Cannot create asymmetric key using libkmip

[arvind5]

As per the libkmip documentation, supported operations include create, get and destroy keys, and supported object types include symmetric and asymmetric encryption keys. So, i should be able to create an RSA keypair.

There is no demo code for creating keypair, so I changed demo_create.c file as follows:

1. Changed cryptographic algorithm to RSA.
2. Changed ceryptographic length to 1024/2048.
3. Changed obejct type to PublicKey/PrivateKey.

I then build the demo_create binary and tried creating key. I am using PyKMIP server as KMS. However, on running demo_create, I am getting following error in response:

Response Batch Item @ 0xf7f5c0
Operation: Create
Unique Batch Item ID @ (nil)
Result Status: Operation Failed
Result Reason: Invalid Field
Result Message @ 0xfa16c0
Value: Cannot create a PublicKey object with the Create operation.
Asynchronous Correlation Value @ (nil)
Create Response Payload @ (nil)

On looking at the KMIP specs, I found that Public/Private keypair can only be created with CreateKeyPair operation. Is my understanding correct? If so, then does libkmip support creating Public/Private keypairs?

[PeterHamilton]

Hi @arvind5, thanks for asking about this, and my apologies for the delay in replying. Your investigation here is pretty accurate; libkmip does support asymmetric keys but only for the Get and Destroy operations. Asymmetric keys can only be created using the CreateKeyPair KMIP operation, which libkmip does not support right now.

I'll add this issue to our backlog for feature requests. Hopefully I can get to it over the next couple of months.