This change fixes violations of E722, the use of except without
specifying an exception type. For now the high-level Exception
class is used as a generic catchall. In the future these cases
will be updated to handle the specific exceptions expected.
This change renames the CertificateTypeEnum enumeration to
CertificateType, matching the naming schemes of all other
enumerations. This is a backwards incompatible change and
will break any scripts or programs that use the current
CertificateTypeEnum name.
This change adds a ProxyKmipClient integration test that verifies
that a wrapped key can be registered with the server and can then
be retrieved, along with all of its key wrapping metadata. Minor
updates to the underlying metadata handling are included.
This change makes several minor updates to different structs
pertaining to key wrapping, allowing these structs to accept and
process dict arguments. Unit tests have been updated to reflect
this change.
This change updates payload management, streamlining the import
process for kmip.core.messages.payloads. Now any request or
response payload is accessible by importing payloads. All code
importing and using individual payload modules has been updated
to use this new approach.
This change adds request and response payloads for the
SignatureVerify operation. Payload factories have been updated to
support SignatureVerify and new unit test suites have been added
to cover the new payload code.
This change adds support for retrieving wrapped keys from the KMIP
server. The only supported key wrapping algorithm currently is
the AES-based NIST Key Wrap algorithm (RFC 3394). MAC/signing is
not supported for key wrapping. Attribute-bundling with the wrapped
key value is not supported. Wrapping of the entire key block TTLV
encoding is not supported. Various additional error cases are
included and checked for.
Unit tests covering the additions to Get are included.
This change updates the Get payloads to reflect current coding
styles. It streamlines payload usage and makes it easier to create
and access payload fields. A new unit test suite dedicated to the
Get payloads is added. Surrounding code in the client/server and
associated utilities and unit tests are updated to reflect these
changes.
This change updates the KeyWrappingData struct to conform with
current library styles. This struct is used with key data to
represent a wrapped key and will be used by future patches to
support key wrapping functionality. Updated unit tests matching
the new additions are included.
This change updates the KeyWrappingSpecification struct to conform
with current library styles. This struct is used for key wrapping
functionality and will be used in future patches. Updated unit
tests matching the new additions are included.
This change updates the MACSignatureKeyInformation struct to
conform with current library styles. This struct is used for key
wrapping functionality and will be leveraged by future patches.
Updated unit tests matching the new additions are included.
This change updates the EncryptionKeyInformation struct to conform
with current library styles. This struct is used for key wrapping
functionality and will be leveraged by future patches. Updated
unit tests matching the new additions are included.
This change adds request/response payloads for the DeriveKey
operation, updating the payload factories to support DeriveKey.
Unit tests for the payloads and payload factories are included.
The inequality operator was also added to the TemplateAttribute
struct to support the DeriveKey payload unit tests; differences
in Python2.7 and 3+ led to comparison failures.
This change adds support for the DerivationParameters struct,
which is needed for DeriveKey support. Unit tests are included to
cover all newly added code.
This change adds request and response payloads for Decrypt
operation, updating the payload factories to support Decrypt
payloads. Unit tests for all new code are included.
This change adds encryption functionality to the cryptographic
engine used by the server. It supports a variety of symmetric
encryption algorithms and block cipher modes. Asymmetric encryption
support will be added in a future patch.
Unit tests and minor updates to surrounding core code are included.
This change adds request and response payloads for the Encrypt
operation, updating the payload factories to support Encrypt
payloads. Unit tests for all new code are included.
This change updates the CryptographicParameters struct, removing the
primitive class wrappers that it used to use for attribute values
and replacing them with struct properties that internally manage the
primitive objects directly. This gutting and regutting necessitates
cascading changes to every part of the library that used these
internal primitive class wrappers, including unit tests, client and
client tests, and attribute factory handlers. All of these have been
updated to reflect the correct usage of the CryptographicParameters
struct.
This change also adds in additional attribute members for the
CryptographicParameters struct to bring it up to spec with KMIP 1.2.
This change removes the original KMIPServer implementation, along
with all supporting classes. The KmipServer implementation is the
only supported server implementation going forward.
This change adds support for the GetAttributeList operation. The
user can specify the ID of a managed object and get back a list
containing the names of all attributes currently set on the object.
The user can also omit the ID and the server will default to using
the ID placeholder for the object ID. New server tests have been
added to cover this feature. The GetAttributeList payloads have
also been updated for consistency with other payloads, requiring
minor updates in other clients and unit tests.
This change adds server support for the GetAttributes operation.
The user can specify an object ID and an attribute list to get
the values of the attributes listed from the specified object.
The user can also omit either argument; the server will default
to using the ID placeholder and all viable attributes respectively.
Only a subset of the standard attributes are supported right now.
New tests have been added to cover the new feature.
Closes#185Closes#211Closes#218
This change removes extraneous code in the TextString primitive
that would conditionally encode the individual string characters
depending upon the version of Python being used. This code caused
errors when using Unicode strings in Python 2.7 and below.
This change updates the attribute value factory to allow for the
creation of ObjectType attributes with values provided by the
caller. Unit tests have been added to cover this change.
The ProxyKmipClient now allows you to optionally provide a name
when performing a `Create` or a `Create Key Pair`. If not specified,
the name is excluded from the request.
* For `create`, users specify `name`
* For `create_key_pair`, users specify `private_name` and `public_name`
Resolves#208
This change updates the payload factories, adding placeholder
support for operations added in KMIP 1.3. It also updates old
placeholders with now supported payloads. The corresponding
unit test suites have been updated to match the additions.
This change adds str and repr utilities to the Attribute object. A
new test suite for Attribute object tests is included, however only
the tests for the string utilities are included with this patch.
The remaining Attribute tests will be implemented in a later patch.
This change adds some utility methods, including equality operators
and string methods, to the ApplicationSpecificInformation attribute.
Unit tests covering the changes are included.
This change adds support for the Activate operation to the server,
including additional server unit tests, a new IllegalOperation
exception, and updated state attribute support in Pie objects.
Fixes#186
This change adds support for dynamic operation policy loading.
The server config file now supports a 'policy_path' option that
points to a filesystem directory. Each file in the directory
should contain a JSON policy object. The KMIP server will scan
this directory and attempt to load all valid policies it finds.
The results of this process will be logged.
This change adds enumerations and policy objects to support the
specification and enforcement of KMIP operation policies. A new
module, kmip.core.policy, is added to define the default policy
objects required by the KMIP specification.
This change updates the set of supported enumerations to include
all enumerations included in KMIP 1.2. Existing enumerations are
updated where required.
An issue with local daylight savings time causes a comparison error in
some locales when checking against a hard-coded expected time string.
The DateTime primitive string representation has been updated to output
only UTC time strings.
Fixes#124
This change fixes a bug with the KmipSession connection handling logic
that would terminate the connection before actually receiving a
termination from the client. The corresponding unit tests have been
updated to reflect this fix.
This change adds the KmipServer, the front-end of the KMIP software
server. The KmipServer is in charge of loading configuration settings,
creating all major server components, and serving and managing client
connections. A KmipServerConfig tool is included to handle configuration
settings. Test cases for all new code are included.
This change adds a policy system that will be used by the KmipEngine to
track and organize rules for individual KMIP attributes. Comparison
operators for the Integer primitive and ProtocolVersion struct are added
to support the AttributePolicy. Tests for all new changes are included.
Peter Hamilton
dane-fichter
Peter Hamilton
Hao Shen
Peter Hamilton
Jonathan Seawright
Peter
Viktor Tarasov