Merge pull request #343 from OpenKMIP/feat/add-sign-integration-tests

Add a ProxyKmipClient integration test for signing data
2026-02-21 20:03:27 +00:00 · 2017-09-26 20:32:38 -04:00
parent 4550a3a06c 6d222e113a
commit 34f5dcd60e
1 changed files with 52 additions and 0 deletions
--- a/kmip/tests/integration/services/test_proxykmipclient.py
+++ b/kmip/tests/integration/services/test_proxykmipclient.py
@@ -640,3 +640,55 @@ class TestProxyKmipClientIntegration(testtools.TestCase):
            ),
            secret.value
        )
+
+    def test_create_key_pair_sign_signature_verify(self):
+        """
+        Test that the ProxyKmipClient can create an asymmetric key pair and
+        then use that key pair (1) to sign data and (2) verify the signature
+        on the data.
+        """
+        # Create a public/private key pair.
+        public_key_id, private_key_id = self.client.create_key_pair(
+            enums.CryptographicAlgorithm.RSA,
+            2048,
+            public_usage_mask=[
+                enums.CryptographicUsageMask.VERIFY
+            ],
+            private_usage_mask=[
+                enums.CryptographicUsageMask.SIGN
+            ]
+        )
+
+        self.assertIsInstance(public_key_id, str)
+        self.assertIsInstance(private_key_id, str)
+
+        # Activate the signing key and the signature verification key.
+        self.client.activate(private_key_id)
+        self.client.activate(public_key_id)
+
+        # Sign a message.
+        signature = self.client.sign(
+            b'This is a signed message.',
+            uid=private_key_id,
+            cryptographic_parameters={
+                'padding_method': enums.PaddingMethod.PSS,
+                'cryptographic_algorithm': enums.CryptographicAlgorithm.RSA,
+                'hashing_algorithm': enums.HashingAlgorithm.SHA_256
+            }
+        )
+
+        self.assertIsInstance(signature, six.binary_type)
+
+        # Verify the message signature.
+        result = self.client.signature_verify(
+            b'This is a signed message.',
+            signature,
+            uid=public_key_id,
+            cryptographic_parameters={
+                'padding_method': enums.PaddingMethod.PSS,
+                'cryptographic_algorithm': enums.CryptographicAlgorithm.RSA,
+                'hashing_algorithm': enums.HashingAlgorithm.SHA_256
+            }
+        )
+
+        self.assertEqual(result, enums.ValidityIndicator.VALID)