dZddlmZddlmZddlmZddlmZddlmZddlm Z ddl Z d Z d Z e Z Gd d eZd ZdZy)z7Helper functions for interacting with the cloudkms API.)absolute_import)division)unicode_literals)apis) get_digest)mapsNcloudkmsv1c$eZdZdZddZdZdZy)Clientz2A client to access cloudkms for binauthz purposes.Nc|t}tjt||_tj t||_y)zlCreates a Cloud KMS client. Args: api_version: If provided, the cloudkms API version to use. N)DEFAULT_VERSIONrGetClientInstanceAPI_NAMEclientGetMessagesModulemessages)self api_versions 4lib/googlecloudsdk/api_lib/container/binauthz/kms.py__init__zClient.__init__%s7 #k((;?DK**8[ADMc|jj|}|jjj |S)z4Retrieves the public key for given CryptoKeyVersion.)name)rOCloudkmsProjectsLocationsKeyRingsCryptoKeysCryptoKeyVersionsGetPublicKeyRequestr8projects_locations_keyRings_cryptoKeys_cryptoKeyVersions GetPublicKey)rkey_refreqs rrzClient.GetPublicKey1s= -- g g  h C LL Src tj|tj|}|jj ||jj |}|jjj|S)aSign a string payload with an asymmetric KMS CryptoKeyVersion. Args: key_ref: The CryptoKeyVersion relative resource name to sign with. digest_algorithm: The name of the digest algorithm to use in the signing operation. May be one of 'sha256', 'sha384', 'sha512'. plaintext: The plaintext bytes to sign. Returns: An AsymmetricSignResponse. )digest)rasymmetricSignRequest) rGetDigestOfFilesixBytesIOrQCloudkmsProjectsLocationsKeyRingsCryptoKeysCryptoKeyVersionsAsymmetricSignRequestAsymmetricSignRequestrrAsymmetricSign)rrdigest_algorithm plaintextr!rs rr(zClient.AsymmetricSign9sx ' '#++i02F -- i i "mmAAB j C LLsr)N)__name__ __module__ __qualname____doc__rrr(rrr r "s: Brr cH|jjdddS)zReturns the URI used as the default for KMS keys. This should look something like '//cloudkms.googleapis.com/v1/...' Args: key_ref: A CryptoKeyVersion Resource. Returns: The string URI. :)SelfLinksplit)rs r GetKeyUrir5Ps%     ! !#q )! ,,rcntjD]"}||jjvs |cSy)zFReturns the digest name associated with the given CryptoKey Algorithm.N)rDIGESTSrlower) key_algorithm digest_names rGetAlgorithmDigestTyper;^s-\\km((..00 "r)r. __future__rrrgooglecloudsdk.api_lib.utilrgooglecloudsdk.command_lib.kmsrrr$rV1robjectr r5r;r/rrrAsE >&',5/  +V+\ -r