Add the ability to get_keyring_secret the public key from key pairs

------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=162399452
2025-05-13 16:07:15 +02:00 · 2017-07-18 13:59:31 -07:00 · 2017-07-18 13:59:31 -07:00 · 8ff1102223
commit 8ff1102223
parent f771b32ece
3 changed files with 21 additions and 0 deletions
--- a/java/google/registry/tools/GetKeyringSecretCommand.java
+++ b/java/google/registry/tools/GetKeyringSecretCommand.java
@ -66,6 +66,9 @@ final class GetKeyringSecretCommand implements RemoteApiCommand {
      case BRDA_SIGNING_KEY_PAIR:
        out.write(KeySerializer.serializeKeyPair(keyring.getBrdaSigningKey()));
        break;
      case BRDA_SIGNING_PUBLIC_KEY:
        out.write(KeySerializer.serializePublicKey(keyring.getBrdaSigningKey().getPublicKey()));
        break;
      case ICANN_REPORTING_PASSWORD:
        out.write(KeySerializer.serializeString(keyring.getIcannReportingPassword()));
        break;
@ -87,6 +90,9 @@ final class GetKeyringSecretCommand implements RemoteApiCommand {
      case RDE_SIGNING_KEY_PAIR:
        out.write(KeySerializer.serializeKeyPair(keyring.getRdeSigningKey()));
        break;
      case RDE_SIGNING_PUBLIC_KEY:
        out.write(KeySerializer.serializePublicKey(keyring.getRdeSigningKey().getPublicKey()));
        break;
      case RDE_SSH_CLIENT_PRIVATE_KEY:
        out.write(KeySerializer.serializeString(keyring.getRdeSshClientPrivateKey()));
        break;
--- a/java/google/registry/tools/UpdateKmsKeyringCommand.java
+++ b/java/google/registry/tools/UpdateKmsKeyringCommand.java
@ -65,6 +65,10 @@ final class UpdateKmsKeyringCommand implements RemoteApiCommand {
      case BRDA_SIGNING_KEY_PAIR:
        kmsUpdater.setBrdaSigningKey(deserializeKeyPair(input));
        break;
      case BRDA_SIGNING_PUBLIC_KEY:
        throw new IllegalArgumentException(
            "Can't update BRDA_SIGNING_PUBLIC_KEY directly."
            + " Must update public and private keys together using BRDA_SIGNING_KEY_PAIR.");
      case ICANN_REPORTING_PASSWORD:
        kmsUpdater.setIcannReportingPassword(deserializeString(input));
        break;
@ -86,6 +90,15 @@ final class UpdateKmsKeyringCommand implements RemoteApiCommand {
      case RDE_SIGNING_KEY_PAIR:
        kmsUpdater.setRdeSigningKey(deserializeKeyPair(input));
        break;
      case RDE_SIGNING_PUBLIC_KEY:
        throw new IllegalArgumentException(
            "Can't update RDE_SIGNING_PUBLIC_KEY directly."
            + " Must update public and private keys together using RDE_SIGNING_KEY_PAIR.");
      // Note that RDE_SSH_CLIENT public / private keys are slightly different than other key pairs,
      // since they are just regular strings rather than {@link PGPKeyPair}s (because OpenSSH
      // doesn't use PGP-style keys)
      //
      // Hence we can and need to update the private and public keys individually.
      case RDE_SSH_CLIENT_PRIVATE_KEY:
        kmsUpdater.setRdeSshClientPrivateKey(deserializeString(input));
        break;
--- a/java/google/registry/tools/params/KeyringKeyName.java
+++ b/java/google/registry/tools/params/KeyringKeyName.java
@ -24,6 +24,7 @@ public enum KeyringKeyName {
  BRAINTREE_PRIVATE_KEY,
  BRDA_RECEIVER_PUBLIC_KEY,
  BRDA_SIGNING_KEY_PAIR,
  BRDA_SIGNING_PUBLIC_KEY,
  ICANN_REPORTING_PASSWORD,
  JSON_CREDENTIAL,
  MARKSDB_DNL_LOGIN,
@ -31,6 +32,7 @@ public enum KeyringKeyName {
  MARKSDB_SMDRL_LOGIN,
  RDE_RECEIVER_PUBLIC_KEY,
  RDE_SIGNING_KEY_PAIR,
  RDE_SIGNING_PUBLIC_KEY,
  RDE_SSH_CLIENT_PRIVATE_KEY,
  RDE_SSH_CLIENT_PUBLIC_KEY,
  RDE_STAGING_KEY_PAIR,