diff --git a/kmip/demos/create.py b/kmip/demos/create.py index 7dab20d..04b9969 100644 --- a/kmip/demos/create.py +++ b/kmip/demos/create.py @@ -16,6 +16,7 @@ from kmip.core.enums import AttributeType from kmip.core.enums import CredentialType from kmip.core.enums import ObjectType +from kmip.core.enums import ResultStatus from kmip.core.enums import CryptographicAlgorithm from kmip.core.enums import CryptographicUsageMask @@ -33,12 +34,11 @@ if __name__ == '__main__': f_log = os.path.join(os.path.dirname(__file__), '..', 'logconfig.ini') logging.config.fileConfig(f_log) logger = logging.getLogger(__name__) - attribute_factory = AttributeFactory() credential_factory = CredentialFactory() credential_type = CredentialType.USERNAME_AND_PASSWORD - credential_value = {'Username': 'Peter', 'Password': 'abc123'} + credential_value = {'Username': 'user', 'Password': 'abc123'} credential = credential_factory.create_credential(credential_type, credential_value) @@ -54,7 +54,10 @@ if __name__ == '__main__': attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK usage_mask = attribute_factory.create_attribute(attribute_type, mask_flags) - attributes = [algorithm, usage_mask] + attribute_type = AttributeType.CRYPTOGRAPHIC_LENGTH + length = attribute_factory.create_attribute(attribute_type, + 128) + attributes = [algorithm, usage_mask, length] template_attribute = TemplateAttribute(attributes=attributes) result = client.create(object_type, template_attribute, @@ -63,7 +66,13 @@ if __name__ == '__main__': logger.debug('create() result status: {}'.format( result.result_status.enum)) - logger.debug('created object type: {}'.format(result.object_type.enum)) - logger.debug('created UUID: {}'.format(result.uuid.value)) - logger.debug('created template attribute: {}'. - format(result.template_attribute)) + if result.result_status.enum == ResultStatus.SUCCESS: + logger.debug('created object type: {}'.format(result.object_type.enum)) + logger.debug('created UUID: {}'.format(result.uuid.value)) + logger.debug('created template attribute: {}'. + format(result.template_attribute)) + else: + logger.debug('create() result reason: {}'.format( + result.result_reason.enum)) + logger.debug('create() result message: {}'.format( + result.result_message.value)) diff --git a/kmip/demos/units/__init__.py b/kmip/demos/units/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/kmip/demos/units/create.py b/kmip/demos/units/create.py new file mode 100644 index 0000000..f1b6099 --- /dev/null +++ b/kmip/demos/units/create.py @@ -0,0 +1,136 @@ +# Copyright (c) 2014 The Johns Hopkins University/Applied Physics Laboratory +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from kmip.core.enums import AttributeType +from kmip.core.enums import CredentialType +from kmip.core.enums import CryptographicAlgorithm +from kmip.core.enums import CryptographicUsageMask +from kmip.core.enums import ObjectType +from kmip.core.enums import Operation +from kmip.core.enums import ResultStatus +from kmip.core.enums import NameType + +from kmip.demos import utils + +from kmip.core.factories.attributes import AttributeFactory +from kmip.core.factories.credentials import CredentialFactory + +from kmip.core.attributes import Name + +from kmip.core.objects import TemplateAttribute +from kmip.core.objects import Attribute + +from kmip.services.kmip_client import KMIPProxy + +import logging +import os +import sys + + +if __name__ == '__main__': + # Build and parse arguments + parser = utils.build_cli_parser(Operation.CREATE) + opts, args = parser.parse_args(sys.argv[1:]) + + username = opts.username + password = opts.password + algorithm = opts.algorithm + length = opts.length + + # Exit early if the arguments are not specified + if algorithm is None: + logging.debug('No algorithm provided, exiting early from demo') + sys.exit() + if length is None: + logging.debug("No key length provided, exiting early from demo") + sys.exit() + + # Build and setup logging and needed factories + f_log = os.path.join(os.path.dirname(__file__), os.pardir, os.pardir, + 'logconfig.ini') + logging.config.fileConfig(f_log) + logger = logging.getLogger(__name__) + + attribute_factory = AttributeFactory() + credential_factory = CredentialFactory() + + # Build the KMIP server account credentials + # TODO (peter-hamilton) Move up into KMIPProxy + if (username is None) and (password is None): + credential = None + else: + credential_type = CredentialType.USERNAME_AND_PASSWORD + credential_value = {'Username': username, + 'Password': password} + credential = credential_factory.create_credential(credential_type, + credential_value) + # Build the client and connect to the server + client = KMIPProxy() + client.open() + + # Build the different object attributes + object_type = ObjectType.SYMMETRIC_KEY + + attribute_type = AttributeType.CRYPTOGRAPHIC_ALGORITHM + algorithm_enum = getattr(CryptographicAlgorithm, algorithm, None) + + if algorithm_enum is None: + logging.debug("{0} not found".format(algorithm)) + logging.debug("Invalid algorithm specified, exiting early from demo") + + client.close() + sys.exit() + + algorithm_obj = attribute_factory.create_attribute(attribute_type, + algorithm_enum) + + mask_flags = [CryptographicUsageMask.ENCRYPT, + CryptographicUsageMask.DECRYPT] + attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK + usage_mask = attribute_factory.create_attribute(attribute_type, + mask_flags) + + attribute_type = AttributeType.CRYPTOGRAPHIC_LENGTH + length_obj = attribute_factory.create_attribute(attribute_type, + length) + name = Attribute.AttributeName('Name') + name_value = Name.NameValue('Test Key') + name_type = Name.NameType(NameType.UNINTERPRETED_TEXT_STRING) + value = Name(name_value=name_value, name_type=name_type) + name = Attribute(attribute_name=name, attribute_value=value) + + attributes = [algorithm_obj, usage_mask, length_obj, name] + template_attribute = TemplateAttribute(attributes=attributes) + + # Create the SYMMETRIC_KEY object + result = client.create(object_type, template_attribute, + credential) + client.close() + + # Display operation results + logger.debug('create() result status: {}'.format( + result.result_status.enum)) + + if result.result_status.enum == ResultStatus.SUCCESS: + logger.debug('created object type: {}'.format( + result.object_type.enum)) + logger.debug('created UUID: {}'.format(result.uuid.value)) + logger.debug('created template attribute: {}'. + format(result.template_attribute)) + else: + logger.debug('create() result reason: {}'.format( + result.result_reason.enum)) + logger.debug('create() result message: {}'.format( + result.result_message.value)) diff --git a/kmip/demos/units/create_key_pair.py b/kmip/demos/units/create_key_pair.py new file mode 100644 index 0000000..4a09ffd --- /dev/null +++ b/kmip/demos/units/create_key_pair.py @@ -0,0 +1,132 @@ +# Copyright (c) 2014 The Johns Hopkins University/Applied Physics Laboratory +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from kmip.core.enums import AttributeType +from kmip.core.enums import CredentialType +from kmip.core.enums import CryptographicAlgorithm +from kmip.core.enums import Operation +from kmip.core.enums import ResultStatus +from kmip.core.enums import NameType + +from kmip.demos import utils + +from kmip.core.factories.attributes import AttributeFactory +from kmip.core.factories.credentials import CredentialFactory + +from kmip.core.attributes import Name + +from kmip.core.objects import CommonTemplateAttribute +from kmip.core.objects import PrivateKeyTemplateAttribute +from kmip.core.objects import PublicKeyTemplateAttribute +from kmip.core.objects import Attribute + +from kmip.services.kmip_client import KMIPProxy + +import logging +import os +import sys + + +if __name__ == '__main__': + # Build and parse arguments + parser = utils.build_cli_parser(Operation.CREATE_KEY_PAIR) + opts, args = parser.parse_args(sys.argv[1:]) + + username = opts.username + password = opts.password + algorithm = opts.algorithm + length = opts.length + + # Exit early if the arguments are not specified + if algorithm is None: + logging.debug('No algorithm provided, exiting early from demo') + sys.exit() + if length is None: + logging.debug("No key length provided, exiting early from demo") + sys.exit() + + attribute_type = AttributeType.CRYPTOGRAPHIC_ALGORITHM + algorithm_enum = getattr(CryptographicAlgorithm, algorithm, None) + + if algorithm_enum is None: + logging.debug("{0} not found".format(algorithm)) + logging.debug("Invalid algorithm specified, exiting early from demo") + sys.exit() + + # Build and setup logging and needed factories + f_log = os.path.join(os.path.dirname(__file__), os.pardir, os.pardir, + 'logconfig.ini') + logging.config.fileConfig(f_log) + logger = logging.getLogger(__name__) + + attribute_factory = AttributeFactory() + credential_factory = CredentialFactory() + + # Build the KMIP server account credentials + # TODO (peter-hamilton) Move up into KMIPProxy + if (username is None) and (password is None): + credential = None + else: + credential_type = CredentialType.USERNAME_AND_PASSWORD + credential_value = {'Username': username, + 'Password': password} + credential = credential_factory.create_credential(credential_type, + credential_value) + # Build the client and connect to the server + client = KMIPProxy() + client.open() + + algorithm_obj = attribute_factory.create_attribute(attribute_type, + algorithm_enum) + + attribute_type = AttributeType.CRYPTOGRAPHIC_LENGTH + length_obj = attribute_factory.create_attribute(attribute_type, + length) + + name = Attribute.AttributeName('Name') + name_value = Name.NameValue('Test Key') + name_type = Name.NameType(NameType.UNINTERPRETED_TEXT_STRING) + value = Name(name_value=name_value, name_type=name_type) + name = Attribute(attribute_name=name, attribute_value=value) + + attributes = [algorithm_obj, length_obj, name] + common = CommonTemplateAttribute(attributes=attributes) + private = PrivateKeyTemplateAttribute(attributes=attributes) + public = PublicKeyTemplateAttribute(attributes=attributes) + + # Create the SYMMETRIC_KEY object + result = client.create_key_pair(common_template_attribute=common, + private_key_template_attribute=private, + public_key_template_attribute=public) + client.close() + + # Display operation results + logger.debug('create_key_pair() result status: {}'.format( + result.result_status.enum)) + + if result.result_status.enum == ResultStatus.SUCCESS: + logger.debug('created private key UUID: {}'.format( + result.private_key_uuid)) + logger.debug('created public key UUID: {}'.format( + result.public_key_uuid)) + logger.debug('created private key template attribute: {}'.format( + result.private_key_template_attribute)) + logger.debug('created public key template attribute: {}'.format( + result.public_key_template_attribute)) + else: + logger.debug('create() result reason: {}'.format( + result.result_reason.enum)) + logger.debug('create() result message: {}'.format( + result.result_message.value)) diff --git a/kmip/demos/units/destroy.py b/kmip/demos/units/destroy.py new file mode 100644 index 0000000..40b81e4 --- /dev/null +++ b/kmip/demos/units/destroy.py @@ -0,0 +1,83 @@ +# Copyright (c) 2014 The Johns Hopkins University/Applied Physics Laboratory +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from kmip.core.enums import CredentialType +from kmip.core.enums import Operation +from kmip.core.enums import ResultStatus + +from kmip.core.factories.attributes import AttributeFactory +from kmip.core.factories.credentials import CredentialFactory + +from kmip.demos import utils + +from kmip.services.kmip_client import KMIPProxy + +import logging +import os +import sys + + +if __name__ == '__main__': + # Build and parse arguments + parser = utils.build_cli_parser(Operation.DESTROY) + opts, args = parser.parse_args(sys.argv[1:]) + + username = opts.username + password = opts.password + uuid = opts.uuid + + # Exit early if the UUID is not specified + if uuid is None: + logging.debug('No UUID provided, exiting early from demo') + sys.exit() + + # Build and setup logging and needed factories + f_log = os.path.join(os.path.dirname(__file__), os.pardir, os.pardir, + 'logconfig.ini') + logging.config.fileConfig(f_log) + logger = logging.getLogger(__name__) + + attribute_factory = AttributeFactory() + credential_factory = CredentialFactory() + + # Build the KMIP server account credentials + # TODO (peter-hamilton) Move up into KMIPProxy + if (username is None) and (password is None): + credential = None + else: + credential_type = CredentialType.USERNAME_AND_PASSWORD + credential_value = {'Username': username, + 'Password': password} + credential = credential_factory.create_credential(credential_type, + credential_value) + # Build the client and connect to the server + client = KMIPProxy() + client.open() + + # Destroy the SYMMETRIC_KEY object + result = client.destroy(uuid, credential) + client.close() + + # Display operation results + logger.debug('destroy() result status: {}'.format( + result.result_status.enum)) + + if result.result_status.enum == ResultStatus.SUCCESS: + logger.debug('destroyed UUID: {}'.format(result.uuid.value)) + else: + logger.debug('destroy() result reason: {}'.format( + result.result_reason.enum)) + logger.debug('destroy() result message: {}'.format( + result.result_message.value)) diff --git a/kmip/demos/units/get.py b/kmip/demos/units/get.py new file mode 100644 index 0000000..53559d6 --- /dev/null +++ b/kmip/demos/units/get.py @@ -0,0 +1,86 @@ +# Copyright (c) 2014 The Johns Hopkins University/Applied Physics Laboratory +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from kmip.core.enums import CredentialType +from kmip.core.enums import Operation +from kmip.core.enums import ResultStatus + +from kmip.core.factories.attributes import AttributeFactory +from kmip.core.factories.credentials import CredentialFactory + +from kmip.demos import utils + +from kmip.services.kmip_client import KMIPProxy + +import logging +import os +import sys + + +if __name__ == '__main__': + # Build and parse arguments + parser = utils.build_cli_parser(Operation.GET) + opts, args = parser.parse_args(sys.argv[1:]) + + username = opts.username + password = opts.password + uuid = opts.uuid + + # Exit early if the UUID is not specified + if uuid is None: + logging.debug('No UUID provided, exiting early from demo') + sys.exit() + + # Build and setup logging and needed factories + f_log = os.path.join(os.path.dirname(__file__), os.pardir, os.pardir, + 'logconfig.ini') + logging.config.fileConfig(f_log) + logger = logging.getLogger(__name__) + + attribute_factory = AttributeFactory() + credential_factory = CredentialFactory() + + # Build the KMIP server account credentials + # TODO (peter-hamilton) Move up into KMIPProxy + if (username is None) and (password is None): + credential = None + else: + credential_type = CredentialType.USERNAME_AND_PASSWORD + credential_value = {'Username': username, + 'Password': password} + credential = credential_factory.create_credential(credential_type, + credential_value) + # Build the client and connect to the server + client = KMIPProxy() + client.open() + + # Retrieve the SYMMETRIC_KEY object + result = client.get(uuid, credential) + client.close() + + # Display operation results + logger.debug('get() result status: {}'.format( + result.result_status.enum)) + + if result.result_status.enum == ResultStatus.SUCCESS: + logger.debug('retrieved object type: {}'.format( + result.object_type.enum)) + logger.debug('retrieved UUID: {}'.format(result.uuid.value)) + logger.debug('retrieved secret: {}'.format(result.secret)) + else: + logger.debug('get() result reason: {}'.format( + result.result_reason.enum)) + logger.debug('get() result message: {}'.format( + result.result_message.value)) diff --git a/kmip/demos/units/locate.py b/kmip/demos/units/locate.py new file mode 100644 index 0000000..8ac2635 --- /dev/null +++ b/kmip/demos/units/locate.py @@ -0,0 +1,100 @@ +# Copyright (c) 2014 The Johns Hopkins University/Applied Physics Laboratory +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from kmip.core.enums import CredentialType +from kmip.core.enums import NameType +from kmip.core.enums import Operation +from kmip.core.enums import ResultStatus + +from kmip.core.attributes import Name + +from kmip.core.factories.attributes import AttributeFactory +from kmip.core.factories.credentials import CredentialFactory + +from kmip.core.objects import Attribute + +from kmip.demos import utils + +from kmip.services.kmip_client import KMIPProxy + +import logging +import os +import sys + + +if __name__ == '__main__': + # Build and parse arguments + parser = utils.build_cli_parser(Operation.LOCATE) + opts, args = parser.parse_args(sys.argv[1:]) + + username = opts.username + password = opts.password + name = opts.name + + # Exit early if the UUID is not specified + if name is None: + logging.debug('No name provided, exiting early from demo') + sys.exit() + + # Build and setup logging and needed factories + f_log = os.path.join(os.path.dirname(__file__), os.pardir, os.pardir, + 'logconfig.ini') + logging.config.fileConfig(f_log) + logger = logging.getLogger(__name__) + + attribute_factory = AttributeFactory() + credential_factory = CredentialFactory() + + # Build the KMIP server account credentials + # TODO (peter-hamilton) Move up into KMIPProxy + if (username is None) and (password is None): + credential = None + else: + credential_type = CredentialType.USERNAME_AND_PASSWORD + credential_value = {'Username': username, + 'Password': password} + credential = credential_factory.create_credential(credential_type, + credential_value) + # Build the client and connect to the server + client = KMIPProxy() + client.open() + + # Build name attribute + # TODO (peter-hamilton) Push this into the AttributeFactory + attribute_name = Attribute.AttributeName('Name') + name_value = Name.NameValue(name) + name_type = Name.NameType(NameType.UNINTERPRETED_TEXT_STRING) + value = Name.create(name_value=name_value, name_type=name_type) + name_obj = Attribute(attribute_name=attribute_name, attribute_value=value) + attributes = [name_obj] + + # Locate UUID of specified SYMMETRIC_KEY object + result = client.locate(attributes=attributes, + credential=credential) + client.close() + + # Display operation results + logger.debug('locate() result status: {}'.format( + result.result_status.enum)) + + if result.result_status.enum == ResultStatus.SUCCESS: + logger.debug('located UUIDs:') + for uuid in result.uuids: + logging.debug('{0}'.format(uuid)) + else: + logger.debug('get() result reason: {}'.format( + result.result_reason.enum)) + logger.debug('get() result message: {}'.format( + result.result_message.value)) diff --git a/kmip/demos/units/register.py b/kmip/demos/units/register.py new file mode 100644 index 0000000..c2a40ab --- /dev/null +++ b/kmip/demos/units/register.py @@ -0,0 +1,135 @@ +# Copyright (c) 2014 The Johns Hopkins University/Applied Physics Laboratory +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from kmip.core.enums import AttributeType +from kmip.core.enums import CredentialType +from kmip.core.enums import CryptographicAlgorithm +from kmip.core.enums import CryptographicUsageMask +from kmip.core.enums import KeyFormatType +from kmip.core.enums import ObjectType +from kmip.core.enums import Operation +from kmip.core.enums import ResultStatus + +from kmip.core.factories.attributes import AttributeFactory +from kmip.core.factories.credentials import CredentialFactory +from kmip.core.factories.secrets import SecretFactory + +from kmip.core.objects import TemplateAttribute + +from kmip.demos import utils + +from kmip.services.kmip_client import KMIPProxy + +import logging +import os +import sys + + +if __name__ == '__main__': + # Build and parse arguments + parser = utils.build_cli_parser(Operation.REGISTER) + opts, args = parser.parse_args(sys.argv[1:]) + + username = opts.username + password = opts.password + algorithm = opts.algorithm + length = opts.length + + # Exit early if the arguments are not specified + if algorithm is None: + logging.debug('No algorithm provided, exiting early from demo') + sys.exit() + if length is None: + logging.debug("No key length provided, exiting early from demo") + sys.exit() + + # Build and setup logging and needed factories + f_log = os.path.join(os.path.dirname(__file__), os.pardir, os.pardir, + 'logconfig.ini') + logging.config.fileConfig(f_log) + logger = logging.getLogger(__name__) + + attribute_factory = AttributeFactory() + credential_factory = CredentialFactory() + secret_factory = SecretFactory() + + # Build the KMIP server account credentials + # TODO (peter-hamilton) Move up into KMIPProxy + if (username is None) and (password is None): + credential = None + else: + credential_type = CredentialType.USERNAME_AND_PASSWORD + credential_value = {'Username': username, + 'Password': password} + credential = credential_factory.create_credential(credential_type, + credential_value) + # Build the client and connect to the server + client = KMIPProxy() + client.open() + + # Build the different object attributes + object_type = ObjectType.SYMMETRIC_KEY + + attribute_type = AttributeType.CRYPTOGRAPHIC_ALGORITHM + algorithm_enum = getattr(CryptographicAlgorithm, algorithm, None) + + if algorithm_enum is None: + logging.debug("{0} not found".format(algorithm)) + logging.debug("Invalid algorithm specified, exiting early from demo") + + client.close() + sys.exit() + + mask_flags = [CryptographicUsageMask.ENCRYPT, + CryptographicUsageMask.DECRYPT] + attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK + usage_mask = attribute_factory.create_attribute(attribute_type, + mask_flags) + attributes = [usage_mask] + template_attribute = TemplateAttribute(attributes=attributes) + + secret_features = {} + + key_format_type = KeyFormatType.RAW + secret_features.update([('key_format_type', key_format_type)]) + + # TODO (peter-hamilton) Replace with calls to crypto libraries + key_data = {'bytes': bytearray(b'\x00\x00\x00\x00\x00\x00\x00\x00' + b'\x00\x00\x00\x00\x00\x00\x00\x00')} + + secret_features.update([('key_value', key_data)]) + secret_features.update([('cryptographic_algorithm', algorithm_enum)]) + secret_features.update([('cryptographic_length', length)]) + + secret = secret_factory.create_secret(object_type, secret_features) + + # Register the SYMMETRIC_KEY object + result = client.register(object_type, template_attribute, secret, + credential) + client.close() + + # Display operation results + logger.debug('register() result status: {}'.format( + result.result_status.enum)) + + if result.result_status.enum == ResultStatus.SUCCESS: + logger.debug('registered UUID: {}'.format(result.uuid.value)) + logger.debug('registered template attribute: {}'. + format(result.template_attribute)) + else: + logger.debug('register() result reason: {}'.format( + result.result_reason.enum)) + logger.debug('register() result message: {}'.format( + result.result_message.value)) diff --git a/kmip/demos/utils.py b/kmip/demos/utils.py new file mode 100644 index 0000000..5fc30b2 --- /dev/null +++ b/kmip/demos/utils.py @@ -0,0 +1,125 @@ +# Copyright (c) 2015 The Johns Hopkins University/Applied Physics Laboratory +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from kmip.core.enums import Operation + +import optparse + + +def build_cli_parser(operation): + # Build the argument parser and setup expected options + parser = optparse.OptionParser( + usage="%prog [options]", + description="Run KMIP client {0} operation".format(operation.name)) + + parser.add_option( + "-u", + "--username", + action="store", + type="str", + default=None, + dest="username", + help="Username for KMIP server account") + parser.add_option( + "-p", + "--password", + action="store", + type="str", + default=None, + dest="password", + help="Password for KMIP server account") + + if operation is Operation.CREATE: + parser.add_option( + "-a", + "--algorithm", + action="store", + type="str", + default=None, + dest="algorithm", + help="Encryption algorithm for the secret (e.g., AES)") + parser.add_option( + "-l", + "--length", + action="store", + type="int", + default=None, + dest="length", + help="Key length in bits (e.g., 128, 256)") + elif operation is Operation.CREATE_KEY_PAIR: + parser.add_option( + "-a", + "--algorithm", + action="store", + type="str", + default=None, + dest="algorithm", + help="Encryption algorithm for the secret (e.g., AES)") + parser.add_option( + "-l", + "--length", + action="store", + type="int", + default=None, + dest="length", + help="Key length in bits (e.g., 128, 256)") + elif operation is Operation.DESTROY: + parser.add_option( + "-i", + "--uuid", + action="store", + type="str", + default=None, + dest="uuid", + help="UUID of secret to delete from the KMIP server") + elif operation is Operation.GET: + parser.add_option( + "-i", + "--uuid", + action="store", + type="str", + default=None, + dest="uuid", + help="UUID of secret to retrieve from the KMIP server") + elif operation is Operation.LOCATE: + parser.add_option( + "-n", + "--name", + action="store", + type="str", + default=None, + dest="name", + help="Name of secret to retrieve from the KMIP server") + elif operation is Operation.REGISTER: + parser.add_option( + "-a", + "--algorithm", + action="store", + type="str", + default=None, + dest="algorithm", + help="Encryption algorithm for the secret (e.g., AES)") + parser.add_option( + "-l", + "--length", + action="store", + type="int", + default=None, + dest="length", + help="Key length in bits (e.g., 128, 256)") + else: + raise ValueError("unrecognized operation: {0}".format(operation)) + + return parser diff --git a/kmip/services/kmip_client.py b/kmip/services/kmip_client.py index 1d55b8c..8fd3d66 100644 --- a/kmip/services/kmip_client.py +++ b/kmip/services/kmip_client.py @@ -83,6 +83,21 @@ class KMIPProxy(KMIP): def open(self): sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + + self.logger.debug("KMIPProxy keyfile: {0}".format(self.keyfile)) + self.logger.debug("KMIPProxy certfile: {0}".format(self.certfile)) + self.logger.debug( + "KMIPProxy cert_reqs: {0} (CERT_REQUIRED: {1})".format( + self.cert_reqs, ssl.CERT_REQUIRED)) + self.logger.debug( + "KMIPProxy ssl_version: {0} (PROTOCOL_SSLv23: {1})".format( + self.ssl_version, ssl.PROTOCOL_SSLv23)) + self.logger.debug("KMIPProxy ca_certs: {0}".format(self.ca_certs)) + self.logger.debug("KMIPProxy do_handshake_on_connect: {0}".format( + self.do_handshake_on_connect)) + self.logger.debug("KMIPProxy suppress_ragged_eofs: {0}".format( + self.suppress_ragged_eofs)) + self.socket = ssl.wrap_socket( sock, keyfile=self.keyfile, diff --git a/kmip/services/results.py b/kmip/services/results.py index 3a2ee7e..10f5d02 100644 --- a/kmip/services/results.py +++ b/kmip/services/results.py @@ -71,6 +71,8 @@ class CreateKeyPairResult(OperationResult): public_key_uuid=None, private_key_template_attribute=None, public_key_template_attribute=None): + super(CreateKeyPairResult, self).__init__( + result_status, result_reason, result_message) self.private_key_uuid = private_key_uuid self.public_key_uuid = public_key_uuid self.private_key_template_attribute = private_key_template_attribute