feat(key_manager): add new methods ImportKeyMaterial and DeleteKeyMaterial (#628)

Author: scaleway-bot

scaleway-async/scaleway_async/key_manager/v1alpha1/__init__.py

@@ -2,6 +2,7 @@
 # If you have any remark or suggestion do not hesitate to open an issue.
 from .types import DataKeyAlgorithmSymmetricEncryption
 from .types import KeyAlgorithmSymmetricEncryption
+from .types import KeyOrigin
 from .types import KeyState
 from .types import ListKeysRequestOrderBy
 from .types import KeyRotationPolicy
@@ -11,13 +12,15 @@
 from .types import DataKey
 from .types import DecryptRequest
 from .types import DecryptResponse
+from .types import DeleteKeyMaterialRequest
 from .types import DeleteKeyRequest
 from .types import DisableKeyRequest
 from .types import EnableKeyRequest
 from .types import EncryptRequest
 from .types import EncryptResponse
 from .types import GenerateDataKeyRequest
 from .types import GetKeyRequest
+from .types import ImportKeyMaterialRequest
 from .types import ListKeysRequest
 from .types import ListKeysResponse
 from .types import ProtectKeyRequest
@@ -29,6 +32,7 @@
 __all__ = [
     "DataKeyAlgorithmSymmetricEncryption",
     "KeyAlgorithmSymmetricEncryption",
+    "KeyOrigin",
     "KeyState",
     "ListKeysRequestOrderBy",
     "KeyRotationPolicy",
@@ -38,13 +42,15 @@
     "DataKey",
     "DecryptRequest",
     "DecryptResponse",
+    "DeleteKeyMaterialRequest",
     "DeleteKeyRequest",
     "DisableKeyRequest",
     "EnableKeyRequest",
     "EncryptRequest",
     "EncryptResponse",
     "GenerateDataKeyRequest",
     "GetKeyRequest",
+    "ImportKeyMaterialRequest",
     "ListKeysRequest",
     "ListKeysResponse",
     "ProtectKeyRequest",

scaleway-async/scaleway_async/key_manager/v1alpha1/api.py

@@ -13,6 +13,7 @@
 )
 from .types import (
     DataKeyAlgorithmSymmetricEncryption,
+    KeyOrigin,
     ListKeysRequestOrderBy,
     CreateKeyRequest,
     DataKey,
@@ -21,6 +22,7 @@
     EncryptRequest,
     EncryptResponse,
     GenerateDataKeyRequest,
+    ImportKeyMaterialRequest,
     Key,
     KeyRotationPolicy,
     KeyUsage,
@@ -37,6 +39,7 @@
     marshal_DecryptRequest,
     marshal_EncryptRequest,
     marshal_GenerateDataKeyRequest,
+    marshal_ImportKeyMaterialRequest,
     marshal_UpdateKeyRequest,
 )
 
@@ -57,6 +60,7 @@ async def create_key(
         description: Optional[str] = None,
         tags: Optional[List[str]] = None,
         rotation_policy: Optional[KeyRotationPolicy] = None,
+        origin: Optional[KeyOrigin] = None,
     ) -> Key:
         """
         Create a key.
@@ -69,6 +73,7 @@ async def create_key(
         :param description: (Optional) Description of the key.
         :param tags: (Optional) List of the key's tags.
         :param rotation_policy: If not specified, no rotation policy will be applied to the key.
+        :param origin: Refer to the `Key.Origin` enum for a description of values.
         :return: :class:`Key <Key>`
 
         Usage:
@@ -96,6 +101,7 @@ async def create_key(
                     description=description,
                     tags=tags,
                     rotation_policy=rotation_policy,
+                    origin=origin,
                 ),
                 self.client,
             ),
@@ -644,3 +650,84 @@ async def decrypt(
 
         self._throw_on_error(res)
         return unmarshal_DecryptResponse(res.json())
+
+    async def import_key_material(
+        self,
+        *,
+        key_id: str,
+        key_material: str,
+        region: Optional[Region] = None,
+        salt: Optional[str] = None,
+    ) -> Key:
+        """
+        Import key material.
+        Import key material to use to derive a new cryptographic key. The key's origin must be `external`.
+        :param key_id: The key's origin must be 'external'.
+        :param key_material: The key material The key material is a random sequence of bytes used to derive a cryptographic key.
+        :param region: Region to target. If none is passed will use default region from the config.
+        :param salt: A salt can be used to improve the quality of randomness when the key material is generated from a low entropy source.
+        :return: :class:`Key <Key>`
+
+        Usage:
+        ::
+
+            result = await api.import_key_material(
+                key_id="example",
+                key_material="example",
+            )
+        """
+
+        param_region = validate_path_param(
+            "region", region or self.client.default_region
+        )
+        param_key_id = validate_path_param("key_id", key_id)
+
+        res = self._request(
+            "POST",
+            f"/key-manager/v1alpha1/regions/{param_region}/keys/{param_key_id}/import-key-material",
+            body=marshal_ImportKeyMaterialRequest(
+                ImportKeyMaterialRequest(
+                    key_id=key_id,
+                    key_material=key_material,
+                    region=region,
+                    salt=salt,
+                ),
+                self.client,
+            ),
+        )
+
+        self._throw_on_error(res)
+        return unmarshal_Key(res.json())
+
+    async def delete_key_material(
+        self,
+        *,
+        key_id: str,
+        region: Optional[Region] = None,
+    ) -> None:
+        """
+        Delete key material.
+        Delete previously imported key material. This renders the associated cryptographic key unusable for any operation. The key's origin must be `external`.
+        :param key_id: ID of the key of which to delete the key material.
+        :param region: Region to target. If none is passed will use default region from the config.
+
+        Usage:
+        ::
+
+            result = await api.delete_key_material(
+                key_id="example",
+            )
+        """
+
+        param_region = validate_path_param(
+            "region", region or self.client.default_region
+        )
+        param_key_id = validate_path_param("key_id", key_id)
+
+        res = self._request(
+            "POST",
+            f"/key-manager/v1alpha1/regions/{param_region}/keys/{param_key_id}/delete-key-material",
+            body={},
+        )
+
+        self._throw_on_error(res)

scaleway-async/scaleway_async/key_manager/v1alpha1/marshalling.py

@@ -21,6 +21,7 @@
     DecryptRequest,
     EncryptRequest,
     GenerateDataKeyRequest,
+    ImportKeyMaterialRequest,
     UpdateKeyRequest,
 )
 
@@ -95,22 +96,6 @@ def unmarshal_Key(data: Any) -> Key:
     if field is not None:
         args["rotation_count"] = field
 
-    field = data.get("protected", None)
-    if field is not None:
-        args["protected"] = field
-
-    field = data.get("locked", None)
-    if field is not None:
-        args["locked"] = field
-
-    field = data.get("tags", None)
-    if field is not None:
-        args["tags"] = field
-
-    field = data.get("region", None)
-    if field is not None:
-        args["region"] = field
-
     field = data.get("usage", None)
     if field is not None:
         args["usage"] = unmarshal_KeyUsage(field)
@@ -129,6 +114,26 @@ def unmarshal_Key(data: Any) -> Key:
     else:
         args["updated_at"] = None
 
+    field = data.get("protected", None)
+    if field is not None:
+        args["protected"] = field
+
+    field = data.get("locked", None)
+    if field is not None:
+        args["locked"] = field
+
+    field = data.get("tags", None)
+    if field is not None:
+        args["tags"] = field
+
+    field = data.get("origin", None)
+    if field is not None:
+        args["origin"] = field
+
+    field = data.get("region", None)
+    if field is not None:
+        args["region"] = field
+
     field = data.get("description", None)
     if field is not None:
         args["description"] = field
@@ -308,6 +313,9 @@ def marshal_CreateKeyRequest(
             request.rotation_policy, defaults
         )
 
+    if request.origin is not None:
+        output["origin"] = str(request.origin)
+
     return output
 
 
@@ -356,6 +364,21 @@ def marshal_GenerateDataKeyRequest(
     return output
 
 
+def marshal_ImportKeyMaterialRequest(
+    request: ImportKeyMaterialRequest,
+    defaults: ProfileDefaults,
+) -> Dict[str, Any]:
+    output: Dict[str, Any] = {}
+
+    if request.key_material is not None:
+        output["key_material"] = request.key_material
+
+    if request.salt is not None:
+        output["salt"] = request.salt
+
+    return output
+
+
 def marshal_UpdateKeyRequest(
     request: UpdateKeyRequest,
     defaults: ProfileDefaults,