def AddKey(self, authority_ref, key_content, comment=None):
"""Add a key to an attestation authority.
Args:
authority_ref: ResourceSpec, The authority to be updated.
key_content: The contents of the public key file.
comment: The comment on the public key.
Returns:
The added public key.
Raises:
AlreadyExistsError: If a public key with the same key content was found on
the authority.
"""
authority = self.Get(authority_ref)
existing_pub_keys = set(
public_key.asciiArmoredPgpPublicKey
for public_key in authority.userOwnedDrydockNote.publicKeys)
if key_content in existing_pub_keys:
raise exceptions.AlreadyExistsError(
'Provided public key already present on authority [{}]'.format(
authority.name))
authority.userOwnedDrydockNote.publicKeys.append(
self.messages.AttestationAuthorityPublicKey(
asciiArmoredPgpPublicKey=key_content, comment=comment))
updated_authority = (
self.client.projects_attestationAuthorities.Update(authority))
return next(
public_key
for public_key in updated_authority.userOwnedDrydockNote.publicKeys
if public_key.asciiArmoredPgpPublicKey == key_content)
def AddPkixKey(self,
attestor_ref,
pkix_pubkey_content,
pkix_sig_algorithm,
id_override=None,
comment=None):
"""Add a key to an attestor.
Args:
attestor_ref: ResourceSpec, The attestor to be updated.
pkix_pubkey_content: The PEM-encoded PKIX public key.
pkix_sig_algorithm: The PKIX public key signature algorithm.
id_override: If provided, the key ID to use instead of the API-generated
one.
comment: The comment on the public key.
Returns:
The added public key.
Raises:
AlreadyExistsError: If a public key with the same key content was found on
the attestor.
"""
attestor = self.Get(attestor_ref)
existing_ids = set(
public_key.id
for public_key in attestor.userOwnedDrydockNote.publicKeys)
if id_override is not None and id_override in existing_ids:
raise exceptions.AlreadyExistsError(
'Public key with ID [{}] already present on attestor [{}]'.
format(id_override, attestor.name))
attestor.userOwnedDrydockNote.publicKeys.append(
self.messages.AttestorPublicKey(
id=id_override,
pkixPublicKey=self.messages.PkixPublicKey(
publicKeyPem=pkix_pubkey_content,
signatureAlgorithm=pkix_sig_algorithm),
comment=comment))
updated_attestor = self.client.projects_attestors.Update(attestor)
return next(
public_key
for public_key in updated_attestor.userOwnedDrydockNote.publicKeys
if public_key.id not in existing_ids)
def AddKey(self, authority_ref, key_content, comment=None):
"""Add a key to an attestation authority.
Args:
authority_ref: ResourceSpec, The authority to be updated.
key_content: The contents of the public key file.
comment: The comment on the public key.
Returns:
The added public key.
Raises:
AlreadyExistsError: If a public key with the same key content was found on
the authority.
"""
authority = self.Get(authority_ref)
existing_pub_keys = set(
public_key.asciiArmoredPgpPublicKey
for public_key in authority.userOwnedDrydockNote.publicKeys)
if key_content in existing_pub_keys:
raise exceptions.AlreadyExistsError(
'Provided public key already present on authority [{}]'.format(
authority.name))
if self._version == apis.V1_ALPHA1:
authority.userOwnedDrydockNote.publicKeys.append(
self.messages.AttestationAuthorityPublicKey(
asciiArmoredPgpPublicKey=key_content, comment=comment))
elif self._version == apis.V1_BETA1:
authority.userOwnedDrydockNote.publicKeys.append(
self.messages.AttestorPublicKey(
asciiArmoredPgpPublicKey=key_content, comment=comment))
else:
raise NotImplementedError('Unknown client version: ' +
self._version)
updated_authority = self._GetClientService().Update(authority)
return next(
public_key
for public_key in updated_authority.userOwnedDrydockNote.publicKeys
if public_key.asciiArmoredPgpPublicKey == key_content)
def AddPgpKey(self, attestor_ref, pgp_pubkey_content, comment=None):
"""Add a PGP key to an attestor.
Args:
attestor_ref: ResourceSpec, The attestor to be updated.
pgp_pubkey_content: The contents of the PGP public key file.
comment: The comment on the public key.
Returns:
The added public key.
Raises:
AlreadyExistsError: If a public key with the same key content was found on
the attestor.
"""
attestor = self.Get(attestor_ref)
existing_pub_keys = set(
public_key.asciiArmoredPgpPublicKey
for public_key in attestor.userOwnedDrydockNote.publicKeys)
if pgp_pubkey_content in existing_pub_keys:
raise exceptions.AlreadyExistsError(
'Provided public key already present on attestor [{}]'.format(
attestor.name))
existing_ids = set(
public_key.id
for public_key in attestor.userOwnedDrydockNote.publicKeys)
attestor.userOwnedDrydockNote.publicKeys.append(
self.messages.AttestorPublicKey(
asciiArmoredPgpPublicKey=pgp_pubkey_content, comment=comment))
updated_attestor = self.client.projects_attestors.Update(attestor)
return next(
public_key
for public_key in updated_attestor.userOwnedDrydockNote.publicKeys
if public_key.id not in existing_ids)