tyler.durden/PyKMIP
1
0
Fork 0
mirror of https://github.com/OpenKMIP/PyKMIP.git synced 2025-04-08 19:25:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request from OpenKMIP/feat/remove-client-api

Browse Source 
Remove the KmipClient API class
This commit is contained in:
Peter Hamilton 2017-10-24 09:42:24 -04:00 committed by GitHub
commit 626798b327
3 changed files with 1 additions and 387 deletions
kmip
pie
api.pyclient.py
tests/unit/pie
test_api.py

192
kmip/pie/api.py

@ -1,192 +0,0 @@
# Copyright (c) 2015 The Johns Hopkins University/Applied Physics Laboratory
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import abc
import six
@six.add_metaclass(abc.ABCMeta)
class KmipClient:
"""
A simplified KMIP client interface for conducting KMIP operations.
The KmipClient provides a simple external interface for various KMIP
operations and composes the bulk of the PyKMIP Pie API.
"""
@abc.abstractmethod
def create(self, algorithm, length):
"""
Create a symmetric key on a KMIP appliance.
Args:
algorithm (CryptographicAlgorithm): An enumeration defining the
algorithm to use to generate the symmetric key.
length (int): The length in bits for the symmetric key.
"""
pass
@abc.abstractmethod
def create_key_pair(self, algorithm, length):
"""
Create an asymmetric key pair on a KMIP appliance.
Args:
algorithm (CryptographicAlgorithm): An enumeration defining the
algorithm to use to generate the key pair.
length (int): The length in bits for the key pair.
"""
pass
@abc.abstractmethod
def register(self, managed_object):
"""
Register a managed object with a KMIP appliance.
Args:
managed_object (ManagedObject): A managed object to register. An
instantiatable subclass of ManagedObject from the Pie API.
"""
pass
@abc.abstractmethod
def locate(self, maximum_items, storage_status_mask, object_group_member,
attributes):
"""
Search for managed objects with a KMIP appliance.
Args:
maximum_items (integer): Maximum number of object identifiers the
server MAY return.
storage_status_mask (integer): A bit mask that indicates whether
on-line or archived objects are to be searched.
object_group_member (ObjectGroupMember): An enumeration that
indicates the object group member type.
attributes (list): Attributes the are REQUIRED to match those in a
candidate object.
"""
pass
@abc.abstractmethod
def get(self, uid):
"""
Get a managed object from a KMIP appliance.
Args:
uid (string): The unique ID of the managed object to retrieve.
"""
pass
@abc.abstractmethod
def get_attribute_list(self, uid):
"""
Get a list of attribute names for a managed object on a KMIP appliance.
Args:
uid (string): The unique ID of the managed object whose attribute
names should be retrieved.
"""
pass
@abc.abstractmethod
def activate(self, uid):
"""
Activate a managed object stored by a KMIP appliance.
Args:
uid (string): The unique ID of the managed object to activate.
"""
pass
@abc.abstractmethod
def revoke(self, revocation_reason, uid, revocation_message,
compromise_occurrence_date):
"""
Revoke a managed object stored by a KMIP appliance.
Args:
revocation_reason (RevocationReasonCode): An enumeration indicating
the revocation reason.
uid (string): The unique ID of the managed object to revoke.
Optional, defaults to None.
revocation_message (string): A message regarding the revocation.
Optional, defaults to None.
compromise_occurrence_date (int): A integer which will be converted
to the Datetime when the managed object was firstly believed to
be compromised. Optional, defaults to None.
"""
pass
@abc.abstractmethod
def destroy(self, uid):
"""
Destroy a managed object stored by a KMIP appliance.
Args:
uid (string): The unique ID of the managed object to destroy.
"""
pass
@abc.abstractmethod
def encrypt(self, data, uid=None, cryptographic_parameters=None,
iv_counter_nonce=None):
"""
Encrypt data using the specified encryption key and parameters.
Args:
data (bytes): The bytes to encrypt. Required.
uid (string): The unique ID of the encryption key to use.
Optional, defaults to None.
cryptographic_parameters (dict): A dictionary containing various
cryptographic settings to be used for the encryption.
Optional, defaults to None.
iv_counter_nonce (bytes): The bytes to use for the IV/counter/
nonce, if needed by the encryption algorithm and/or cipher
mode. Optional, defaults to None.
"""
pass
@abc.abstractmethod
def decrypt(self, data, uid=None, cryptographic_parameters=None,
iv_counter_nonce=None):
"""
Decrypt data using the specified decryption key and parameters.
Args:
data (bytes): The bytes to decrypt. Required.
uid (string): The unique ID of the decryption key to use.
Optional, defaults to None.
cryptographic_parameters (dict): A dictionary containing various
cryptographic settings to be used for the decryption.
Optional, defaults to None.
iv_counter_nonce (bytes): The bytes to use for the IV/counter/
nonce, if needed by the decryption algorithm and/or cipher
mode. Optional, defaults to None.
"""
pass
@abc.abstractmethod
def mac(self, data, uid, algorithm):
"""
Get the message authentication code for data.
Args:
data (string): The data to be MACed.
uid (string): The unique ID of the managed object that is the key
to use for the MAC operation.
algorithm (CryptographicAlgorithm): An enumeration defining the
algorithm to use to generate the MAC.
"""
pass

3
kmip/pie/client.py

@ -25,7 +25,6 @@ from kmip.core.factories import attributes
from kmip.core.attributes import CryptographicParameters
from kmip.core.attributes import DerivationParameters
from kmip.pie import api
from kmip.pie import exceptions
from kmip.pie import factory
from kmip.pie import objects as pobjects
@ -41,7 +40,7 @@ def is_connected(function):
return wrapper
class ProxyKmipClient(api.KmipClient):
class ProxyKmipClient(object):
"""
A simplified KMIP client for conducting KMIP operations.

193
kmip/tests/unit/pie/test_api.py

@ -1,193 +0,0 @@
# Copyright (c) 2015 The Johns Hopkins University/Applied Physics Laboratory
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import testtools
from kmip.pie import api
class DummyKmipClient(api.KmipClient):
"""
A dummy KmipClient subclass for testing purposes.
"""
def __init__(self):
super(DummyKmipClient, self).__init__()
def create(self, algorithm, length):
super(DummyKmipClient, self).create(algorithm, length)
def create_key_pair(self, algorithm, length):
super(DummyKmipClient, self).create_key_pair(algorithm, length)
def register(self, managed_object, *args, **kwargs):
super(DummyKmipClient, self).register(managed_object)
def locate(self, maximum_items, storage_status_mask, object_group_member,
attributes):
super(DummyKmipClient, self).locate(
maximum_items, storage_status_mask, object_group_member,
attributes)
def get(self, uid, *args, **kwargs):
super(DummyKmipClient, self).get(uid)
def get_attribute_list(self, uid, *args, **kwargs):
super(DummyKmipClient, self).get_attribute_list(uid)
def activate(self, uid):
super(DummyKmipClient, self).activate(uid)
def revoke(self, revocation_reason, uid, revocation_message,
compromise_occurrence_date):
super(DummyKmipClient, self).revoke(
revocation_reason, uid, revocation_message,
compromise_occurrence_date)
def destroy(self, uid):
super(DummyKmipClient, self).destroy(uid)
def encrypt(self,
data,
uid=None,
cryptographic_parameters=None,
iv_counter_nonce=None):
super(DummyKmipClient, self).encrypt(
data,
uid,
cryptographic_parameters,
iv_counter_nonce
)
def decrypt(self,
data,
uid=None,
cryptographic_parameters=None,
iv_counter_nonce=None):
super(DummyKmipClient, self).decrypt(
data,
uid,
cryptographic_parameters,
iv_counter_nonce
)
def mac(self, data, uid, algorithm):
super(DummyKmipClient, self).mac(data, uid, algorithm)
class TestKmipClient(testtools.TestCase):
"""
Test suite for KmipClient.
Since KmipClient is an ABC abstract class, all tests are run against a
dummy subclass defined above, DummyKmipClient.
"""
def setUp(self):
super(TestKmipClient, self).setUp()
def tearDown(self):
super(TestKmipClient, self).tearDown()
def test_init(self):
"""
Test that a complete subclass of KmipClient can be instantiated.
"""
DummyKmipClient()
def test_create(self):
"""
Test that the create method can be called without error.
"""
dummy = DummyKmipClient()
dummy.create('algoritm', 'length')
def test_create_key_pair(self):
"""
Test that the create_key_pair method can be called without error.
"""
dummy = DummyKmipClient()
dummy.create_key_pair('algoritm', 'length')
def test_register(self):
"""
Test that the register method can be called without error.
"""
dummy = DummyKmipClient()
dummy.register('secret')
def test_locate(self):
"""
Test that the locate method can be called without error.
"""
dummy = DummyKmipClient()
dummy.locate('maximum_items', 'storage_status_mask',
'object_group_member', 'attributes')
def test_get(self):
"""
Test that the get method can be called without error.
"""
dummy = DummyKmipClient()
dummy.get('uid')
def test_get_attribute_list(self):
"""
Test that the get_attribute_list method can be called without error.
"""
dummy = DummyKmipClient()
dummy.get_attribute_list('uid')
def test_activate(self):
"""
Test that the activate method can be called without error.
"""
dummy = DummyKmipClient()
dummy.activate('uid')
def test_revoke(self):
"""
Test that the revoke method can be called without error.
"""
dummy = DummyKmipClient()
dummy.revoke('reason', 'uid', 'message', 'date')
def test_destroy(self):
"""
Test that the destroy method can be called without error.
"""
dummy = DummyKmipClient()
dummy.destroy('uid')
def test_encrypt(self):
"""
Test that the encrypt method can be called without error.
"""
dummy = DummyKmipClient()
dummy.encrypt('data', 'uid', 'crypto_params', 'iv')
def test_decrypt(self):
"""
Test that the decrypt method can be called without error.
"""
dummy = DummyKmipClient()
dummy.decrypt('data', 'uid', 'crypto_params', 'iv')
def test_mac(self):
"""
Test that the mac method can be called without error.
"""
dummy = DummyKmipClient()
dummy.mac('data', 'uid', 'algorithm')