openstack
/
deb-python-kmip
Code Issues Proposed changes

Updating the CryptographicParameters struct 

This change updates the CryptographicParameters struct, removing the
primitive class wrappers that it used to use for attribute values
and replacing them with struct properties that internally manage the
primitive objects directly. This gutting and regutting necessitates
cascading changes to every part of the library that used these
internal primitive class wrappers, including unit tests, client and
client tests, and attribute factory handlers. All of these have been
updated to reflect the correct usage of the CryptographicParameters
struct.

This change also adds in additional attribute members for the
CryptographicParameters struct to bring it up to spec with KMIP 1.2.
This commit is contained in:
Peter Hamilton 2017-05-24 15:39:09 -04:00
parent e591873bf4
commit 471d0a1ad8
10 changed files with 1636 additions and 341 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

553
kmip/core/attributes.py
View File

@ -13,6 +13,8 @@
# License for the specific language governing permissions and limitations
# under the License.
import six
from kmip.core import enums
from kmip.core.enums import CertificateTypeEnum
@ -24,6 +26,7 @@ from kmip.core.errors import ErrorStrings
from kmip.core.misc import KeyFormatType
from kmip.core.primitives import Boolean
from kmip.core.primitives import ByteString
from kmip.core.primitives import Enumeration
from kmip.core.primitives import Integer
@ -255,163 +258,468 @@ class HashingAlgorithm(Enumeration):
class CryptographicParameters(Struct):
"""
A set of values for cryptographic operations.
class BlockCipherMode(Enumeration):
A structure containing optional fields describing certain cryptographic
parameters to be used when performing cryptographic operations with the
associated KMIP object.
"""
def __init__(self, value=None):
super(CryptographicParameters.BlockCipherMode, self).__init__(
enums.BlockCipherMode, value, Tags.BLOCK_CIPHER_MODE)
class PaddingMethod(Enumeration):
def __init__(self, value=None):
super(CryptographicParameters.PaddingMethod, self).__init__(
enums.PaddingMethod, value, Tags.PADDING_METHOD)
class KeyRoleType(Enumeration):
def __init__(self, value=None):
super(CryptographicParameters.KeyRoleType, self).__init__(
enums.KeyRoleType, value, Tags.KEY_ROLE_TYPE)
class DigitalSignatureAlgorithm(Enumeration):
def __init__(self, value=None):
super(CryptographicParameters.DigitalSignatureAlgorithm,
self).__init__(enums.DigitalSignatureAlgorithm,
value, Tags.DIGITAL_SIGNATURE_ALGORITHM)
# TODO: Need to implement other fields of CryptographicParameters (3.6)
def __init__(self,
block_cipher_mode=None,
padding_method=None,
hashing_algorithm=None,
key_role_type=None,
digital_signature_algorithm=None,
cryptographic_algorithm=None):
cryptographic_algorithm=None,
random_iv=None,
iv_length=None,
tag_length=None,
fixed_field_length=None,
invocation_field_length=None,
counter_length=None,
initial_counter_value=None):
super(CryptographicParameters, self).__init__(
tag=Tags.CRYPTOGRAPHIC_PARAMETERS)
self._block_cipher_mode = None
self._padding_method = None
self._hashing_algorithm = None
self._key_role_type = None
self._digital_signature_algorithm = None
self._cryptographic_algorithm = None
self._random_iv = None
self._iv_length = None
self._tag_length = None
self._fixed_field_length = None
self._invocation_field_length = None
self._counter_length = None
self._initial_counter_value = None
self.block_cipher_mode = block_cipher_mode
self.padding_method = padding_method
self.hashing_algorithm = hashing_algorithm
self.key_role_type = key_role_type
self.digital_signature_algorithm = digital_signature_algorithm
self.cryptographic_algorithm = cryptographic_algorithm
self.random_iv = random_iv
self.iv_length = iv_length
self.tag_length = tag_length
self.fixed_field_length = fixed_field_length
self.invocation_field_length = invocation_field_length
self.counter_length = counter_length
self.initial_counter_value = initial_counter_value
@property
def block_cipher_mode(self):
if self._block_cipher_mode:
return self._block_cipher_mode.value
else:
return None
@block_cipher_mode.setter
def block_cipher_mode(self, value):
if value is None:
self._block_cipher_mode = None
elif isinstance(value, enums.BlockCipherMode):
self._block_cipher_mode = Enumeration(
enums.BlockCipherMode,
value=value,
tag=Tags.BLOCK_CIPHER_MODE
)
else:
raise TypeError(
"block cipher mode must be a BlockCipherMode enumeration"
)
@property
def padding_method(self):
if self._padding_method:
return self._padding_method.value
else:
return None
@padding_method.setter
def padding_method(self, value):
if value is None:
self._padding_method = None
elif isinstance(value, enums.PaddingMethod):
self._padding_method = Enumeration(
enums.PaddingMethod,
value=value,
tag=Tags.PADDING_METHOD
)
else:
raise TypeError(
"padding method must be a PaddingMethod enumeration"
)
@property
def hashing_algorithm(self):
if self._hashing_algorithm:
return self._hashing_algorithm.value
else:
return None
@hashing_algorithm.setter
def hashing_algorithm(self, value):
if value is None:
self._hashing_algorithm = None
elif isinstance(value, enums.HashingAlgorithm):
self._hashing_algorithm = Enumeration(
enums.HashingAlgorithm,
value=value,
tag=Tags.HASHING_ALGORITHM
)
else:
raise TypeError(
"hashing algorithm must be a HashingAlgorithm enumeration"
)
@property
def key_role_type(self):
if self._key_role_type:
return self._key_role_type.value
else:
return None
@key_role_type.setter
def key_role_type(self, value):
if value is None:
self._key_role_type = None
elif isinstance(value, enums.KeyRoleType):
self._key_role_type = Enumeration(
enums.KeyRoleType,
value=value,
tag=Tags.KEY_ROLE_TYPE
)
else:
raise TypeError(
"key role type must be a KeyRoleType enumeration"
)
@property
def digital_signature_algorithm(self):
if self._digital_signature_algorithm:
return self._digital_signature_algorithm.value
else:
return None
@digital_signature_algorithm.setter
def digital_signature_algorithm(self, value):
if value is None:
self._digital_signature_algorithm = None
elif isinstance(value, enums.DigitalSignatureAlgorithm):
self._digital_signature_algorithm = Enumeration(
enums.DigitalSignatureAlgorithm,
value=value,
tag=Tags.DIGITAL_SIGNATURE_ALGORITHM
)
else:
raise TypeError(
"digital signature algorithm must be a "
"DigitalSignatureAlgorithm enumeration"
)
@property
def cryptographic_algorithm(self):
if self._cryptographic_algorithm:
return self._cryptographic_algorithm.value
else:
return None
@cryptographic_algorithm.setter
def cryptographic_algorithm(self, value):
if value is None:
self._cryptographic_algorithm = None
elif isinstance(value, enums.CryptographicAlgorithm):
self._cryptographic_algorithm = Enumeration(
enums.CryptographicAlgorithm,
value=value,
tag=Tags.CRYPTOGRAPHIC_ALGORITHM
)
else:
raise TypeError(
"cryptographic algorithm must be a CryptographicAlgorithm "
"enumeration"
)
@property
def random_iv(self):
if self._random_iv:
return self._random_iv.value
else:
return None
@random_iv.setter
def random_iv(self, value):
if value is None:
self._random_iv = None
elif isinstance(value, bool):
self._random_iv = Boolean(
value=value,
tag=Tags.RANDOM_IV
)
else:
raise TypeError("random iv must be a boolean")
@property
def iv_length(self):
if self._iv_length:
return self._iv_length.value
else:
return None
@iv_length.setter
def iv_length(self, value):
if value is None:
self._iv_length = None
elif isinstance(value, six.integer_types):
self._iv_length = Integer(
value=value,
tag=Tags.IV_LENGTH
)
else:
raise TypeError("iv length must be an integer")
@property
def tag_length(self):
if self._tag_length:
return self._tag_length.value
else:
return None
@tag_length.setter
def tag_length(self, value):
if value is None:
self._tag_length = None
elif isinstance(value, six.integer_types):
self._tag_length = Integer(
value=value,
tag=Tags.TAG_LENGTH
)
else:
raise TypeError("tag length must be an integer")
@property
def fixed_field_length(self):
if self._fixed_field_length:
return self._fixed_field_length.value
else:
return None
@fixed_field_length.setter
def fixed_field_length(self, value):
if value is None:
self._fixed_field_length = None
elif isinstance(value, six.integer_types):
self._fixed_field_length = Integer(
value=value,
tag=Tags.FIXED_FIELD_LENGTH
)
else:
raise TypeError("fixed field length must be an integer")
@property
def invocation_field_length(self):
if self._invocation_field_length:
return self._invocation_field_length.value
else:
return None
@invocation_field_length.setter
def invocation_field_length(self, value):
if value is None:
self._invocation_field_length = None
elif isinstance(value, six.integer_types):
self._invocation_field_length = Integer(
value=value,
tag=Tags.INVOCATION_FIELD_LENGTH
)
else:
raise TypeError("invocation field length must be an integer")
@property
def counter_length(self):
if self._counter_length:
return self._counter_length.value
else:
return None
@counter_length.setter
def counter_length(self, value):
if value is None:
self._counter_length = None
elif isinstance(value, six.integer_types):
self._counter_length = Integer(
value=value,
tag=Tags.COUNTER_LENGTH
)
else:
raise TypeError("counter length must be an integer")
@property
def initial_counter_value(self):
if self._initial_counter_value:
return self._initial_counter_value.value
else:
return None
@initial_counter_value.setter
def initial_counter_value(self, value):
if value is None:
self._initial_counter_value = None
elif isinstance(value, six.integer_types):
self._initial_counter_value = Integer(
value=value,
tag=Tags.INITIAL_COUNTER_VALUE
)
else:
raise TypeError("initial counter value must be an integer")
def read(self, istream):
super(CryptographicParameters, self).read(istream)
tstream = BytearrayStream(istream.read(self.length))
if self.is_tag_next(Tags.BLOCK_CIPHER_MODE, tstream):
self.block_cipher_mode = CryptographicParameters.BlockCipherMode()
self.block_cipher_mode.read(tstream)
self._block_cipher_mode = Enumeration(
enums.BlockCipherMode,
tag=Tags.BLOCK_CIPHER_MODE
)
self._block_cipher_mode.read(tstream)
if self.is_tag_next(Tags.PADDING_METHOD, tstream):
self.padding_method = CryptographicParameters.PaddingMethod()
self.padding_method.read(tstream)
self._padding_method = Enumeration(
enums.PaddingMethod,
tag=Tags.PADDING_METHOD
)
self._padding_method.read(tstream)
if self.is_tag_next(Tags.HASHING_ALGORITHM, tstream):
self.hashing_algorithm = HashingAlgorithm()
self.hashing_algorithm.read(tstream)
self._hashing_algorithm = Enumeration(
enums.HashingAlgorithm,
tag=Tags.HASHING_ALGORITHM
)
self._hashing_algorithm.read(tstream)
if self.is_tag_next(Tags.KEY_ROLE_TYPE, tstream):
self.key_role_type = CryptographicParameters.KeyRoleType()
self.key_role_type.read(tstream)
self._key_role_type = Enumeration(
enums.KeyRoleType,
tag=Tags.KEY_ROLE_TYPE
)
self._key_role_type.read(tstream)
if self.is_tag_next(Tags.DIGITAL_SIGNATURE_ALGORITHM, tstream):
self.digital_signature_algorithm = \
CryptographicParameters.DigitalSignatureAlgorithm()
self.digital_signature_algorithm.read(tstream)
self._digital_signature_algorithm = Enumeration(
enums.DigitalSignatureAlgorithm,
tag=Tags.DIGITAL_SIGNATURE_ALGORITHM
)
self._digital_signature_algorithm.read(tstream)
if self.is_tag_next(Tags.CRYPTOGRAPHIC_ALGORITHM, tstream):
self.cryptographic_algorithm = CryptographicAlgorithm()
self.cryptographic_algorithm.read(tstream)
self._cryptographic_algorithm = Enumeration(
enums.CryptographicAlgorithm,
tag=Tags.CRYPTOGRAPHIC_ALGORITHM
)
self._cryptographic_algorithm.read(tstream)
if self.is_tag_next(Tags.RANDOM_IV, tstream):
self._random_iv = Boolean(tag=Tags.RANDOM_IV)
self._random_iv.read(tstream)
if self.is_tag_next(Tags.IV_LENGTH, tstream):
self._iv_length = Integer(tag=Tags.IV_LENGTH)
self._iv_length.read(tstream)
if self.is_tag_next(Tags.TAG_LENGTH, tstream):
self._tag_length = Integer(tag=Tags.TAG_LENGTH)
self._tag_length.read(tstream)
if self.is_tag_next(Tags.FIXED_FIELD_LENGTH, tstream):
self._fixed_field_length = Integer(tag=Tags.FIXED_FIELD_LENGTH)
self._fixed_field_length.read(tstream)
if self.is_tag_next(Tags.INVOCATION_FIELD_LENGTH, tstream):
self._invocation_field_length = Integer(
tag=Tags.INVOCATION_FIELD_LENGTH
)
self._invocation_field_length.read(tstream)
if self.is_tag_next(Tags.COUNTER_LENGTH, tstream):
self._counter_length = Integer(tag=Tags.COUNTER_LENGTH)
self._counter_length.read(tstream)
if self.is_tag_next(Tags.INITIAL_COUNTER_VALUE, tstream):
self._initial_counter_value = Integer(
tag=Tags.INITIAL_COUNTER_VALUE
)
self._initial_counter_value.read(tstream)
self.is_oversized(tstream)
self.validate()
def write(self, ostream):
tstream = BytearrayStream()
# Write the contents of the request payload
if self.block_cipher_mode is not None:
self.block_cipher_mode.write(tstream)
if self.padding_method is not None:
self.padding_method.write(tstream)
if self.hashing_algorithm is not None:
self.hashing_algorithm.write(tstream)
if self.key_role_type is not None:
self.key_role_type.write(tstream)
if self.digital_signature_algorithm is not None:
self.digital_signature_algorithm.write(tstream)
if self.cryptographic_algorithm is not None:
self.cryptographic_algorithm.write(tstream)
if self._block_cipher_mode:
self._block_cipher_mode.write(tstream)
if self._padding_method:
self._padding_method.write(tstream)
if self._hashing_algorithm:
self._hashing_algorithm.write(tstream)
if self._key_role_type:
self._key_role_type.write(tstream)
if self._digital_signature_algorithm:
self._digital_signature_algorithm.write(tstream)
if self._cryptographic_algorithm:
self._cryptographic_algorithm.write(tstream)
if self._random_iv:
self._random_iv.write(tstream)
if self._iv_length:
self._iv_length.write(tstream)
if self._tag_length:
self._tag_length.write(tstream)
if self._fixed_field_length:
self._fixed_field_length.write(tstream)
if self._invocation_field_length:
self._invocation_field_length.write(tstream)
if self._counter_length:
self._counter_length.write(tstream)
if self._initial_counter_value:
self._initial_counter_value.write(tstream)
# Write the length and value of the request payload
self.length = tstream.length()
super(CryptographicParameters, self).write(ostream)
ostream.write(tstream.buffer)
def validate(self):
self.__validate()
def __validate(self):
if self.block_cipher_mode is not None:
if not isinstance(self.block_cipher_mode, self.BlockCipherMode):
msg = "Invalid block cipher mode"
msg += "; expected {0}, received {1}".format(
self.BlockCipherMode, self.block_cipher_mode)
raise TypeError(msg)
if self.padding_method is not None:
if not isinstance(self.padding_method, self.PaddingMethod):
msg = "Invalid padding method"
msg += "; expected {0}, received {1}".format(
self.PaddingMethod, self.padding_method)
raise TypeError(msg)
if self.hashing_algorithm is not None:
if not isinstance(self.hashing_algorithm, HashingAlgorithm):
msg = "Invalid hashing algorithm"
msg += "; expected {0}, received {1}".format(
HashingAlgorithm, self.hashing_algorithm)
raise TypeError(msg)
if self.key_role_type is not None:
if not isinstance(self.key_role_type, self.KeyRoleType):
msg = "Invalid key role type"
msg += "; expected {0}, received {1}".format(
self.KeyRoleType, self.key_role_type)
raise TypeError(msg)
if self.digital_signature_algorithm is not None:
if not isinstance(
self.digital_signature_algorithm,
CryptographicParameters.DigitalSignatureAlgorithm
):
msg = "Invalid digital signature algorithm"
msg += "; expected {0}, received {1}".format(
CryptographicParameters.DigitalSignatureAlgorithm,
self.digital_signature_algorithm)
raise TypeError(msg)
if self.cryptographic_algorithm is not None:
if not isinstance(self.cryptographic_algorithm,
CryptographicAlgorithm):
msg = "Invalid cryptograhic algorithm"
msg += "; expected {0}, received {1}".format(
CryptographicAlgorithm, self.cryptographic_algorithm)
raise TypeError(msg)
def __eq__(self, other):
if isinstance(other, CryptographicParameters):
if self.block_cipher_mode != other.block_cipher_mode:
return False
elif self.key_role_type != other.key_role_type:
elif self.padding_method != other.padding_method:
return False
elif self.hashing_algorithm != other.hashing_algorithm:
return False
elif self.key_role_type != other.key_role_type:
return False
elif self.digital_signature_algorithm \
!= other.digital_signature_algorithm:
return False
elif self.cryptographic_algorithm != other.cryptographic_algorithm:
return False
elif self.padding_method != other.padding_method:
elif self.random_iv != other.random_iv:
return False
elif self.iv_length != other.iv_length:
return False
elif self.tag_length != other.tag_length:
return False
elif self.fixed_field_length != other.fixed_field_length:
return False
elif self.invocation_field_length != other.invocation_field_length:
return False
elif self.counter_length != other.counter_length:
return False
elif self.initial_counter_value != other.initial_counter_value:
return False
else:
return True
@ -422,6 +730,47 @@ class CryptographicParameters(Struct):
else:
return NotImplemented
def __repr__(self):
args = ", ".join([
"block_cipher_mode={0}".format(self.block_cipher_mode),
"padding_method={0}".format(self.padding_method),
"hashing_algorithm={0}".format(self.hashing_algorithm),
"key_role_type={0}".format(self.key_role_type),
"digital_signature_algorithm={0}".format(
self.digital_signature_algorithm
),
"cryptographic_algorithm={0}".format(
self.cryptographic_algorithm
),
"random_iv={0}".format(self.random_iv),
"iv_length={0}".format(self.iv_length),
"tag_length={0}".format(self.tag_length),
"fixed_field_length={0}".format(self.fixed_field_length),
"invocation_field_length={0}".format(
self.invocation_field_length
),
"counter_length={0}".format(self.counter_length),
"initial_counter_value={0}".format(self.initial_counter_value)
])
return "CryptographicParameters({0})".format(args)
def __str__(self):
return str({
'block_cipher_mode': self.block_cipher_mode,
'padding_method': self.padding_method,
'hashing_algorithm': self.hashing_algorithm,
'key_role_type': self.key_role_type,
'digital_signature_algorithm': self.digital_signature_algorithm,
'cryptographic_algorithm': self.cryptographic_algorithm,
'random_iv': self.random_iv,
'iv_length': self.iv_length,
'tag_length': self.tag_length,
'fixed_field_length': self.fixed_field_length,
'invocation_field_length': self.invocation_field_length,
'counter_length': self.counter_length,
'initial_counter_value': self.initial_counter_value
})
class CertificateType(Enumeration):
"""

77
kmip/core/factories/attribute_values.py
View File

@ -136,52 +136,39 @@ class AttributeValueFactory(object):
return attributes.CryptographicLength(length)
def _create_cryptographic_parameters(self, params):
bcm = None
padding_method = None
hashing_algorithm = None
key_role_type = None
digital_signature_algorithm = None
cryptographic_algorithm = None
# TODO: Need to implement other fields of CryptographicParameters (3.6)
if params is None:
params = {}
if params is not None:
if 'block_cipher_mode' in params:
bcm = attributes.CryptographicParameters.BlockCipherMode(
params.get('block_cipher_mode'))
padding_method = None
if 'padding_method' in params:
padding_method = attributes.CryptographicParameters. \
PaddingMethod(params.get('padding_method'))
key_role_type = None
if 'key_role_type' in params:
key_role_type = attributes.CryptographicParameters.KeyRoleType(
params.get('key_role_type'))
hashing_algorithm = None
if 'hashing_algorithm' in params:
hashing_algorithm = attributes.HashingAlgorithm(
params.get("hashing_algorithm"))
if 'digital_signature_algorithm' in params:
digital_signature_algorithm = \
attributes.CryptographicParameters. \
DigitalSignatureAlgorithm(
params.get("digital_signature_algorithm"))
if 'cryptographic_algorithm' in params:
cryptographic_algorithm = attributes.CryptographicAlgorithm(
params.get("cryptographic_algorithm"))
return attributes.CryptographicParameters(
block_cipher_mode=bcm,
padding_method=padding_method,
hashing_algorithm=hashing_algorithm,
key_role_type=key_role_type,
digital_signature_algorithm=digital_signature_algorithm,
cryptographic_algorithm=cryptographic_algorithm)
if isinstance(params, dict):
return attributes.CryptographicParameters(
block_cipher_mode=params.get('block_cipher_mode', None),
padding_method=params.get('padding_method', None),
hashing_algorithm=params.get('hashing_algorithm', None),
key_role_type=params.get('key_role_type', None),
digital_signature_algorithm=params.get(
'digital_signature_algorithm',
None
),
cryptographic_algorithm=params.get(
'cryptographic_algorithm',
None
),
random_iv=params.get('random_iv', None),
iv_length=params.get('iv_length', None),
tag_length=params.get('tag_length', None),
fixed_field_length=params.get('fixed_field_length', None),
invocation_field_length=params.get(
'invocation_field_length',
None
),
counter_length=params.get('counter_length', None),
initial_counter_value=params.get(
'initial_counter_value',
None
)
)
else:
raise TypeError("cryptographic parameters must be a dict")
def _create_cryptographic_usage_mask(self, flags):
mask = None

6
kmip/pie/client.py
View File

@ -22,8 +22,7 @@ from kmip.core import objects as cobjects
from kmip.core.factories import attributes
from kmip.core.attributes import CryptographicParameters, \
CryptographicAlgorithm
from kmip.core.attributes import CryptographicParameters
from kmip.pie import api
from kmip.pie import exceptions
@ -687,7 +686,8 @@ class ProxyKmipClient(api.KmipClient):
raise exceptions.ClientConnectionNotOpen()
parameters_attribute = CryptographicParameters(
cryptographic_algorithm=CryptographicAlgorithm(algorithm))
cryptographic_algorithm=algorithm
)
# Get the message authentication code and handle the results
result = self.proxy.mac(data, uid, parameters_attribute)

2
kmip/services/server/engine.py
View File

@ -1700,7 +1700,7 @@ class KmipEngine(object):
if (payload.cryptographic_parameters and
payload.cryptographic_parameters.cryptographic_algorithm):
algorithm = \
payload.cryptographic_parameters.cryptographic_algorithm.value
payload.cryptographic_parameters.cryptographic_algorithm
elif (isinstance(managed_object, objects.Key) and
managed_object.cryptographic_algorithm):
algorithm = managed_object.cryptographic_algorithm

1241
kmip/tests/unit/core/attributes/test_attributes.py
View File

File diff suppressed because it is too large Load Diff

64
kmip/tests/unit/core/factories/test_attribute_values.py
View File

@ -93,35 +93,55 @@ class TestAttributeValueFactory(testtools.TestCase):
'digital_signature_algorithm':
enums.DigitalSignatureAlgorithm.ECDSA_WITH_SHA512,
'cryptographic_algorithm':
enums.CryptographicAlgorithm.HMAC_SHA512}
params = self.factory.create_attribute_value(
enums.AttributeType.CRYPTOGRAPHIC_PARAMETERS, value)
enums.CryptographicAlgorithm.HMAC_SHA512,
'random_iv': True,
'iv_length': 96,
'tag_length': None,
'fixed_field_length': 32,
'invocation_field_length': 64,
'counter_length': None,
'initial_counter_value': 1
}
cryptographic_parameters = self.factory.create_attribute_value(
enums.AttributeType.CRYPTOGRAPHIC_PARAMETERS,
value
)
# TODO (peter-hamilton): Update assertEquals after structure changes
self.assertIsInstance(params, attributes.CryptographicParameters)
self.assertIsInstance(
cryptographic_parameters,
attributes.CryptographicParameters
)
self.assertEqual(
attributes.CryptographicParameters.BlockCipherMode(
enums.BlockCipherMode.NIST_KEY_WRAP),
params.block_cipher_mode)
enums.BlockCipherMode.NIST_KEY_WRAP,
cryptographic_parameters.block_cipher_mode
)
self.assertEqual(
attributes.CryptographicParameters.PaddingMethod(
enums.PaddingMethod.ANSI_X9_23),
params.padding_method)
enums.PaddingMethod.ANSI_X9_23,
cryptographic_parameters.padding_method
)
self.assertEqual(
attributes.CryptographicParameters.KeyRoleType(
enums.KeyRoleType.KEK),
params.key_role_type)
enums.KeyRoleType.KEK,
cryptographic_parameters.key_role_type
)
self.assertEqual(
attributes.HashingAlgorithm(enums.HashingAlgorithm.SHA_512),
params.hashing_algorithm)
enums.HashingAlgorithm.SHA_512,
cryptographic_parameters.hashing_algorithm
)
self.assertEqual(
attributes.CryptographicParameters.DigitalSignatureAlgorithm(
enums.DigitalSignatureAlgorithm.ECDSA_WITH_SHA512),
params.digital_signature_algorithm)
enums.DigitalSignatureAlgorithm.ECDSA_WITH_SHA512,
cryptographic_parameters.digital_signature_algorithm
)
self.assertEqual(
attributes.CryptographicAlgorithm(
enums.CryptographicAlgorithm.HMAC_SHA512),
params.cryptographic_algorithm)
enums.CryptographicAlgorithm.HMAC_SHA512,
cryptographic_parameters.cryptographic_algorithm
)
self.assertEqual(True, cryptographic_parameters.random_iv)
self.assertEqual(96, cryptographic_parameters.iv_length)
self.assertEqual(None, cryptographic_parameters.tag_length)
self.assertEqual(32, cryptographic_parameters.fixed_field_length)
self.assertEqual(64, cryptographic_parameters.invocation_field_length)
self.assertEqual(None, cryptographic_parameters.counter_length)
self.assertEqual(1, cryptographic_parameters.initial_counter_value)
def test_create_cryptographic_domain_parameters(self):
"""

4
kmip/tests/unit/core/messages/payloads/test_mac.py
View File

@ -31,8 +31,8 @@ class TestMACRequestPayload(TestCase):
self.unique_identifier = attributes.UniqueIdentifier(value='1')
self.cryptographic_parameters = \
attributes.CryptographicParameters(
cryptographic_algorithm=attributes.CryptographicAlgorithm(
enums.CryptographicAlgorithm.HMAC_SHA512)
cryptographic_algorithm=enums.CryptographicAlgorithm.
HMAC_SHA512
)
self.data = objects.Data(
value=(b'\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B'

11
kmip/tests/unit/core/messages/test_messages.py
View File

@ -1077,13 +1077,13 @@ class TestRequestMessage(TestCase):
cryptographic_algorithm = parameters_attribute.cryptographic_algorithm
msg = "Bad cryptographic algorithm type: expected {0}, received {1}"
self.assertIsInstance(cryptographic_algorithm,
attr.CryptographicAlgorithm,
msg.format(attr.CryptographicAlgorithm,
enums.CryptographicAlgorithm,
msg.format(enums.CryptographicAlgorithm,
type(cryptographic_algorithm)))
msg = "Bad cryptographic algorithm value: expected {0}, received {1}"
self.assertEquals(cryptographic_algorithm.value,
self.assertEquals(cryptographic_algorithm,
enums.CryptographicAlgorithm.HMAC_SHA512,
msg.format(cryptographic_algorithm.value,
msg.format(cryptographic_algorithm,
enums.CryptographicAlgorithm.HMAC_SHA512))
data = request_payload.data
@ -1114,8 +1114,7 @@ class TestRequestMessage(TestCase):
b'\x0C\x0D\x0E\x0F')
)
parameters_attribute = attr.CryptographicParameters(
cryptographic_algorithm=attr.
CryptographicAlgorithm(enums.CryptographicAlgorithm.HMAC_SHA512)
cryptographic_algorithm=enums.CryptographicAlgorithm.HMAC_SHA512
)
request_payload = mac.MACRequestPayload(
unique_identifier=uuid,

13
kmip/tests/unit/services/server/test_engine.py
View File

@ -5157,8 +5157,7 @@ class TestKmipEngine(testtools.TestCase):
uuid = str(obj.unique_identifier)
cryptographic_parameters = attributes.CryptographicParameters(
cryptographic_algorithm=attributes.
CryptographicAlgorithm(algorithm_b)
cryptographic_algorithm=algorithm_b
)
# Verify when cryptographic_parameters is specified in request
@ -5226,8 +5225,8 @@ class TestKmipEngine(testtools.TestCase):
uuid_no_algorithm = str(obj_no_algorithm.unique_identifier)
cryptographic_parameters = attributes.CryptographicParameters(
cryptographic_algorithm=attributes.
CryptographicAlgorithm(algorithm))
cryptographic_algorithm=algorithm
)
payload_no_key = mac.MACRequestPayload(
unique_identifier=attributes.UniqueIdentifier(uuid_no_key),
@ -5303,8 +5302,7 @@ class TestKmipEngine(testtools.TestCase):
uuid = str(obj.unique_identifier)
cryptographic_parameters = attributes.CryptographicParameters(
cryptographic_algorithm=attributes.
CryptographicAlgorithm(algorithm_b)
cryptographic_algorithm=algorithm_b
)
# Verify when cryptographic_parameters is specified in request
@ -5352,8 +5350,7 @@ class TestKmipEngine(testtools.TestCase):
uuid = str(obj.unique_identifier)
cryptographic_parameters = attributes.CryptographicParameters(
cryptographic_algorithm=attributes.
CryptographicAlgorithm(algorithm_b)
cryptographic_algorithm=algorithm_b
)
# Verify when cryptographic_parameters is specified in request

6
kmip/tests/unit/services/test_kmip_client.py
View File

@ -16,8 +16,7 @@
from testtools import TestCase
from kmip.core.attributes import PrivateKeyUniqueIdentifier
from kmip.core.attributes import CryptographicParameters, \
CryptographicAlgorithm
from kmip.core.attributes import CryptographicParameters
from kmip.core.enums import AuthenticationSuite
@ -786,8 +785,7 @@ class TestKMIPClient(TestCase):
uuid = '1'
cryptographic_parameters = CryptographicParameters(
cryptographic_algorithm=CryptographicAlgorithm(
CryptographicAlgorithmEnum.HMAC_SHA512)
cryptographic_algorithm=CryptographicAlgorithmEnum.HMAC_SHA512
)
self.client._send_message.side_effect = verify_request