BdZddlmZddlmZddlmZddlZddlmZddlmZddlm Z dd l m Z dd l m Z dd l mZdd l mZdd l mZe j"e j$e j&j(e j&j*e j&j,Gdde j.Zy)z Add Attestor public key command.)absolute_import)division)unicode_literalsN)apis) attestors)kms) arg_parsers)base) exceptions)flags)pkixc&eZdZdZedZdZy)AddaAdd a public key to an Attestor. ## EXAMPLES To add a new KMS public key to an existing Attestor `my_attestor`: $ {command} \ --attestor=my_attestor \ --keyversion-project=foo \ --keyversion-location=us-west1 \ --keyversion-keyring=aring \ --keyversion-key=akey \ --keyversion=1 To add a new PGP public key to an existing Attestor `my_attestor`: $ {command} \ --attestor=my_attestor \ --pgp-public-key-file=my_key.pub c  tj|tjddd|jdd|j d}|j d }|jd t jd |j d }tj|tjddddtjd|j d}|jddt jd|jdtjjdtjd|jdttjd y)NTFz5The attestor to which the public key should be added.)required positional group_helpz --commentz&The comment describing the public key.)help)rzPGP key definitionz--pgp-public-key-filezHThe path to the file containing the ASCII-armored PGP public key to add.)typerzCloud KMS key definition keyversionz The Cloud KMS (Key Management Service) CryptoKeyVersion whose public key will be added to the attestor.) base_namerruse_global_project_flagrzPKIX key definitionz--pkix-public-key-filez;The path to the file containing the PKIX public key to add.)rrrz--pkix-public-key-algorithmz The signing algorithm of the associated key. This will be used to verify the signatures associated with this key.)choicesrrz--public-key-id-overridea= If provided, the ID to replace the default API-generated one. All IDs must be valid URIs as defined by RFC 3986 (https://tools.ietf.org/html/rfc3986). When creating Attestations to be verified by this key, one must always provide this custom ID as the public key ID.)r AddConceptsGetAttestorPresentationSpec add_argumentadd_mutually_exclusive_group add_groupr FileContents#GetCryptoKeyVersionPresentationSpectextwrapdedentr GetAlgorithmMapperrstr)clsparser key_group pgp_group kms_group pkix_groups ;lib/surface/container/binauthz/attestors/public_keys/add.pyArgszAdd.Args:s  ))G   BD33T3BI##)=#>I   % % '/0 ##)C#DI  11"$)(;<  = $$*?$@J   % % ' J L %'')11 __?@ A "  __:; <ctj|j}tj|}|j j j}|jr!|jrtjd|jr|j jj}tjj|j}|j!||j"|j%|j&|jxstj(||j*S|j,rbt/j0|}|j!||j,|j3|j4|j|j*S|j7||j|j*S)Nz@--public-key-id-override may not be used with old-style PGP keys)pkix_pubkey_contentpkix_sig_algorithm id_overridecomment)pgp_pubkey_contentr2)r GetApiVersion ReleaseTrackrClientCONCEPTSattestorParsepgp_public_key_filepublic_key_id_overrider InvalidArgumentErrorrr GetPublicKey RelativeName AddPkixKeypem ConvertFromKmsSignatureAlgorithm algorithm GetKeyUrir2pkix_public_key_filer r#GetEnumForChoicepkix_public_key_algorithm AddPgpKey)selfargs api_versionattestors_client attestor_ref key_resource public_key alg_mappers r+RunzAdd.Runts$$T%6%6%89K '' 4==))//1L D$?$?  + + L NN ]]--335l::<,,\-F-F-HIj  ( ( (nn-NN""$223}}\2,,)    " "**;7j  ( ( "77'88,,.11,, )   ' ' !55,,(  r-N)__name__ __module__ __qualname____doc__ classmethodr,rPr-r+rr!s!*7<7ras'&':?9/(D?>D%%(($*;*;*@*@%%++-s $,,s -s r-