Updating the Get unit demo

This change updates the Get unit demo, adding support for: * the additional display of key-related objects * the passing of more arguments to the client (e.g., KeyFormatType) * the retrieval of Public/PrivateKeys
2025-07-23 14:04:33 +02:00 · 2015-03-13 15:01:52 -04:00 · 2015-03-13 15:01:52 -04:00 · d263302077
commit d263302077
parent 3e11002567
11 changed files with 158 additions and 41 deletions
--- a/kmip/core/factories/keys.py
+++ b/kmip/core/factories/keys.py
@ -15,7 +15,13 @@
 from kmip.core.enums import KeyFormatType
 from kmip.core.keys import ECPrivateKey
 from kmip.core.keys import OpaqueKey
 from kmip.core.keys import PKCS1Key
 from kmip.core.keys import PKCS8Key
 from kmip.core.keys import RawKey
 from kmip.core.keys import TransparentSymmetricKey
 from kmip.core.keys import X509Key
 class KeyFactory(object):
@ -28,17 +34,17 @@ class KeyFactory(object):
        if key_format is KeyFormatType.RAW:
            return self._create_raw_key(value)
        elif key_format is KeyFormatType.OPAQUE:
-            return self._create_opaque_key(value)
+            return self._create_opaque_key()
        elif key_format is KeyFormatType.PKCS_1:
-            return self._create_pkcs_1_key(value)
+            return self._create_pkcs_1_key()
        elif key_format is KeyFormatType.PKCS_8:
-            return self._create_pkcs_8_key(value)
+            return self._create_pkcs_8_key()
        elif key_format is KeyFormatType.X_509:
-            return self._create_x_509_key(value)
+            return self._create_x_509_key()
        elif key_format is KeyFormatType.EC_PRIVATE_KEY:
-            return self._create_ec_private_key(value)
+            return self._create_ec_private_key()
        elif key_format is KeyFormatType.TRANSPARENT_SYMMETRIC_KEY:
-            return self._create_transparent_symmetric_key(value)
+            return self._create_transparent_symmetric_key()
        elif key_format is KeyFormatType.TRANSPARENT_DSA_PRIVATE_KEY:
            return self._create_transparent_dsa_private_key(value)
        elif key_format is KeyFormatType.TRANSPARENT_DSA_PUBLIC_KEY:
@ -71,23 +77,23 @@ class KeyFactory(object):
        data = value.get('bytes')
        return RawKey(data)
-    def _create_opaque_key(self, value):
+    def _create_opaque_key(self):
-        raise NotImplementedError()
+        return OpaqueKey()
-    def _create_pkcs_1_key(self, value):
+    def _create_pkcs_1_key(self):
-        raise NotImplementedError()
+        return PKCS1Key()
-    def _create_pkcs_8_key(self, value):
+    def _create_pkcs_8_key(self):
-        raise NotImplementedError()
+        return PKCS8Key()
-    def _create_x_509_key(self, value):
+    def _create_x_509_key(self):
-        raise NotImplementedError()
+        return X509Key()
-    def _create_ec_private_key(self, value):
+    def _create_ec_private_key(self):
-        raise NotImplementedError()
+        return ECPrivateKey()
-    def _create_transparent_symmetric_key(self, value):
+    def _create_transparent_symmetric_key(self):
-        raise NotImplementedError()
+        return TransparentSymmetricKey()
    def _create_transparent_dsa_private_key(self, value):
        raise NotImplementedError()
--- a/kmip/core/factories/secrets.py
+++ b/kmip/core/factories/secrets.py
@ -28,6 +28,8 @@ from kmip.core.objects import KeyWrappingData
 from kmip.core.objects import KeyValueStruct
 from kmip.core.objects import KeyValue
 from kmip.core.secrets import PrivateKey
 from kmip.core.secrets import PublicKey
 from kmip.core.secrets import SymmetricKey
 from kmip.core.secrets import Template
@ -43,15 +45,15 @@ class SecretFactory(object):
        self.template_input = self.base_error.format('Template', '{0}', '{1}',
                                                     '{2}')
-    def create_secret(self, secret_type, value=None):
+    def create(self, secret_type, value=None):
        if secret_type is ObjectType.CERTIFICATE:
            return self._create_certificate(value)
        elif secret_type is ObjectType.SYMMETRIC_KEY:
            return self._create_symmetric_key(value)
        elif secret_type is ObjectType.PUBLIC_KEY:
-            return self._create_public_key(value)
+            return self._create_public_key()
        elif secret_type is ObjectType.PRIVATE_KEY:
-            return self._create_private_key(value)
+            return self._create_private_key()
        elif secret_type is ObjectType.SPLIT_KEY:
            return self._create_split_key(value)
        elif secret_type is ObjectType.TEMPLATE:
@ -106,11 +108,11 @@ class SecretFactory(object):
                                 key_wrap_data)
            return SymmetricKey(key_block)
-    def _create_public_key(self, value):
+    def _create_public_key(self):
-        raise NotImplementedError()
+        return PublicKey()
-    def _create_private_key(self, value):
+    def _create_private_key(self):
-        raise NotImplementedError()
+        return PrivateKey()
    def _create_split_key(self, value):
        raise NotImplementedError()
--- a/kmip/core/messages/payloads/get.py
+++ b/kmip/core/messages/payloads/get.py
@ -130,7 +130,7 @@ class GetResponsePayload(Struct):
        self.unique_identifier.read(tstream)
        secret_type = self.object_type.enum
-        self.secret = self.secret_factory.create_secret(secret_type)
+        self.secret = self.secret_factory.create(secret_type)
        self.secret.read(tstream)
        self.is_oversized(tstream)
--- a/kmip/core/messages/payloads/register.py
+++ b/kmip/core/messages/payloads/register.py
@ -52,7 +52,7 @@ class RegisterRequestPayload(Struct):
        self.template_attribute.read(tstream)
        secret_type = self.object_type.enum
-        secret = self.secret_factory.create_secret(secret_type)
+        secret = self.secret_factory.create(secret_type)
        if self.is_tag_next(secret.tag, tstream):
            self.secret = secret
--- a/kmip/demos/register.py
+++ b/kmip/demos/register.py
@ -71,7 +71,7 @@ if __name__ == '__main__':
    secret_features.update([('cryptographic_algorithm', algorithm_value)])
    secret_features.update([('cryptographic_length', 128)])
-    secret = secret_factory.create_secret(object_type, secret_features)
+    secret = secret_factory.create(object_type, secret_features)
    result = client.register(object_type, template_attribute, secret,
                             credential)
--- a/kmip/demos/units/get.py
+++ b/kmip/demos/units/get.py
@ -14,12 +14,15 @@
 # under the License.
 from kmip.core.enums import CredentialType
 from kmip.core.enums import KeyFormatType as KeyFormatTypeEnum
 from kmip.core.enums import Operation
 from kmip.core.enums import ResultStatus
 from kmip.core.factories.attributes import AttributeFactory
 from kmip.core.factories.credentials import CredentialFactory
 from kmip.core.misc import KeyFormatType
 from kmip.demos import utils
 from kmip.services.kmip_client import KMIPProxy
@ -38,12 +41,22 @@ if __name__ == '__main__':
    password = opts.password
    config = opts.config
    uuid = opts.uuid
    format_type = opts.format
    # Exit early if the UUID is not specified
    if uuid is None:
        logging.debug('No UUID provided, exiting early from demo')
        sys.exit()
    format_type_enum = None
    if format_type is not None:
        format_type_enum = getattr(KeyFormatTypeEnum, format_type, None)
        if format_type_enum is None:
            logging.error(
                "Invalid key format type specified; exiting early from demo")
            sys.exit()
    # Build and setup logging and needed factories
    f_log = os.path.join(os.path.dirname(__file__), os.pardir, os.pardir,
                         'logconfig.ini')
@ -63,12 +76,18 @@ if __name__ == '__main__':
                            'Password': password}
        credential = credential_factory.create_credential(credential_type,
                                                          credential_value)
    key_format_type = None
    if format_type_enum is not None:
        key_format_type = KeyFormatType(format_type_enum)
    # Build the client and connect to the server
    client = KMIPProxy(config=config)
    client.open()
    # Retrieve the SYMMETRIC_KEY object
-    result = client.get(uuid, credential)
+    result = client.get(uuid=uuid, key_format_type=key_format_type,
                        credential=credential)
    client.close()
    # Display operation results
@ -79,7 +98,8 @@ if __name__ == '__main__':
        logger.debug('retrieved object type: {0}'.format(
            result.object_type.enum))
        logger.debug('retrieved UUID: {0}'.format(result.uuid.value))
-        logger.debug('retrieved secret: {0}'.format(result.secret))
+
        utils.log_secret(logger, result.object_type.enum, result.secret)
    else:
        logger.debug('get() result reason: {0}'.format(
            result.result_reason.enum))
--- a/kmip/demos/units/register.py
+++ b/kmip/demos/units/register.py
@ -114,7 +114,7 @@ if __name__ == '__main__':
    secret_features.update([('cryptographic_algorithm', algorithm_enum)])
    secret_features.update([('cryptographic_length', length)])
-    secret = secret_factory.create_secret(object_type, secret_features)
+    secret = secret_factory.create(object_type, secret_features)
    # Register the SYMMETRIC_KEY object
    result = client.register(object_type, template_attribute, secret,
--- a/kmip/demos/utils.py
+++ b/kmip/demos/utils.py
@ -13,6 +13,7 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 from kmip.core.enums import ObjectType
 from kmip.core.enums import Operation
 import optparse
@ -109,6 +110,15 @@ def build_cli_parser(operation):
            default=None,
            dest="uuid",
            help="UUID of secret to retrieve from the KMIP server")
        parser.add_option(
            "-f",
            "--format",
            action="store",
            type="str",
            default=None,
            dest="format",
            help=("Format in which to retrieve the secret. Supported formats "
                  "include: RAW, PKCS_1, PKCS_8, X_509"))
    elif operation is Operation.LOCATE:
        parser.add_option(
            "-n",
@ -154,6 +164,10 @@ def log_template_attribute(logger, template_attribute):
        name = names[i]
        logger.info('name {0}: {1}'.format(i, name))
    log_attribute_list(attributes)
 def log_attribute_list(logger, attributes):
    logger.info('number of attributes: {0}'.format(len(attributes)))
    for i in range(len(attributes)):
        attribute = attributes[i]
@ -166,3 +180,75 @@ def log_template_attribute(logger, template_attribute):
        logger.info('   attribute_index: {0}'.format(attribute_index))
        logger.info('   attribute_value: {0}'.format(
            repr(attribute_value)))
 def log_secret(logger, secret_type, secret_value):
    if secret_type is ObjectType.PRIVATE_KEY:
        log_private_key(logger, secret_value)
    elif secret_type is ObjectType.PUBLIC_KEY:
        log_public_key(logger, secret_value)
    else:
        logger.info('generic secret: {0}'.format(secret_value))
 def log_public_key(logger, public_key):
    key_block = public_key.key_block
    log_key_block(logger, key_block)
 def log_private_key(logger, private_key):
    key_block = private_key.key_block
    log_key_block(logger, key_block)
 def log_key_block(logger, key_block):
    if key_block is not None:
        logger.info('key block:')
        key_format_type = key_block.key_format_type
        key_compression_type = key_block.key_compression_type
        key_value = key_block.key_value
        cryptographic_algorithm = key_block.cryptographic_algorithm
        cryptographic_length = key_block.cryptographic_length
        key_wrapping_data = key_block.key_wrapping_data
        logger.info('* key format type: {0}'.format(key_format_type))
        logger.info('* key compression type: {0}'.format(
            key_compression_type))
        logger.info('* cryptographic algorithm: {0}'.format(
            cryptographic_algorithm))
        logger.info('* cryptographic length: {0}'.format(
            cryptographic_length))
        log_key_value(logger, key_value)
        log_key_wrapping_data(logger, key_wrapping_data)
    else:
        logger.info('key block: {0}'.format(key_block))
 def log_key_value(logger, key_value):
    if key_value is not None:
        key_format_type = key_value.key_format_type
        key_value = key_value.key_value
        logger.info('key format type: {0}'.format(key_format_type))
        if key_value is not None:
            logger.info('key value:')
            key_material = key_value.key_material
            attributes = key_value.attributes
            logger.info('key material: {0}'.format(repr(key_material)))
            log_attribute_list(logger, attributes)
        else:
            logger.info('key value: {0}'.format(key_value))
    else:
        logger.info('key value: {0}'.format(key_value))
 def log_key_wrapping_data(logger, key_wrapping_data):
    logger.info('key wrapping data: {0}'.format(key_wrapping_data))
--- a/kmip/services/kmip_client.py
+++ b/kmip/services/kmip_client.py
@ -140,7 +140,12 @@ class KMIPProxy(KMIP):
    def get(self, uuid=None, key_format_type=None, key_compression_type=None,
            key_wrapping_specification=None, credential=None):
-        return self._get(unique_identifier=uuid, credential=credential)
+        return self._get(
            unique_identifier=uuid,
            key_format_type=key_format_type,
            key_compression_type=key_compression_type,
            key_wrapping_specification=key_wrapping_specification,
            credential=credential)
    def destroy(self, uuid, credential=None):
        return self._destroy(unique_identifier=uuid,
@ -406,7 +411,7 @@ class KMIPProxy(KMIP):
        if unique_identifier is not None:
            uuid = attr.UniqueIdentifier(unique_identifier)
        if key_format_type is not None:
-            kft = get.GetRequestPayload.KeyFormatType(key_format_type)
+            kft = get.GetRequestPayload.KeyFormatType(key_format_type.enum)
        if key_compression_type is not None:
            kct = key_compression_type
            kct = get.GetRequestPayload.KeyCompressionType(kct)
--- a/kmip/tests/core/messages/test_messages.py
+++ b/kmip/tests/core/messages/test_messages.py
@ -1405,8 +1405,7 @@ class TestResponseMessage(TestCase):
                 'key_value': {'bytes': key},
                 'cryptographic_algorithm': crypto_algorithm,
                 'cryptographic_length': cryptographic_length}
-        secret = self.secret_factory.create_secret(ObjectType.SYMMETRIC_KEY,
+        secret = self.secret_factory.create(ObjectType.SYMMETRIC_KEY, value)
                                                   value)
        resp_pl = get.GetResponsePayload(object_type=object_type,
                                         unique_identifier=uniq_id,
                                         secret=secret)
--- a/kmip/tests/services/test_kmip_client.py
+++ b/kmip/tests/services/test_kmip_client.py
@ -147,7 +147,7 @@ class TestKMIPClientIntegration(TestCase):
        result = self._create_symmetric_key()
        uuid = result.uuid.value
-        result = self.client.get(uuid, credential)
+        result = self.client.get(uuid=uuid, credential=credential)
        self._check_result_status(result.result_status.enum, ResultStatus,
                                  ResultStatus.SUCCESS)
@ -172,7 +172,7 @@ class TestKMIPClientIntegration(TestCase):
        uuid = result.uuid.value
        # Verify the secret was created
-        result = self.client.get(uuid, credential)
+        result = self.client.get(uuid=uuid, credential=credential)
        self._check_result_status(result.result_status.enum, ResultStatus,
                                  ResultStatus.SUCCESS)
@ -194,7 +194,7 @@ class TestKMIPClientIntegration(TestCase):
        self._check_uuid(result.uuid.value, str)
        # Verify the secret was destroyed
-        result = self.client.get(uuid, credential)
+        result = self.client.get(uuid=uuid, credential=credential)
        self._check_result_status(result.result_status.enum, ResultStatus,
                                  ResultStatus.OPERATION_FAILED)
@ -239,8 +239,7 @@ class TestKMIPClientIntegration(TestCase):
        secret_features.update([('cryptographic_algorithm', algorithm_value)])
        secret_features.update([('cryptographic_length', 128)])
-        secret = self.secret_factory.create_secret(object_type,
+        secret = self.secret_factory.create(object_type, secret_features)
                                                   secret_features)
        result = self.client.register(object_type, template_attribute, secret,
                                      credential)
@ -256,7 +255,7 @@ class TestKMIPClientIntegration(TestCase):
                                         None]])
        # Check that the returned key bytes match what was provided
        uuid = result.uuid.value
-        result = self.client.get(uuid, credential)
+        result = self.client.get(uuid=uuid, credential=credential)
        self._check_result_status(result.result_status.enum, ResultStatus,
                                  ResultStatus.SUCCESS)