diff --git a/samples/snippets/asymmetric.py b/samples/snippets/asymmetric.py index 4127148f..4d4ebcb4 100644 --- a/samples/snippets/asymmetric.py +++ b/samples/snippets/asymmetric.py @@ -24,7 +24,8 @@ # [START kms_get_asymmetric_public] def getAsymmetricPublicKey(client, key_path): - """Retrieves the public key from a saved asymmetric key pair on Cloud KMS + """ + Retrieves the public key from a saved asymmetric key pair on Cloud KMS """ request = client.projects() \ .locations() \ @@ -41,7 +42,9 @@ def getAsymmetricPublicKey(client, key_path): # [START kms_decrypt_rsa] def decryptRSA(ciphertext, client, key_path): - """Decrypt a given ciphertext using an RSA private key stored on Cloud KMS + """ + Decrypt a given ciphertext using an 'RSA_DECRYPT_OAEP_2048_SHA256' private + key stored on Cloud KMS """ request = client.projects() \ .locations() \ @@ -58,7 +61,9 @@ def decryptRSA(ciphertext, client, key_path): # [START kms_encrypt_rsa] def encryptRSA(message, client, key_path): - """Encrypt message locally using an RSA public key retrieved from Cloud KMS + """ + Encrypt message locally using an 'RSA_DECRYPT_OAEP_2048_SHA256' public + key retrieved from Cloud KMS """ public_key = getAsymmetricPublicKey(client, key_path) pad = padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()), @@ -72,8 +77,11 @@ def encryptRSA(message, client, key_path): # [START kms_sign_asymmetric] def signAsymmetric(message, client, key_path): - """Create a signature for a message using a private key stored on Cloud KMS """ + Create a signature for a message using a private key stored on Cloud KMS + """ + # Note: some key algorithms will require a different hash function + # For example, EC_SIGN_P384_SHA384 requires SHA384 digest_bytes = hashlib.sha256(message.encode('ascii')).digest() digest64 = base64.b64encode(digest_bytes) @@ -92,8 +100,9 @@ def signAsymmetric(message, client, key_path): # [START kms_verify_signature_rsa] def verifySignatureRSA(signature, message, client, key_path): - """Verify the validity of an 'RSA_SIGN_PSS_2048_SHA256' signature - for the specified plaintext message + """ + Verify the validity of an 'RSA_SIGN_PSS_2048_SHA256' signature for the + specified plaintext message """ public_key = getAsymmetricPublicKey(client, key_path) @@ -116,7 +125,8 @@ def verifySignatureRSA(signature, message, client, key_path): # [START kms_verify_signature_ec] def verifySignatureEC(signature, message, client, key_path): - """Verify the validity of an 'EC_SIGN_P224_SHA256' signature + """ + Verify the validity of an 'EC_SIGN_P256_SHA256' signature for the specified plaintext message """ public_key = getAsymmetricPublicKey(client, key_path) diff --git a/samples/snippets/asymmetric_test.py b/samples/snippets/asymmetric_test.py index 20119ce5..a4b1c34f 100644 --- a/samples/snippets/asymmetric_test.py +++ b/samples/snippets/asymmetric_test.py @@ -64,7 +64,7 @@ def setup_module(module): s2 = create_key_helper(t.rsaSignId, t.rsaSign, 'ASYMMETRIC_SIGN', 'RSA_SIGN_PSS_2048_SHA256', t) s3 = create_key_helper(t.ecSignId, t.ecSign, 'ASYMMETRIC_SIGN', - 'EC_SIGN_P224_SHA256', t) + 'EC_SIGN_P256_SHA256', t) if s1 or s2 or s3: # leave time for keys to initialize sleep(20)