本文整理汇总了Python中kmip.core.factories.attributes.AttributeFactory.create_attribute方法的典型用法代码示例。如果您正苦于以下问题:Python AttributeFactory.create_attribute方法的具体用法?Python AttributeFactory.create_attribute怎么用?Python AttributeFactory.create_attribute使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类kmip.core.factories.attributes.AttributeFactory的用法示例。
在下文中一共展示了AttributeFactory.create_attribute方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _get_attrs
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
def _get_attrs(self):
attr_factory = AttributeFactory()
algorithm = self._get_alg_attr(self.algorithm_name)
length = self._get_length_attr(self.key_length)
attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK
mask_flags = [CryptoUsageMaskEnum.ENCRYPT,
CryptoUsageMaskEnum.DECRYPT]
usage_mask = attr_factory.create_attribute(attribute_type,
mask_flags)
name_value = Name.NameValue(value='TESTNAME')
name_type = Name.NameType(value=NameType.UNINTERPRETED_TEXT_STRING)
value = Name.create(name_value, name_type)
nameattr = attr_factory.create_attribute(AttributeType.NAME, value)
return [algorithm, usage_mask, length, nameattr]示例2: test_locate
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
def test_locate(self):
self._create()
name_value = Name.NameValue(value='TESTNAME')
name_type = Name.NameType(value=NameType.UNINTERPRETED_TEXT_STRING)
value = Name.create(name_value, name_type)
attr_factory = AttributeFactory()
nameattr = attr_factory.create_attribute(AttributeType.NAME, value)
attrs = [nameattr]
res = self.kmip.locate(attributes=attrs)
self.assertEqual(ResultStatus.OPERATION_FAILED, res.result_status.enum,
'locate result status did not return success')示例3: build_cryptographic_usage_mask
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
def build_cryptographic_usage_mask(logger, object_type):
if object_type == ObjectType.SYMMETRIC_KEY:
flags = [CryptographicUsageMask.ENCRYPT,
CryptographicUsageMask.DECRYPT]
elif object_type == ObjectType.PUBLIC_KEY:
flags = [CryptographicUsageMask.VERIFY]
elif object_type == ObjectType.PRIVATE_KEY:
flags = [CryptographicUsageMask.SIGN]
else:
logger.error("Unrecognized object type, could not build cryptographic "
"usage mask")
sys.exit()
attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK
attribute_factory = AttributeFactory()
usage_mask = attribute_factory.create_attribute(attribute_type, flags)
return usage_mask示例4: TestKMIPClientIntegration
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
#.........这里部分代码省略.........
self._check_result_status(result.result_status.enum, ResultStatus,
ResultStatus.SUCCESS)
self._check_uuid(result.uuid.value, str)
# Verify the secret was destroyed
result = self.client.get(uuid=uuid, credential=credential)
self._check_result_status(result.result_status.enum, ResultStatus,
ResultStatus.OPERATION_FAILED)
expected = ResultReason
observed = type(result.result_reason.enum)
message = utils.build_er_error(result.result_reason.__class__, 'type',
expected, observed)
self.assertEqual(expected, observed, message)
expected = ResultReason.ITEM_NOT_FOUND
observed = result.result_reason.enum
message = utils.build_er_error(result.result_reason.__class__,
'value', expected, observed)
self.assertEqual(expected, observed, message)
def test_register(self):
credential_type = CredentialType.USERNAME_AND_PASSWORD
credential_value = {'Username': 'Peter', 'Password': 'abc123'}
credential = self.cred_factory.create_credential(credential_type,
credential_value)
object_type = ObjectType.SYMMETRIC_KEY
algorithm_value = CryptoAlgorithmEnum.AES
mask_flags = [CryptographicUsageMask.ENCRYPT,
CryptographicUsageMask.DECRYPT]
attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK
usage_mask = self.attr_factory.create_attribute(attribute_type,
mask_flags)
attributes = [usage_mask]
template_attribute = TemplateAttribute(attributes=attributes)
key_format_type = KeyFormatType(KeyFormatTypeEnum.RAW)
key_data = (
b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
b'\x00')
key_material = KeyMaterial(key_data)
key_value = KeyValue(key_material)
cryptographic_algorithm = CryptographicAlgorithm(algorithm_value)
cryptographic_length = CryptographicLength(128)
key_block = KeyBlock(
key_format_type=key_format_type,
key_compression_type=None,
key_value=key_value,
cryptographic_algorithm=cryptographic_algorithm,
cryptographic_length=cryptographic_length,
key_wrapping_data=None)
secret = SymmetricKey(key_block)
result = self.client.register(object_type, template_attribute, secret,
credential)
self._check_result_status(result.result_status.enum, ResultStatus,
ResultStatus.SUCCESS)
self._check_uuid(result.uuid.value, str)
示例5: AttributeFactory
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
logging.config.fileConfig(f_log)
logger = logging.getLogger(__name__)
attribute_factory = AttributeFactory()
credential_factory = CredentialFactory()
credential_type = CredentialType.USERNAME_AND_PASSWORD
credential_value = {'Username': 'Peter', 'Password': 'abc123'}
credential = credential_factory.create_credential(credential_type,
credential_value)
client = KMIPProxy()
client.open()
object_type = ObjectType.SYMMETRIC_KEY
attribute_type = AttributeType.CRYPTOGRAPHIC_ALGORITHM
algorithm = attribute_factory.create_attribute(attribute_type,
CryptographicAlgorithm.AES)
mask_flags = [CryptographicUsageMask.ENCRYPT,
CryptographicUsageMask.DECRYPT]
attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK
usage_mask = attribute_factory.create_attribute(attribute_type,
mask_flags)
name = Attribute.AttributeName('Name')
name_value = Name.NameValue('FOOBAR')
name_type = Name.NameType(NameType.UNINTERPRETED_TEXT_STRING)
value = Name(name_value=name_value, name_type=name_type)
nameattr = Attribute(attribute_name=name, attribute_value=value)
attributes = [algorithm, usage_mask, nameattr]
template_attribute = TemplateAttribute(attributes=attributes)
示例6: TestKMIPClient
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
#.........这里部分代码省略.........
)
def test_derive_key(self, send_mock, build_mock):
"""
Test that the client can derive a key.
"""
payload = payloads.DeriveKeyResponsePayload(
unique_identifier='1',
)
batch_item = ResponseBatchItem(
operation=Operation(OperationEnum.DERIVE_KEY),
result_status=ResultStatus(ResultStatusEnum.SUCCESS),
response_payload=payload
)
response = ResponseMessage(batch_items=[batch_item])
build_mock.return_value = None
send_mock.return_value = response
result = self.client.derive_key(
object_type=enums.ObjectType.SYMMETRIC_KEY,
unique_identifiers=['2', '3'],
derivation_method=enums.DerivationMethod.ENCRYPT,
derivation_parameters=DerivationParameters(
cryptographic_parameters=CryptographicParameters(
block_cipher_mode=enums.BlockCipherMode.CBC,
padding_method=enums.PaddingMethod.PKCS1v15,
cryptographic_algorithm=enums.CryptographicAlgorithm.AES
),
initialization_vector=b'\x01\x02\x03\x04',
derivation_data=b'\xF1\xF2\xF3\xF4\xF5\xF6\xF7\xF8'
),
template_attribute=TemplateAttribute(
attributes=[
self.attr_factory.create_attribute(
'Cryptographic Length',
128
),
self.attr_factory.create_attribute(
'Cryptographic Algorithm',
enums.CryptographicAlgorithm.AES
)
]
),
)
self.assertEqual('1', result.get('unique_identifier'))
self.assertEqual(
ResultStatusEnum.SUCCESS,
result.get('result_status')
)
self.assertEqual(None, result.get('result_reason'))
self.assertEqual(None, result.get('result_message'))
@mock.patch(
'kmip.services.kmip_client.KMIPProxy._build_request_message'
)
@mock.patch(
'kmip.services.kmip_client.KMIPProxy._send_and_receive_message'
)
def test_encrypt(self, send_mock, build_mock):
"""
Test that the client can encrypt data.
"""
payload = payloads.EncryptResponsePayload(
unique_identifier='1',
data=(示例7: getattr
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
client.open()
# Build the different object attributes
object_type = ObjectType.SYMMETRIC_KEY
attribute_type = AttributeType.CRYPTOGRAPHIC_ALGORITHM
algorithm_enum = getattr(CryptographicAlgorithm, algorithm, None)
if algorithm_enum is None:
logging.debug("{0} not found".format(algorithm))
logging.debug("Invalid algorithm specified, exiting early from demo")
client.close()
sys.exit()
algorithm_obj = attribute_factory.create_attribute(attribute_type,
algorithm_enum)
mask_flags = [CryptographicUsageMask.ENCRYPT,
CryptographicUsageMask.DECRYPT]
attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK
usage_mask = attribute_factory.create_attribute(attribute_type,
mask_flags)
attribute_type = AttributeType.CRYPTOGRAPHIC_LENGTH
length_obj = attribute_factory.create_attribute(attribute_type,
length)
name = Attribute.AttributeName('Name')
name_value = Name.NameValue('Test Key')
name_type = Name.NameType(NameType.UNINTERPRETED_TEXT_STRING)
value = Name(name_value=name_value, name_type=name_type)
name = Attribute(attribute_name=name, attribute_value=value)示例8: TestIntegration
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
class TestIntegration(TestCase):
def setUp(self):
super(TestIntegration, self).setUp()
self.logger = logging.getLogger(__name__)
self.attr_factory = AttributeFactory()
self.cred_factory = CredentialFactory()
self.secret_factory = SecretFactory()
def tearDown(self):
super(TestIntegration, self).tearDown()
def _create_symmetric_key(self, key_name=None):
"""
Helper function for creating symmetric keys. Used any time a key
needs to be created.
:param key_name: name of the key to be created
:return: returns the result of the "create key" operation as
provided by the KMIP appliance
"""
object_type = ObjectType.SYMMETRIC_KEY
attribute_type = AttributeType.CRYPTOGRAPHIC_ALGORITHM
algorithm = self.attr_factory.create_attribute(attribute_type,
CryptoAlgorithmEnum.AES)
mask_flags = [CryptographicUsageMask.ENCRYPT,
CryptographicUsageMask.DECRYPT]
attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK
usage_mask = self.attr_factory.create_attribute(attribute_type,
mask_flags)
key_length = 128
attribute_type = AttributeType.CRYPTOGRAPHIC_LENGTH
key_length_obj = self.attr_factory.create_attribute(attribute_type,
key_length)
name = Attribute.AttributeName('Name')
if key_name is None:
key_name = 'Integration Test - Key'
name_value = Name.NameValue(key_name)
name_type = Name.NameType(NameType.UNINTERPRETED_TEXT_STRING)
value = Name(name_value=name_value, name_type=name_type)
name = Attribute(attribute_name=name, attribute_value=value)
attributes = [algorithm, usage_mask, key_length_obj, name]
template_attribute = TemplateAttribute(attributes=attributes)
return self.client.create(object_type, template_attribute,
credential=None)
def _create_key_pair(self, key_name=None):
"""
Helper function for creating private and public keys. Used any time
a key pair needs to be created.
:param key_name: name of the key to be created
:return: returns the result of the "create key" operation as
provided by the KMIP appliance
"""
attribute_type = AttributeType.CRYPTOGRAPHIC_ALGORITHM
algorithm = self.attr_factory.create_attribute(attribute_type,
CryptoAlgorithmEnum.RSA)
mask_flags = [CryptographicUsageMask.ENCRYPT,
CryptographicUsageMask.DECRYPT]
attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK
usage_mask = self.attr_factory.create_attribute(attribute_type,
mask_flags)
key_length = 2048
attribute_type = AttributeType.CRYPTOGRAPHIC_LENGTH
key_length_obj = self.attr_factory.create_attribute(attribute_type,
key_length)
name = Attribute.AttributeName('Name')
if key_name is None:
key_name = 'Integration Test - Key'
priv_name_value = Name.NameValue(key_name + " Private")
pub_name_value = Name.NameValue(key_name + " Public")
name_type = Name.NameType(NameType.UNINTERPRETED_TEXT_STRING)
priv_value = Name(name_value=priv_name_value, name_type=name_type)
pub_value = Name(name_value=pub_name_value, name_type=name_type)
priv_name = Attribute(attribute_name=name, attribute_value=priv_value)
pub_name = Attribute(attribute_name=name, attribute_value=pub_value)
common_attributes = [algorithm, usage_mask, key_length_obj]
private_key_attributes = [priv_name]
public_key_attributes = [pub_name]
common = CommonTemplateAttribute(attributes=common_attributes)
priv_templ_attr = PrivateKeyTemplateAttribute(
attributes=private_key_attributes)
pub_templ_attr = PublicKeyTemplateAttribute(
attributes=public_key_attributes)
return self.client.\
create_key_pair(common_template_attribute=common,
private_key_template_attribute=priv_templ_attr,
public_key_template_attribute=pub_templ_attr)
def _check_result_status(self, result, result_status_type,
#.........这里部分代码省略.........
示例9: TestIntegration
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
class TestIntegration(TestCase):
def setUp(self):
super(TestIntegration, self).setUp()
self.logger = logging.getLogger(__name__)
self.attr_factory = AttributeFactory()
self.cred_factory = CredentialFactory()
self.secret_factory = SecretFactory()
def tearDown(self):
super(TestIntegration, self).tearDown()
def _create_symmetric_key(self, key_name=None):
"""
Helper function for creating symmetric keys. Used any time a key
needs to be created.
:param key_name: name of the key to be created
:return: returns the result of the "create key" operation as
provided by the KMIP appliance
"""
object_type = ObjectType.SYMMETRIC_KEY
attribute_type = AttributeType.CRYPTOGRAPHIC_ALGORITHM
algorithm = self.attr_factory.create_attribute(attribute_type,
CryptoAlgorithmEnum.AES)
mask_flags = [CryptographicUsageMask.ENCRYPT,
CryptographicUsageMask.DECRYPT]
attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK
usage_mask = self.attr_factory.create_attribute(attribute_type,
mask_flags)
key_length = 128
attribute_type = AttributeType.CRYPTOGRAPHIC_LENGTH
key_length_obj = self.attr_factory.create_attribute(attribute_type,
key_length)
name = Attribute.AttributeName('Name')
if key_name is None:
key_name = 'Integration Test - Key'
name_value = Name.NameValue(key_name)
name_type = Name.NameType(NameType.UNINTERPRETED_TEXT_STRING)
value = Name(name_value=name_value, name_type=name_type)
name = Attribute(attribute_name=name, attribute_value=value)
attributes = [algorithm, usage_mask, key_length_obj, name]
template_attribute = TemplateAttribute(attributes=attributes)
return self.client.create(object_type, template_attribute,
credential=None)
def _check_result_status(self, result, result_status_type,
result_status_value):
"""
Helper function for checking the status of KMIP appliance actions.
Verifies the result status type and value.
:param result: result object
:param result_status_type: type of result status received
:param result_status_value: value of the result status
"""
result_status = result.result_status.enum
# Error check the result status type and value
expected = result_status_type
self.assertIsInstance(result_status, expected)
expected = result_status_value
if result_status is ResultStatus.OPERATION_FAILED:
self.logger.debug(result)
self.logger.debug(result.result_reason)
self.logger.debug(result.result_message)
self.assertEqual(expected, result_status)
def _check_uuid(self, uuid, uuid_type):
"""
Helper function for checking UUID type and value for errors
:param uuid: UUID of a created key
:param uuid_type: UUID type
:return:
"""
# Error check the UUID type and value
not_expected = None
self.assertNotEqual(not_expected, uuid)
expected = uuid_type
self.assertEqual(expected, type(uuid))
def _check_object_type(self, object_type, object_type_type,
object_type_value):
"""
Checks the type and value of a given object type.
:param object_type:
:param object_type_type:
:param object_type_value:
"""
# Error check the object type type and value
expected = object_type_type
#.........这里部分代码省略.........
示例10: KMIPImpl
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
class KMIPImpl(KMIP):
def __init__(self):
super(self.__class__, self).__init__()
self.logger = logging.getLogger(__name__)
self.key_factory = KeyFactory()
self.secret_factory = SecretFactory()
self.attribute_factory = AttributeFactory()
self.repo = MemRepo()
def create(self, object_type, template_attribute, credential=None):
self.logger.debug('create() called')
self.logger.debug('object type = %s' % object_type)
bit_length = 256
attributes = template_attribute.attributes
ret_attributes = []
if object_type.enum != OT.SYMMETRIC_KEY:
self.logger.debug('invalid object type')
return self._get_invalid_field_result('invalid object type')
try:
alg_attr =\
self._validate_req_field(attributes,
AT.CRYPTOGRAPHIC_ALGORITHM.value,
(CA.AES.value,),
'unsupported algorithm')
len_attr = self._validate_req_field(attributes,
AT.CRYPTOGRAPHIC_LENGTH.value,
(128, 256, 512),
'unsupported key length',
False)
self._validate_req_field(attributes,
AT.CRYPTOGRAPHIC_USAGE_MASK.value,
(),
'')
except InvalidFieldException as e:
self.logger.debug('InvalidFieldException raised')
return e.result
crypto_alg = CryptographicAlgorithm(CA(alg_attr.attribute_value.value))
if len_attr is None:
self.logger.debug('cryptographic length not supplied')
attribute_type = AT.CRYPTOGRAPHIC_LENGTH
length_attribute = self.attribute_factory.\
create_attribute(attribute_type, bit_length)
attributes.append(length_attribute)
ret_attributes.append(length_attribute)
else:
bit_length = len_attr.attribute_value.value
key = self._gen_symmetric_key(bit_length, crypto_alg)
s_uuid, uuid_attribute = self._save(key, attributes)
ret_attributes.append(uuid_attribute)
template_attribute = TemplateAttribute(attributes=ret_attributes)
return CreateResult(ResultStatus(RS.SUCCESS),
object_type=object_type,
uuid=UniqueIdentifier(s_uuid),
template_attribute=template_attribute)
def register(self, object_type, template_attribute, secret,
credential=None):
self.logger.debug('register() called')
self.logger.debug('object type = %s' % object_type)
attributes = template_attribute.attributes
ret_attributes = []
if object_type is None:
self.logger.debug('invalid object type')
return self._get_missing_field_result('object type')
if object_type.enum != OT.SYMMETRIC_KEY:
self.logger.debug('invalid object type')
return self._get_invalid_field_result('invalid object type')
if secret is None or not isinstance(secret, SymmetricKey):
msg = 'object type does not match that of secret'
self.logger.debug(msg)
return self._get_invalid_field_result(msg)
self.logger.debug('Collecting all attributes')
if attributes is None:
attributes = []
attributes.extend(self._get_key_block_attributes(secret.key_block))
self.logger.debug('Verifying all attributes are valid and set')
try:
self._validate_req_field(attributes,
AT.CRYPTOGRAPHIC_ALGORITHM.value,
(CA.AES.value,),
'unsupported algorithm')
self._validate_req_field(attributes,
AT.CRYPTOGRAPHIC_LENGTH.value,
(128, 256, 512),
'unsupported key length')
self._validate_req_field(attributes,
AT.CRYPTOGRAPHIC_USAGE_MASK.value,
(),
'')
except InvalidFieldException as e:
self.logger.debug('InvalidFieldException raised')
return RegisterResult(e.result.result_status,
e.result.result_reason,
e.result.result_message)
#.........这里部分代码省略.........
示例11: _get_length_attr
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
def _get_length_attr(self, length=None):
if length is None:
length = self.key_length
attr_factory = AttributeFactory()
attribute_type = AttributeType.CRYPTOGRAPHIC_LENGTH
return attr_factory.create_attribute(attribute_type, length)示例12: _get_alg_attr
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
def _get_alg_attr(self, alg=None):
if alg is None:
alg = self.algorithm_name
attr_factory = AttributeFactory()
attribute_type = AttributeType.CRYPTOGRAPHIC_ALGORITHM
return attr_factory.create_attribute(attribute_type, alg)示例13: create_key_pair_proxy
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
def create_key_pair_proxy(app_name, algorithm, length):
kmip_result_dir = {}
res_obj = CreateKeyResponse()
attribute_factory = AttributeFactory()
attribute_type = AttributeType.CRYPTOGRAPHIC_ALGORITHM
algorithm_enum = getattr(CryptographicAlgorithm, algorithm, None)
if algorithm_enum is None:
logger.error("Invalid algorithm specified; exiting early from demo")
return res_obj(
KmisResponseCodes.FAIL, KmisResponseStatus.FAIL, KmisResponseDescriptions.KEY_CREATION_ERROR)
algorithm_obj = attribute_factory.create_attribute(attribute_type,
algorithm_enum)
key_name = get_key_name(app_name)
name_value = Name.NameValue(key_name)
name = Attribute.AttributeName('Name')
name_type = Name.NameType(NameType.UNINTERPRETED_TEXT_STRING)
value = Name(name_value=name_value, name_type=name_type)
name = Attribute(attribute_name=name, attribute_value=value)
name = Attribute.AttributeName('Cryptographic Usage Mask')
value = CryptographicUsageMask(
CryptographicUsageMask.ENCRYPT.value | CryptographicUsageMask.DECRYPT.value)
usage_mask = Attribute(attribute_name=name, attribute_value=value)
attribute_type = AttributeType.CRYPTOGRAPHIC_LENGTH
length_obj = attribute_factory.create_attribute(attribute_type,
length)
attributes = [algorithm_obj, length_obj, name, usage_mask]
common = CommonTemplateAttribute(attributes=attributes)
private = PrivateKeyTemplateAttribute(attributes=attributes)
public = PublicKeyTemplateAttribute(attributes=attributes)
(client, credential) = get_kmip_client()
# Create the SYMMETRIC_KEY object
result = client.create_key_pair(common_template_attribute=common,
private_key_template_attribute=private,
public_key_template_attribute=public)
# Display operation results
key_out_type = KmisKeyFormatType.PKCS_1
cert_out_type = KmisKeyFormatType.X_509
logger.info('create_key_pair() result status: {0}'.format(
result.result_status.enum))
if result.result_status.enum == ResultStatus.SUCCESS:
logger.info("KeyPair Creation Successful")
logger.info('Created Private key UUID: {0}'.format(
result.private_key_uuid))
logger.info('Created public key UUID: {0}'.format(
result.public_key_uuid))
if result.private_key_uuid:
kmip_result_dir["kmip_private_key_result"] = client.get(
uuid=result.private_key_uuid,
credential=credential,
key_format_type=get_key_format_type(key_out_type))
if result.public_key_uuid:
kmip_result_dir["kmip_cert_result"] = client.get(
uuid=result.public_key_uuid,
credential=credential,
key_format_type=get_key_format_type(cert_out_type))
if result.private_key_template_attribute is not None:
logger.info('Private Key Template Attribute:')
utils.log_template_attribute(
logger, result.private_key_template_attribute)
if result.public_key_template_attribute is not None:
logger.info('Public Key Template Attribute:')
utils.log_template_attribute(
logger, result.public_key_template_attribute)
close_kmip_proxy(client)
res_obj.process_kmip_response(kmip_result_dir)
return res_obj(
KmisResponseCodes.SUCCESS, KmisResponseStatus.SUCCESS, KmisResponseDescriptions.SUCCESS)
else:
close_kmip_proxy(client)
logger.info('key pair creation failed, reason: {0}'.format(
result.result_reason.enum))
logger.info('key pair creation failed, result message: {0}'.format(
result.result_message.value))
return res_obj(
KmisResponseCodes.FAIL, KmisResponseStatus.FAIL, KmisResponseDescriptions.KEY_CREATION_ERROR)示例14: create_key_proxy
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
def create_key_proxy(app_name, algorithm, length):
'''
:Desc: Proxy for creating key with a given algorithm and length.
:param app_name:
:param algorithm:
:param length:
:return: key object created on KMS
'''
res_obj = CreateKeyResponse()
object_type = ObjectType.SYMMETRIC_KEY
attribute_factory = AttributeFactory()
attribute_type = AttributeType.CRYPTOGRAPHIC_ALGORITHM
algorithm_enum = getattr(CryptographicAlgorithm, algorithm, None)
if algorithm_enum is None:
logger.info(KmisResponseDescriptions.INVALID_ALGORITHM)
return res_obj(
KmisResponseCodes.FAIL, KmisResponseStatus.FAIL, KmisResponseDescriptions.INVALID_ALGORITHM)
(client, credential) = get_kmip_client()
algorithm_obj = attribute_factory.create_attribute(attribute_type,
algorithm_enum)
mask_flags = [CryptographicUsageMask.ENCRYPT,
CryptographicUsageMask.DECRYPT]
attribute_type = AttributeType.CRYPTOGRAPHIC_USAGE_MASK
usage_mask = attribute_factory.create_attribute(attribute_type,
mask_flags)
attribute_type = AttributeType.CRYPTOGRAPHIC_LENGTH
length_obj = attribute_factory.create_attribute(attribute_type,
length)
name = Attribute.AttributeName('Name')
key_name = get_key_name(app_name)
name_value = Name.NameValue(key_name)
name_type = Name.NameType(NameType.UNINTERPRETED_TEXT_STRING)
value = Name(name_value=name_value, name_type=name_type)
name = Attribute(attribute_name=name, attribute_value=value)
attributes = [algorithm_obj, usage_mask, length_obj, name]
template_attribute = TemplateAttribute(attributes=attributes)
# Create the SYMMETRIC_KEY object
kmip_result = client.create(object_type, template_attribute,
credential)
if kmip_result and kmip_result.result_status.enum == ResultStatus.SUCCESS:
logger.info(
'Key : {0} creation successful. UUID : {1}'.format(
key_name,
kmip_result.uuid.value))
print "=============", CryptographicAlgorithm.AES, algorithm
if algorithm == 'AES':
key_out_type = KmisKeyFormatType.RAW
if algorithm == 'RSA':
key_out_type = KmisKeyFormatType.PKCS_1
key_format_type = get_key_format_type(key_out_type)
kmip_result_content = get_key_with_id(client, credential, kmip_result.uuid.value, key_format_type)
res_obj.process_kmip_response(kmip_result_content)
if kmip_result_content and kmip_result_content.result_status.enum == ResultStatus.SUCCESS:
logger.info(
'Key : {0} retrieval successful. UUID : {1}'.format(
key_name,
kmip_result.uuid.value))
close_kmip_proxy(client)
return res_obj(
KmisResponseCodes.SUCCESS, KmisResponseStatus.SUCCESS, KmisResponseDescriptions.SUCCESS)
else:
logger.info("Key : {0} retrieval failed. Reason: {1}".format(str(key_name),kmip_result_content.result_message.value))
close_kmip_proxy(client)
return res_obj(
KmisResponseCodes.FAIL, KmisResponseStatus.FAIL, KmisResponseDescriptions.KEY_CREATION_ERROR)
else:
close_kmip_proxy(client)
logger.info("Key creation failed for app: {0}. Reason : {1} ".format(app_name,kmip_result.result_message.value))
return res_obj(
KmisResponseCodes.FAIL, KmisResponseStatus.FAIL, KmisResponseDescriptions.KEY_CREATION_ERROR)示例15: TODO
# 需要导入模块: from kmip.core.factories.attributes import AttributeFactory [as 别名]
# 或者: from kmip.core.factories.attributes.AttributeFactory import create_attribute [as 别名]
# Build the KMIP server account credentials
# TODO (peter-hamilton) Move up into KMIPProxy
if (username is None) and (password is None):
credential = None
else:
credential_type = CredentialType.USERNAME_AND_PASSWORD
credential_value = {'Username': username,
'Password': password}
credential = credential_factory.create_credential(credential_type,
credential_value)
# Build the client and connect to the server
client = KMIPProxy(config=config)
client.open()
algorithm_obj = attribute_factory.create_attribute(attribute_type,
algorithm_enum)
name_value = Name.NameValue(name)
name = Attribute.AttributeName('Name')
name_type = Name.NameType(NameType.UNINTERPRETED_TEXT_STRING)
value = Name(name_value=name_value, name_type=name_type)
name = Attribute(attribute_name=name, attribute_value=value)
name = Attribute.AttributeName('Cryptographic Usage Mask')
value = CryptographicUsageMask(
UsageMaskEnum.ENCRYPT.value | UsageMaskEnum.DECRYPT.value)
usage_mask = Attribute(attribute_name=name, attribute_value=value)
attribute_type = AttributeType.CRYPTOGRAPHIC_LENGTH
length_obj = attribute_factory.create_attribute(attribute_type,
length)