Example #1
0
    def test_not_equal_on_equal(self):
        """
        Test that the inequality operator returns False when comparing two
        Sign request payloads with the same data.
        """
        a = sign.SignRequestPayload()
        b = sign.SignRequestPayload()

        self.assertFalse(a != b)
        self.assertFalse(b != a)

        a = sign.SignRequestPayload(
            unique_identifier='b4faee10-aa2a-4446-8ad4-0881f3422959',
            cryptographic_parameters=attributes.CryptographicParameters(
                cryptographic_algorithm=enums.CryptographicAlgorithm.ECDSA),
            data=b'\x01\x02\x03\x04\x05\x06\x07\x08'
            b'\x09\x10\x11\x12\x13\x14\x15\x16')
        b = sign.SignRequestPayload(
            unique_identifier='b4faee10-aa2a-4446-8ad4-0881f3422959',
            cryptographic_parameters=attributes.CryptographicParameters(
                cryptographic_algorithm=enums.CryptographicAlgorithm.ECDSA),
            data=b'\x01\x02\x03\x04\x05\x06\x07\x08'
            b'\x09\x10\x11\x12\x13\x14\x15\x16')

        self.assertFalse(a != b)
        self.assertFalse(b != a)
Example #2
0
    def test_init_with_args(self):
        """
        Test that a Decrypt request payload can be constructed with valid
        values
        """
        payload = payloads.DecryptRequestPayload(
            unique_identifier='00000000-1111-2222-3333-444444444444',
            cryptographic_parameters=attributes.CryptographicParameters(),
            data=b'\x01\x02\x03',
            iv_counter_nonce=b'\x01',
            auth_additional_data=b'\x01\x10\x80\xFF',
            auth_tag=b'\x01\x90\xFE'
        )

        self.assertEqual(
            '00000000-1111-2222-3333-444444444444',
            payload.unique_identifier
        )
        self.assertEqual(
            attributes.CryptographicParameters(),
            payload.cryptographic_parameters
        )
        self.assertEqual(b'\x01\x02\x03', payload.data)
        self.assertEqual(b'\x01', payload.iv_counter_nonce)
        self.assertEqual(b'\x01\x10\x80\xFF', payload.auth_additional_data)
        self.assertEqual(b'\x01\x90\xFE', payload.auth_tag)
Example #3
0
    def test_not_equal_on_equal(self):
        """
        Test that the inequality operator returns False when comparing two
        Decrypt request payloads with the same data.
        """
        a = payloads.DecryptRequestPayload()
        b = payloads.DecryptRequestPayload()

        self.assertFalse(a != b)
        self.assertFalse(b != a)

        a = payloads.DecryptRequestPayload(
            unique_identifier='b4faee10-aa2a-4446-8ad4-0881f3422959',
            cryptographic_parameters=attributes.CryptographicParameters(
                block_cipher_mode=enums.BlockCipherMode.CBC,
                padding_method=enums.PaddingMethod.PKCS5,
                hashing_algorithm=enums.HashingAlgorithm.SHA_1,
                key_role_type=enums.KeyRoleType.KEK,
                digital_signature_algorithm=enums.DigitalSignatureAlgorithm.
                SHA256_WITH_RSA_ENCRYPTION,
                cryptographic_algorithm=enums.CryptographicAlgorithm.AES,
                random_iv=True,
                iv_length=96,
                tag_length=128,
                fixed_field_length=32,
                invocation_field_length=64,
                counter_length=0,
                initial_counter_value=1
            ),
            data=b'\x01\x23\x45\x67\x89\xAB\xCD\xEF',
            iv_counter_nonce=b'\x01',
            auth_additional_data=b'\x01\x10\x80\xFF',
            auth_tag=b'\x01\x90\xFE'
        )
        b = payloads.DecryptRequestPayload(
            unique_identifier='b4faee10-aa2a-4446-8ad4-0881f3422959',
            cryptographic_parameters=attributes.CryptographicParameters(
                block_cipher_mode=enums.BlockCipherMode.CBC,
                padding_method=enums.PaddingMethod.PKCS5,
                hashing_algorithm=enums.HashingAlgorithm.SHA_1,
                key_role_type=enums.KeyRoleType.KEK,
                digital_signature_algorithm=enums.DigitalSignatureAlgorithm.
                SHA256_WITH_RSA_ENCRYPTION,
                cryptographic_algorithm=enums.CryptographicAlgorithm.AES,
                random_iv=True,
                iv_length=96,
                tag_length=128,
                fixed_field_length=32,
                invocation_field_length=64,
                counter_length=0,
                initial_counter_value=1
            ),
            data=b'\x01\x23\x45\x67\x89\xAB\xCD\xEF',
            iv_counter_nonce=b'\x01',
            auth_additional_data=b'\x01\x10\x80\xFF',
            auth_tag=b'\x01\x90\xFE'
        )

        self.assertFalse(a != b)
        self.assertFalse(b != a)
Example #4
0
    def test_not_equal_on_not_equal_cryptographic_parameters(self):
        """
        Test that the equality operator returns False when comparing two
        Sign request payloads with cryptographic parameters.
        """
        a = sign.SignRequestPayload(
            cryptographic_parameters=attributes.CryptographicParameters(
                hashing_algorithm=enums.HashingAlgorithm.MD5))
        b = sign.SignRequestPayload(
            cryptographic_parameters=attributes.CryptographicParameters(
                cryptographic_algorithm=enums.CryptographicAlgorithm.ECDSA))

        self.assertTrue(a != b)
        self.assertTrue(b != a)
Example #5
0
    def test_init_with_args(self):
        """
        Test that a Sign request payload can be constructed with valid values.
        """
        payload = sign.SignRequestPayload(
            unique_identifier='00000000-1111-2222-3333-444444444444',
            cryptographic_parameters=attributes.CryptographicParameters(),
            data=b'\x01\x02\x03')

        self.assertEqual('00000000-1111-2222-3333-444444444444',
                         payload.unique_identifier)
        self.assertEqual(attributes.CryptographicParameters(),
                         payload.cryptographic_parameters)
        self.assertEqual(b'\x01\x02\x03', payload.data)
Example #6
0
    def test_not_equal_on_not_equal_cryptographic_parameters(self):
        """
        Test that the inequality operator returns True when comparing two
        Encrypt request payloads with different cryptographic parameters.
        """
        a = encrypt.EncryptRequestPayload(
            cryptographic_parameters=attributes.CryptographicParameters(
                block_cipher_mode=enums.BlockCipherMode.CBC))
        b = encrypt.EncryptRequestPayload(
            cryptographic_parameters=attributes.CryptographicParameters(
                hashing_algorithm=enums.HashingAlgorithm.MD5))

        self.assertTrue(a != b)
        self.assertTrue(b != a)
Example #7
0
    def _create_cryptographic_parameters(self, params):
        bcm = None
        padding_method = None
        hashing_algorithm = None
        key_role_type = None

        if params is not None:

            if 'block_cipher_mode' in params:
                bcm = attributes.CryptographicParameters.BlockCipherMode(
                    params.get('block_cipher_mode'))

            padding_method = None
            if 'padding_method' in params:
                padding_method = attributes.CryptographicParameters. \
                    PaddingMethod(params.get('padding_method'))

            key_role_type = None
            if 'key_role_type' in params:
                key_role_type = attributes.CryptographicParameters.KeyRoleType(
                    params.get('key_role_type'))

            hashing_algorithm = None
            if 'hashing_algorithm' in params:
                hashing_algorithm = attributes.HashingAlgorithm(
                    params.get("hashing_algorithm"))

        return attributes.CryptographicParameters(
            block_cipher_mode=bcm,
            padding_method=padding_method,
            hashing_algorithm=hashing_algorithm,
            key_role_type=key_role_type)
Example #8
0
    def test_repr(self):
        """
        Test that repr can be applied to a Sign request payload.
        """
        payload = sign.SignRequestPayload(
            unique_identifier='b4faee10-aa2a-4446-8ad4-0881f3422959',
            cryptographic_parameters=attributes.CryptographicParameters(
                cryptographic_algorithm=enums.CryptographicAlgorithm.ECDSA
            ),
            data=b'\x01\x02\x03\x04\x05\x06\x07\x08'
        )
        expected = (
            "SignRequestPayload("
            "unique_identifier='b4faee10-aa2a-4446-8ad4-0881f3422959', "
            "cryptographic_parameters=CryptographicParameters("
            "block_cipher_mode=None, padding_method=None, "
            "hashing_algorithm=None, key_role_type=None, "
            "digital_signature_algorithm=None, "
            "cryptographic_algorithm=CryptographicAlgorithm.ECDSA, "
            "random_iv=None, iv_length=None, tag_length=None, "
            "fixed_field_length=None, invocation_field_length=None, "
            "counter_length=None, initial_counter_value=None), "
            "data=" + str(b'\x01\x02\x03\x04\x05\x06\x07\x08') + ")"
        )
        observed = repr(payload)

        self.assertEqual(expected, observed)
Example #9
0
    def _create_cryptographic_parameters(self, params):
        if params is None:
            params = {}

        if isinstance(params, dict):
            return attributes.CryptographicParameters(
                block_cipher_mode=params.get('block_cipher_mode', None),
                padding_method=params.get('padding_method', None),
                hashing_algorithm=params.get('hashing_algorithm', None),
                key_role_type=params.get('key_role_type', None),
                digital_signature_algorithm=params.get(
                    'digital_signature_algorithm', None),
                cryptographic_algorithm=params.get('cryptographic_algorithm',
                                                   None),
                random_iv=params.get('random_iv', None),
                iv_length=params.get('iv_length', None),
                tag_length=params.get('tag_length', None),
                fixed_field_length=params.get('fixed_field_length', None),
                invocation_field_length=params.get('invocation_field_length',
                                                   None),
                counter_length=params.get('counter_length', None),
                initial_counter_value=params.get('initial_counter_value',
                                                 None))
        else:
            raise TypeError("cryptographic parameters must be a dict")
Example #10
0
    def test_str(self):
        """
        Test that str can be applied to an Encrypt request payload
        """
        cryptographic_parameters = attributes.CryptographicParameters(
            block_cipher_mode=enums.BlockCipherMode.CBC,
            padding_method=enums.PaddingMethod.PKCS5,
            hashing_algorithm=enums.HashingAlgorithm.SHA_1,
            key_role_type=enums.KeyRoleType.KEK,
            digital_signature_algorithm=enums.DigitalSignatureAlgorithm.
            SHA256_WITH_RSA_ENCRYPTION,
            cryptographic_algorithm=enums.CryptographicAlgorithm.AES,
            random_iv=True,
            iv_length=96,
            tag_length=128,
            fixed_field_length=32,
            invocation_field_length=64,
            counter_length=0,
            initial_counter_value=1)
        payload = encrypt.EncryptRequestPayload(
            unique_identifier='b4faee10-aa2a-4446-8ad4-0881f3422959',
            cryptographic_parameters=cryptographic_parameters,
            data=b'\x01\x23\x45\x67\x89\xAB\xCD\xEF',
            iv_counter_nonce=b'\x01')

        expected = str({
            'unique_identifier': 'b4faee10-aa2a-4446-8ad4-0881f3422959',
            'cryptographic_parameters': cryptographic_parameters,
            'data': b'\x01\x23\x45\x67\x89\xAB\xCD\xEF',
            'iv_counter_nonce': b'\x01'
        })
        observed = str(payload)

        self.assertEqual(expected, observed)
Example #11
0
    def test_write(self):
        """
        Test that an Encrypt request payload can be written to a data stream.
        """
        payload = payloads.EncryptRequestPayload(
            unique_identifier='b4faee10-aa2a-4446-8ad4-0881f3422959',
            cryptographic_parameters=attributes.CryptographicParameters(
                block_cipher_mode=enums.BlockCipherMode.CBC,
                padding_method=enums.PaddingMethod.PKCS5,
                hashing_algorithm=enums.HashingAlgorithm.SHA_1,
                key_role_type=enums.KeyRoleType.KEK,
                digital_signature_algorithm=enums.DigitalSignatureAlgorithm.
                SHA256_WITH_RSA_ENCRYPTION,
                cryptographic_algorithm=enums.CryptographicAlgorithm.AES,
                random_iv=True,
                iv_length=96,
                tag_length=128,
                fixed_field_length=32,
                invocation_field_length=64,
                counter_length=0,
                initial_counter_value=1
            ),
            data=b'\x01\x23\x45\x67\x89\xAB\xCD\xEF',
            iv_counter_nonce=b'\x01'
        )
        stream = utils.BytearrayStream()
        payload.write(stream)

        self.assertEqual(len(self.full_encoding), len(stream))
        self.assertEqual(str(self.full_encoding), str(stream))
Example #12
0
    def read(self, input_stream, kmip_version=enums.KMIPVersion.KMIP_1_0):
        """
        Read the data encoding the Decrypt request payload and decode it
        into its constituent parts.

        Args:
            input_stream (stream): A data stream containing encoded object
                data, supporting a read method; usually a BytearrayStream
                object.
            kmip_version (KMIPVersion): An enumeration defining the KMIP
                version with which the object will be decoded. Optional,
                defaults to KMIP 1.0.

        Raises:
            ValueError: Raised if the data attribute is missing from the
                encoded payload.
        """
        super(DecryptRequestPayload, self).read(input_stream,
                                                kmip_version=kmip_version)
        local_stream = utils.BytearrayStream(input_stream.read(self.length))

        if self.is_tag_next(enums.Tags.UNIQUE_IDENTIFIER, local_stream):
            self._unique_identifier = primitives.TextString(
                tag=enums.Tags.UNIQUE_IDENTIFIER)
            self._unique_identifier.read(local_stream,
                                         kmip_version=kmip_version)

        if self.is_tag_next(enums.Tags.CRYPTOGRAPHIC_PARAMETERS, local_stream):
            self._cryptographic_parameters = \
                attributes.CryptographicParameters()
            self._cryptographic_parameters.read(local_stream,
                                                kmip_version=kmip_version)

        if self.is_tag_next(enums.Tags.DATA, local_stream):
            self._data = primitives.ByteString(tag=enums.Tags.DATA)
            self._data.read(local_stream, kmip_version=kmip_version)
        else:
            raise ValueError("invalid payload missing the data attribute")

        if self.is_tag_next(enums.Tags.IV_COUNTER_NONCE, local_stream):
            self._iv_counter_nonce = primitives.ByteString(
                tag=enums.Tags.IV_COUNTER_NONCE)
            self._iv_counter_nonce.read(local_stream,
                                        kmip_version=kmip_version)

        if kmip_version >= enums.KMIPVersion.KMIP_1_4:
            if self.is_tag_next(
                    enums.Tags.AUTHENTICATED_ENCRYPTION_ADDITIONAL_DATA,
                    local_stream):
                self._auth_additional_data = primitives.ByteString(
                    tag=enums.Tags.AUTHENTICATED_ENCRYPTION_ADDITIONAL_DATA)
                self._auth_additional_data.read(local_stream,
                                                kmip_version=kmip_version)
            if self.is_tag_next(enums.Tags.AUTHENTICATED_ENCRYPTION_TAG,
                                local_stream):
                self._auth_tag = primitives.ByteString(
                    tag=enums.Tags.AUTHENTICATED_ENCRYPTION_TAG)
                self._auth_tag.read(local_stream, kmip_version=kmip_version)

        self.is_oversized(local_stream)
Example #13
0
    def test_init_with_args(self):
        """
        Test that an Encrypt request payload can be constructed with valid
        values
        """
        payload = encrypt.EncryptRequestPayload(
            unique_identifier='00000000-1111-2222-3333-444444444444',
            cryptographic_parameters=attributes.CryptographicParameters(),
            data=b'\x01\x02\x03',
            iv_counter_nonce=b'\x01')

        self.assertEqual('00000000-1111-2222-3333-444444444444',
                         payload.unique_identifier)
        self.assertEqual(attributes.CryptographicParameters(),
                         payload.cryptographic_parameters)
        self.assertEqual(b'\x01\x02\x03', payload.data)
        self.assertEqual(b'\x01', payload.iv_counter_nonce)
Example #14
0
    def read(self, input_stream, kmip_version=enums.KMIPVersion.KMIP_1_0):
        """
        Read the data encoding the SignatureVerify request payload and decode
        it into its constituent parts.

        Args:
            input_stream (stream): A data stream containing encoded object
                data, supporting a read method; usually a BytearrayStream
                object.
            kmip_version (KMIPVersion): An enumeration defining the KMIP
                version with which the object will be decoded. Optional,
                defaults to KMIP 1.0.

        Raises:
            ValueError: Raised if the data attribute is missing from the
                encoded payload.
        """
        super(SignatureVerifyRequestPayload,
              self).read(input_stream, kmip_version=kmip_version)
        local_stream = utils.BytearrayStream(input_stream.read(self.length))

        if self.is_tag_next(enums.Tags.UNIQUE_IDENTIFIER, local_stream):
            self._unique_identifier = primitives.TextString(
                tag=enums.Tags.UNIQUE_IDENTIFIER)
            self._unique_identifier.read(local_stream,
                                         kmip_version=kmip_version)
        if self.is_tag_next(enums.Tags.CRYPTOGRAPHIC_PARAMETERS, local_stream):
            self._cryptographic_parameters = \
                attributes.CryptographicParameters()
            self._cryptographic_parameters.read(local_stream,
                                                kmip_version=kmip_version)
        if self.is_tag_next(enums.Tags.DATA, local_stream):
            self._data = primitives.ByteString(tag=enums.Tags.DATA)
            self._data.read(local_stream, kmip_version=kmip_version)
        if self.is_tag_next(enums.Tags.DIGESTED_DATA, local_stream):
            self._digested_data = primitives.ByteString(
                tag=enums.Tags.DIGESTED_DATA)
            self._digested_data.read(local_stream, kmip_version=kmip_version)
        if self.is_tag_next(enums.Tags.SIGNATURE_DATA, local_stream):
            self._signature_data = primitives.ByteString(
                tag=enums.Tags.SIGNATURE_DATA)
            self._signature_data.read(local_stream, kmip_version=kmip_version)
        if self.is_tag_next(enums.Tags.CORRELATION_VALUE, local_stream):
            self._correlation_value = primitives.ByteString(
                tag=enums.Tags.CORRELATION_VALUE)
            self._correlation_value.read(local_stream,
                                         kmip_version=kmip_version)
        if self.is_tag_next(enums.Tags.INIT_INDICATOR, local_stream):
            self._init_indicator = primitives.Boolean(
                tag=enums.Tags.INIT_INDICATOR)
            self._init_indicator.read(local_stream, kmip_version=kmip_version)
        if self.is_tag_next(enums.Tags.FINAL_INDICATOR, local_stream):
            self._final_indicator = primitives.Boolean(
                tag=enums.Tags.FINAL_INDICATOR)
            self._final_indicator.read(local_stream, kmip_version=kmip_version)

        self.is_oversized(local_stream)
Example #15
0
    def test_repr(self):
        """
        Test that repr can be applied to an Decrypt request payload.
        """
        payload = payloads.DecryptRequestPayload(
            unique_identifier='b4faee10-aa2a-4446-8ad4-0881f3422959',
            cryptographic_parameters=attributes.CryptographicParameters(
                block_cipher_mode=enums.BlockCipherMode.CBC,
                padding_method=enums.PaddingMethod.PKCS5,
                hashing_algorithm=enums.HashingAlgorithm.SHA_1,
                key_role_type=enums.KeyRoleType.KEK,
                digital_signature_algorithm=enums.DigitalSignatureAlgorithm.
                SHA256_WITH_RSA_ENCRYPTION,
                cryptographic_algorithm=enums.CryptographicAlgorithm.AES,
                random_iv=True,
                iv_length=96,
                tag_length=128,
                fixed_field_length=32,
                invocation_field_length=64,
                counter_length=0,
                initial_counter_value=1
            ),
            data=b'\x01\x23\x45\x67\x89\xAB\xCD\xEF',
            iv_counter_nonce=b'\x01',
            auth_additional_data=b'\x01\x10\x80\xFF',
            auth_tag=b'\x01\x90\xFE'
        )
        expected = (
            "DecryptRequestPayload("
            "unique_identifier='b4faee10-aa2a-4446-8ad4-0881f3422959', "
            "cryptographic_parameters=CryptographicParameters("
            "block_cipher_mode=BlockCipherMode.CBC, "
            "padding_method=PaddingMethod.PKCS5, "
            "hashing_algorithm=HashingAlgorithm.SHA_1, "
            "key_role_type=KeyRoleType.KEK, "
            "digital_signature_algorithm="
            "DigitalSignatureAlgorithm.SHA256_WITH_RSA_ENCRYPTION, "
            "cryptographic_algorithm=CryptographicAlgorithm.AES, "
            "random_iv=True, "
            "iv_length=96, "
            "tag_length=128, "
            "fixed_field_length=32, "
            "invocation_field_length=64, "
            "counter_length=0, "
            "initial_counter_value=1), "
            "data=" + str(b'\x01\x23\x45\x67\x89\xAB\xCD\xEF') + ", "
            "iv_counter_nonce=" + str(b'\x01') + ", "
            "auth_additional_data=" + str(b'\x01\x10\x80\xFF') + ", "
            "auth_tag=" + str(b'\x01\x90\xFE') + ")"
        )
        observed = repr(payload)

        self.assertEqual(expected, observed)
Example #16
0
    def read(self, input_stream, kmip_version=enums.KMIPVersion.KMIP_1_0):
        """
        Read the data encoding the Sign request payload and decode it
        into its parts

        Args:
            input_stream (stream): A data stream containing encoded object
                data, supporting a read method.
            kmip_version (KMIPVersion): An enumeration defining the KMIP
                version with which the object will be decoded. Optional,
                defaults to KMIP 1.0.

        Raises:
            ValueError: Raised if the data attribute is missing from the
                encoded payload.
        """
        super(SignRequestPayload, self).read(
            input_stream,
            kmip_version=kmip_version
        )
        local_stream = utils.BytearrayStream(input_stream.read(self.length))

        if self.is_tag_next(enums.Tags.UNIQUE_IDENTIFIER, local_stream):
            self._unique_identifier = primitives.TextString(
                tag=enums.Tags.UNIQUE_IDENTIFIER
            )

            self._unique_identifier.read(
                local_stream,
                kmip_version=kmip_version
            )

        if self.is_tag_next(
               enums.Tags.CRYPTOGRAPHIC_PARAMETERS,
               local_stream
        ):
            self._cryptographic_parameters = \
                attributes.CryptographicParameters()
            self._cryptographic_parameters.read(
                local_stream,
                kmip_version=kmip_version
            )

        if self.is_tag_next(enums.Tags.DATA, local_stream):
            self._data = primitives.ByteString(tag=enums.Tags.DATA)
            self._data.read(local_stream, kmip_version=kmip_version)

        else:
            raise ValueError(
                "invalid payload missing the data attribute"
            )
Example #17
0
    def test_write(self):
        """
        Test that a Sign request payload can be written to a data stream.
        """
        payload = sign.SignRequestPayload(
            unique_identifier='b4faee10-aa2a-4446-8ad4-0881f3422959',
            cryptographic_parameters=attributes.CryptographicParameters(
                cryptographic_algorithm=enums.CryptographicAlgorithm.ECDSA),
            data=b'\x01\x02\x03\x04\x05\x06\x07\x08'
            b'\x09\x10\x11\x12\x13\x14\x15\x16')
        stream = utils.BytearrayStream()
        payload.write(stream)

        self.assertEqual(len(self.full_encoding), len(stream))
        self.assertEqual(str(self.full_encoding), str(stream))
Example #18
0
    def _create_cryptographic_parameters(self, params):
        bcm = None
        padding_method = None
        hashing_algorithm = None
        key_role_type = None
        digital_signature_algorithm = None
        cryptographic_algorithm = None
        # TODO: Need to implement other fields of CryptographicParameters (3.6)

        if params is not None:

            if 'block_cipher_mode' in params:
                bcm = attributes.CryptographicParameters.BlockCipherMode(
                    params.get('block_cipher_mode'))

            padding_method = None
            if 'padding_method' in params:
                padding_method = attributes.CryptographicParameters. \
                    PaddingMethod(params.get('padding_method'))

            key_role_type = None
            if 'key_role_type' in params:
                key_role_type = attributes.CryptographicParameters.KeyRoleType(
                    params.get('key_role_type'))

            hashing_algorithm = None
            if 'hashing_algorithm' in params:
                hashing_algorithm = attributes.HashingAlgorithm(
                    params.get("hashing_algorithm"))

            if 'digital_signature_algorithm' in params:
                digital_signature_algorithm = \
                    attributes.CryptographicParameters. \
                    DigitalSignatureAlgorithm(
                        params.get("digital_signature_algorithm"))

            if 'cryptographic_algorithm' in params:
                cryptographic_algorithm = attributes.CryptographicAlgorithm(
                    params.get("cryptographic_algorithm"))

        return attributes.CryptographicParameters(
            block_cipher_mode=bcm,
            padding_method=padding_method,
            hashing_algorithm=hashing_algorithm,
            key_role_type=key_role_type,
            digital_signature_algorithm=digital_signature_algorithm,
            cryptographic_algorithm=cryptographic_algorithm)
Example #19
0
    def read(self, input_stream):
        """
        Read the data encoding the Encrypt request payload and decode it
        into its constituent parts.

        Args:
            input_stream (stream): A data stream containing encoded object
                data, supporting a read method; usually a BytearrayStream
                object.

        Raises:
            ValueError: Raised if the data attribute is missing from the
                encoded payload.
        """
        super(EncryptRequestPayload, self).read(input_stream)
        local_stream = utils.BytearrayStream(input_stream.read(self.length))

        if self.is_tag_next(enums.Tags.UNIQUE_IDENTIFIER, local_stream):
            self._unique_identifier = primitives.TextString(
                tag=enums.Tags.UNIQUE_IDENTIFIER
            )
            self._unique_identifier.read(local_stream)

        if self.is_tag_next(
                enums.Tags.CRYPTOGRAPHIC_PARAMETERS,
                local_stream
        ):
            self._cryptographic_parameters = \
                attributes.CryptographicParameters()
            self._cryptographic_parameters.read(local_stream)

        if self.is_tag_next(enums.Tags.DATA, local_stream):
            self._data = primitives.ByteString(tag=enums.Tags.DATA)
            self._data.read(local_stream)
        else:
            raise ValueError("invalid payload missing the data attribute")

        if self.is_tag_next(enums.Tags.IV_COUNTER_NONCE, local_stream):
            self._iv_counter_nonce = primitives.ByteString(
                tag=enums.Tags.IV_COUNTER_NONCE
            )
            self._iv_counter_nonce.read(local_stream)

        self.is_oversized(local_stream)
Example #20
0
    def test_str(self):
        """
        Test that str can be applied to a Sign request payload.
        """
        crypto_params = attributes.CryptographicParameters(
            cryptographic_algorithm=enums.CryptographicAlgorithm.ECDSA)
        payload = sign.SignRequestPayload(
            unique_identifier='b4faee10-aa2a-4446-8ad4-0881f3422959',
            cryptographic_parameters=crypto_params,
            data=b'\x01\x02\x03\x04\x05\x06\x07\x08',
        )

        expected = str({
            'unique_identifier': 'b4faee10-aa2a-4446-8ad4-0881f3422959',
            'cryptographic_parameters': crypto_params,
            'data': b'\x01\x02\x03\x04\x05\x06\x07\x08'
        })
        observed = str(payload)

        self.assertEqual(expected, observed)
Example #21
0
    def read(self, istream):
        super(MACRequestPayload, self).read(istream)
        tstream = BytearrayStream(istream.read(self.length))

        if self.is_tag_next(Tags.UNIQUE_IDENTIFIER, tstream):
            self.unique_identifier = attributes.UniqueIdentifier()
            self.unique_identifier.read(tstream)

        if self.is_tag_next(Tags.CRYPTOGRAPHIC_PARAMETERS, tstream):
            self.cryptographic_parameters = \
                attributes.CryptographicParameters()
            self.cryptographic_parameters.read(tstream)

        if self.is_tag_next(Tags.DATA, tstream):
            self.data = Data()
            self.data.read(tstream)
        else:
            raise exceptions.InvalidKmipEncoding(
                "expected mac request data not found"
            )

        self.is_oversized(tstream)
Example #22
0
    def setUp(self):
        super(TestMACRequestPayload, self).setUp()

        self.unique_identifier = attributes.UniqueIdentifier(value='1')
        self.cryptographic_parameters = \
            attributes.CryptographicParameters(
                cryptographic_algorithm=enums.CryptographicAlgorithm.
                HMAC_SHA512
            )
        self.data = objects.Data(
            value=(b'\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B'
                   b'\x0C\x0D\x0E\x0F'))

        self.encoding_full = utils.BytearrayStream((
            b'\x42\x00\x79\x01\x00\x00\x00\x40\x42\x00\x94\x07\x00\x00\x00\x01'
            b'\x31\x00\x00\x00\x00\x00\x00\x00\x42\x00\x2b\x01\x00\x00\x00\x10'
            b'\x42\x00\x28\x05\x00\x00\x00\x04\x00\x00\x00\x0b\x00\x00\x00\x00'
            b'\x42\x00\xc2\x08\x00\x00\x00\x10\x00\x01\x02\x03\x04\x05\x06\x07'
            b'\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f'))
        self.encoding_no_data = utils.BytearrayStream((
            b'\x42\x00\x79\x01\x00\x00\x00\x28\x42\x00\x94\x07\x00\x00\x00\x01'
            b'\x31\x00\x00\x00\x00\x00\x00\x00\x42\x00\x2b\x01\x00\x00\x00\x10'
            b'\x42\x00\x28\x05\x00\x00\x00\x04\x00\x00\x00\x0b\x00\x00\x00\x00'
        ))