Add CryptographicUsageMask filtering support for Locate

This change updates Locate operation support in the PyKMIP server, allowing users to filter objects based on the object's Cryptographic Usage Masks. Unit tests and integration tests have been added to test and verify the correctness of this feature. Additionally, the Locate demo scripts have also been updated to support Cryptographic Usage Mask filtering. Simply use the "--cryptographic-usage-mask" flag to specify one or more Cryptographic Usage Mask enumeration values for the Locate script to filter on.
2025-12-22 19:23:27 +00:00 · 2019-08-12 15:22:04 -04:00
parent 4a6a2eccc1
commit b5a8739157
7 changed files with 302 additions and 0 deletions
--- a/kmip/tests/integration/services/test_integration.py
+++ b/kmip/tests/integration/services/test_integration.py
@@ -1493,6 +1493,55 @@ class TestIntegration(testtools.TestCase):
        self.assertEqual(1, len(result.uuids))
        self.assertIn(uid_a, result.uuids)

+        # Test locating keys using their cryptographic usage masks
+        mask = [enums.CryptographicUsageMask.ENCRYPT]
+        result = self.client.locate(
+            attributes=[
+                self.attr_factory.create_attribute(
+                    enums.AttributeType.CRYPTOGRAPHIC_USAGE_MASK,
+                    mask
+                )
+            ]
+        )
+        self.assertEqual(2, len(result.uuids))
+        self.assertIn(uid_a, result.uuids)
+        self.assertIn(uid_b, result.uuids)
+
+        mask.append(enums.CryptographicUsageMask.DECRYPT)
+        result = self.client.locate(
+            attributes=[
+                self.attr_factory.create_attribute(
+                    enums.AttributeType.CRYPTOGRAPHIC_USAGE_MASK,
+                    mask
+                )
+            ]
+        )
+        self.assertEqual(2, len(result.uuids))
+        self.assertIn(uid_a, result.uuids)
+        self.assertIn(uid_b, result.uuids)
+
+        mask.append(enums.CryptographicUsageMask.SIGN)
+        result = self.client.locate(
+            attributes=[
+                self.attr_factory.create_attribute(
+                    enums.AttributeType.CRYPTOGRAPHIC_USAGE_MASK,
+                    mask
+                )
+            ]
+        )
+        self.assertEqual(0, len(result.uuids))
+
+        mask = [enums.CryptographicUsageMask.EXPORT]
+        result = self.client.locate(
+            attributes=[
+                self.attr_factory.create_attribute(
+                    enums.AttributeType.CRYPTOGRAPHIC_USAGE_MASK,
+                    mask
+                )
+            ]
+        )
+        self.assertEqual(0, len(result.uuids))
+
        # Clean up keys
        result = self.client.destroy(uid_a)
        self.assertEqual(ResultStatus.SUCCESS, result.result_status.value)