def test_get_all_attribute_names(self):
"""
Test that get_all_attribute_names returns a complete list of the
names of all spec-defined attributes.
"""
rules = policy.AttributePolicy(contents.ProtocolVersion(1, 0))
attribute_names = [
'Unique Identifier', 'Name', 'Object Type',
'Cryptographic Algorithm', 'Cryptographic Length',
'Cryptographic Parameters', 'Cryptographic Domain Parameters',
'Certificate Type', 'Certificate Length',
'X.509 Certificate Identifier', 'X.509 Certificate Subject',
'X.509 Certificate Issuer', 'Certificate Identifier',
'Certificate Subject', 'Certificate Issuer',
'Digital Signature Algorithm', 'Digest', 'Operation Policy Name',
'Cryptographic Usage Mask', 'Lease Time', 'Usage Limits', 'State',
'Initial Date', 'Activation Date', 'Process Start Date',
'Protect Stop Date', 'Deactivation Date', 'Destroy Date',
'Compromise Occurrence Date', 'Compromise Date',
'Revocation Reason', 'Archive Date', 'Object Group', 'Fresh',
'Link', 'Application Specific Information', 'Contact Information',
'Last Change Date', 'Custom Attribute', "Sensitive"
]
result = rules.get_all_attribute_names()
self.assertEqual(len(attribute_names), len(result))
for attribute_name in attribute_names:
self.assertIn(attribute_name, result)
def _set_protocol_version(self, protocol_version):
if protocol_version in self._protocol_versions:
self._protocol_version = protocol_version
self._attribute_policy = policy.AttributePolicy(
self._protocol_version)
else:
raise exceptions.InvalidMessage(
"KMIP {0} is not supported by the server.".format(
protocol_version))
def test_is_attribute_modifiable_by_client(self):
"""
Test that is_attribute_modifiable_by_client returns the expected
results in all cases.
"""
rules = policy.AttributePolicy(contents.ProtocolVersion(1, 0))
self.assertFalse(
rules.is_attribute_modifiable_by_client("Unique Identifier"))
self.assertTrue(rules.is_attribute_modifiable_by_client("Name"))
def test_is_attribute_deprecated(self):
"""
Test that is_attribute_deprecated returns the expected results in all
cases.
"""
rules = policy.AttributePolicy(contents.ProtocolVersion(1, 0))
attribute_a = 'Name'
attribute_b = 'Certificate Subject'
result = rules.is_attribute_deprecated(attribute_a)
self.assertFalse(result)
result = rules.is_attribute_deprecated(attribute_b)
self.assertFalse(result)
rules = policy.AttributePolicy(contents.ProtocolVersion(1, 1))
result = rules.is_attribute_deprecated(attribute_b)
self.assertTrue(result)
def test_is_attribute_deletable_by_client(self):
"""
Test that is_attribute_deletable_by_client returns the expected
results in all cases.
"""
rules = policy.AttributePolicy(contents.ProtocolVersion(1, 0))
self.assertFalse(
rules.is_attribute_deletable_by_client("Cryptographic Algorithm"))
self.assertTrue(
rules.is_attribute_deletable_by_client("Contact Information"))
def test_is_attribute_multivalued(self):
"""
Test that is_attribute_multivalued returns the expected results in
all cases.
"""
rules = policy.AttributePolicy(contents.ProtocolVersion(1, 0))
attribute_a = 'Object Type'
attribute_b = 'Link'
result = rules.is_attribute_multivalued(attribute_a)
self.assertFalse(result)
result = rules.is_attribute_multivalued(attribute_b)
self.assertTrue(result)
def __init__(self, policy_path=None):
"""
Create a KmipEngine.
Args:
policy_path (string): The path to the filesystem directory
containing PyKMIP server operation policy JSON files.
Optional, defaults to None.
"""
self._logger = logging.getLogger('kmip.server.engine')
self._cryptography_engine = engine.CryptographyEngine()
self._data_store = sqlalchemy.create_engine(
'sqlite:////tmp/pykmip.database', echo=False)
sqltypes.Base.metadata.create_all(self._data_store)
self._data_store_session_factory = sqlalchemy.orm.sessionmaker(
bind=self._data_store)
self._lock = threading.RLock()
self._id_placeholder = None
self._protocol_versions = [
contents.ProtocolVersion.create(1, 2),
contents.ProtocolVersion.create(1, 1),
contents.ProtocolVersion.create(1, 0)
]
self._protocol_version = self._protocol_versions[0]
self._object_map = {
enums.ObjectType.CERTIFICATE: objects.X509Certificate,
enums.ObjectType.SYMMETRIC_KEY: objects.SymmetricKey,
enums.ObjectType.PUBLIC_KEY: objects.PublicKey,
enums.ObjectType.PRIVATE_KEY: objects.PrivateKey,
enums.ObjectType.SPLIT_KEY: None,
enums.ObjectType.TEMPLATE: None,
enums.ObjectType.SECRET_DATA: objects.SecretData,
enums.ObjectType.OPAQUE_DATA: objects.OpaqueObject
}
self._attribute_policy = policy.AttributePolicy(self._protocol_version)
self._operation_policies = copy.deepcopy(operation_policy.policies)
self._load_operation_policies(policy_path)
self._client_identity = None
def test_is_attribute_applicable_to_object_type(self):
"""
Test that is_attribute_applicable_to_object_type returns the
expected results in all cases.
"""
rules = policy.AttributePolicy(contents.ProtocolVersion(1, 0))
attribute = 'Cryptographic Algorithm'
object_type_a = enums.ObjectType.SYMMETRIC_KEY
object_type_b = enums.ObjectType.OPAQUE_DATA
result = rules.is_attribute_applicable_to_object_type(
attribute, object_type_a)
self.assertTrue(result)
result = rules.is_attribute_applicable_to_object_type(
attribute, object_type_b)
self.assertFalse(result)
def test_is_attribute_supported(self):
"""
Test that is_attribute_supported returns the expected results in all
cases.
"""
rules = policy.AttributePolicy(contents.ProtocolVersion(1, 0))
attribute_a = 'Unique Identifier'
attribute_b = 'Certificate Length'
attribute_c = 'invalid'
result = rules.is_attribute_supported(attribute_a)
self.assertTrue(result)
result = rules.is_attribute_supported(attribute_b)
self.assertFalse(result)
result = rules.is_attribute_supported(attribute_c)
self.assertFalse(result)
def __init__(self):
"""
Create a KmipEngine.
"""
self._logger = logging.getLogger('kmip.server.engine')
self._cryptography_engine = engine.CryptographyEngine()
self._data_store = sqlalchemy.create_engine(
'sqlite:////tmp/pykmip.database',
echo=False
)
sqltypes.Base.metadata.create_all(self._data_store)
self._data_store_session_factory = sqlalchemy.orm.sessionmaker(
bind=self._data_store
)
self._lock = threading.RLock()
self._id_placeholder = None
self._protocol_versions = [
contents.ProtocolVersion.create(1, 2),
contents.ProtocolVersion.create(1, 1),
contents.ProtocolVersion.create(1, 0)
]
self._protocol_version = self._protocol_versions[0]
self._object_map = {
enums.ObjectType.CERTIFICATE: objects.X509Certificate,
enums.ObjectType.SYMMETRIC_KEY: objects.SymmetricKey,
enums.ObjectType.PUBLIC_KEY: objects.PublicKey,
enums.ObjectType.PRIVATE_KEY: objects.PrivateKey,
enums.ObjectType.SPLIT_KEY: None,
enums.ObjectType.TEMPLATE: None,
enums.ObjectType.SECRET_DATA: objects.SecretData,
enums.ObjectType.OPAQUE_DATA: objects.OpaqueObject
}
self._attribute_policy = policy.AttributePolicy(self._protocol_version)
def test_init(self):
"""
Test that an AttributePolicy can be built without any errors.
"""
policy.AttributePolicy(contents.ProtocolVersion(1, 0))
