import ssl from kmip.pie.client import ProxyKmipClient from kmip.pie import client from kmip import enums client = ProxyKmipClient(hostname='127.0.0.1', port=5696, cert='certs/client_certificate_jane_doe.pem', key='certs/client_key_jane_doe.pem', ca='certs/root_certificate.pem', ssl_version='PROTOCOL_SSLv23', username='******', password='******', config='client') client.open() key_id = client.create(enums.CryptographicAlgorithm.AES, 256, operation_policy_name='default', name='Test_256_AES_Symmetric_Key', cryptographic_usage_mask=[ enums.CryptographicUsageMask.ENCRYPT, enums.CryptographicUsageMask.DECRYPT ]) print('key[%s] created' % key_id) key = client.get(key_id) print('key: %s' % key)
if __name__ == '__main__': logger = utils.build_console_logger(logging.INFO) # Build and parse arguments parser = utils.build_cli_parser(enums.Operation.CREATE) opts, args = parser.parse_args(sys.argv[1:]) config = opts.config algorithm = opts.algorithm length = opts.length # Exit early if the arguments are not specified if algorithm is None: logger.error('No algorithm provided, exiting early from demo') sys.exit() if length is None: logger.error("No key length provided, exiting early from demo") sys.exit() algorithm = getattr(enums.CryptographicAlgorithm, algorithm, None) # Build the client and connect to the server with client.ProxyKmipClient(config=config) as client: try: uid = client.create(algorithm, length) logger.info("Successfully created symmetric key with ID: " "{0}".format(uid)) except Exception as e: logger.error(e)
if (len(args) != 1): print('Pick a file to encrypt.') exit() with open(args[0], 'rb') as f: file_to_encrypt = open(args[0], 'rb') file_bytes = file_to_encrypt.read() # Build the client and connect to the server with client.ProxyKmipClient(config=config, config_file=opts.config_file) as client: # Create an encryption key. try: key_id = client.create(enums.CryptographicAlgorithm.AES, 128, cryptographic_usage_mask=[ enums.CryptographicUsageMask.ENCRYPT, enums.CryptographicUsageMask.DECRYPT ]) logger.info("Successfully created a new encryption key.") logger.info("Secret ID: {0}".format(key_id)) except Exception as e: logger.error(e) sys.exit(-1) # Activate the encryption key so that it can be used. try: client.activate(key_id) logger.info("Successfully activated the encryption key.") except Exception as e: logger.error(e) sys.exit(-1)
if __name__ == '__main__': logger = utils.build_console_logger(logging.INFO) # Build and parse arguments parser = utils.build_cli_parser(enums.Operation.DERIVE_KEY) opts, args = parser.parse_args(sys.argv[1:]) config = opts.config # Build the client and connect to the server with client.ProxyKmipClient(config=config) as client: # Create keys to use for derivation try: key_id = client.create( enums.CryptographicAlgorithm.AES, 128, cryptographic_usage_mask=[ enums.CryptographicUsageMask.DERIVE_KEY ] ) logger.info("Successfully created a new derivation key.") logger.info("Secret ID: {0}".format(key_id)) except Exception as e: logger.error(e) sys.exit(-1) # Derive a new secret via PBKDF2. try: secret_id = client.derive_key( enums.ObjectType.SYMMETRIC_KEY, [key_id], enums.DerivationMethod.PBKDF2,
# Build and parse arguments parser = utils.build_cli_parser(enums.Operation.ENCRYPT) opts, args = parser.parse_args(sys.argv[1:]) config = opts.config message = opts.message message = bytes(message, 'utf-8') # Build the client and connect to the server with client.ProxyKmipClient(config=config) as client: # Create an encryption key. try: key_id = client.create( enums.CryptographicAlgorithm.AES, 128, cryptographic_usage_mask=[ enums.CryptographicUsageMask.ENCRYPT, enums.CryptographicUsageMask.DECRYPT ] ) logger.info("Successfully created a new encryption key.") logger.info("Secret ID: {0}".format(key_id)) except Exception as e: logger.error(e) sys.exit(-1) # Activate the encryption key so that it can be used. try: client.activate(key_id) logger.info("Successfully activated the encryption key.") except Exception as e: logger.error(e)
config = opts.config algorithm = opts.algorithm length = opts.length # Exit early if the arguments are not specified if algorithm is None: logger.error('No algorithm provided, exiting early from demo') sys.exit() if length is None: logger.error("No key length provided, exiting early from demo") sys.exit() algorithm = getattr(enums.CryptographicAlgorithm, algorithm, None) # Build the client and connect to the server with client.ProxyKmipClient( config=config, config_file=opts.config_file ) as client: try: uid = client.create( algorithm, length, operation_policy_name=opts.operation_policy_name ) logger.info("Successfully created symmetric key with ID: " "{0}".format(uid)) except Exception as e: logger.error(e)