Skip to content

Commit

Permalink
docs: update README for attestation verification scripts (#151)
Browse files Browse the repository at this point in the history
  • Loading branch information
bkuang authored and rsamborski committed Nov 14, 2022
1 parent bf615fd commit 8911a48
Show file tree
Hide file tree
Showing 3 changed files with 41 additions and 19 deletions.
54 changes: 37 additions & 17 deletions kms/attestations/README.rst
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ Google Cloud Key Management Service Python Samples
===============================================================================

.. image:: https://gstatic.com/cloudssh/images/open-btn.png
:target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=kms/attestations/README.rst
:target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/python-kms&page=editor&open_in_editor=samples/attestations/README.rst


This directory contains samples for Google Cloud Key Management Service. The `Cloud Key Management Service`_ allows you to create, import, and manage cryptographic keys and perform cryptographic operations in a single centralized cloud service.
Expand All @@ -14,6 +14,10 @@ This directory contains samples for Google Cloud Key Management Service. The `Cl

.. _Google Cloud Key Management Service: https://cloud.google.com/kms/docs/





Setup
-------------------------------------------------------------------------------

Expand All @@ -32,36 +36,57 @@ Install Dependencies
.. _Python Development Environment Setup Guide:
https://cloud.google.com/python/setup

#. Create a virtualenv. Samples are compatible with Python 3.6+.
#. Create a virtualenv. Samples are compatible with Python 2.7 and 3.4+.

.. code-block:: bash
$ virtualenv env
$ source env/bin/activate
#. Install the dependencies needed to run the samples.

.. code-block:: bash
$ pip install -r requirements.txt
.. _pip: https://pip.pypa.io/
.. _virtualenv: https://virtualenv.pypa.io/

Samples
-------------------------------------------------------------------------------

Verify attestations and certificate chains for keys generated by Cloud HSM
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

.. image:: https://gstatic.com/cloudssh/images/open-btn.png
:target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/python-kms&page=editor&open_in_editor=samples/attestations/verify_attestation_chains.py,samples/attestations/README.rst



Samples
-------------------------------------------------------------------------------

To run this sample:

.. code-block:: bash
$ python verify_attestation_chains.py
usage: verify_attestation_chains.py [-h] [--certificates CERTIFICATES]
[--attestation ATTESTATION]
This application verifies HSM attestations using certificate chains
obtained from Cloud HSM and the HSM manufacturer.
For more information, visit https://cloud.google.com/kms/docs/attest-key.
optional arguments:
-h, --help show this help message and exit
--certificates CERTIFICATES
The certificate chains filename.
--attestation ATTESTATION
The attestation filename.
Verify attestations for keys generated by Cloud HSM
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

.. image:: https://gstatic.com/cloudssh/images/open-btn.png
:target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=kms/attestations/verify_attestation.py,kms/attestations/README.rst
:target: https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/python-docs-samples&page=editor&open_in_editor=samples/attestations/verify_attestation.py,samples/attestations/README.rst



Expand All @@ -72,12 +97,11 @@ To run this sample:
$ python verify_attestation.py
usage: verify_attestation.py [-h] attestation_file bundle_file
This application verifies HSM attestations using certificate bundles obtained
from Cloud HSM. For more information, visit
https://cloud.google.com/kms/docs/attest-key.
from Cloud HSM. For more information, visit https://cloud.google.com/kms/docs
/attest-key.
positional arguments:
attestation_file Name of attestation file.
Expand All @@ -90,8 +114,4 @@ To run this sample:
.. _Google Cloud SDK: https://cloud.google.com/sdk/
3 changes: 2 additions & 1 deletion kms/attestations/README.rst.in
Original file line number Diff line number Diff line change
Expand Up @@ -19,4 +19,5 @@ samples:
file: verify_attestation.py
show_help: True

folder: kms/attestations
folder: samples/attestations

3 changes: 2 additions & 1 deletion kms/attestations/verify_attestation_chains.py
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,8 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""This application verifies HSM certificate chains.
"""This application verifies HSM attestations using certificate chains
obtained from Cloud HSM and the HSM manufacturer.
For more information, visit https://cloud.google.com/kms/docs/attest-key.
"""
Expand Down

0 comments on commit 8911a48

Please sign in to comment.