Very wonderful project
Opened this issue · 5 comments
Dear team,
Im looking for a opensource impl of KMIP protocol, this repo is great!!
Im not a KMIP expert, want to know if there is plan to support the LINK
attribute?
When i invoke the rekey
API, next time i call get_attributes
will raise a NotImplementedError
.
>>> c=client.ProxyKmipClient(config='client', config_file='D:\\git\\pykmip\\kmip-safenet.conf', kmip_version=enums.KMIPVersion.KMIP_1_0)
>>> c.open()
>>> id = c.create(enums.CryptographicAlgorithm.AES, 256, name="testpykmip4safenet{}".format(int(time.time())))
>>> newid=c.rekey(id)
>>> c.get_attributes(newid)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "D:\git\pykmip\kmip\pie\client.py", line 41, in wrapper
return function(self, *args, **kwargs)
File "D:\git\pykmip\kmip\pie\client.py", line 1031, in get_attributes
result = self.proxy.get_attributes(uid, attribute_names)
File "D:\git\pykmip\kmip\services\kmip_client.py", line 754, in get_attributes
response = self._send_and_receive_message(request)
File "D:\git\pykmip\kmip\services\kmip_client.py", line 1735, in _send_and_receive_message
response.read(data, self.kmip_version)
File "D:\git\pykmip\kmip\core\messages\messages.py", line 529, in read
batch_item.read(istream, kmip_version=kmip_version)
File "D:\git\pykmip\kmip\core\messages\messages.py", line 415, in read
self.response_payload.read(tstream, kmip_version=kmip_version)
File "D:\git\pykmip\kmip\core\messages\payloads\get_attributes.py", line 382, in read
attribute.read(local_buffer, kmip_version=kmip_version)
File "D:\git\pykmip\kmip\core\objects.py", line 115, in read
value = self.value_factory.create_attribute_value(enum_type, None)
File "D:\git\pykmip\kmip\core\factories\attribute_values.py", line 100, in create_attribute_value
raise NotImplementedError()
NotImplementedError
Thanks!
ping @PeterHamilton
Hi @pkking, thanks for filing this issue. Adding support for the Link
attribute is on the todo list but I can't say at this point when I'll be able to get to it. I'm assuming you're using PyKMIP with a SafeNet key server and its returning KMIP attributes that PyKMIP does not support. Is the Link
attribute one of these? Are there others?
yes, the reproduction is:
- create a new key
- activate the key
- rekey
- get_attribute of the new key(as described by the KMIP spec the new key's attributions will contain a link that refer to the replaced key) will fail
for now, the link attr is the only failed case. other features seems ok, I will try more key servers and reply if I meet any issues else.
Thanks for the update. I'll look into how much effort it'll take to get Link
support in place on the client side. I may be able to squeeze something in the short term if it's not too much effort.