def setUp(self):
super(TestKMIPClientIntegration, self).setUp()
self.attr_factory = AttributeFactory()
self.cred_factory = CredentialFactory()
self.secret_factory = SecretFactory()
# Set up the KMIP server process
path = os.path.join(os.path.dirname(__file__), os.path.pardir, 'utils',
'server.py')
self.server = Popen(
['python', '{0}'.format(path), '-p', '{0}'.format(self.KMIP_PORT)],
stderr=sys.stdout)
time.sleep(self.STARTUP_TIME)
if self.server.poll() is not None:
raise KMIPServerSuicideError(self.server.pid)
# Set up and open the client proxy; shutdown the server if open fails
try:
self.client = KMIPProxy(port=self.KMIP_PORT,
ca_certs=self.CA_CERTS_PATH)
self.client.open()
except Exception as e:
self._shutdown_server()
raise e
def setUp(self):
super(TestIntegration, self).setUp()
self.logger = logging.getLogger(__name__)
self.attr_factory = AttributeFactory()
self.cred_factory = CredentialFactory()
self.secret_factory = SecretFactory()
def __init__(self):
super(KMIPImpl, self).__init__()
self.logger = logging.getLogger(__name__)
self.key_factory = KeyFactory()
self.secret_factory = SecretFactory()
self.attribute_factory = AttributeFactory()
self.repo = MemRepo()
self.protocol_versions = [
ProtocolVersion.create(1, 1),
ProtocolVersion.create(1, 0)
]
def _get_attrs(self):
attr_factory = AttributeFactory()
algorithm = self._get_alg_attr(self.algorithm_name)
length = self._get_length_attr(self.key_length)
attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK
mask_flags = [CryptoUsageMaskEnum.ENCRYPT,
CryptoUsageMaskEnum.DECRYPT]
usage_mask = attr_factory.create_attribute(attribute_type,
mask_flags)
name_value = Name.NameValue(value='TESTNAME')
name_type = Name.NameType(value=NameType.UNINTERPRETED_TEXT_STRING)
value = Name.create(name_value, name_type)
nameattr = attr_factory.create_attribute(AttributeType.NAME, value)
return [algorithm, usage_mask, length, nameattr]
def test_locate(self):
self._create()
name_value = Name.NameValue(value='TESTNAME')
name_type = Name.NameType(value=NameType.UNINTERPRETED_TEXT_STRING)
value = Name.create(name_value, name_type)
attr_factory = AttributeFactory()
nameattr = attr_factory.create_attribute(AttributeType.NAME, value)
attrs = [nameattr]
res = self.kmip.locate(attributes=attrs)
self.assertEqual(
ResultStatus.OPERATION_FAILED,
res.result_status.value,
'locate result status did not return success')
def setUp(self):
super(TestKMIPClient, self).setUp()
self.attr_factory = AttributeFactory()
self.cred_factory = CredentialFactory()
self.secret_factory = SecretFactory()
self.client = KMIPProxy()
KMIP_PORT = 9090
CA_CERTS_PATH = os.path.normpath(os.path.join(os.path.dirname(
os.path.abspath(__file__)), '../utils/certs/server.crt'))
self.mock_client = KMIPProxy(host="IP_ADDR_1, IP_ADDR_2",
port=KMIP_PORT, ca_certs=CA_CERTS_PATH)
self.mock_client.socket = mock.MagicMock()
self.mock_client.socket.connect = mock.MagicMock()
self.mock_client.socket.close = mock.MagicMock()
def proccess_attributes(self, attributes):
list_attributes = []
attribute_factory = AttributeFactory()
for attribute in attributes:
attribute_type = AttributeType(attribute['AttributeName']['value'])
attribute_value = None
if attribute_type == AttributeType.OBJECT_TYPE:
if attribute['AttributeValue']['value'] == 'SymmetricKey':
attribute_value = ObjectType.SYMMETRIC_KEY
if attribute_type == AttributeType.ORIGINAL_CREATION_DATE:
attribute_value = time.time()
if attribute['AttributeValue']['value'] == '$NOW-60':
attribute_value = attribute_value - 60
if attribute['AttributeValue']['value'] == '$NOW+60':
attribute_value = attribute_value + 60
attribute_obj = attribute_factory.create_attribute(
attribute_type, attribute_value)
list_attributes.append(attribute_obj)
return list_attributes
def build_cryptographic_usage_mask(logger, object_type):
if object_type == ObjectType.CERTIFICATE:
flags = [CryptographicUsageMask.ENCRYPT, CryptographicUsageMask.VERIFY]
elif (object_type == ObjectType.SYMMETRIC_KEY
or object_type == ObjectType.SECRET_DATA):
flags = [
CryptographicUsageMask.ENCRYPT, CryptographicUsageMask.DECRYPT
]
elif object_type == ObjectType.PUBLIC_KEY:
flags = [CryptographicUsageMask.VERIFY]
elif object_type == ObjectType.PRIVATE_KEY:
flags = [CryptographicUsageMask.SIGN]
else:
logger.error("Unrecognized object type, could not build cryptographic "
"usage mask")
sys.exit()
attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK
attribute_factory = AttributeFactory()
usage_mask = attribute_factory.create_attribute(attribute_type, flags)
return usage_mask
def proccess_template_attributes(self, attributes):
template_attributes = []
attribute_factory = AttributeFactory()
for attribute in attributes:
attribute_type = AttributeType(attribute['AttributeName']['value'])
attribute_value = None
if attribute_type == AttributeType.X_ID:
name = Attribute.AttributeName('Name')
attribute_value = Name.NameValue(
attribute['AttributeValue']['value'])
attribute_type = Name.NameType(
NameType.UNINTERPRETED_TEXT_STRING)
value = Name(name_value=attribute_value,
name_type=attribute_type)
name = Attribute(attribute_name=name, attribute_value=value)
template_attributes.append(name)
continue
if attribute_type == AttributeType.CRYPTOGRAPHIC_ALGORITHM:
attribute_value = getattr(CryptographicAlgorithm,
attribute['AttributeValue']['value'],
None)
if attribute_type == AttributeType.CRYPTOGRAPHIC_LENGTH:
attribute_value = attribute['AttributeValue']['value']
if attribute_type == AttributeType.CRYPTOGRAPHIC_USAGE_MASK:
usage_mask = attribute['AttributeValue']['value'].split(' ')
for idx, val in enumerate(usage_mask):
usage_mask[idx] = getattr(CryptographicUsageMask,
val.upper(), None)
attribute_value = usage_mask
attribute_obj = attribute_factory.create_attribute(
attribute_type, attribute_value)
template_attributes.append(attribute_obj)
template_attributes = TemplateAttribute(attributes=template_attributes)
return template_attributes
parser = utils.build_cli_parser(enums.Operation.LOCATE)
opts, args = parser.parse_args(sys.argv[1:])
username = opts.username
password = opts.password
config = opts.config
name = opts.name
initial_dates = opts.initial_dates
state = opts.state
object_type = opts.object_type
cryptographic_algorithm = opts.cryptographic_algorithm
cryptographic_length = opts.cryptographic_length
unique_identifier = opts.unique_identifier
operation_policy_name = opts.operation_policy_name
attribute_factory = AttributeFactory()
credential_factory = CredentialFactory()
# Build the KMIP server account credentials
# TODO (peter-hamilton) Move up into KMIPProxy
if (username is None) and (password is None):
credential = None
else:
credential_type = enums.CredentialType.USERNAME_AND_PASSWORD
credential_value = {"Username": username, "Password": password}
credential = credential_factory.create_credential(
credential_type, credential_value)
# Build the client and connect to the server
client = kmip_client.KMIPProxy(config=config, config_file=opts.config_file)
client.open()
def _get_length_attr(self, length=None):
if length is None:
length = self.key_length
attr_factory = AttributeFactory()
attribute_type = AttributeType.CRYPTOGRAPHIC_LENGTH
return attr_factory.create_attribute(attribute_type, length)
def _get_alg_attr(self, alg=None):
if alg is None:
alg = self.algorithm_name
attr_factory = AttributeFactory()
attribute_type = AttributeType.CRYPTOGRAPHIC_ALGORITHM
return attr_factory.create_attribute(attribute_type, alg)
