Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 0a9f0fb

Browse files
daniel-sanchedaniel-sanche
authored
KMS import comments (GoogleCloudPlatform#1771)
added import comments to snippets
1 parent 7f57979 commit 0a9f0fb

File tree

1 file changed

+29
-2
lines changed

1 file changed

+29
-2
lines changed

kms/api-client/asymmetric.py

Lines changed: 29 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,21 +13,23 @@
1313
# See the License for the specific language governing permissions and
1414
# limitations under the License.rom googleapiclient import discovery
1515

16-
# [START kms_asymmetric_imports]
1716
import base64
1817
import hashlib
1918

2019
from cryptography.exceptions import InvalidSignature
2120
from cryptography.hazmat.backends import default_backend
2221
from cryptography.hazmat.primitives import hashes, serialization
2322
from cryptography.hazmat.primitives.asymmetric import ec, padding, utils
24-
# [END kms_asymmetric_imports]
2523

2624

2725
# [START kms_get_asymmetric_public]
2826
def getAsymmetricPublicKey(client, key_path):
2927
"""
3028
Retrieves the public key from a saved asymmetric key pair on Cloud KMS
29+
30+
Requires:
31+
cryptography.hazmat.backends.default_backend
32+
cryptography.hazmat.primitives.serialization
3133
"""
3234
request = client.projects() \
3335
.locations() \
@@ -47,6 +49,9 @@ def decryptRSA(ciphertext, client, key_path):
4749
"""
4850
Decrypt the input ciphertext (bytes) using an
4951
'RSA_DECRYPT_OAEP_2048_SHA256' private key stored on Cloud KMS
52+
53+
Requires:
54+
base64
5055
"""
5156
request_body = {'ciphertext': base64.b64encode(ciphertext).decode('utf-8')}
5257
request = client.projects() \
@@ -67,6 +72,10 @@ def encryptRSA(plaintext, client, key_path):
6772
"""
6873
Encrypt the input plaintext (bytes) locally using an
6974
'RSA_DECRYPT_OAEP_2048_SHA256' public key retrieved from Cloud KMS
75+
76+
Requires:
77+
cryptography.hazmat.primitives.asymmetric.padding
78+
cryptography.hazmat.primitives.hashes
7079
"""
7180
public_key = getAsymmetricPublicKey(client, key_path)
7281
pad = padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),
@@ -80,6 +89,10 @@ def encryptRSA(plaintext, client, key_path):
8089
def signAsymmetric(message, client, key_path):
8190
"""
8291
Create a signature for a message using a private key stored on Cloud KMS
92+
93+
Requires:
94+
base64
95+
hashlib
8396
"""
8497
# Note: some key algorithms will require a different hash function
8598
# For example, EC_SIGN_P384_SHA384 requires SHA384
@@ -104,6 +117,13 @@ def verifySignatureRSA(signature, message, client, key_path):
104117
"""
105118
Verify the validity of an 'RSA_SIGN_PSS_2048_SHA256' signature for the
106119
specified message
120+
121+
Requires:
122+
cryptography.exceptions.InvalidSignature
123+
cryptography.hazmat.primitives.asymmetric.padding
124+
cryptography.hazmat.primitives.asymmetric.utils
125+
cryptography.hazmat.primitives.hashes
126+
hashlib
107127
"""
108128
public_key = getAsymmetricPublicKey(client, key_path)
109129
digest_bytes = hashlib.sha256(message).digest()
@@ -127,6 +147,13 @@ def verifySignatureEC(signature, message, client, key_path):
127147
"""
128148
Verify the validity of an 'EC_SIGN_P256_SHA256' signature
129149
for the specified message
150+
151+
Requires:
152+
cryptography.exceptions.InvalidSignature
153+
cryptography.hazmat.primitives.asymmetric.ec
154+
cryptography.hazmat.primitives.asymmetric.utils
155+
cryptography.hazmat.primitives.hashes
156+
hashlib
130157
"""
131158
public_key = getAsymmetricPublicKey(client, key_path)
132159
digest_bytes = hashlib.sha256(message).digest()

0 commit comments

Comments
 (0)