mirror of https://github.com/OpenKMIP/PyKMIP.git
Merge pull request #337 from OpenKMIP/feat/add-connection-decorator
Add a connection decorator to the ProxyKmipClient
This commit is contained in:
commit
7f6f4d004f
|
@ -33,6 +33,14 @@ from kmip.pie import objects as pobjects
|
||||||
from kmip.services.kmip_client import KMIPProxy
|
from kmip.services.kmip_client import KMIPProxy
|
||||||
|
|
||||||
|
|
||||||
|
def is_connected(function):
|
||||||
|
def wrapper(self, *args, **kwargs):
|
||||||
|
if not self._is_open:
|
||||||
|
raise exceptions.ClientConnectionNotOpen()
|
||||||
|
return function(self, *args, **kwargs)
|
||||||
|
return wrapper
|
||||||
|
|
||||||
|
|
||||||
class ProxyKmipClient(api.KmipClient):
|
class ProxyKmipClient(api.KmipClient):
|
||||||
"""
|
"""
|
||||||
A simplified KMIP client for conducting KMIP operations.
|
A simplified KMIP client for conducting KMIP operations.
|
||||||
|
@ -139,6 +147,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
self.logger.exception("could not close client connection", e)
|
self.logger.exception("could not close client connection", e)
|
||||||
raise e
|
raise e
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def create(self, algorithm, length, operation_policy_name=None, name=None,
|
def create(self, algorithm, length, operation_policy_name=None, name=None,
|
||||||
cryptographic_usage_mask=None):
|
cryptographic_usage_mask=None):
|
||||||
"""
|
"""
|
||||||
|
@ -177,10 +186,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
"cryptographic_usage_mask must be a list of "
|
"cryptographic_usage_mask must be a list of "
|
||||||
"CryptographicUsageMask enumerations")
|
"CryptographicUsageMask enumerations")
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
# Create the template containing the attributes
|
# Create the template containing the attributes
|
||||||
common_attributes = self._build_common_attributes(
|
common_attributes = self._build_common_attributes(
|
||||||
operation_policy_name
|
operation_policy_name
|
||||||
|
@ -206,6 +211,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
message = result.result_message.value
|
message = result.result_message.value
|
||||||
raise exceptions.KmipOperationFailure(status, reason, message)
|
raise exceptions.KmipOperationFailure(status, reason, message)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def create_key_pair(self,
|
def create_key_pair(self,
|
||||||
algorithm,
|
algorithm,
|
||||||
length,
|
length,
|
||||||
|
@ -242,10 +248,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
elif not isinstance(length, six.integer_types) or length <= 0:
|
elif not isinstance(length, six.integer_types) or length <= 0:
|
||||||
raise TypeError("length must be a positive integer")
|
raise TypeError("length must be a positive integer")
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
# Create the common attributes that are shared
|
# Create the common attributes that are shared
|
||||||
common_attributes = self._build_common_attributes(
|
common_attributes = self._build_common_attributes(
|
||||||
operation_policy_name
|
operation_policy_name
|
||||||
|
@ -285,6 +287,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
message = result.result_message.value
|
message = result.result_message.value
|
||||||
raise exceptions.KmipOperationFailure(status, reason, message)
|
raise exceptions.KmipOperationFailure(status, reason, message)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def register(self, managed_object):
|
def register(self, managed_object):
|
||||||
"""
|
"""
|
||||||
Register a managed object with a KMIP appliance.
|
Register a managed object with a KMIP appliance.
|
||||||
|
@ -305,10 +308,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
if not isinstance(managed_object, pobjects.ManagedObject):
|
if not isinstance(managed_object, pobjects.ManagedObject):
|
||||||
raise TypeError("managed object must be a Pie ManagedObject")
|
raise TypeError("managed object must be a Pie ManagedObject")
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
# Extract and create attributes
|
# Extract and create attributes
|
||||||
object_attributes = list()
|
object_attributes = list()
|
||||||
|
|
||||||
|
@ -343,6 +342,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
message = result.result_message.value
|
message = result.result_message.value
|
||||||
raise exceptions.KmipOperationFailure(status, reason, message)
|
raise exceptions.KmipOperationFailure(status, reason, message)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def derive_key(self,
|
def derive_key(self,
|
||||||
object_type,
|
object_type,
|
||||||
unique_identifiers,
|
unique_identifiers,
|
||||||
|
@ -420,10 +420,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
if not isinstance(derivation_parameters, dict):
|
if not isinstance(derivation_parameters, dict):
|
||||||
raise TypeError("Derivation parameters must be a dictionary.")
|
raise TypeError("Derivation parameters must be a dictionary.")
|
||||||
|
|
||||||
# Verify that operations can be given at this time.
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
derivation_parameters = DerivationParameters(
|
derivation_parameters = DerivationParameters(
|
||||||
cryptographic_parameters=self._build_cryptographic_parameters(
|
cryptographic_parameters=self._build_cryptographic_parameters(
|
||||||
derivation_parameters.get('cryptographic_parameters')
|
derivation_parameters.get('cryptographic_parameters')
|
||||||
|
@ -475,6 +471,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
result.get('result_message')
|
result.get('result_message')
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def locate(self, maximum_items=None, storage_status_mask=None,
|
def locate(self, maximum_items=None, storage_status_mask=None,
|
||||||
object_group_member=None, attributes=None):
|
object_group_member=None, attributes=None):
|
||||||
"""
|
"""
|
||||||
|
@ -518,10 +515,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
raise TypeError(
|
raise TypeError(
|
||||||
"attributes must be a list of attributes")
|
"attributes must be a list of attributes")
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
# Search for managed objects and handle the results
|
# Search for managed objects and handle the results
|
||||||
result = self.proxy.locate(
|
result = self.proxy.locate(
|
||||||
maximum_items, storage_status_mask,
|
maximum_items, storage_status_mask,
|
||||||
|
@ -536,6 +529,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
message = result.result_message.value
|
message = result.result_message.value
|
||||||
raise exceptions.KmipOperationFailure(status, reason, message)
|
raise exceptions.KmipOperationFailure(status, reason, message)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def get(self, uid=None):
|
def get(self, uid=None):
|
||||||
"""
|
"""
|
||||||
Get a managed object from a KMIP appliance.
|
Get a managed object from a KMIP appliance.
|
||||||
|
@ -556,10 +550,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
if not isinstance(uid, six.string_types):
|
if not isinstance(uid, six.string_types):
|
||||||
raise TypeError("uid must be a string")
|
raise TypeError("uid must be a string")
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
# Get the managed object and handle the results
|
# Get the managed object and handle the results
|
||||||
result = self.proxy.get(uid)
|
result = self.proxy.get(uid)
|
||||||
|
|
||||||
|
@ -572,6 +562,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
message = result.result_message.value
|
message = result.result_message.value
|
||||||
raise exceptions.KmipOperationFailure(status, reason, message)
|
raise exceptions.KmipOperationFailure(status, reason, message)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def get_attributes(self, uid=None, attribute_names=None):
|
def get_attributes(self, uid=None, attribute_names=None):
|
||||||
"""
|
"""
|
||||||
Get the attributes associated with a managed object.
|
Get the attributes associated with a managed object.
|
||||||
|
@ -604,10 +595,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
"attribute_names must be a list of strings"
|
"attribute_names must be a list of strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
# Get the list of attributes for a managed object
|
# Get the list of attributes for a managed object
|
||||||
result = self.proxy.get_attributes(uid, attribute_names)
|
result = self.proxy.get_attributes(uid, attribute_names)
|
||||||
|
|
||||||
|
@ -619,6 +606,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
message = result.result_message.value
|
message = result.result_message.value
|
||||||
raise exceptions.KmipOperationFailure(status, reason, message)
|
raise exceptions.KmipOperationFailure(status, reason, message)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def get_attribute_list(self, uid=None):
|
def get_attribute_list(self, uid=None):
|
||||||
"""
|
"""
|
||||||
Get the names of the attributes associated with a managed object.
|
Get the names of the attributes associated with a managed object.
|
||||||
|
@ -636,10 +624,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
if not isinstance(uid, six.string_types):
|
if not isinstance(uid, six.string_types):
|
||||||
raise TypeError("uid must be a string")
|
raise TypeError("uid must be a string")
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
# Get the list of attribute names for a managed object.
|
# Get the list of attribute names for a managed object.
|
||||||
result = self.proxy.get_attribute_list(uid)
|
result = self.proxy.get_attribute_list(uid)
|
||||||
|
|
||||||
|
@ -652,6 +636,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
message = result.result_message.value
|
message = result.result_message.value
|
||||||
raise exceptions.KmipOperationFailure(status, reason, message)
|
raise exceptions.KmipOperationFailure(status, reason, message)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def activate(self, uid=None):
|
def activate(self, uid=None):
|
||||||
"""
|
"""
|
||||||
Activate a managed object stored by a KMIP appliance.
|
Activate a managed object stored by a KMIP appliance.
|
||||||
|
@ -673,10 +658,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
if not isinstance(uid, six.string_types):
|
if not isinstance(uid, six.string_types):
|
||||||
raise TypeError("uid must be a string")
|
raise TypeError("uid must be a string")
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
# Activate the managed object and handle the results
|
# Activate the managed object and handle the results
|
||||||
result = self.proxy.activate(uid)
|
result = self.proxy.activate(uid)
|
||||||
|
|
||||||
|
@ -688,6 +669,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
message = result.result_message.value
|
message = result.result_message.value
|
||||||
raise exceptions.KmipOperationFailure(status, reason, message)
|
raise exceptions.KmipOperationFailure(status, reason, message)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def revoke(self, revocation_reason, uid=None, revocation_message=None,
|
def revoke(self, revocation_reason, uid=None, revocation_message=None,
|
||||||
compromise_occurrence_date=None):
|
compromise_occurrence_date=None):
|
||||||
"""
|
"""
|
||||||
|
@ -731,10 +713,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
compromise_occurrence_date,
|
compromise_occurrence_date,
|
||||||
enums.Tags.COMPROMISE_OCCURRENCE_DATE)
|
enums.Tags.COMPROMISE_OCCURRENCE_DATE)
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
# revoke the managed object and handle the results
|
# revoke the managed object and handle the results
|
||||||
result = self.proxy.revoke(revocation_reason, uid, revocation_message,
|
result = self.proxy.revoke(revocation_reason, uid, revocation_message,
|
||||||
compromise_occurrence_date)
|
compromise_occurrence_date)
|
||||||
|
@ -747,6 +725,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
message = result.result_message.value
|
message = result.result_message.value
|
||||||
raise exceptions.KmipOperationFailure(status, reason, message)
|
raise exceptions.KmipOperationFailure(status, reason, message)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def destroy(self, uid=None):
|
def destroy(self, uid=None):
|
||||||
"""
|
"""
|
||||||
Destroy a managed object stored by a KMIP appliance.
|
Destroy a managed object stored by a KMIP appliance.
|
||||||
|
@ -767,10 +746,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
if not isinstance(uid, six.string_types):
|
if not isinstance(uid, six.string_types):
|
||||||
raise TypeError("uid must be a string")
|
raise TypeError("uid must be a string")
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
# Destroy the managed object and handle the results
|
# Destroy the managed object and handle the results
|
||||||
result = self.proxy.destroy(uid)
|
result = self.proxy.destroy(uid)
|
||||||
|
|
||||||
|
@ -782,6 +757,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
message = result.result_message.value
|
message = result.result_message.value
|
||||||
raise exceptions.KmipOperationFailure(status, reason, message)
|
raise exceptions.KmipOperationFailure(status, reason, message)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def encrypt(self, data, uid=None, cryptographic_parameters=None,
|
def encrypt(self, data, uid=None, cryptographic_parameters=None,
|
||||||
iv_counter_nonce=None):
|
iv_counter_nonce=None):
|
||||||
"""
|
"""
|
||||||
|
@ -866,10 +842,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
if not isinstance(iv_counter_nonce, six.binary_type):
|
if not isinstance(iv_counter_nonce, six.binary_type):
|
||||||
raise TypeError("iv_counter_nonce must be bytes")
|
raise TypeError("iv_counter_nonce must be bytes")
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
cryptographic_parameters = self._build_cryptographic_parameters(
|
cryptographic_parameters = self._build_cryptographic_parameters(
|
||||||
cryptographic_parameters
|
cryptographic_parameters
|
||||||
)
|
)
|
||||||
|
@ -892,6 +864,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
result.get('result_message')
|
result.get('result_message')
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def decrypt(self, data, uid=None, cryptographic_parameters=None,
|
def decrypt(self, data, uid=None, cryptographic_parameters=None,
|
||||||
iv_counter_nonce=None):
|
iv_counter_nonce=None):
|
||||||
"""
|
"""
|
||||||
|
@ -974,10 +947,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
if not isinstance(iv_counter_nonce, six.binary_type):
|
if not isinstance(iv_counter_nonce, six.binary_type):
|
||||||
raise TypeError("iv_counter_nonce must be bytes")
|
raise TypeError("iv_counter_nonce must be bytes")
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
cryptographic_parameters = self._build_cryptographic_parameters(
|
cryptographic_parameters = self._build_cryptographic_parameters(
|
||||||
cryptographic_parameters
|
cryptographic_parameters
|
||||||
)
|
)
|
||||||
|
@ -1000,6 +969,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
result.get('result_message')
|
result.get('result_message')
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def signature_verify(self, message, signature, uid=None,
|
def signature_verify(self, message, signature, uid=None,
|
||||||
cryptographic_parameters=None):
|
cryptographic_parameters=None):
|
||||||
"""
|
"""
|
||||||
|
@ -1043,10 +1013,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
"Cryptographic parameters must be a dictionary."
|
"Cryptographic parameters must be a dictionary."
|
||||||
)
|
)
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
cryptographic_parameters = self._build_cryptographic_parameters(
|
cryptographic_parameters = self._build_cryptographic_parameters(
|
||||||
cryptographic_parameters
|
cryptographic_parameters
|
||||||
)
|
)
|
||||||
|
@ -1069,6 +1035,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
result.get('result_message')
|
result.get('result_message')
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def sign(self, data, uid=None, cryptographic_parameters=None):
|
def sign(self, data, uid=None, cryptographic_parameters=None):
|
||||||
"""
|
"""
|
||||||
Create a digital signature for data using the specified signing key.
|
Create a digital signature for data using the specified signing key.
|
||||||
|
@ -1102,10 +1069,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
"Cryptographic parameters must be a dictionary."
|
"Cryptographic parameters must be a dictionary."
|
||||||
)
|
)
|
||||||
|
|
||||||
# Verify that operations can be served at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
cryptographic_parameters = self._build_cryptographic_parameters(
|
cryptographic_parameters = self._build_cryptographic_parameters(
|
||||||
cryptographic_parameters
|
cryptographic_parameters
|
||||||
)
|
)
|
||||||
|
@ -1127,6 +1090,7 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
result.get('result_message')
|
result.get('result_message')
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@is_connected
|
||||||
def mac(self, data, uid=None, algorithm=None):
|
def mac(self, data, uid=None, algorithm=None):
|
||||||
"""
|
"""
|
||||||
Get the message authentication code for data.
|
Get the message authentication code for data.
|
||||||
|
@ -1159,10 +1123,6 @@ class ProxyKmipClient(api.KmipClient):
|
||||||
raise TypeError(
|
raise TypeError(
|
||||||
"algorithm must be a CryptographicAlgorithm enumeration")
|
"algorithm must be a CryptographicAlgorithm enumeration")
|
||||||
|
|
||||||
# Verify that operations can be given at this time
|
|
||||||
if not self._is_open:
|
|
||||||
raise exceptions.ClientConnectionNotOpen()
|
|
||||||
|
|
||||||
parameters_attribute = self._build_cryptographic_parameters(
|
parameters_attribute = self._build_cryptographic_parameters(
|
||||||
{'cryptographic_algorithm': algorithm}
|
{'cryptographic_algorithm': algorithm}
|
||||||
)
|
)
|
||||||
|
|
Loading…
Reference in New Issue