tyler.durden/PyKMIP
1
0
Fork 0
mirror of https://github.com/OpenKMIP/PyKMIP.git synced 2025-10-31 19:45:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
PyKMIP/kmip/pie/objects.py
Peter Hamilton 93693c8d4d Adding PublicKey to the Pie object hierarchy 
This change adds PublicKey to the Pie object hierarchy along with a test
suite.
2015-07-02 10:51:01 -04:00

435 lines
15 KiB
Python
Raw Blame History

# Copyright (c) 2015 The Johns Hopkins University/Applied Physics Laboratory
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from abc import ABCMeta
from abc import abstractmethod
import six
from kmip.core.enums import CryptographicAlgorithm
from kmip.core.enums import CryptographicUsageMask
from kmip.core.enums import ObjectType
@six.add_metaclass(ABCMeta)
class ManagedObject:
"""
The abstract base class of the simplified KMIP object hierarchy.
A ManagedObject is a core KMIP object that is the subject of key
management operations. It contains various attributes that are common to
all types of ManagedObjects, including keys, certificates, and various
types of secret or sensitive data.
For more information, see Section 2.2 of the KMIP 1.1 specification.
Attributes:
value: The value of the ManagedObject. Type varies, usually bytes.
unique_identifier: The string ID of the ManagedObject.
names: A list of names associated with the ManagedObject.
object_type: An enumeration associated with the type of ManagedObject.
"""
@abstractmethod
def __init__(self):
"""
Create a ManagedObject.
"""
self.value = None
self.unique_identifier = None
self.names = list()
self._object_type = None
# All remaining attributes are not considered part of the public API
# and are subject to change.
self._application_specific_informations = list()
self._contact_information = None
self._object_groups = list()
self._operation_policy_name = None
# The following attributes are placeholders for attributes that are
# unsupported by kmip.core
self._archive_date = None
self._initial_date = None
self._last_change_date = None
@property
def object_type(self):
"""
Accessor and property definition for the object type attribute.
Returns:
ObjectType: An ObjectType enumeration that corresponds to the
class of the object.
"""
return self._object_type
@object_type.setter
def object_type(self, value):
"""
Set blocker for the object type attribute.
Raises:
AttributeError: Always raised to block setting of attribute.
"""
raise AttributeError("object type cannot be set")
@abstractmethod
def validate(self):
"""
Verify that the contents of the ManagedObject are valid.
"""
pass
@abstractmethod
def __repr__(self):
pass
@abstractmethod
def __str__(self):
pass
@abstractmethod
def __eq__(self, other):
pass
@abstractmethod
def __ne__(self, other):
pass
class CryptographicObject(ManagedObject):
"""
The abstract base class of all ManagedObjects related to cryptography.
A CryptographicObject is a core KMIP object that is the subject of key
management operations. It contains various attributes that are common to
all types of CryptographicObjects, including keys and certificates.
For more information, see Section 2.2 of the KMIP 1.1 specification.
Attributes:
cryptographic_usage_masks: A list of usage mask enumerations
describing how the CryptographicObject will be used.
"""
@abstractmethod
def __init__(self):
"""
Create a CryptographicObject.
"""
super(CryptographicObject, self).__init__()
self.cryptographic_usage_masks = list()
# All remaining attributes are not considered part of the public API
# and are subject to change.
self._digests = list()
# The following attributes are placeholders for attributes that are
# unsupported by kmip.core
self._activation_date = None
self._compromise_date = None
self._compromise_occurrence_date = None
self._deactivation_date = None
self._destroy_date = None
self._fresh = None
self._lease_time = None
self._links = list()
self._revocation_reason = None
self._state = None
class Key(CryptographicObject):
"""
The abstract base class of all ManagedObjects that are cryptographic keys.
A Key is a core KMIP object that is the subject of key management
operations. It contains various attributes that are common to all types of
Keys, including symmetric and asymmetric keys.
For more information, see Section 2.2 of the KMIP 1.1 specification.
Attributes:
cryptographic_algorithm: A CryptographicAlgorithm enumeration defining
the algorithm the key should be used with.
cryptographic_length: An int defining the length of the key in bits.
"""
@abstractmethod
def __init__(self, value=None, algorithm=None, length=None):
"""
Create a Key object.
"""
super(Key, self).__init__()
self.cryptographic_algorithm = None
self.cryptographic_length = None
# All remaining attributes are not considered part of the public API
# and are subject to change.
self._cryptographic_parameters = list()
# The following attributes are placeholders for attributes that are
# unsupported by kmip.core
self._usage_limits = None
class SymmetricKey(Key):
"""
The SymmetricKey class of the simplified KMIP object hierarchy.
A SymmetricKey is a core KMIP object that is the subject of key
management operations. For more information, see Section 2.2 of the KMIP
1.1 specification.
Attributes:
cryptographic_algorithm: The type of algorithm for the SymmetricKey.
cryptographic_length: The length in bits of the SymmetricKey value.
value: The bytes of the SymmetricKey.
cryptographic_usage_masks: The list of usage mask flags for
SymmetricKey application.
names: The string names of the SymmetricKey.
"""
def __init__(self, algorithm, length, value, masks=None,
name='Symmetric Key'):
"""
Create a SymmetricKey.
Args:
algorithm(CryptographicAlgorithm): An enumeration identifying the
type of algorithm for the key.
length(int): The length in bits of the key.
value(bytes): The bytes representing the key.
masks(list): A list of CryptographicUsageMask enumerations defining
how the key will be used.
name(string): The string name of the key.
"""
super(SymmetricKey, self).__init__()
self._object_type = ObjectType.SYMMETRIC_KEY
self.value = value
self.cryptographic_algorithm = algorithm
self.cryptographic_length = length
self.names = [name]
if masks:
self.cryptographic_usage_masks = masks
else:
self.cryptographic_usage_masks = list()
# All remaining attributes are not considered part of the public API
# and are subject to change.
# The following attributes are placeholders for attributes that are
# unsupported by kmip.core
self._process_start_date = None
self._protect_stop_date = None
self.validate()
def validate(self):
"""
Verify that the contents of the SymmetricKey object are valid.
Raises:
TypeError: if the types of any SymmetricKey attributes are invalid
ValueError: if the key length and key value length do not match
"""
if not isinstance(self.value, bytes):
raise TypeError("key value must be bytes")
elif not isinstance(self.cryptographic_algorithm,
CryptographicAlgorithm):
raise TypeError("key algorithm must be a CryptographicAlgorithm "
"enumeration")
elif not isinstance(self.cryptographic_length, six.integer_types):
raise TypeError("key length must be an integer")
elif not isinstance(self.cryptographic_usage_masks, list):
raise TypeError("key usage masks must be a list")
mask_count = len(self.cryptographic_usage_masks)
for i in range(mask_count):
mask = self.cryptographic_usage_masks[i]
if not isinstance(mask, CryptographicUsageMask):
position = "({0} in list)".format(i)
raise TypeError(
"key mask {0} must be a CryptographicUsageMask "
"enumeration".format(position))
name_count = len(self.names)
for i in range(name_count):
name = self.names[i]
if not isinstance(name, six.string_types):
position = "({0} in list)".format(i)
raise TypeError("key name {0} must be a string".format(
position))
if (len(self.value) * 8) != self.cryptographic_length:
msg = "key length ({0}) not equal to key value length ({1})"
msg = msg.format(self.cryptographic_length, len(self.value) * 8)
raise ValueError(msg)
def __repr__(self):
algorithm = "algorithm={0}".format(self.cryptographic_algorithm)
length = "length={0}".format(self.cryptographic_length)
value = "value={0}".format(self.value)
return "SymmetricKey({0}, {1}, {2})".format(algorithm, length, value)
def __str__(self):
return str(self.value)
def __eq__(self, other):
if isinstance(other, SymmetricKey):
if self.value != other.value:
return False
elif self.cryptographic_algorithm != other.cryptographic_algorithm:
return False
elif self.cryptographic_length != other.cryptographic_length:
return False
else:
return True
else:
return NotImplemented
def __ne__(self, other):
if isinstance(other, SymmetricKey):
return not (self == other)
else:
return NotImplemented
class PublicKey(CryptographicObject):
"""
The PublicKey class of the simplified KMIP object hierarchy.
A PublicKey is a core KMIP object that is the subject of key management
operations. For more information, see Section 2.2 of the KMIP 1.1
specification.
Attributes:
cryptographic_algorithm: The type of algorithm for the PublicKey.
cryptographic_length: The length in bits of the PublicKey.
value: The bytes of the PublicKey.
cryptographic_usage_masks: The list of usage mask flags for PublicKey
application.
names: The list of string names of the PublicKey.
"""
def __init__(self, algorithm, length, value, masks=None,
name='Public Key'):
"""
Create a PublicKey.
Args:
algorithm(CryptographicAlgorithm): An enumeration identifying the
type of algorithm for the key.
length(int): The length in bits of the key.
value(bytes): The bytes representing the key.
masks(list): A list of CryptographicUsageMask enumerations
defining how the key will be used.
name(string): The string name of the key.
"""
super(PublicKey, self).__init__()
self._object_type = ObjectType.PUBLIC_KEY
self.value = value
self.cryptographic_algorithm = algorithm
self.cryptographic_length = length
self.names = [name]
if masks:
self.cryptographic_usage_masks = masks
else:
self.cryptographic_usage_masks = list()
# All remaining attributes are not considered part of the public API
# and are subject to change.
# The following attributes are placeholders for attributes that are
# unsupported by kmip.core
self._cryptographic_domain_parameters = list()
self.validate()
def validate(self):
"""
Verify that the contents of the PublicKey object are valid.
Raises:
TypeError: if the types of any PublicKey attributes are invalid.
"""
if not isinstance(self.value, bytes):
raise TypeError("key value must be bytes")
elif not isinstance(self.cryptographic_algorithm,
CryptographicAlgorithm):
raise TypeError("key algorithm must be a CryptographicAlgorithm "
"enumeration")
elif not isinstance(self.cryptographic_length, six.integer_types):
raise TypeError("key length must be an integer")
elif not isinstance(self.cryptographic_usage_masks, list):
raise TypeError("key usage masks must be a list")
mask_count = len(self.cryptographic_usage_masks)
for i in range(mask_count):
mask = self.cryptographic_usage_masks[i]
if not isinstance(mask, CryptographicUsageMask):
position = "({0} in list)".format(i)
raise TypeError(
"key mask {0} must be a CryptographicUsageMask "
"enumeration".format(position))
name_count = len(self.names)
for i in range(name_count):
name = self.names[i]
if not isinstance(name, six.string_types):
position = "({0} in list)".format(i)
raise TypeError("key name {0} must be a string".format(
position))
def __repr__(self):
algorithm = "algorithm={0}".format(self.cryptographic_algorithm)
length = "length={0}".format(self.cryptographic_length)
value = "value={0}".format(self.value)
return "PublicKey({0}, {1}, {2})".format(algorithm, length, value)
def __str__(self):
return str(self.value)
def __eq__(self, other):
if isinstance(other, PublicKey):
if self.value != other.value:
return False
elif self.cryptographic_algorithm != other.cryptographic_algorithm:
return False
elif self.cryptographic_length != other.cryptographic_length:
return False
else:
return True
else:
return NotImplemented
def __ne__(self, other):
if isinstance(other, PublicKey):
return not (self == other)
else:
return NotImplemented
Reference in New Issue View Git Blame Copy Permalink