Exemple #1
0
    def read(self, istream, kmip_version=enums.KMIPVersion.KMIP_1_0):
        super(RekeyKeyPairRequestPayload, self).read(istream,
                                                     kmip_version=kmip_version)
        tstream = BytearrayStream(istream.read(self.length))

        if self.is_tag_next(enums.Tags.PRIVATE_KEY_UNIQUE_IDENTIFIER, tstream):
            self.private_key_uuid = attributes.PrivateKeyUniqueIdentifier()
            self.private_key_uuid.read(tstream, kmip_version=kmip_version)

        if self.is_tag_next(enums.Tags.OFFSET, tstream):
            self.offset = misc.Offset()
            self.offset.read(tstream, kmip_version=kmip_version)

        if self.is_tag_next(enums.Tags.COMMON_TEMPLATE_ATTRIBUTE, tstream):
            self.common_template_attribute = objects.CommonTemplateAttribute()
            self.common_template_attribute.read(tstream,
                                                kmip_version=kmip_version)

        if self.is_tag_next(enums.Tags.PRIVATE_KEY_TEMPLATE_ATTRIBUTE,
                            tstream):
            self.private_key_template_attribute = \
                objects.PrivateKeyTemplateAttribute()
            self.private_key_template_attribute.read(tstream,
                                                     kmip_version=kmip_version)

        if self.is_tag_next(enums.Tags.PUBLIC_KEY_TEMPLATE_ATTRIBUTE, tstream):
            self.public_key_template_attribute = \
                objects.PublicKeyTemplateAttribute()
            self.public_key_template_attribute.read(tstream,
                                                    kmip_version=kmip_version)

        self.is_oversized(tstream)
        self.validate()
Exemple #2
0
    def test_create_key_pair_with_key_names(self):
        """
        Test that an asymmetric key pair can be created with proper inputs,
        specifically testing that the private / public names are correctly
        sent with the request
        """
        # Create the template to test the create key pair call
        algorithm = enums.CryptographicAlgorithm.RSA
        length = 2048
        algorithm_attribute = self.attribute_factory.create_attribute(
            enums.AttributeType.CRYPTOGRAPHIC_ALGORITHM, algorithm)
        length_attribute = self.attribute_factory.create_attribute(
            enums.AttributeType.CRYPTOGRAPHIC_LENGTH, length)
        mask_attribute = self.attribute_factory.create_attribute(
            enums.AttributeType.CRYPTOGRAPHIC_USAGE_MASK, [
                enums.CryptographicUsageMask.ENCRYPT,
                enums.CryptographicUsageMask.DECRYPT
            ])

        private_name_attribute = self.attribute_factory.create_attribute(
            enums.AttributeType.NAME, "private")
        public_name_attribute = self.attribute_factory.create_attribute(
            enums.AttributeType.NAME, "public")

        pair_attributes = [
            algorithm_attribute, length_attribute, mask_attribute
        ]

        template = obj.CommonTemplateAttribute(attributes=pair_attributes)
        private_template = obj.PrivateKeyTemplateAttribute(
            names=[private_name_attribute])
        public_template = obj.PublicKeyTemplateAttribute(
            names=[public_name_attribute])

        status = enums.ResultStatus.SUCCESS
        result = results.CreateKeyPairResult(
            contents.ResultStatus(status),
            public_key_uuid=attr.PublicKeyUniqueIdentifier(
                'aaaaaaaa-1111-2222-3333-ffffffffffff'),
            private_key_uuid=attr.PrivateKeyUniqueIdentifier(
                'ffffffff-3333-2222-1111-aaaaaaaaaaaa'))

        with ProxyKmipClient() as client:
            client.proxy.create_key_pair.return_value = result

            public_uid, private_uid = client.create_key_pair(
                enums.CryptographicAlgorithm.RSA,
                2048,
                public_name="public",
                private_name="private")

            kwargs = {
                'common_template_attribute': template,
                'private_key_template_attribute': private_template,
                'public_key_template_attribute': public_template
            }
            client.proxy.create_key_pair.assert_called_with(**kwargs)
Exemple #3
0
    def create_key_pair(self, algorithm, length, operation_policy_name=None):
        """
        Create an asymmetric key pair on a KMIP appliance.

        Args:
            algorithm (CryptographicAlgorithm): An enumeration defining the
                algorithm to use to generate the key pair.
            length (int): The length in bits for the key pair.
            operation_policy_name (string): The name of the operation policy
                to use for the new key pair. Optional, defaults to None.

        Returns:
            string: The uid of the newly created public key.
            string: The uid of the newly created private key.

        Raises:
            ClientConnectionNotOpen: if the client connection is unusable
            KmipOperationFailure: if the operation result is a failure
            TypeError: if the input arguments are invalid
        """
        # Check inputs
        if not isinstance(algorithm, enums.CryptographicAlgorithm):
            raise TypeError(
                "algorithm must be a CryptographicAlgorithm enumeration")
        elif not isinstance(length, six.integer_types) or length <= 0:
            raise TypeError("length must be a positive integer")

        # Verify that operations can be given at this time
        if not self._is_open:
            raise exceptions.ClientConnectionNotOpen()

        # Create the template containing the attributes
        common_attributes = self._build_common_attributes(
            operation_policy_name)
        key_attributes = self._build_key_attributes(algorithm, length)
        key_attributes.extend(common_attributes)
        template = cobjects.CommonTemplateAttribute(attributes=key_attributes)

        # Create the asymmetric key pair and handle the results
        result = self.proxy.create_key_pair(common_template_attribute=template)

        status = result.result_status.value
        if status == enums.ResultStatus.SUCCESS:
            public_uid = result.public_key_uuid.value
            private_uid = result.private_key_uuid.value
            return public_uid, private_uid
        else:
            reason = result.result_reason.value
            message = result.result_message.value
            raise exceptions.KmipOperationFailure(status, reason, message)
Exemple #4
0
    def setUp(self):
        super(TestCreateKeyPairRequestPayload, self).setUp()

        self.common_template_attribute = objects.CommonTemplateAttribute()
        self.private_key_template_attribute = \
            objects.PrivateKeyTemplateAttribute()
        self.public_key_template_attribute = \
            objects.PublicKeyTemplateAttribute()

        self.encoding_empty = utils.BytearrayStream(
            (b'\x42\x00\x79\x01\x00\x00\x00\x00'))
        self.encoding_full = utils.BytearrayStream((
            b'\x42\x00\x79\x01\x00\x00\x00\x18\x42\x00\x1F\x01\x00\x00\x00\x00'
            b'\x42\x00\x65\x01\x00\x00\x00\x00\x42\x00\x6E\x01\x00\x00\x00'
            b'\x00'))
Exemple #5
0
    def test_create_key_pair(self):
        """
        Test that an asymmetric key pair can be created with proper inputs
        and that the UIDs of the public and private keys are returned
        properly.
        """
        # Create the template to test the create key pair call
        algorithm = enums.CryptographicAlgorithm.RSA
        length = 2048
        algorithm_attribute = self.attribute_factory.create_attribute(
            enums.AttributeType.CRYPTOGRAPHIC_ALGORITHM, algorithm)
        length_attribute = self.attribute_factory.create_attribute(
            enums.AttributeType.CRYPTOGRAPHIC_LENGTH, length)
        mask_attribute = self.attribute_factory.create_attribute(
            enums.AttributeType.CRYPTOGRAPHIC_USAGE_MASK, [
                enums.CryptographicUsageMask.ENCRYPT,
                enums.CryptographicUsageMask.DECRYPT
            ])

        attributes = [algorithm_attribute, length_attribute, mask_attribute]
        template = obj.CommonTemplateAttribute(attributes=attributes)

        status = enums.ResultStatus.SUCCESS
        result = results.CreateKeyPairResult(
            contents.ResultStatus(status),
            public_key_uuid=attr.PublicKeyUniqueIdentifier(
                'aaaaaaaa-1111-2222-3333-ffffffffffff'),
            private_key_uuid=attr.PrivateKeyUniqueIdentifier(
                'ffffffff-3333-2222-1111-aaaaaaaaaaaa'))

        with ProxyKmipClient() as client:
            client.proxy.create_key_pair.return_value = result

            public_uid, private_uid = client.create_key_pair(
                enums.CryptographicAlgorithm.RSA, 2048)

            kwargs = {
                'common_template_attribute': template,
                'private_key_template_attribute': None,
                'public_key_template_attribute': None
            }
            client.proxy.create_key_pair.assert_called_with(**kwargs)
            self.assertIsInstance(public_uid, six.string_types)
            self.assertIsInstance(private_uid, six.string_types)
Exemple #6
0
    def read(self, istream):
        super(CreateKeyPairRequestPayload, self).read(istream)
        tstream = BytearrayStream(istream.read(self.length))

        if self.is_tag_next(Tags.COMMON_TEMPLATE_ATTRIBUTE, tstream):
            self.common_template_attribute = objects.CommonTemplateAttribute()
            self.common_template_attribute.read(tstream)

        if self.is_tag_next(Tags.PRIVATE_KEY_TEMPLATE_ATTRIBUTE, tstream):
            self.private_key_template_attribute = \
                objects.PrivateKeyTemplateAttribute()
            self.private_key_template_attribute.read(tstream)

        if self.is_tag_next(Tags.PUBLIC_KEY_TEMPLATE_ATTRIBUTE, tstream):
            self.public_key_template_attribute = \
                objects.PublicKeyTemplateAttribute()
            self.public_key_template_attribute.read(tstream)

        self.is_oversized(tstream)
        self.validate()
    def setUp(self):
        super(TestRekeyKeyPairRequestPayload, self).setUp()

        self.uuid = '00000000-0000-0000-0000-000000000000'
        self.private_key_uuid = attributes.PrivateKeyUniqueIdentifier(
            self.uuid)
        self.offset = misc.Offset(0)
        self.common_template_attribute = objects.CommonTemplateAttribute()
        self.private_key_template_attribute = \
            objects.PrivateKeyTemplateAttribute()
        self.public_key_template_attribute = \
            objects.PublicKeyTemplateAttribute()

        self.encoding_empty = utils.BytearrayStream((
            b'\x42\x00\x79\x01\x00\x00\x00\x00'))
        self.encoding_full = utils.BytearrayStream((
            b'\x42\x00\x79\x01\x00\x00\x00\x58\x42\x00\x66\x07\x00\x00\x00\x24'
            b'\x30\x30\x30\x30\x30\x30\x30\x30\x2d\x30\x30\x30\x30\x2d\x30\x30'
            b'\x30\x30\x2d\x30\x30\x30\x30\x2d\x30\x30\x30\x30\x30\x30\x30\x30'
            b'\x30\x30\x30\x30\x00\x00\x00\x00\x42\x00\x58\x0A\x00\x00\x00\x04'
            b'\x00\x00\x00\x00\x00\x00\x00\x00\x42\x00\x1F\x01\x00\x00\x00\x00'
            b'\x42\x00\x65\x01\x00\x00\x00\x00\x42\x00\x6E\x01\x00\x00\x00\x00'
            ))