From 6d222e113ac08424f36295b506c1db9994446d0c Mon Sep 17 00:00:00 2001
From: Peter Hamilton <peter.allen.hamilton@gmail.com>
Date: Tue, 26 Sep 2017 17:58:50 -0400
Subject: [PATCH] Add a ProxyKmipClient integration test for signing data

This change adds a ProxyKmipClient integration test verifying that
the Sign and SignatureVerify operations work in tandem.
---
 .../services/test_proxykmipclient.py          | 52 +++++++++++++++++++
 1 file changed, 52 insertions(+)

diff --git a/kmip/tests/integration/services/test_proxykmipclient.py b/kmip/tests/integration/services/test_proxykmipclient.py
index 7ad3676..faef82c 100644
--- a/kmip/tests/integration/services/test_proxykmipclient.py
+++ b/kmip/tests/integration/services/test_proxykmipclient.py
@@ -640,3 +640,55 @@ class TestProxyKmipClientIntegration(testtools.TestCase):
             ),
             secret.value
         )
+
+    def test_create_key_pair_sign_signature_verify(self):
+        """
+        Test that the ProxyKmipClient can create an asymmetric key pair and
+        then use that key pair (1) to sign data and (2) verify the signature
+        on the data.
+        """
+        # Create a public/private key pair.
+        public_key_id, private_key_id = self.client.create_key_pair(
+            enums.CryptographicAlgorithm.RSA,
+            2048,
+            public_usage_mask=[
+                enums.CryptographicUsageMask.VERIFY
+            ],
+            private_usage_mask=[
+                enums.CryptographicUsageMask.SIGN
+            ]
+        )
+
+        self.assertIsInstance(public_key_id, str)
+        self.assertIsInstance(private_key_id, str)
+
+        # Activate the signing key and the signature verification key.
+        self.client.activate(private_key_id)
+        self.client.activate(public_key_id)
+
+        # Sign a message.
+        signature = self.client.sign(
+            b'This is a signed message.',
+            uid=private_key_id,
+            cryptographic_parameters={
+                'padding_method': enums.PaddingMethod.PSS,
+                'cryptographic_algorithm': enums.CryptographicAlgorithm.RSA,
+                'hashing_algorithm': enums.HashingAlgorithm.SHA_256
+            }
+        )
+
+        self.assertIsInstance(signature, six.binary_type)
+
+        # Verify the message signature.
+        result = self.client.signature_verify(
+            b'This is a signed message.',
+            signature,
+            uid=public_key_id,
+            cryptographic_parameters={
+                'padding_method': enums.PaddingMethod.PSS,
+                'cryptographic_algorithm': enums.CryptographicAlgorithm.RSA,
+                'hashing_algorithm': enums.HashingAlgorithm.SHA_256
+            }
+        )
+
+        self.assertEqual(result, enums.ValidityIndicator.VALID)