SrSSKJr SSKJr SSKJr SSKJr SSKJ r SSK J r SSK Jr SSK J r SSK Jr SS K Jr SS KJr SS KJr SS KJr \ R,"S S\ R.55rg)z@Decapsulate an input file using a key-encapsulation key version.)absolute_import)division)unicode_literals) exceptions)base)crc32c) e2e_integrity)flags)log) console_io)filesc@\rSrSrSr\S5rSrSrSr Sr Sr g ) Decapsulate!a"Decapsulate an input file using a key-encapsulation key version. Decapsulates the given ciphertext file using the provided key-encapsulation key version and saves the decapsulated shared secret to the shared secret file. By default, the command performs integrity verification on data sent to and received from Cloud KMS. Use `--skip-integrity-verification` to disable integrity verification. ## EXAMPLES The following command will read the file '/tmp/my/secret.file.enc', decapsulate it using the key encapsulation CryptoKey `my-key` Version 3 and write the shared secret to '/tmp/my/secret.file.dec'. $ {command} \ --location=us-central1 \ --keyring=my-keyring \ --key=my-key \ --version=3 \ --ciphertext-file=/tmp/my/secret.file.enc \ --shared-secret-file=/tmp/my/secret.file.dec c[R"US5 [R"US5 [R"US5 [R"US5 [R "U5 g)Nzto use for decapsulation.zto use for decapsulationzto decapsulatez to output)r AddKeyResourceFlagsAddCryptoKeyVersionFlagAddCiphertextFileFlagAddSharedSecretFileFlagAddSkipIntegrityVerification)parsers lib/surface/kms/decapsulate.pyArgsDecapsulate.Args;sS f&AB !!&*DE (89 !!&+6 &&v.c$UR(+$)N)skip_integrity_verification)selfargss r_PerformIntegrityVerification)Decapsulate._PerformIntegrityVerificationCs// //rc[R"URSS9n[R"5n[R"U5nURUR5S9nURU5(a,[R "U5nUR#X'S9UlU$UR#US9UlU$![Ra5n[ R "SRURU55eSnAff=f)NT)binaryz)Failed to read ciphertext file [{0}]: {1})name) ciphertextciphertextCrc32c)r%)r ReadFromFileOrStdinciphertext_filer ErrorrBadFileExceptionformat cloudkms_baseGetMessagesModuler ParseCryptoKeyVersionNameNCloudkmsProjectsLocationsKeyRingsCryptoKeysCryptoKeyVersionsDecapsulateRequest RelativeNamer rCrc32cDecapsulateRequestdecapsulateRequest)rrr%emessagescrypto_key_refreqciphertext_crc32cs r_CreateDecapsulateRequest%Decapsulate._CreateDecapsulateRequestFs(11   t-j..0H44T:N  a a  ( ( * b C ))$// -- 3':: ; c J (:: ; c J+ ;;(  ' ' 5 < <""A ' (((sCD 0DD c*UR(d)[R"[R"55e[R "UR UR5(d)[R"[R"55eg)z&Verifies integrity fields in response.N) verifiedCiphertextCrc32cr $ClientSideIntegrityVerificationError'GetRequestToServerCorruptedErrorMessager Crc32cMatches sharedSecretsharedSecretCrc32c*GetResponseFromServerCorruptedErrorMessage)rr7resps r_VerifyResponseIntegrityFields*Decapsulate._VerifyResponseIntegrityFieldsasv  ( (  > >  ? ? A CC    1 143J3J K K  > >  B B D FF LrcURU5n[R"5nURR U5nUR U5(aUR X$5 [R"URUR=(d SSSSS9 g![Ra n[R"U5 SnAgSnAf[R an["R$"U5eSnAff=f)NT) overwriter#private)r9r,GetClientInstance8projects_locations_keyRings_cryptoKeys_cryptoKeyVersionsrr rDr WriteToFileOrStdoutshared_secret_filer@apitools_exceptionsHttpBadRequestErrorr ProcessHttpBadRequestErrorr r)rr*)rrr7clientrCerrorr4s rRunDecapsulate.Runns  ( ( .C  , , .F+  L L X X d  + +D 1 1 ++C6   ! !    !r   2 26..u55 ;;+  ' ' **+s$A7B D4CD&C<<DN) __name__ __module__ __qualname____firstlineno____doc__ staticmethodrr r9rDrS__static_attributes__rUrrrr!s00//06 F+rrN)rZ __future__rrrapitools.base.pyrrNgooglecloudsdk.api_lib.cloudkmsrr,googlecloudsdk.calliopegooglecloudsdk.command_lib.kmsrr r googlecloudsdk.corer googlecloudsdk.core.consoler googlecloudsdk.core.utilr UniverseCompatibleCommandrrUrrrgsZG&'>A(.180#2*d+$,,d+d+r