CryptoKeyVersion to use for encryption.
+        # @param [Google::Apis::CloudkmsV1::RawEncryptRequest] raw_encrypt_request_object
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::CloudkmsV1::RawEncryptResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::CloudkmsV1::RawEncryptResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def raw_crypto_key_version_encrypt(name, raw_encrypt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/{+name}:rawEncrypt', options)
+          command.request_representation = Google::Apis::CloudkmsV1::RawEncryptRequest::Representation
+          command.request_object = raw_encrypt_request_object
+          command.response_representation = Google::Apis::CloudkmsV1::RawEncryptResponse::Representation
+          command.response_class = Google::Apis::CloudkmsV1::RawEncryptResponse
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
         # Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state. Upon restoration of
         # the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be
         # cleared.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-cloudkms_v1
 version: !ruby/object:Gem::Version
-  version: 0.39.0
+  version: 0.40.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-04-30 00:00:00.000000000 Z
+date: 2023-07-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -58,7 +58,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudkms_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-cloudkms_v1/v0.39.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-cloudkms_v1/v0.40.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudkms_v1
 post_install_message: 
 rdoc_options: []