def AsymmetricKeyRSA():
c = ProxyKmipClient(hostname=KMIP_IP,port=SERVER_PORT,cert=CERT_PATH,key=KEY_PATH,ca=CA_PATH)
print("Asymmetric Key Creation")
with c:
key_id = c.create_key_pair(
enums.CryptographicAlgorithm.RSA,
KEY_BITS,
public_usage_mask=[
enums.CryptographicUsageMask.ENCRYPT
],
private_usage_mask=[
enums.CryptographicUsageMask.DECRYPT
]
)
print("Private Key ID : " +key_id[1])
current_directory = os.getcwd()
temp_directory = os.path.join(current_directory,TEMP_DIRECTORY)
if not os.path.exists(temp_directory):
os.makedirs(temp_directory)
orig_stdout = sys.stdout
f = open(KEY_HEX_OUTPUT, 'w')
sys.stdout = f
print(c.get(key_id[1]))
sys.stdout = orig_stdout
f.close()
client = ProxyKmipClient(
hostname='127.0.0.1',
port=5696,
cert='../test_data/client.pem',
key='../test_data/client.key',
ca='../test_data/ca.pem',
#ssl_version=ssl.PROTOCOL_TLSv1,
# username='******',
# password='******'
#config='client',
#config_file='pykmip.conf',
#kmip_version=KMIPVersion.KMIP_1_2
)
print("Connecting...")
client.open()
key_id = client.create(
enums.CryptographicAlgorithm.AES,
256,
#operation_policy_name='default',
#name='Test_256_AES_Symmetric_Key',
# cryptographic_usage_mask=[
# enums.CryptographicUsageMask.ENCRYPT,
# enums.CryptographicUsageMask.DECRYPT
# ]
)
print(client.get(key_id))
CERT_BASE_PATH = os.path.join(BASE_DIR, 'certificates')
client = ProxyKmipClient(
hostname='127.0.0.1',
port=5696,
cert=os.path.join(CERT_BASE_PATH, 'client_certificate_jane_doe.pem'),
key=os.path.join(CERT_BASE_PATH, 'client_key_jane_doe.pem'),
ca=os.path.join(CERT_BASE_PATH, 'root_certificate.pem'),
ssl_version='PROTOCOL_SSLv23',
config='client',
config_file=os.path.join(BASE_DIR, 'client_conf/pykmip.conf')
)
client.open()
key_id = client.create(
enums.CryptographicAlgorithm.AES,
256,
operation_policy_name='default',
name='Test_256_AES_Symmetric_Key',
cryptographic_usage_mask=[
enums.CryptographicUsageMask.ENCRYPT,
enums.CryptographicUsageMask.DECRYPT
]
)
print(f'Key [{key_id}] created')
key = client.get(key_id)
print(f'Key: {key}')