def regen(client): secretdata = kmip.pie.objects.SecretData( SECRETDATABYTES, kmip.core.enums.SecretDataType.PASSWORD) uid = client.register(secretdata) print(f"Created SecretData with UID={uid}") client.activate(uid) print(f"Activated SecretData {uid}") return uid
try: key_id = client.create(enums.CryptographicAlgorithm.AES, 128, cryptographic_usage_mask=[ enums.CryptographicUsageMask.ENCRYPT, enums.CryptographicUsageMask.DECRYPT ]) logger.info("Successfully created a new encryption key.") logger.info("Secret ID: {0}".format(key_id)) except Exception as e: logger.error(e) sys.exit(-1) # Activate the encryption key so that it can be used. try: client.activate(key_id) logger.info("Successfully activated the encryption key.") except Exception as e: logger.error(e) sys.exit(-1) # Encrypt some data with the encryption key. try: logger.info("Raw data: {0}".format(binascii.hexlify(file_bytes))) cipher_text, autogenerated_iv = client.encrypt( # message, file_bytes, uid=key_id, cryptographic_parameters={ 'cryptographic_algorithm':
enums.CryptographicAlgorithm.AES, 128, cryptographic_usage_mask=[ enums.CryptographicUsageMask.ENCRYPT, enums.CryptographicUsageMask.DECRYPT ] ) logger.info("Successfully created a new encryption key.") logger.info("Secret ID: {0}".format(key_id)) except Exception as e: logger.error(e) sys.exit(-1) # Activate the encryption key so that it can be used. try: client.activate(key_id) logger.info("Successfully activated the encryption key.") except Exception as e: logger.error(e) sys.exit(-1) # Encrypt some data with the encryption key. try: cipher_text, autogenerated_iv = client.encrypt( message, uid=key_id, cryptographic_parameters={ 'cryptographic_algorithm': enums.CryptographicAlgorithm.AES, 'block_cipher_mode': enums.BlockCipherMode.CBC, 'padding_method': enums.PaddingMethod.ANSI_X923
), masks=[ enums.CryptographicUsageMask.SIGN, enums.CryptographicUsageMask.VERIFY ] ) ) logger.info("Successfully created a new signing key.") logger.info("Signing Key ID: {0}".format(signing_key_id)) except Exception as e: logger.error(e) sys.exit(-1) # Activate the signing key. try: client.activate(signing_key_id) logger.info( "Signing key {0} has been activated.".format(signing_key_id) ) except Exception as e: logger.error(e) sys.exit(-1) # Verify a valid signature. try: result = client.signature_verify( ( b'\xe1\xc0\xf9\x8d\x53\xf8\xf8\xb1\x41\x90\x57\xd5\xb9\xb1' b'\x0b\x07\xfe\xea\xec\x32\xc0\x46\x3a\x4d\x68\x38\x2f\x53' b'\x1b\xa1\xd6\xcf\xe4\xed\x38\xa2\x69\x4a\x34\xb9\xc8\x05' b'\xad\xf0\x72\xff\xbc\xeb\xe2\x1d\x8d\x4b\x5c\x0e\x8c\x33'
), masks=[ enums.CryptographicUsageMask.SIGN, enums.CryptographicUsageMask.VERIFY ] ) ) logger.info("Successfully created a new signing key.") logger.info("Signing Key ID: {0}".format(signing_key_id)) except Exception as e: logger.error(e) sys.exit(-1) # Activate the signing key. try: client.activate(signing_key_id) logger.info( "Signing key {0} has been activated.".format(signing_key_id) ) except Exception as e: logger.error(e) sys.exit(-1) # Verify a valid signature. try: result = client.signature_verify( ( b'\xe1\xc0\xf9\x8d\x53\xf8\xf8\xb1\x41\x90\x57\xd5\xb9\xb1' b'\x0b\x07\xfe\xea\xec\x32\xc0\x46\x3a\x4d\x68\x38\x2f\x53' b'\x1b\xa1\xd6\xcf\xe4\xed\x38\xa2\x69\x4a\x34\xb9\xc8\x05' b'\xad\xf0\x72\xff\xbc\xeb\xe2\x1d\x8d\x4b\x5c\x0e\x8c\x33'