<>ibSSKrSSKJs Jr SSKJr SSKr"SS\R5r S\ S\ \ \ \ 44SjrSr"S S \R5rS rS rg) N)FileSystemKeyMaterialStorec*\rSrSrSrSrSrSrSrg)InMemoryKmsClientzJThis is a mock class implementation of KmsClient, built for testing only. cd[RRU5 URUlg)z%Create an InMemoryKmsClient instance.N)pe KmsClient__init__custom_kms_confmaster_keys_map)selfconfigs _/var/www/html/land-tabula/venv/lib/python3.13/site-packages/pyarrow/tests/parquet/encryption.pyr InMemoryKmsClient.__init__s" d#%55cURURS5nSRX1/5n[R"U5nU$)zXNot a secure cipher - the wrapped key is just the master key concatenated with key bytesutf-8r)r encodejoinbase64 b64encode)r key_bytesmaster_key_identifiermaster_key_bytes wrapped_keyresults rwrap_keyInMemoryKmsClient.wrap_key!sK //0EFMM hh 0<= !!+. rcX R;a [SU5eURUn[R"U5nUSSnUSSnX5R S5:XaU$[SXV5e)z?Not a secure cipher - just extract the key from the wrapped keyzUnknown master keyNrzIncorrect master key used)r ValueErrorr b64decodedecode)r rrexpected_master_keydecoded_wrapped_keyr decrypted_keys r unwrap_keyInMemoryKmsClient.unwrap_key*s !(<(< <13HI I"223HI$..{;.s3+BC0 #:#:7#C C 4): :r)r N) __name__ __module__ __qualname____firstlineno____doc__r rr'__static_attributes__rrrrs6  :rrrreturnc[R"S5nURU5=n(a8UR5up4n[ U5n[ R "U5nX4U4$[SU5e)zParses a wrapped key string into a tuple: (key id, version, key) given input in the form: :v:z(.+?):v([0-9]+?):(.+)zCannot parse wrapped key)recompile fullmatchgroupsintrr"r!)rptnmidversionb64keykeys rparse_wrapped_keyr=9si **, -C MM+ &&q&hhjVg,v&S!!3[AArmaster_key_versioncf\rSrSrSrS Sjr\S\4Sj5rS\ S\ S\ 4S jr S \ S\ S\ 4S jr S r g)MockVersioningKmsClientIaAThis is a mock class implementation of KmsClient, built for testing only. During tests that involve CryptoFactory.rotate_master_keys, separate instances of this client will be created when writing, rotating keys, and reading back parquet data. To help unit tests verify that external key material was stored correctly at each step, this client wraps keys with a master_key_identifier and a version number. To ensure each client wraps with the correct version, the current version is persisted in the key_access_token attribute of the KmsConnectionConfig shared by all clients r0NcN[RRU5 XlgN)rr r connection_config)r rDs rr MockVersioningKmsClient.__init__Vs d#!2rc@[URR5$rC)r6rDkey_access_token)r s rr>*MockVersioningKmsClient.master_key_versionZs4))::;;rrrct[R"U5RS5nUSURSU3$)Nrz:v:)rrr#r>)r rrr;s rr MockVersioningKmsClient.wrap_key^s<!!),33G<'(4+B+B*C1VHMMrrcD[U5up4nX2:wa [SX25eU$)Nz"Mismatched master key identifiers:)r=r!)r rrkey_id_r<s rr'"MockVersioningKmsClient.unwrap_keybs0+;73  *A#< < r)rD)r0N)r)r*r+r,r-r propertyr6r>bytesstrrr'r.r/rrr@r@Isf 3rlsk"''B : :D B3 B5c5+A B*!bll!H$r