tyler.durden/PyKMIP
1
0
Fork 0
mirror of https://github.com/OpenKMIP/PyKMIP.git synced 2025-07-29 17:04:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #355 from OpenKMIP/feat/remove-client-api

Browse Source 
Remove the KmipClient API class
This commit is contained in:
Peter Hamilton 2017-10-24 09:42:24 -04:00 committed by GitHub
commit 626798b327
3 changed files with 1 additions and 387 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

192
kmip/pie/api.py
View File

@ -1,192 +0,0 @@
# Copyright (c) 2015 The Johns Hopkins University/Applied Physics Laboratory
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import abc
import six
@six.add_metaclass(abc.ABCMeta)
class KmipClient:
"""
A simplified KMIP client interface for conducting KMIP operations.
The KmipClient provides a simple external interface for various KMIP
operations and composes the bulk of the PyKMIP Pie API.
"""
@abc.abstractmethod
def create(self, algorithm, length):
"""
Create a symmetric key on a KMIP appliance.
Args:
algorithm (CryptographicAlgorithm): An enumeration defining the
algorithm to use to generate the symmetric key.
length (int): The length in bits for the symmetric key.
"""
pass
@abc.abstractmethod
def create_key_pair(self, algorithm, length):
"""
Create an asymmetric key pair on a KMIP appliance.
Args:
algorithm (CryptographicAlgorithm): An enumeration defining the
algorithm to use to generate the key pair.
length (int): The length in bits for the key pair.
"""
pass
@abc.abstractmethod
def register(self, managed_object):
"""
Register a managed object with a KMIP appliance.
Args:
managed_object (ManagedObject): A managed object to register. An
instantiatable subclass of ManagedObject from the Pie API.
"""
pass
@abc.abstractmethod
def locate(self, maximum_items, storage_status_mask, object_group_member,
attributes):
"""
Search for managed objects with a KMIP appliance.
Args:
maximum_items (integer): Maximum number of object identifiers the
server MAY return.
storage_status_mask (integer): A bit mask that indicates whether
on-line or archived objects are to be searched.
object_group_member (ObjectGroupMember): An enumeration that
indicates the object group member type.
attributes (list): Attributes the are REQUIRED to match those in a
candidate object.
"""
pass
@abc.abstractmethod
def get(self, uid):
"""
Get a managed object from a KMIP appliance.
Args:
uid (string): The unique ID of the managed object to retrieve.
"""
pass
@abc.abstractmethod
def get_attribute_list(self, uid):
"""
Get a list of attribute names for a managed object on a KMIP appliance.
Args:
uid (string): The unique ID of the managed object whose attribute
names should be retrieved.
"""
pass
@abc.abstractmethod
def activate(self, uid):
"""
Activate a managed object stored by a KMIP appliance.
Args:
uid (string): The unique ID of the managed object to activate.
"""
pass
@abc.abstractmethod
def revoke(self, revocation_reason, uid, revocation_message,
compromise_occurrence_date):
"""
Revoke a managed object stored by a KMIP appliance.
Args:
revocation_reason (RevocationReasonCode): An enumeration indicating
the revocation reason.
uid (string): The unique ID of the managed object to revoke.
Optional, defaults to None.
revocation_message (string): A message regarding the revocation.
Optional, defaults to None.
compromise_occurrence_date (int): A integer which will be converted
to the Datetime when the managed object was firstly believed to
be compromised. Optional, defaults to None.
"""
pass
@abc.abstractmethod
def destroy(self, uid):
"""
Destroy a managed object stored by a KMIP appliance.
Args:
uid (string): The unique ID of the managed object to destroy.
"""
pass
@abc.abstractmethod
def encrypt(self, data, uid=None, cryptographic_parameters=None,
iv_counter_nonce=None):
"""
Encrypt data using the specified encryption key and parameters.
Args:
data (bytes): The bytes to encrypt. Required.
uid (string): The unique ID of the encryption key to use.
Optional, defaults to None.
cryptographic_parameters (dict): A dictionary containing various
cryptographic settings to be used for the encryption.
Optional, defaults to None.
iv_counter_nonce (bytes): The bytes to use for the IV/counter/
nonce, if needed by the encryption algorithm and/or cipher
mode. Optional, defaults to None.
"""
pass
@abc.abstractmethod
def decrypt(self, data, uid=None, cryptographic_parameters=None,
iv_counter_nonce=None):
"""
Decrypt data using the specified decryption key and parameters.
Args:
data (bytes): The bytes to decrypt. Required.
uid (string): The unique ID of the decryption key to use.
Optional, defaults to None.
cryptographic_parameters (dict): A dictionary containing various
cryptographic settings to be used for the decryption.
Optional, defaults to None.
iv_counter_nonce (bytes): The bytes to use for the IV/counter/
nonce, if needed by the decryption algorithm and/or cipher
mode. Optional, defaults to None.
"""
pass
@abc.abstractmethod
def mac(self, data, uid, algorithm):
"""
Get the message authentication code for data.
Args:
data (string): The data to be MACed.
uid (string): The unique ID of the managed object that is the key
to use for the MAC operation.
algorithm (CryptographicAlgorithm): An enumeration defining the
algorithm to use to generate the MAC.
"""
pass

3
kmip/pie/client.py
View File

@ -25,7 +25,6 @@ from kmip.core.factories import attributes
from kmip.core.attributes import CryptographicParameters from kmip.core.attributes import CryptographicParameters
from kmip.core.attributes import DerivationParameters from kmip.core.attributes import DerivationParameters
from kmip.pie import api
from kmip.pie import exceptions from kmip.pie import exceptions
from kmip.pie import factory from kmip.pie import factory
from kmip.pie import objects as pobjects from kmip.pie import objects as pobjects
@ -41,7 +40,7 @@ def is_connected(function):
return wrapper return wrapper
class ProxyKmipClient(api.KmipClient): class ProxyKmipClient(object):
""" """
A simplified KMIP client for conducting KMIP operations. A simplified KMIP client for conducting KMIP operations.

193
kmip/tests/unit/pie/test_api.py
View File

@ -1,193 +0,0 @@
# Copyright (c) 2015 The Johns Hopkins University/Applied Physics Laboratory
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import testtools
from kmip.pie import api
class DummyKmipClient(api.KmipClient):
"""
A dummy KmipClient subclass for testing purposes.
"""
def __init__(self):
super(DummyKmipClient, self).__init__()
def create(self, algorithm, length):
super(DummyKmipClient, self).create(algorithm, length)
def create_key_pair(self, algorithm, length):
super(DummyKmipClient, self).create_key_pair(algorithm, length)
def register(self, managed_object, *args, **kwargs):
super(DummyKmipClient, self).register(managed_object)
def locate(self, maximum_items, storage_status_mask, object_group_member,
attributes):
super(DummyKmipClient, self).locate(
maximum_items, storage_status_mask, object_group_member,
attributes)
def get(self, uid, *args, **kwargs):
super(DummyKmipClient, self).get(uid)
def get_attribute_list(self, uid, *args, **kwargs):
super(DummyKmipClient, self).get_attribute_list(uid)
def activate(self, uid):
super(DummyKmipClient, self).activate(uid)
def revoke(self, revocation_reason, uid, revocation_message,
compromise_occurrence_date):
super(DummyKmipClient, self).revoke(
revocation_reason, uid, revocation_message,
compromise_occurrence_date)
def destroy(self, uid):
super(DummyKmipClient, self).destroy(uid)
def encrypt(self,
data,
uid=None,
cryptographic_parameters=None,
iv_counter_nonce=None):
super(DummyKmipClient, self).encrypt(
data,
uid,
cryptographic_parameters,
iv_counter_nonce
)
def decrypt(self,
data,
uid=None,
cryptographic_parameters=None,
iv_counter_nonce=None):
super(DummyKmipClient, self).decrypt(
data,
uid,
cryptographic_parameters,
iv_counter_nonce
)
def mac(self, data, uid, algorithm):
super(DummyKmipClient, self).mac(data, uid, algorithm)
class TestKmipClient(testtools.TestCase):
"""
Test suite for KmipClient.
Since KmipClient is an ABC abstract class, all tests are run against a
dummy subclass defined above, DummyKmipClient.
"""
def setUp(self):
super(TestKmipClient, self).setUp()
def tearDown(self):
super(TestKmipClient, self).tearDown()
def test_init(self):
"""
Test that a complete subclass of KmipClient can be instantiated.
"""
DummyKmipClient()
def test_create(self):
"""
Test that the create method can be called without error.
"""
dummy = DummyKmipClient()
dummy.create('algoritm', 'length')
def test_create_key_pair(self):
"""
Test that the create_key_pair method can be called without error.
"""
dummy = DummyKmipClient()
dummy.create_key_pair('algoritm', 'length')
def test_register(self):
"""
Test that the register method can be called without error.
"""
dummy = DummyKmipClient()
dummy.register('secret')
def test_locate(self):
"""
Test that the locate method can be called without error.
"""
dummy = DummyKmipClient()
dummy.locate('maximum_items', 'storage_status_mask',
'object_group_member', 'attributes')
def test_get(self):
"""
Test that the get method can be called without error.
"""
dummy = DummyKmipClient()
dummy.get('uid')
def test_get_attribute_list(self):
"""
Test that the get_attribute_list method can be called without error.
"""
dummy = DummyKmipClient()
dummy.get_attribute_list('uid')
def test_activate(self):
"""
Test that the activate method can be called without error.
"""
dummy = DummyKmipClient()
dummy.activate('uid')
def test_revoke(self):
"""
Test that the revoke method can be called without error.
"""
dummy = DummyKmipClient()
dummy.revoke('reason', 'uid', 'message', 'date')
def test_destroy(self):
"""
Test that the destroy method can be called without error.
"""
dummy = DummyKmipClient()
dummy.destroy('uid')
def test_encrypt(self):
"""
Test that the encrypt method can be called without error.
"""
dummy = DummyKmipClient()
dummy.encrypt('data', 'uid', 'crypto_params', 'iv')
def test_decrypt(self):
"""
Test that the decrypt method can be called without error.
"""
dummy = DummyKmipClient()
dummy.decrypt('data', 'uid', 'crypto_params', 'iv')
def test_mac(self):
"""
Test that the mac method can be called without error.
"""
dummy = DummyKmipClient()
dummy.mac('data', 'uid', 'algorithm')