mirror of https://github.com/OpenKMIP/PyKMIP.git
Merge pull request #349 from OpenKMIP/feat/add-register-wrapped-integration
Add a ProxyKmipClient integation test for registering wrapped keys
This commit is contained in:
Peter Hamilton
GitHub
commit
ff4a0aa726
|
|
@ -183,11 +183,11 @@ class SecretFactory(object):
|
||||||
crypto_length = CryptographicLength(cryptographic_length)
|
crypto_length = CryptographicLength(cryptographic_length)
|
||||||
|
|
||||||
key_wrap_data = None
|
key_wrap_data = None
|
||||||
if key_wrapping_data is not None:
|
if key_wrapping_data:
|
||||||
# TODO (peter-hamilton) This currently isn't used in the tests
|
# TODO (peter-hamilton) This currently isn't used in the tests
|
||||||
# TODO (peter-hamilton) but needs to be updated to properly
|
# TODO (peter-hamilton) but needs to be updated to properly
|
||||||
# TODO (peter-hamilton) create a KeyWrappingData object.
|
# TODO (peter-hamilton) create a KeyWrappingData object.
|
||||||
key_wrap_data = KeyWrappingData(key_wrapping_data)
|
key_wrap_data = KeyWrappingData(**key_wrapping_data)
|
||||||
|
|
||||||
key_block = KeyBlock(key_format_type,
|
key_block = KeyBlock(key_format_type,
|
||||||
key_comp_type,
|
key_comp_type,
|
||||||
|
|
|
||||||
|
|
@ -534,21 +534,24 @@ class KmipEngine(object):
|
||||||
'cryptographic_algorithm': obj.cryptographic_algorithm,
|
'cryptographic_algorithm': obj.cryptographic_algorithm,
|
||||||
'cryptographic_length': obj.cryptographic_length,
|
'cryptographic_length': obj.cryptographic_length,
|
||||||
'key_format_type': obj.key_format_type,
|
'key_format_type': obj.key_format_type,
|
||||||
'key_value': obj.value
|
'key_value': obj.value,
|
||||||
|
'key_wrapping_data': obj.key_wrapping_data
|
||||||
}
|
}
|
||||||
elif object_type == enums.ObjectType.PUBLIC_KEY:
|
elif object_type == enums.ObjectType.PUBLIC_KEY:
|
||||||
value = {
|
value = {
|
||||||
'cryptographic_algorithm': obj.cryptographic_algorithm,
|
'cryptographic_algorithm': obj.cryptographic_algorithm,
|
||||||
'cryptographic_length': obj.cryptographic_length,
|
'cryptographic_length': obj.cryptographic_length,
|
||||||
'key_format_type': obj.key_format_type,
|
'key_format_type': obj.key_format_type,
|
||||||
'key_value': obj.value
|
'key_value': obj.value,
|
||||||
|
'key_wrapping_data': obj.key_wrapping_data
|
||||||
}
|
}
|
||||||
elif object_type == enums.ObjectType.PRIVATE_KEY:
|
elif object_type == enums.ObjectType.PRIVATE_KEY:
|
||||||
value = {
|
value = {
|
||||||
'cryptographic_algorithm': obj.cryptographic_algorithm,
|
'cryptographic_algorithm': obj.cryptographic_algorithm,
|
||||||
'cryptographic_length': obj.cryptographic_length,
|
'cryptographic_length': obj.cryptographic_length,
|
||||||
'key_format_type': obj.key_format_type,
|
'key_format_type': obj.key_format_type,
|
||||||
'key_value': obj.value
|
'key_value': obj.value,
|
||||||
|
'key_wrapping_data': obj.key_wrapping_data
|
||||||
}
|
}
|
||||||
elif object_type == enums.ObjectType.SECRET_DATA:
|
elif object_type == enums.ObjectType.SECRET_DATA:
|
||||||
value = {
|
value = {
|
||||||
|
|
|
||||||
|
|
@ -128,6 +128,51 @@ class TestProxyKmipClientIntegration(testtools.TestCase):
|
||||||
self.assertRaises(
|
self.assertRaises(
|
||||||
exceptions.KmipOperationFailure, self.client.destroy, uid)
|
exceptions.KmipOperationFailure, self.client.destroy, uid)
|
||||||
|
|
||||||
|
def test_register_wrapped_get_destroy(self):
|
||||||
|
"""
|
||||||
|
Test that a wrapped key can be registered with the server and that its
|
||||||
|
metadata is retrieved with the get operation.
|
||||||
|
"""
|
||||||
|
key = objects.SymmetricKey(
|
||||||
|
enums.CryptographicAlgorithm.AES,
|
||||||
|
128,
|
||||||
|
(b'\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E'
|
||||||
|
b'\x0F'),
|
||||||
|
key_wrapping_data={
|
||||||
|
'wrapping_method': enums.WrappingMethod.ENCRYPT,
|
||||||
|
'encryption_key_information': {
|
||||||
|
'unique_identifier': '42',
|
||||||
|
'cryptographic_parameters': {
|
||||||
|
'block_cipher_mode':
|
||||||
|
enums.BlockCipherMode.NIST_KEY_WRAP
|
||||||
|
}
|
||||||
|
},
|
||||||
|
'encoding_option': enums.EncodingOption.NO_ENCODING
|
||||||
|
}
|
||||||
|
)
|
||||||
|
key_id = self.client.register(key)
|
||||||
|
|
||||||
|
result = self.client.get(key_id)
|
||||||
|
key_wrapping_data = result.key_wrapping_data
|
||||||
|
self.assertIsInstance(key_wrapping_data, dict)
|
||||||
|
self.assertEqual(
|
||||||
|
enums.WrappingMethod.ENCRYPT,
|
||||||
|
key_wrapping_data.get('wrapping_method')
|
||||||
|
)
|
||||||
|
eki = key_wrapping_data.get('encryption_key_information')
|
||||||
|
self.assertIsInstance(eki, dict)
|
||||||
|
self.assertEqual('42', eki.get('unique_identifier'))
|
||||||
|
cp = eki.get('cryptographic_parameters')
|
||||||
|
self.assertIsInstance(cp, dict)
|
||||||
|
self.assertEqual(
|
||||||
|
enums.BlockCipherMode.NIST_KEY_WRAP,
|
||||||
|
cp.get('block_cipher_mode')
|
||||||
|
)
|
||||||
|
self.assertEqual(
|
||||||
|
enums.EncodingOption.NO_ENCODING,
|
||||||
|
key_wrapping_data.get('encoding_option')
|
||||||
|
)
|
||||||
|
|
||||||
def test_asymmetric_key_pair_create_get_destroy(self):
|
def test_asymmetric_key_pair_create_get_destroy(self):
|
||||||
"""
|
"""
|
||||||
Test that the ProxyKmipClient can create, retrieve, and destroy an
|
Test that the ProxyKmipClient can create, retrieve, and destroy an
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue