Very wonderful project

Question

Very wonderful project

Opened this issue 3 years ago · 5 comments

Dear team,
Im looking for a opensource impl of KMIP protocol, this repo is great!!
Im not a KMIP expert, want to know if there is plan to support the LINK attribute?
When i invoke the rekey API, next time i call get_attributes will raise a NotImplementedError.

>>> c=client.ProxyKmipClient(config='client', config_file='D:\\git\\pykmip\\kmip-safenet.conf', kmip_version=enums.KMIPVersion.KMIP_1_0)
>>> c.open()
>>> id = c.create(enums.CryptographicAlgorithm.AES, 256, name="testpykmip4safenet{}".format(int(time.time()))) 
>>> newid=c.rekey(id) 
>>> c.get_attributes(newid)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "D:\git\pykmip\kmip\pie\client.py", line 41, in wrapper
    return function(self, *args, **kwargs)
  File "D:\git\pykmip\kmip\pie\client.py", line 1031, in get_attributes
    result = self.proxy.get_attributes(uid, attribute_names)
  File "D:\git\pykmip\kmip\services\kmip_client.py", line 754, in get_attributes
    response = self._send_and_receive_message(request)
  File "D:\git\pykmip\kmip\services\kmip_client.py", line 1735, in _send_and_receive_message
    response.read(data, self.kmip_version)
  File "D:\git\pykmip\kmip\core\messages\messages.py", line 529, in read
    batch_item.read(istream, kmip_version=kmip_version)
  File "D:\git\pykmip\kmip\core\messages\messages.py", line 415, in read
    self.response_payload.read(tstream, kmip_version=kmip_version)
  File "D:\git\pykmip\kmip\core\messages\payloads\get_attributes.py", line 382, in read
    attribute.read(local_buffer, kmip_version=kmip_version)
  File "D:\git\pykmip\kmip\core\objects.py", line 115, in read
    value = self.value_factory.create_attribute_value(enum_type, None)
  File "D:\git\pykmip\kmip\core\factories\attribute_values.py", line 100, in create_attribute_value
    raise NotImplementedError()
NotImplementedError

Thanks!

Answer 1 · 2021-09-07T08:08:31.000Z

ping @PeterHamilton

Answer 2 · 2021-09-07T16:33:47.000Z

Hi @pkking, thanks for filing this issue. Adding support for the Link attribute is on the todo list but I can't say at this point when I'll be able to get to it. I'm assuming you're using PyKMIP with a SafeNet key server and its returning KMIP attributes that PyKMIP does not support. Is the Link attribute one of these? Are there others?

Answer 3 · 2021-09-08T15:30:51.000Z

yes, the reproduction is:

create a new key
activate the key
rekey
get_attribute of the new key(as described by the KMIP spec the new key's attributions will contain a link that refer to the replaced key) will fail

Answer 4 · 2021-09-08T15:52:20.000Z

for now, the link attr is the only failed case. other features seems ok, I will try more key servers and reply if I meet any issues else.

Answer 5 · 2021-09-08T15:53:20.000Z

Thanks for the update. I'll look into how much effort it'll take to get Link support in place on the client side. I may be able to squeeze something in the short term if it's not too much effort.