def read(self, istream, kmip_version=enums.KMIPVersion.KMIP_1_0): super(RekeyKeyPairRequestPayload, self).read(istream, kmip_version=kmip_version) tstream = BytearrayStream(istream.read(self.length)) if self.is_tag_next(enums.Tags.PRIVATE_KEY_UNIQUE_IDENTIFIER, tstream): self.private_key_uuid = attributes.PrivateKeyUniqueIdentifier() self.private_key_uuid.read(tstream, kmip_version=kmip_version) if self.is_tag_next(enums.Tags.OFFSET, tstream): self.offset = misc.Offset() self.offset.read(tstream, kmip_version=kmip_version) if self.is_tag_next(enums.Tags.COMMON_TEMPLATE_ATTRIBUTE, tstream): self.common_template_attribute = objects.CommonTemplateAttribute() self.common_template_attribute.read(tstream, kmip_version=kmip_version) if self.is_tag_next(enums.Tags.PRIVATE_KEY_TEMPLATE_ATTRIBUTE, tstream): self.private_key_template_attribute = \ objects.PrivateKeyTemplateAttribute() self.private_key_template_attribute.read(tstream, kmip_version=kmip_version) if self.is_tag_next(enums.Tags.PUBLIC_KEY_TEMPLATE_ATTRIBUTE, tstream): self.public_key_template_attribute = \ objects.PublicKeyTemplateAttribute() self.public_key_template_attribute.read(tstream, kmip_version=kmip_version) self.is_oversized(tstream) self.validate()
def test_create_key_pair_with_key_names(self): """ Test that an asymmetric key pair can be created with proper inputs, specifically testing that the private / public names are correctly sent with the request """ # Create the template to test the create key pair call algorithm = enums.CryptographicAlgorithm.RSA length = 2048 algorithm_attribute = self.attribute_factory.create_attribute( enums.AttributeType.CRYPTOGRAPHIC_ALGORITHM, algorithm) length_attribute = self.attribute_factory.create_attribute( enums.AttributeType.CRYPTOGRAPHIC_LENGTH, length) mask_attribute = self.attribute_factory.create_attribute( enums.AttributeType.CRYPTOGRAPHIC_USAGE_MASK, [ enums.CryptographicUsageMask.ENCRYPT, enums.CryptographicUsageMask.DECRYPT ]) private_name_attribute = self.attribute_factory.create_attribute( enums.AttributeType.NAME, "private") public_name_attribute = self.attribute_factory.create_attribute( enums.AttributeType.NAME, "public") pair_attributes = [ algorithm_attribute, length_attribute, mask_attribute ] template = obj.CommonTemplateAttribute(attributes=pair_attributes) private_template = obj.PrivateKeyTemplateAttribute( names=[private_name_attribute]) public_template = obj.PublicKeyTemplateAttribute( names=[public_name_attribute]) status = enums.ResultStatus.SUCCESS result = results.CreateKeyPairResult( contents.ResultStatus(status), public_key_uuid=attr.PublicKeyUniqueIdentifier( 'aaaaaaaa-1111-2222-3333-ffffffffffff'), private_key_uuid=attr.PrivateKeyUniqueIdentifier( 'ffffffff-3333-2222-1111-aaaaaaaaaaaa')) with ProxyKmipClient() as client: client.proxy.create_key_pair.return_value = result public_uid, private_uid = client.create_key_pair( enums.CryptographicAlgorithm.RSA, 2048, public_name="public", private_name="private") kwargs = { 'common_template_attribute': template, 'private_key_template_attribute': private_template, 'public_key_template_attribute': public_template } client.proxy.create_key_pair.assert_called_with(**kwargs)
def create_key_pair(self, algorithm, length, operation_policy_name=None): """ Create an asymmetric key pair on a KMIP appliance. Args: algorithm (CryptographicAlgorithm): An enumeration defining the algorithm to use to generate the key pair. length (int): The length in bits for the key pair. operation_policy_name (string): The name of the operation policy to use for the new key pair. Optional, defaults to None. Returns: string: The uid of the newly created public key. string: The uid of the newly created private key. Raises: ClientConnectionNotOpen: if the client connection is unusable KmipOperationFailure: if the operation result is a failure TypeError: if the input arguments are invalid """ # Check inputs if not isinstance(algorithm, enums.CryptographicAlgorithm): raise TypeError( "algorithm must be a CryptographicAlgorithm enumeration") elif not isinstance(length, six.integer_types) or length <= 0: raise TypeError("length must be a positive integer") # Verify that operations can be given at this time if not self._is_open: raise exceptions.ClientConnectionNotOpen() # Create the template containing the attributes common_attributes = self._build_common_attributes( operation_policy_name) key_attributes = self._build_key_attributes(algorithm, length) key_attributes.extend(common_attributes) template = cobjects.CommonTemplateAttribute(attributes=key_attributes) # Create the asymmetric key pair and handle the results result = self.proxy.create_key_pair(common_template_attribute=template) status = result.result_status.value if status == enums.ResultStatus.SUCCESS: public_uid = result.public_key_uuid.value private_uid = result.private_key_uuid.value return public_uid, private_uid else: reason = result.result_reason.value message = result.result_message.value raise exceptions.KmipOperationFailure(status, reason, message)
def setUp(self): super(TestCreateKeyPairRequestPayload, self).setUp() self.common_template_attribute = objects.CommonTemplateAttribute() self.private_key_template_attribute = \ objects.PrivateKeyTemplateAttribute() self.public_key_template_attribute = \ objects.PublicKeyTemplateAttribute() self.encoding_empty = utils.BytearrayStream( (b'\x42\x00\x79\x01\x00\x00\x00\x00')) self.encoding_full = utils.BytearrayStream(( b'\x42\x00\x79\x01\x00\x00\x00\x18\x42\x00\x1F\x01\x00\x00\x00\x00' b'\x42\x00\x65\x01\x00\x00\x00\x00\x42\x00\x6E\x01\x00\x00\x00' b'\x00'))
def test_create_key_pair(self): """ Test that an asymmetric key pair can be created with proper inputs and that the UIDs of the public and private keys are returned properly. """ # Create the template to test the create key pair call algorithm = enums.CryptographicAlgorithm.RSA length = 2048 algorithm_attribute = self.attribute_factory.create_attribute( enums.AttributeType.CRYPTOGRAPHIC_ALGORITHM, algorithm) length_attribute = self.attribute_factory.create_attribute( enums.AttributeType.CRYPTOGRAPHIC_LENGTH, length) mask_attribute = self.attribute_factory.create_attribute( enums.AttributeType.CRYPTOGRAPHIC_USAGE_MASK, [ enums.CryptographicUsageMask.ENCRYPT, enums.CryptographicUsageMask.DECRYPT ]) attributes = [algorithm_attribute, length_attribute, mask_attribute] template = obj.CommonTemplateAttribute(attributes=attributes) status = enums.ResultStatus.SUCCESS result = results.CreateKeyPairResult( contents.ResultStatus(status), public_key_uuid=attr.PublicKeyUniqueIdentifier( 'aaaaaaaa-1111-2222-3333-ffffffffffff'), private_key_uuid=attr.PrivateKeyUniqueIdentifier( 'ffffffff-3333-2222-1111-aaaaaaaaaaaa')) with ProxyKmipClient() as client: client.proxy.create_key_pair.return_value = result public_uid, private_uid = client.create_key_pair( enums.CryptographicAlgorithm.RSA, 2048) kwargs = { 'common_template_attribute': template, 'private_key_template_attribute': None, 'public_key_template_attribute': None } client.proxy.create_key_pair.assert_called_with(**kwargs) self.assertIsInstance(public_uid, six.string_types) self.assertIsInstance(private_uid, six.string_types)
def read(self, istream): super(CreateKeyPairRequestPayload, self).read(istream) tstream = BytearrayStream(istream.read(self.length)) if self.is_tag_next(Tags.COMMON_TEMPLATE_ATTRIBUTE, tstream): self.common_template_attribute = objects.CommonTemplateAttribute() self.common_template_attribute.read(tstream) if self.is_tag_next(Tags.PRIVATE_KEY_TEMPLATE_ATTRIBUTE, tstream): self.private_key_template_attribute = \ objects.PrivateKeyTemplateAttribute() self.private_key_template_attribute.read(tstream) if self.is_tag_next(Tags.PUBLIC_KEY_TEMPLATE_ATTRIBUTE, tstream): self.public_key_template_attribute = \ objects.PublicKeyTemplateAttribute() self.public_key_template_attribute.read(tstream) self.is_oversized(tstream) self.validate()
def setUp(self): super(TestRekeyKeyPairRequestPayload, self).setUp() self.uuid = '00000000-0000-0000-0000-000000000000' self.private_key_uuid = attributes.PrivateKeyUniqueIdentifier( self.uuid) self.offset = misc.Offset(0) self.common_template_attribute = objects.CommonTemplateAttribute() self.private_key_template_attribute = \ objects.PrivateKeyTemplateAttribute() self.public_key_template_attribute = \ objects.PublicKeyTemplateAttribute() self.encoding_empty = utils.BytearrayStream(( b'\x42\x00\x79\x01\x00\x00\x00\x00')) self.encoding_full = utils.BytearrayStream(( b'\x42\x00\x79\x01\x00\x00\x00\x58\x42\x00\x66\x07\x00\x00\x00\x24' b'\x30\x30\x30\x30\x30\x30\x30\x30\x2d\x30\x30\x30\x30\x2d\x30\x30' b'\x30\x30\x2d\x30\x30\x30\x30\x2d\x30\x30\x30\x30\x30\x30\x30\x30' b'\x30\x30\x30\x30\x00\x00\x00\x00\x42\x00\x58\x0A\x00\x00\x00\x04' b'\x00\x00\x00\x00\x00\x00\x00\x00\x42\x00\x1F\x01\x00\x00\x00\x00' b'\x42\x00\x65\x01\x00\x00\x00\x00\x42\x00\x6E\x01\x00\x00\x00\x00' ))