~)SrSSKJr SSKJr SSKJr SSKrSSKrSSKJr SSK Jr SSK J r SSK J r SS K Jr SS KJr SS KJr "S S \R&5rg)z=Import a provided key from file into KMS using an Import Job.)absolute_import)division)unicode_literalsN)base) exceptions)flags)maps)log)filescR\rSrSrSr\S5rSrSrSr Sr Sr S r S r S rg ) Import!aImport a version into an existing crypto key. Imports wrapped key material into a new version within an existing crypto key following the import procedure documented at https://cloud.google.com/kms/docs/importing-a-key. ## EXAMPLES The following command will read the files 'path/to/ephemeral/key' and 'path/to/target/key' and use them to create a new version with algorithm 'google-symmetric-encryption' within the 'frodo' crypto key, 'fellowship' keyring, and 'us-central1' location using import job 'strider' to unwrap the provided key material. $ {command} --location=global \ --keyring=fellowship \ --key=frodo \ --import-job=strider \ --wrapped-key-file=path/to/target/key \ --algorithm=google-symmetric-encryption cn[R"US5 [R"US5 [R"US5 [R"US5 [R "U5 [R "US5 [R"U5 [R"U5 g)Nz"The containing key to import into.z8to re-import into. Omit this field for first-time importz to importzto import from) rAddKeyResourceFlagsAddCryptoKeyVersionFlagAddRsaAesWrappedKeyFileFlagAddWrappedKeyFileFlagAddImportedVersionAlgorithmFlagAddRequiredImportJobArgumentAddPublicKeyFileFlagAddTargetKeyFileFlag)parsers 'lib/surface/kms/keys/versions/import.pyArgs Import.Args8s f&JK !!JL %%fk:  4 ))&1 &&v/?@ v& v&c[R"U5n[U5U:a%[R"SR U55eU$)Nz6The file is larger than the maximum size of {0} bytes.)r ReadBinaryFileContentslenrBadFileExceptionformat)selfpath max_bytesdatas r _ReadFileImport._ReadFileDsI  ' ' -D 4y9  ' ' B I I   KrcUURRRURRRURRRURRR 4;$N) ImportJobImportMethodValueValuesEnumRSA_OAEP_3072_SHA256RSA_OAEP_4096_SHA256RSA_OAEP_3072_SHA256_AES_256RSA_OAEP_4096_SHA256_AES_256r" import_methodmessagess r_IsSha2ImportMethodImport._IsSha2ImportMethodLsj 66KK66KK66 % %x'9'9 $ $%A%A C CCrcXRRRURRRURRRURRR 4;$r))r*r+RSA_OAEP_3072_SHA1_AES_256RSA_OAEP_4096_SHA1_AES_256r.r/r0s r_IsRsaAesWrappingImportMethod$Import._IsRsaAesWrappingImportMethodTse //KK88%//KK88%//KK::%//KK::< <>BBFF  G "#J8--BBIII  + + HOO//1 22 rc SSKJn SSKJn SSKJn SSKJn SSKJn W R5n URX5(aU R!5n UR#X5(dUUR$R&R(:XaS n OAUUR$R&R*:XaS n O[-S R/U55eU S U R0-- S - n [3U5U :a&[4R6"S SR/U 55eSnUnWR9UW"5S9nUR#X5(a-[:R<"S5nWR?XU"55nURAUW RCU REU 5U SS95nUU-$![a9 [RRS5 [R"S5 GNf=f)Nr) serialization)default_backend)keywrap)padding)hasheszCannot load the Pyca cryptography library. Either the library is not installed, or site packages are not enabled for the Google Cloud SDK. Please consult https://cloud.google.com/kms/docs/crypto for further instructions.iizunexpected import method: {0}ztarget-key-filezFThe file is larger than the import method's maximum size of {0} bytes.r)backend )mgf algorithmlabel)#cryptography.hazmat.primitivesrRcryptography.hazmat.backendsrSrT)cryptography.hazmat.primitives.asymmetricrUrV ImportErrorr errPrintsysexitSHA1r3SHA256r8r*r+r,r- ValueErrorr! digest_sizerrr load_pem_public_keyosurandomaes_key_wrap_with_paddingencryptOAEPMGF1)r"r1public_key_bytestarget_key_bytesrMr2rRrSrTrUrVshamodulus_byte_lengthmax_target_key_sizeaes_wrapped_keyto_be_rsa_wrapped_key public_keyrsa_wrapped_keys r_CkmRsaAesKeyWrapImport._CkmRsaAesKeyWrapps ?>8C7 ++-C  88 MMOc  - -m F F     ; ; P P Q(     ; ; P P Q(8?? NOO/1s3FG!K  !4 4))  V/0  O,22/"335J ))-BB jjn99 ?3DFo (( c*c FHO _ ,,_  ggmm$%  hhqk sF//?G21G2c[R"5n[R"5n[R"U5R 5nSnUR (a5UR nUR(a[R"SS5eO URn[U5[UR5:Xa[R"SS5eSnU(aURUSS9nUR#XX#5nUR(aSn URURSS9n Sn UR$(aUR'U5n O%UR(R*R-S 5n UR/UR0U XU5nUR3[R4"U5R 5S 9n UR7[8R:R=UR>5UUS 9U l URB(a3[RD"U5R 5U R@l#URHRKU 5$![Ra*n[R"SR!XW55eSnAff=f![Ra5n[R"S R!URU55eSnAff=f) N)z--wrapped-key-filez--rsa-aes-wrapped-key-filezGEither wrapped-key-file or rsa-aes-wrapped-key-file should be provided.)z--target-key-filez---wrapped-key-file/--rsa-aes-wrapped-key-filezAEither a pre-wrapped key or a key to be wrapped must be provided.r;r<z*Failed to read wrapped key file [{0}]: {1}i z)Failed to read target key file [{0}]: {1}ascii)parent)r\ importJob wrappedKey)& cloudkms_baseGetClientInstanceGetMessagesModulerParseImportJobName RelativeNamewrapped_key_filersa_aes_wrapped_key_filerOneOfArgumentsRequiredExceptionbooltarget_key_filer&r r>r r!rOr=rA publicKeypemencoderz importMethodICloudkmsProjectsLocationsKeyRingsCryptoKeysCryptoKeyVersionsImportRequestParseCryptoKeyNameImportCryptoKeyVersionRequestr ALGORITHM_MAPPER_FOR_IMPORTGetEnumForChoicer\importCryptoKeyVersionRequestversionParseCryptoKeyVersionNamecryptoKeyVersion8projects_locations_keyRings_cryptoKeys_cryptoKeyVersionsr ) r"r?rMr2rLrwrapped_key_bytesr@rNrrrqreqs rRun Import.Runs  , , .F..0H..t4AACO .. & &88 @ UW W ' 66 d&:&:!;;  6 6 P M OO& NN+;uNM %%dVNJ *>>$*>*>$>O  33D9%//33::7C001H1H1A1A19;  \ \''-::< ] >C(0(N(N22CC NN!$ )O)&C%  ||;@;Z;Z <  ''8  J J Q Q   S[[&)) 8 ? ?  %& &&[[*)) 7 > >$$a )* **s0&I+J,+J)?%J$$J),K50K00K5N)__name__ __module__ __qualname____firstlineno____doc__ staticmethodrr&r3r8rArOrzr__static_attributes__rrrr r !sA, ' 'C<(<-|D rr )r __future__rrrrkrdgooglecloudsdk.api_lib.cloudkmsrrgooglecloudsdk.calliopergooglecloudsdk.command_lib.kmsrr googlecloudsdk.corer googlecloudsdk.core.utilr Commandr rrrrsAD&' A(.0/#*Q T\\Q r