def read(self, istream, kmip_version=enums.KMIPVersion.KMIP_1_0):
super(RekeyKeyPairRequestPayload, self).read(istream,
kmip_version=kmip_version)
tstream = BytearrayStream(istream.read(self.length))
if self.is_tag_next(enums.Tags.PRIVATE_KEY_UNIQUE_IDENTIFIER, tstream):
self.private_key_uuid = attributes.PrivateKeyUniqueIdentifier()
self.private_key_uuid.read(tstream, kmip_version=kmip_version)
if self.is_tag_next(enums.Tags.OFFSET, tstream):
self.offset = misc.Offset()
self.offset.read(tstream, kmip_version=kmip_version)
if self.is_tag_next(enums.Tags.COMMON_TEMPLATE_ATTRIBUTE, tstream):
self.common_template_attribute = objects.CommonTemplateAttribute()
self.common_template_attribute.read(tstream,
kmip_version=kmip_version)
if self.is_tag_next(enums.Tags.PRIVATE_KEY_TEMPLATE_ATTRIBUTE,
tstream):
self.private_key_template_attribute = \
objects.PrivateKeyTemplateAttribute()
self.private_key_template_attribute.read(tstream,
kmip_version=kmip_version)
if self.is_tag_next(enums.Tags.PUBLIC_KEY_TEMPLATE_ATTRIBUTE, tstream):
self.public_key_template_attribute = \
objects.PublicKeyTemplateAttribute()
self.public_key_template_attribute.read(tstream,
kmip_version=kmip_version)
self.is_oversized(tstream)
self.validate()
def setUp(self):
super(TestRekeyKeyPairResponsePayload, self).setUp()
self.uuid = '00000000-0000-0000-0000-000000000000'
self.private_key_uuid = attributes.PrivateKeyUniqueIdentifier(
self.uuid)
self.public_key_uuid = attributes.PublicKeyUniqueIdentifier(self.uuid)
self.empty_private_key_uuid = attributes.PrivateKeyUniqueIdentifier('')
self.empty_public_key_uuid = attributes.PublicKeyUniqueIdentifier('')
self.private_key_template_attribute = \
objects.PrivateKeyTemplateAttribute()
self.public_key_template_attribute = \
objects.PublicKeyTemplateAttribute()
self.encoding_empty = utils.BytearrayStream((
b'\x42\x00\x7C\x01\x00\x00\x00\x10\x42\x00\x66\x07\x00\x00\x00\x00'
b'\x42\x00\x6F\x07\x00\x00\x00\x00'))
self.encoding_full = utils.BytearrayStream((
b'\x42\x00\x7C\x01\x00\x00\x00\x70\x42\x00\x66\x07\x00\x00\x00\x24'
b'\x30\x30\x30\x30\x30\x30\x30\x30\x2d\x30\x30\x30\x30\x2d\x30\x30'
b'\x30\x30\x2d\x30\x30\x30\x30\x2d\x30\x30\x30\x30\x30\x30\x30\x30'
b'\x30\x30\x30\x30\x00\x00\x00\x00\x42\x00\x6F\x07\x00\x00\x00\x24'
b'\x30\x30\x30\x30\x30\x30\x30\x30\x2d\x30\x30\x30\x30\x2d\x30\x30'
b'\x30\x30\x2d\x30\x30\x30\x30\x2d\x30\x30\x30\x30\x30\x30\x30\x30'
b'\x30\x30\x30\x30\x00\x00\x00\x00\x42\x00\x65\x01\x00\x00\x00\x00'
b'\x42\x00\x6E\x01\x00\x00\x00\x00'))
def test_create_key_pair_with_key_names(self):
"""
Test that an asymmetric key pair can be created with proper inputs,
specifically testing that the private / public names are correctly
sent with the request
"""
# Create the template to test the create key pair call
algorithm = enums.CryptographicAlgorithm.RSA
length = 2048
algorithm_attribute = self.attribute_factory.create_attribute(
enums.AttributeType.CRYPTOGRAPHIC_ALGORITHM, algorithm)
length_attribute = self.attribute_factory.create_attribute(
enums.AttributeType.CRYPTOGRAPHIC_LENGTH, length)
mask_attribute = self.attribute_factory.create_attribute(
enums.AttributeType.CRYPTOGRAPHIC_USAGE_MASK, [
enums.CryptographicUsageMask.ENCRYPT,
enums.CryptographicUsageMask.DECRYPT
])
private_name_attribute = self.attribute_factory.create_attribute(
enums.AttributeType.NAME, "private")
public_name_attribute = self.attribute_factory.create_attribute(
enums.AttributeType.NAME, "public")
pair_attributes = [
algorithm_attribute, length_attribute, mask_attribute
]
template = obj.CommonTemplateAttribute(attributes=pair_attributes)
private_template = obj.PrivateKeyTemplateAttribute(
names=[private_name_attribute])
public_template = obj.PublicKeyTemplateAttribute(
names=[public_name_attribute])
status = enums.ResultStatus.SUCCESS
result = results.CreateKeyPairResult(
contents.ResultStatus(status),
public_key_uuid=attr.PublicKeyUniqueIdentifier(
'aaaaaaaa-1111-2222-3333-ffffffffffff'),
private_key_uuid=attr.PrivateKeyUniqueIdentifier(
'ffffffff-3333-2222-1111-aaaaaaaaaaaa'))
with ProxyKmipClient() as client:
client.proxy.create_key_pair.return_value = result
public_uid, private_uid = client.create_key_pair(
enums.CryptographicAlgorithm.RSA,
2048,
public_name="public",
private_name="private")
kwargs = {
'common_template_attribute': template,
'private_key_template_attribute': private_template,
'public_key_template_attribute': public_template
}
client.proxy.create_key_pair.assert_called_with(**kwargs)
def setUp(self):
super(TestCreateKeyPairRequestPayload, self).setUp()
self.common_template_attribute = objects.CommonTemplateAttribute()
self.private_key_template_attribute = \
objects.PrivateKeyTemplateAttribute()
self.public_key_template_attribute = \
objects.PublicKeyTemplateAttribute()
self.encoding_empty = utils.BytearrayStream(
(b'\x42\x00\x79\x01\x00\x00\x00\x00'))
self.encoding_full = utils.BytearrayStream((
b'\x42\x00\x79\x01\x00\x00\x00\x18\x42\x00\x1F\x01\x00\x00\x00\x00'
b'\x42\x00\x65\x01\x00\x00\x00\x00\x42\x00\x6E\x01\x00\x00\x00'
b'\x00'))
def read(self, istream):
super(CreateKeyPairResponsePayload, self).read(istream)
tstream = BytearrayStream(istream.read(self.length))
self.private_key_uuid.read(tstream)
self.public_key_uuid.read(tstream)
if self.is_tag_next(Tags.PRIVATE_KEY_TEMPLATE_ATTRIBUTE, tstream):
self.private_key_template_attribute = \
objects.PrivateKeyTemplateAttribute()
self.private_key_template_attribute.read(tstream)
if self.is_tag_next(Tags.PUBLIC_KEY_TEMPLATE_ATTRIBUTE, tstream):
self.public_key_template_attribute = \
objects.PublicKeyTemplateAttribute()
self.public_key_template_attribute.read(tstream)
self.is_oversized(tstream)
self.validate()
def setUp(self):
super(TestRekeyKeyPairRequestPayload, self).setUp()
self.uuid = '00000000-0000-0000-0000-000000000000'
self.private_key_uuid = attributes.PrivateKeyUniqueIdentifier(
self.uuid)
self.offset = misc.Offset(0)
self.common_template_attribute = objects.CommonTemplateAttribute()
self.private_key_template_attribute = \
objects.PrivateKeyTemplateAttribute()
self.public_key_template_attribute = \
objects.PublicKeyTemplateAttribute()
self.encoding_empty = utils.BytearrayStream((
b'\x42\x00\x79\x01\x00\x00\x00\x00'))
self.encoding_full = utils.BytearrayStream((
b'\x42\x00\x79\x01\x00\x00\x00\x58\x42\x00\x66\x07\x00\x00\x00\x24'
b'\x30\x30\x30\x30\x30\x30\x30\x30\x2d\x30\x30\x30\x30\x2d\x30\x30'
b'\x30\x30\x2d\x30\x30\x30\x30\x2d\x30\x30\x30\x30\x30\x30\x30\x30'
b'\x30\x30\x30\x30\x00\x00\x00\x00\x42\x00\x58\x0A\x00\x00\x00\x04'
b'\x00\x00\x00\x00\x00\x00\x00\x00\x42\x00\x1F\x01\x00\x00\x00\x00'
b'\x42\x00\x65\x01\x00\x00\x00\x00\x42\x00\x6E\x01\x00\x00\x00\x00'
))
def create_key_pair(self,
algorithm,
length,
operation_policy_name=None,
public_name=None,
private_name=None):
"""
Create an asymmetric key pair on a KMIP appliance.
Args:
algorithm (CryptographicAlgorithm): An enumeration defining the
algorithm to use to generate the key pair.
length (int): The length in bits for the key pair.
operation_policy_name (string): The name of the operation policy
to use for the new key pair. Optional, defaults to None.
public_name (string): The name to give the public key.
Optional, defaults to None.
private_name (string): The name to give the public key.
Optional, defaults to None.
Returns:
string: The uid of the newly created public key.
string: The uid of the newly created private key.
Raises:
ClientConnectionNotOpen: if the client connection is unusable
KmipOperationFailure: if the operation result is a failure
TypeError: if the input arguments are invalid
"""
# Check inputs
if not isinstance(algorithm, enums.CryptographicAlgorithm):
raise TypeError(
"algorithm must be a CryptographicAlgorithm enumeration")
elif not isinstance(length, six.integer_types) or length <= 0:
raise TypeError("length must be a positive integer")
# Verify that operations can be given at this time
if not self._is_open:
raise exceptions.ClientConnectionNotOpen()
# Create the common attributes that are shared
common_attributes = self._build_common_attributes(
operation_policy_name)
key_attributes = self._build_key_attributes(algorithm, length)
key_attributes.extend(common_attributes)
template = cobjects.CommonTemplateAttribute(attributes=key_attributes)
# Create public / private specific attributes
public_template = None
if public_name:
name_attr = self._build_name_attribute(name=public_name)
public_template = cobjects.PublicKeyTemplateAttribute(
names=name_attr)
private_template = None
if private_name:
name_attr = self._build_name_attribute(name=private_name)
private_template = cobjects.PrivateKeyTemplateAttribute(
names=name_attr)
# Create the asymmetric key pair and handle the results
result = self.proxy.create_key_pair(
common_template_attribute=template,
private_key_template_attribute=private_template,
public_key_template_attribute=public_template)
status = result.result_status.value
if status == enums.ResultStatus.SUCCESS:
public_uid = result.public_key_uuid.value
private_uid = result.private_key_uuid.value
return public_uid, private_uid
else:
reason = result.result_reason.value
message = result.result_message.value
raise exceptions.KmipOperationFailure(status, reason, message)
