From bc4e4e38bdc7cd7578d10b21519a0ffd69e01c61 Mon Sep 17 00:00:00 2001 From: Peter Hamilton Date: Fri, 10 May 2019 14:52:29 -0400 Subject: [PATCH] Updating the Create payloads to properly use protection masks This change updates the Create payloads to properly use the new ProtectionStorageMasks structure. Unit tests have been updated to reflect this change. --- kmip/core/messages/payloads/create.py | 45 ++--- .../core/messages/payloads/test_create.py | 160 +++++++++++++----- 2 files changed, 142 insertions(+), 63 deletions(-) diff --git a/kmip/core/messages/payloads/create.py b/kmip/core/messages/payloads/create.py index e9169f7..30fa13e 100644 --- a/kmip/core/messages/payloads/create.py +++ b/kmip/core/messages/payloads/create.py @@ -29,9 +29,9 @@ class CreateRequestPayload(primitives.Struct): Attributes: object_type: The type of the object to create. template_attribute: A group of attributes to set on the new object. - protection_storage_masks: An integer representing all of the - protection storage mask selections for the new object. Added in - KMIP 2.0. + protection_storage_masks: A ProtectionStorageMasks structure + containing the storage masks permissible for the new object. + Added in KMIP 2.0. """ def __init__(self, @@ -48,9 +48,9 @@ class CreateRequestPayload(primitives.Struct): template_attribute (TemplateAttribute): A TemplateAttribute structure containing a set of attributes to set on the new object. Optional, defaults to None. Required for read/write. - protection_storage_masks (int): An integer representing all of - the protection storage mask selections for the new object. - Optional, defaults to None. Added in KMIP 2.0. + protection_storage_masks (structure): A ProtectionStorageMasks + structure containing the storage masks permissible for the new + object. Added in KMIP 2.0. Optional, defaults to None. """ super(CreateRequestPayload, self).__init__( tag=enums.Tags.REQUEST_PAYLOAD @@ -103,22 +103,25 @@ class CreateRequestPayload(primitives.Struct): @property def protection_storage_masks(self): - if self._protection_storage_masks: - return self._protection_storage_masks.value - return None + return self._protection_storage_masks @protection_storage_masks.setter def protection_storage_masks(self, value): if value is None: self._protection_storage_masks = None - elif isinstance(value, six.integer_types): - self._protection_storage_masks = primitives.Integer( - value=value, - tag=enums.Tags.PROTECTION_STORAGE_MASKS - ) + elif isinstance(value, objects.ProtectionStorageMasks): + if value.tag == enums.Tags.PROTECTION_STORAGE_MASKS: + self._protection_storage_masks = value + else: + raise TypeError( + "The protection storage masks must be a " + "ProtectionStorageMasks structure with a " + "ProtectionStorageMasks tag." + ) else: raise TypeError( - "The protection storage masks must be an integer." + "The protection storage masks must be a " + "ProtectionStorageMasks structure." ) def read(self, input_buffer, kmip_version=enums.KMIPVersion.KMIP_1_0): @@ -187,11 +190,12 @@ class CreateRequestPayload(primitives.Struct): "attributes structure." ) + if kmip_version >= enums.KMIPVersion.KMIP_2_0: if self.is_tag_next( enums.Tags.PROTECTION_STORAGE_MASKS, local_buffer ): - protection_storage_masks = primitives.Integer( + protection_storage_masks = objects.ProtectionStorageMasks( tag=enums.Tags.PROTECTION_STORAGE_MASKS ) protection_storage_masks.read( @@ -255,6 +259,7 @@ class CreateRequestPayload(primitives.Struct): "attribute field." ) + if kmip_version >= enums.KMIPVersion.KMIP_2_0: if self._protection_storage_masks: self._protection_storage_masks.write( local_buffer, @@ -293,9 +298,7 @@ class CreateRequestPayload(primitives.Struct): "object_type={}".format(self.object_type), "template_attribute={}".format(repr(self.template_attribute)), "protection_storage_masks={}".format( - "{}".format( - repr(self.protection_storage_masks) - ) if self._protection_storage_masks else None + repr(self.protection_storage_masks) ) ]) return "CreateRequestPayload({})".format(args) @@ -306,9 +309,7 @@ class CreateRequestPayload(primitives.Struct): '"object_type": {}'.format(self.object_type), '"template_attribute": {}'.format(self.template_attribute), '"protection_storage_masks": {}'.format( - "{}".format( - str(self.protection_storage_masks) - ) if self._protection_storage_masks else None + str(self.protection_storage_masks) ) ] ) diff --git a/kmip/tests/unit/core/messages/payloads/test_create.py b/kmip/tests/unit/core/messages/payloads/test_create.py index de25293..e62044b 100644 --- a/kmip/tests/unit/core/messages/payloads/test_create.py +++ b/kmip/tests/unit/core/messages/payloads/test_create.py @@ -76,15 +76,17 @@ class TestCreateRequestPayload(testtools.TestCase): # Cryptographic Algorithm - AES # Cryptographic Length - 128 # Cryptographic Usage Mask - Encrypt | Decrypt - # Protection Storage Masks - Software | Hardware + # Protection Storage Masks + # Protection Storage Mask - Software | Hardware self.full_encoding_with_attributes = utils.BytearrayStream( - b'\x42\x00\x79\x01\x00\x00\x00\x58' + b'\x42\x00\x79\x01\x00\x00\x00\x60' b'\x42\x00\x57\x05\x00\x00\x00\x04\x00\x00\x00\x02\x00\x00\x00\x00' b'\x42\x01\x25\x01\x00\x00\x00\x30' b'\x42\x00\x28\x05\x00\x00\x00\x04\x00\x00\x00\x03\x00\x00\x00\x00' b'\x42\x00\x2A\x02\x00\x00\x00\x04\x00\x00\x00\x80\x00\x00\x00\x00' b'\x42\x00\x2C\x02\x00\x00\x00\x04\x00\x00\x00\x0C\x00\x00\x00\x00' - b'\x42\x01\x5F\x02\x00\x00\x00\x04\x00\x00\x00\x03\x00\x00\x00\x00' + b'\x42\x01\x5F\x01\x00\x00\x00\x10' + b'\x42\x01\x5E\x02\x00\x00\x00\x04\x00\x00\x00\x03\x00\x00\x00\x00' ) # Encoding obtained from the KMIP 1.1 testing document, @@ -194,7 +196,20 @@ class TestCreateRequestPayload(testtools.TestCase): kwargs = {"protection_storage_masks": "invalid"} self.assertRaisesRegex( TypeError, - "The protection storage masks must be an integer.", + "The protection storage masks must be a ProtectionStorageMasks " + "structure.", + payloads.CreateRequestPayload, + **kwargs + ) + kwargs = { + "protection_storage_masks": objects.ProtectionStorageMasks( + tag=enums.Tags.COMMON_PROTECTION_STORAGE_MASKS + ) + } + self.assertRaisesRegex( + TypeError, + "The protection storage masks must be a ProtectionStorageMasks " + "structure with a ProtectionStorageMasks tag.", payloads.CreateRequestPayload, **kwargs ) @@ -206,7 +221,22 @@ class TestCreateRequestPayload(testtools.TestCase): ) self.assertRaisesRegex( TypeError, - "The protection storage masks must be an integer.", + "The protection storage masks must be a ProtectionStorageMasks " + "structure.", + setattr, + *args + ) + args = ( + payloads.CreateRequestPayload(), + "protection_storage_masks", + objects.ProtectionStorageMasks( + tag=enums.Tags.COMMON_PROTECTION_STORAGE_MASKS + ) + ) + self.assertRaisesRegex( + TypeError, + "The protection storage masks must be a ProtectionStorageMasks " + "structure with a ProtectionStorageMasks tag.", setattr, *args ) @@ -325,7 +355,10 @@ class TestCreateRequestPayload(testtools.TestCase): ), payload.template_attribute ) - self.assertEqual(3, payload.protection_storage_masks) + self.assertEqual( + objects.ProtectionStorageMasks(protection_storage_masks=[3]), + payload.protection_storage_masks + ) def test_read_missing_object_type(self): """ @@ -479,9 +512,13 @@ class TestCreateRequestPayload(testtools.TestCase): ) ] ), - protection_storage_masks=( - enums.ProtectionStorageMask.SOFTWARE.value | - enums.ProtectionStorageMask.HARDWARE.value + protection_storage_masks=objects.ProtectionStorageMasks( + protection_storage_masks=[ + ( + enums.ProtectionStorageMask.SOFTWARE.value | + enums.ProtectionStorageMask.HARDWARE.value + ) + ] ) ) @@ -602,16 +639,21 @@ class TestCreateRequestPayload(testtools.TestCase): ) ] ), - protection_storage_masks=( - enums.ProtectionStorageMask.SOFTWARE.value | - enums.ProtectionStorageMask.HARDWARE.value + protection_storage_masks=objects.ProtectionStorageMasks( + protection_storage_masks=[ + ( + enums.ProtectionStorageMask.SOFTWARE.value | + enums.ProtectionStorageMask.HARDWARE.value + ) + ] ) ) self.assertEqual( "CreateRequestPayload(" "object_type=ObjectType.SYMMETRIC_KEY, " "template_attribute=Struct(), " - "protection_storage_masks=3)", + "protection_storage_masks=ProtectionStorageMasks(" + "protection_storage_masks=[3]))", repr(payload) ) @@ -644,16 +686,20 @@ class TestCreateRequestPayload(testtools.TestCase): ) ] ), - protection_storage_masks=( - enums.ProtectionStorageMask.SOFTWARE.value | - enums.ProtectionStorageMask.HARDWARE.value + protection_storage_masks=objects.ProtectionStorageMasks( + protection_storage_masks=[ + ( + enums.ProtectionStorageMask.SOFTWARE.value | + enums.ProtectionStorageMask.HARDWARE.value + ) + ] ) ) self.assertEqual( '{' '"object_type": ObjectType.SYMMETRIC_KEY, ' '"template_attribute": Struct(), ' - '"protection_storage_masks": 3' + '"protection_storage_masks": {"protection_storage_masks": [3]}' '}', str(payload) ) @@ -706,9 +752,13 @@ class TestCreateRequestPayload(testtools.TestCase): ) ] ), - protection_storage_masks=( - enums.ProtectionStorageMask.SOFTWARE.value | - enums.ProtectionStorageMask.HARDWARE.value + protection_storage_masks=objects.ProtectionStorageMasks( + protection_storage_masks=[ + ( + enums.ProtectionStorageMask.SOFTWARE.value | + enums.ProtectionStorageMask.HARDWARE.value + ) + ] ) ) b = payloads.CreateRequestPayload( @@ -748,9 +798,13 @@ class TestCreateRequestPayload(testtools.TestCase): ) ] ), - protection_storage_masks=( - enums.ProtectionStorageMask.SOFTWARE.value | - enums.ProtectionStorageMask.HARDWARE.value + protection_storage_masks=objects.ProtectionStorageMasks( + protection_storage_masks=[ + ( + enums.ProtectionStorageMask.SOFTWARE.value | + enums.ProtectionStorageMask.HARDWARE.value + ) + ] ) ) @@ -818,15 +872,23 @@ class TestCreateRequestPayload(testtools.TestCase): request payloads with different protection storage masks. """ a = payloads.CreateRequestPayload( - protection_storage_masks=( - enums.ProtectionStorageMask.SOFTWARE.value | - enums.ProtectionStorageMask.HARDWARE.value + protection_storage_masks=objects.ProtectionStorageMasks( + protection_storage_masks=[ + ( + enums.ProtectionStorageMask.SOFTWARE.value | + enums.ProtectionStorageMask.HARDWARE.value + ) + ] ) ) b = payloads.CreateRequestPayload( - protection_storage_masks=( - enums.ProtectionStorageMask.ON_SYSTEM.value | - enums.ProtectionStorageMask.OFF_SYSTEM.value + protection_storage_masks=objects.ProtectionStorageMasks( + protection_storage_masks=[ + ( + enums.ProtectionStorageMask.ON_SYSTEM.value | + enums.ProtectionStorageMask.OFF_SYSTEM.value + ) + ] ) ) @@ -892,9 +954,13 @@ class TestCreateRequestPayload(testtools.TestCase): ) ] ), - protection_storage_masks=( - enums.ProtectionStorageMask.SOFTWARE.value | - enums.ProtectionStorageMask.HARDWARE.value + protection_storage_masks=objects.ProtectionStorageMasks( + protection_storage_masks=[ + ( + enums.ProtectionStorageMask.SOFTWARE.value | + enums.ProtectionStorageMask.HARDWARE.value + ) + ] ) ) b = payloads.CreateRequestPayload( @@ -934,9 +1000,13 @@ class TestCreateRequestPayload(testtools.TestCase): ) ] ), - protection_storage_masks=( - enums.ProtectionStorageMask.SOFTWARE.value | - enums.ProtectionStorageMask.HARDWARE.value + protection_storage_masks=objects.ProtectionStorageMasks( + protection_storage_masks=[ + ( + enums.ProtectionStorageMask.SOFTWARE.value | + enums.ProtectionStorageMask.HARDWARE.value + ) + ] ) ) @@ -1004,15 +1074,23 @@ class TestCreateRequestPayload(testtools.TestCase): Create request payloads with different protection storage masks. """ a = payloads.CreateRequestPayload( - protection_storage_masks=( - enums.ProtectionStorageMask.SOFTWARE.value | - enums.ProtectionStorageMask.HARDWARE.value + protection_storage_masks=objects.ProtectionStorageMasks( + protection_storage_masks=[ + ( + enums.ProtectionStorageMask.SOFTWARE.value | + enums.ProtectionStorageMask.HARDWARE.value + ) + ] ) ) b = payloads.CreateRequestPayload( - protection_storage_masks=( - enums.ProtectionStorageMask.ON_SYSTEM.value | - enums.ProtectionStorageMask.OFF_SYSTEM.value + protection_storage_masks=objects.ProtectionStorageMasks( + protection_storage_masks=[ + ( + enums.ProtectionStorageMask.ON_SYSTEM.value | + enums.ProtectionStorageMask.OFF_SYSTEM.value + ) + ] ) )