SrSSKJr SSKJr SSKJr SSKJr SSKJr SSKJ r SSK r S r S r \ r "S S \5rS rSrg)z7Helper functions for interacting with the cloudkms API.)absolute_import)division)unicode_literals)apis) get_digest)mapsNcloudkmsv1c.\rSrSrSrSSjrSrSrSrg) Client"z2A client to access cloudkms for binauthz purposes.NcUc[n[R"[U5Ul[R "[U5Ulg)z`Creates a Cloud KMS client. Args: api_version: If provided, the cloudkms API version to use. N)DEFAULT_VERSIONrGetClientInstanceAPI_NAMEclientGetMessagesModulemessages)self api_versions 4lib/googlecloudsdk/api_lib/container/binauthz/kms.py__init__Client.__init__%s7 #k((;?DK**8[ADMc~URRUS9nURRR U5$)z4Retrieves the public key for given CryptoKeyVersion.)name)rOCloudkmsProjectsLocationsKeyRingsCryptoKeysCryptoKeyVersionsGetPublicKeyRequestr8projects_locations_keyRings_cryptoKeys_cryptoKeyVersions GetPublicKey)rkey_refreqs rrClient.GetPublicKey1s= -- g g  h C LL Src[R"U[R"U55nURR UURR US9S9nURRRU5$)adSign a string payload with an asymmetric KMS CryptoKeyVersion. Args: key_ref: The CryptoKeyVersion relative resource name to sign with. digest_algorithm: The name of the digest algorithm to use in the signing operation. May be one of 'sha256', 'sha384', 'sha512'. plaintext: The plaintext bytes to sign. Returns: An AsymmetricSignResponse. )digest)rasymmetricSignRequest) rGetDigestOfFilesixBytesIOrQCloudkmsProjectsLocationsKeyRingsCryptoKeysCryptoKeyVersionsAsymmetricSignRequestAsymmetricSignRequestrrAsymmetricSign)rr digest_algorithm plaintextr$r!s rr+Client.AsymmetricSign9sx ' '#++i02F -- i i "mmAAB j C LLsr)rr)N) __name__ __module__ __qualname____firstlineno____doc__rrr+__static_attributes__rrr r "s: Brr cHUR5RSS5S$)zReturns the URI used as the default for KMS keys. This should look something like '//cloudkms.googleapis.com/v1/...' Args: key_ref: A CryptoKeyVersion Resource. Returns: The string URI. :)SelfLinksplit)r s r GetKeyUrir;Ps%     ! !#q )! ,,rct[RH$nXRR5;dM"Us $ g)zFReturns the digest name associated with the given CryptoKey Algorithm.N)rDIGESTSrlower) key_algorithm digest_names rGetAlgorithmDigestTyperA^s+\\k((..00 "r)r3 __future__rrrgooglecloudsdk.api_lib.utilrgooglecloudsdk.command_lib.kmsrrr'rV1robjectr r;rAr5rrrGsE >&',5/  +V+\ -r