tyler.durden/PyKMIP
1
0
Fork 0
mirror of https://github.com/OpenKMIP/PyKMIP.git synced 2025-04-08 19:25:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add a ProxyKmipClient integation test for registering wrapped keys

Browse Source 
This change adds a ProxyKmipClient integration test that verifies
that a wrapped key can be registered with the server and can then
be retrieved, along with all of its key wrapping metadata. Minor
updates to the underlying metadata handling are included.
This commit is contained in:
Peter Hamilton 2017-10-04 15:35:40 -04:00
parent b3d4ffb03f
commit 721e7f3717
3 changed files with 53 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
kmip/core/factories/secrets.py
View File

@ -183,11 +183,11 @@ class SecretFactory(object):
crypto_length = CryptographicLength(cryptographic_length)
key_wrap_data = None
if key_wrapping_data is not None:
if key_wrapping_data:
# TODO (peter-hamilton) This currently isn't used in the tests
# TODO (peter-hamilton) but needs to be updated to properly
# TODO (peter-hamilton) create a KeyWrappingData object.
key_wrap_data = KeyWrappingData(key_wrapping_data)
key_wrap_data = KeyWrappingData(**key_wrapping_data)
key_block = KeyBlock(key_format_type,
key_comp_type,

9
kmip/services/server/engine.py
View File

@ -534,21 +534,24 @@ class KmipEngine(object):
'cryptographic_algorithm': obj.cryptographic_algorithm,
'cryptographic_length': obj.cryptographic_length,
'key_format_type': obj.key_format_type,
'key_value': obj.value
'key_value': obj.value,
'key_wrapping_data': obj.key_wrapping_data
}
elif object_type == enums.ObjectType.PUBLIC_KEY:
value = {
'cryptographic_algorithm': obj.cryptographic_algorithm,
'cryptographic_length': obj.cryptographic_length,
'key_format_type': obj.key_format_type,
'key_value': obj.value
'key_value': obj.value,
'key_wrapping_data': obj.key_wrapping_data
}
elif object_type == enums.ObjectType.PRIVATE_KEY:
value = {
'cryptographic_algorithm': obj.cryptographic_algorithm,
'cryptographic_length': obj.cryptographic_length,
'key_format_type': obj.key_format_type,
'key_value': obj.value
'key_value': obj.value,
'key_wrapping_data': obj.key_wrapping_data
}
elif object_type == enums.ObjectType.SECRET_DATA:
value = {

45
kmip/tests/integration/services/test_proxykmipclient.py
View File

@ -128,6 +128,51 @@ class TestProxyKmipClientIntegration(testtools.TestCase):
self.assertRaises(
exceptions.KmipOperationFailure, self.client.destroy, uid)
def test_register_wrapped_get_destroy(self):
"""
Test that a wrapped key can be registered with the server and that its
metadata is retrieved with the get operation.
"""
key = objects.SymmetricKey(
enums.CryptographicAlgorithm.AES,
128,
(b'\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E'
b'\x0F'),
key_wrapping_data={
'wrapping_method': enums.WrappingMethod.ENCRYPT,
'encryption_key_information': {
'unique_identifier': '42',
'cryptographic_parameters': {
'block_cipher_mode':
enums.BlockCipherMode.NIST_KEY_WRAP
}
},
'encoding_option': enums.EncodingOption.NO_ENCODING
}
)
key_id = self.client.register(key)
result = self.client.get(key_id)
key_wrapping_data = result.key_wrapping_data
self.assertIsInstance(key_wrapping_data, dict)
self.assertEqual(
enums.WrappingMethod.ENCRYPT,
key_wrapping_data.get('wrapping_method')
)
eki = key_wrapping_data.get('encryption_key_information')
self.assertIsInstance(eki, dict)
self.assertEqual('42', eki.get('unique_identifier'))
cp = eki.get('cryptographic_parameters')
self.assertIsInstance(cp, dict)
self.assertEqual(
enums.BlockCipherMode.NIST_KEY_WRAP,
cp.get('block_cipher_mode')
)
self.assertEqual(
enums.EncodingOption.NO_ENCODING,
key_wrapping_data.get('encoding_option')
)
def test_asymmetric_key_pair_create_get_destroy(self):
"""
Test that the ProxyKmipClient can create, retrieve, and destroy an