search

OpenKMIP / PyKMIP

A Python implementation of the KMIP specification.
Apache License 2.0
272 stars 134 forks source link

Question: Is the CryptographicUsageMask broken? #636

Closed KBassford closed 4 years ago

KBassford commented 4 years ago

if I try this ...

import os, re, sys
import binascii
import random
import base64
import logging
import socket
import json
import random
import urllib.request
from Crypto.Cipher import AES
from kmip.pie import objects
from kmip.pie import client
from kmip import enums
from kmip.core.factories import attributes

def gen_256_symmetric_key():
    # Quick and dirty 256-bit symmetric keys.
    AES_key_length = 16
    rawsymkey = os.urandom(AES_key_length)
    hexencsymkey = binascii.hexlify(rawsymkey)
    keyname = random_name_generator()
    usage = [enums.CryptographicUsageMask.ENCRYPT, enums.CryptographicUsageMask.DECRYPT]
    symkeyobj = objects.SymmetricKey(
        enums.CryptographicAlgorithm.AES,
        256,
        hexencsymkey,
        keyname,
        usage
    )
    return symkeyobj

... the usage is never accepted.

KBassford commented 4 years ago

Nevermind, keyname and usage are backwards.