def test_write_with_args(self):
stream = utils.BytearrayStream()
payload = create_key_pair.CreateKeyPairResponsePayload(
self.private_key_uuid, self.public_key_uuid,
self.private_key_template_attribute,
self.public_key_template_attribute)
self._test_write(stream, payload, self.encoding_full)
def test_read_with_args(self):
stream = self.encoding_full
payload = create_key_pair.CreateKeyPairResponsePayload(
self.private_key_uuid, self.public_key_uuid,
self.private_key_template_attribute,
self.public_key_template_attribute)
self._test_read(stream, payload, self.private_key_uuid,
self.public_key_uuid,
self.private_key_template_attribute,
self.public_key_template_attribute)
def _create_create_key_pair_payload(self):
return create_key_pair.CreateKeyPairResponsePayload()
def _process_create_key_pair(self, payload):
self._logger.info("Processing operation: CreateKeyPair")
algorithm = None
length = None
# Process attribute sets
public_key_attributes = {}
private_key_attributes = {}
common_attributes = {}
if payload.public_key_template_attribute:
public_key_attributes = self._process_template_attribute(
payload.public_key_template_attribute)
if payload.private_key_template_attribute:
private_key_attributes = self._process_template_attribute(
payload.private_key_template_attribute)
if payload.common_template_attribute:
common_attributes = self._process_template_attribute(
payload.common_template_attribute)
# Propagate common attributes if not overridden by the public/private
# attribute sets
for key, value in six.iteritems(common_attributes):
if key not in public_key_attributes.keys():
public_key_attributes.update([(key, value)])
if key not in private_key_attributes.keys():
private_key_attributes.update([(key, value)])
# Error check for required attributes.
public_algorithm = public_key_attributes.get('Cryptographic Algorithm')
if public_algorithm:
public_algorithm = public_algorithm.value
else:
raise exceptions.InvalidField(
"The cryptographic algorithm must be specified as an "
"attribute for the public key.")
public_length = public_key_attributes.get('Cryptographic Length')
if public_length:
public_length = public_length.value
else:
# TODO (peterhamilton) The cryptographic length is technically not
# required per the spec. Update the CryptographyEngine to accept a
# None length, allowing it to pick the length dynamically. Default
# to the strongest key size allowed for the algorithm type.
raise exceptions.InvalidField(
"The cryptographic length must be specified as an attribute "
"for the public key.")
public_usage_mask = public_key_attributes.get(
'Cryptographic Usage Mask')
if public_usage_mask is None:
raise exceptions.InvalidField(
"The cryptographic usage mask must be specified as an "
"attribute for the public key.")
private_algorithm = private_key_attributes.get(
'Cryptographic Algorithm')
if private_algorithm:
private_algorithm = private_algorithm.value
else:
raise exceptions.InvalidField(
"The cryptographic algorithm must be specified as an "
"attribute for the private key.")
private_length = private_key_attributes.get('Cryptographic Length')
if private_length:
private_length = private_length.value
else:
# TODO (peterhamilton) The cryptographic length is technically not
# required per the spec. Update the CryptographyEngine to accept a
# None length, allowing it to pick the length dynamically. Default
# to the strongest key size allowed for the algorithm type.
raise exceptions.InvalidField(
"The cryptographic length must be specified as an attribute "
"for the private key.")
private_usage_mask = private_key_attributes.get(
'Cryptographic Usage Mask')
if private_usage_mask is None:
raise exceptions.InvalidField(
"The cryptographic usage mask must be specified as an "
"attribute for the private key.")
if public_algorithm == private_algorithm:
algorithm = public_algorithm
else:
raise exceptions.InvalidField(
"The public and private key algorithms must be the same.")
if public_length == private_length:
length = public_length
else:
raise exceptions.InvalidField(
"The public and private key lengths must be the same.")
public, private = self._cryptography_engine.create_asymmetric_key_pair(
algorithm, length)
public_key = objects.PublicKey(algorithm, length, public.get('value'),
public.get('format'))
private_key = objects.PrivateKey(algorithm, length,
private.get('value'),
private.get('format'))
public_key.names = []
private_key.names = []
self._set_attributes_on_managed_object(public_key,
public_key_attributes)
self._set_attributes_on_managed_object(private_key,
private_key_attributes)
# TODO (peterhamilton) Set additional server-only attributes.
public_key._owner = self._client_identity
private_key._owner = self._client_identity
self._data_session.add(public_key)
self._data_session.add(private_key)
# NOTE (peterhamilton) SQLAlchemy will *not* assign an ID until
# commit is called. This makes future support for UNDO problematic.
self._data_session.commit()
self._logger.info("Created a PublicKey with ID: {0}".format(
public_key.unique_identifier))
self._logger.info("Created a PrivateKey with ID: {0}".format(
private_key.unique_identifier))
response_payload = create_key_pair.CreateKeyPairResponsePayload(
private_key_uuid=attributes.PrivateKeyUniqueIdentifier(
str(private_key.unique_identifier)),
public_key_uuid=attributes.PublicKeyUniqueIdentifier(
str(public_key.unique_identifier)))
self._id_placeholder = str(private_key.unique_identifier)
return response_payload
def test_write_with_none(self):
stream = utils.BytearrayStream()
payload = create_key_pair.CreateKeyPairResponsePayload()
self._test_write(stream, payload, self.encoding_empty)
def test_read_with_none(self):
stream = self.encoding_empty
payload = create_key_pair.CreateKeyPairResponsePayload()
self._test_read(stream, payload, self.empty_private_key_uuid,
self.empty_public_key_uuid, None, None)
def test_init_with_args(self):
create_key_pair.CreateKeyPairResponsePayload(
self.private_key_uuid, self.public_key_uuid,
self.private_key_template_attribute,
self.public_key_template_attribute)
def test_init_with_none(self):
create_key_pair.CreateKeyPairResponsePayload()