Merge pull request #330 from danetrain/feat/sign-add-client-support

Add Sign operation support to clients.

kmip/tests/unit/pie/test_client.py

@@ -1982,6 +1982,85 @@ class TestProxyKmipClient(testtools.TestCase):
 
         self.assertEqual(enums.ValidityIndicator.VALID, validity)
 
+    @mock.patch('kmip.pie.client.KMIPProxy',
+                mock.MagicMock(spec_set=KMIPProxy))
+    def test_sign(self):
+        """
+        Test that the client can sign data.
+        """
+        mock_signature = b'aaaaaaaaaaaaaaaaaaaaaaaaaa'
+        result = {
+            'result_status': enums.ResultStatus.SUCCESS,
+            'unique_identifier': '1',
+            'signature': mock_signature
+        }
+
+        client = ProxyKmipClient()
+        client.open()
+        client.proxy.sign.return_value = result
+
+        actual_signature = client.sign(
+            b'\x01\x02\x03\x04\x05\x06\x07\x08',
+            uid='1',
+            cryptographic_parameters={
+                 'padding_method': enums.PaddingMethod.PSS,
+                 'cryptographic_algorithm':
+                 enums.CryptographicAlgorithm.RSA
+            }
+        )
+
+        self.assertEqual(mock_signature, actual_signature)
+
+    @mock.patch('kmip.pie.client.KMIPProxy',
+                mock.MagicMock(spec_set=KMIPProxy))
+    def test_sign_on_invalid_inputs(self):
+        """
+        Test that TypeError exceptions are raised when trying to sign
+        data with invalid parameters.
+        """
+        client = ProxyKmipClient()
+        client.open()
+        client.proxy.sign.return_value = {}
+        args = [1234]
+        kwargs = {
+            'uid': '1',
+            'cryptographic_parameters': {}
+        }
+        self.assertRaisesRegexp(
+            TypeError,
+            "Data to be signed must be bytes.",
+            client.sign,
+            *args,
+            **kwargs
+        )
+
+        args = [
+            b'\x01\x02\x03\x04'
+        ]
+        kwargs = {
+            'uid': 0,
+            'cryptographic_parameters': {}
+        }
+        self.assertRaisesRegexp(
+            TypeError,
+            "Unique identifier must be a string.",
+            client.sign,
+            *args,
+            **kwargs
+        )
+
+        kwargs = {
+            'uid': '1',
+            'cryptographic_parameters': 'invalid'
+        }
+        self.assertRaisesRegexp(
+            TypeError,
+            "Cryptographic parameters must be a dictionary.",
+            client.sign,
+            *args,
+            **kwargs
+        )
+
     @mock.patch('kmip.pie.client.KMIPProxy',
                 mock.MagicMock(spec_set=KMIPProxy))
     def test_signature_verify_on_invalid_inputs(self):

kmip/tests/unit/services/test_kmip_client.py

@@ -55,6 +55,7 @@ from kmip.core.messages.payloads.query import \
     QueryRequestPayload, QueryResponsePayload
 from kmip.core.messages.payloads.rekey_key_pair import \
     RekeyKeyPairRequestPayload, RekeyKeyPairResponsePayload
+from kmip.core.messages.payloads import sign
 from kmip.core.messages.payloads import signature_verify
 
 from kmip.core.misc import Offset
@@ -961,6 +962,52 @@ class TestKMIPClient(TestCase):
         self.assertEqual(None, result.get('result_reason'))
         self.assertEqual(None, result.get('result_message'))
 
+    @mock.patch(
+        'kmip.services.kmip_client.KMIPProxy._build_request_message'
+    )
+    @mock.patch(
+        'kmip.services.kmip_client.KMIPProxy._send_and_receive_message'
+    )
+    def test_sign(self, send_mock, build_mock):
+        """
+        Test that the client can sign data
+        """
+        payload = sign.SignResponsePayload(
+            unique_identifier='1',
+            signature_data=b'aaaaaaaaaaaaaaaa'
+        )
+        batch_item = ResponseBatchItem(
+            operation=Operation(OperationEnum.SIGN),
+            result_status=ResultStatus(ResultStatusEnum.SUCCESS),
+            response_payload=payload
+        )
+        response = ResponseMessage(batch_items=[batch_item])
+
+        build_mock.return_value = None
+        send_mock.return_value = response
+
+        result = self.client.sign(
+            b'\x11\x11\x11\x11\x11\x11\x11\x11',
+            unique_identifier='1',
+            cryptographic_parameters=CryptographicParameters(
+                padding_method=enums.PaddingMethod.PKCS1v15,
+                cryptographic_algorithm=enums.CryptographicAlgorithm.RSA,
+                hashing_algorithm=enums.HashingAlgorithm.SHA_224
+            )
+        )
+
+        self.assertEqual('1', result.get('unique_identifier'))
+        self.assertEqual(
+            b'aaaaaaaaaaaaaaaa',
+            result.get('signature')
+        )
+        self.assertEqual(
+            ResultStatusEnum.SUCCESS,
+            result.get('result_status')
+        )
+        self.assertEqual(None, result.get('result_reason'))
+        self.assertEqual(None, result.get('result_message'))
+
     @mock.patch('kmip.services.kmip_client.KMIPProxy._send_message',
                 mock.MagicMock())
     @mock.patch('kmip.services.kmip_client.KMIPProxy._receive_message',