From ab84eda7ed9cf19305ed7e17305ada88b86494f4 Mon Sep 17 00:00:00 2001 From: Joe Skazinski Date: Mon, 22 Aug 2022 12:45:48 -0700 Subject: [PATCH] chore: correcting ops based on feedback and spec review --- kmip20/op_activate.go | 2 +- kmip20/op_destroy.go | 2 +- kmip20/op_get.go | 2 +- kmip20/op_query.go | 84 +++++++++++++++++++++++++++++++++++++-- kmip20/op_revoke.go | 9 +++-- kmip20/op_setattribute.go | 5 +-- 6 files changed, 90 insertions(+), 14 deletions(-) diff --git a/kmip20/op_activate.go b/kmip20/op_activate.go index ec4d9df..244e27e 100644 --- a/kmip20/op_activate.go +++ b/kmip20/op_activate.go @@ -11,7 +11,7 @@ import ( // Table 210 type ActivateRequestPayload struct { - UniqueIdentifier UniqueIdentifierValue + UniqueIdentifier *UniqueIdentifierValue } // Table 211 diff --git a/kmip20/op_destroy.go b/kmip20/op_destroy.go index 77bcaf6..964ad6a 100755 --- a/kmip20/op_destroy.go +++ b/kmip20/op_destroy.go @@ -11,7 +11,7 @@ import ( // Table 193 type DestroyRequestPayload struct { - UniqueIdentifier UniqueIdentifierValue + UniqueIdentifier *UniqueIdentifierValue } // Table 194 diff --git a/kmip20/op_get.go b/kmip20/op_get.go index 81943bd..10fe814 100755 --- a/kmip20/op_get.go +++ b/kmip20/op_get.go @@ -36,7 +36,7 @@ func (h *GetHandler) HandleItem(ctx context.Context, req *kmip.Request) (*kmip.R return nil, err } - //req.Key = respPayload.Key + // req.Key = respPayload.Key req.IDPlaceholder = respPayload.UniqueIdentifier return &kmip.ResponseBatchItem{ diff --git a/kmip20/op_query.go b/kmip20/op_query.go index aeba467..00185ac 100644 --- a/kmip20/op_query.go +++ b/kmip20/op_query.go @@ -7,6 +7,84 @@ import ( "github.com/gemalto/kmip-go/kmip14" ) +// 7.3 Capability Information +// The Capability Information base object is a structure that contains details of the supported capabilities. +type CapabilityInformation struct { + StreamingCapability bool // Required: No + AsynchronousCapability bool // Required: No + AttestationCapability bool // Required: No + BatchUndoCapability bool // Required: No + BatchContinueCapability bool // Required: No + UnwrapMode kmip14.UnwrapMode // Required: No + DestroyAction kmip14.DestroyAction // Required: No + ShreddingAlgorithm kmip14.ShreddingAlgorithm // Required: No + RNGMode kmip14.RNGMode // Required: No + QuantumSafeCapability bool // Required: No +} + +// 7.7 Defaults Information +// The Defaults Information is a structure used in Query responses for values that servers will use if clients omit them from factory +// operations requests. +type DefaultsInformation struct { + ObjectDefaults ObjectDefaults // Required: Yes +} + +// 7.9 Extension Information +// An Extension Information object is a structure describing Objects with Item Tag values in the Extensions range. The Extension Name +// is a Text String that is used to name the Object. The Extension Tag is the Item Tag Value of the Object. The Extension Type is +// the Item Type Value of the Object. +type ExtensionInformation struct { + ExtensionName string // Required: Yes + ExtensionTag int // Required: No + ExtensionType int // Required: No + ExtensionEnumeration int // Required: No + ExtensionAttribute bool // Required: No + ExtensionParentStructureTag int // Required: No + ExtensionDescription string // Required: No +} + +// 7.18 Object Defaults +// The Object Defaults is a structure that details the values that the server will use if the client omits them on factory methods for +// objects. The structure list the Attributes and their values by Object Type enumeration. +type ObjectDefaults struct { + ObjectType kmip14.ObjectType // Required: Yes + Attributes kmip.Attributes // Required: Yes +} + +// 7.30 RNG Parameters +// The RNG Parameters base object is a structure that contains a mandatory RNG Algorithm and a set of OPTIONAL fields that describe a +// Random Number Generator. Specific fields pertain only to certain types of RNGs. The RNG Algorithm SHALL be specified and if the +// algorithm implemented is unknown or the implementation does not want to provide the specific details of the RNG Algorithm then the +// Unspecified enumeration SHALL be used. If the cryptographic building blocks used within the RNG are known they MAY be specified in +// combination of the remaining fields within the RNG Parameters structure. +type RNGParameters struct { + RNGAlgorithm kmip14.RNGAlgorithm // Required: Yes + CryptographicAlgorithm kmip14.CryptographicAlgorithm // Required: No + CryptographicLength int // Required: No + HashingAlgorithm kmip14.HashingAlgorithm // Required: No + DRBGAlgorithm kmip14.DRBGAlgorithm // Required: No + RecommendedCurve kmip14.RecommendedCurve // Required: No + FIPS186Variation kmip14.FIPS186Variation // Required: No + PredictionResistance bool // Required: No +} + +// 7.31 Server Information +// The Server Information base object is a structure that contains a set of OPTIONAL fields that describe server information. +// Where a server supports returning information in a vendor-specific field for which there is an equivalent field within the structure, +// the server SHALL provide the standardized version of the field. +type ServerInformation struct { + ServerName string // Required: No + ServerSerialNumber string // Required: No + ServerVersion string // Required: No + ServerLoad string // Required: No + ProductName string // Required: No + BuildLevel string // Required: No + BuildDate string // Required: No + ClusterInfo string // Required: No + AlternativeFailoverEndpoints []string // Required: No + VendorSpecific []string // Required: No +} + // 6.1.37 Query // Table 259 @@ -28,10 +106,10 @@ type QueryResponsePayload struct { RNGParameters []RNGParameters ProfileInformation []ProfileName ValidationInformation []kmip14.ValidationAuthorityType - CapabilityInformation []string + CapabilityInformation []CapabilityInformation ClientRegistrationMethod kmip14.ClientRegistrationMethod - DefaultsInformation string - ProtectionStorageMasks string + DefaultsInformation *DefaultsInformation + ProtectionStorageMasks []ProtectionStorageMask } type QueryHandler struct { diff --git a/kmip20/op_revoke.go b/kmip20/op_revoke.go index 2db92b3..6c13e89 100644 --- a/kmip20/op_revoke.go +++ b/kmip20/op_revoke.go @@ -2,6 +2,7 @@ package kmip20 import ( "context" + "time" "github.com/gemalto/kmip-go" "github.com/gemalto/kmip-go/kmip14" @@ -11,14 +12,14 @@ import ( // Table 269 -type RevocationReasonStruct struct { +type RevocationReason struct { RevocationReasonCode kmip14.RevocationReasonCode } type RevokeRequestPayload struct { - UniqueIdentifier UniqueIdentifierValue - RevocationReason RevocationReasonStruct - CompromiseOccurrenceDate []byte + UniqueIdentifier *UniqueIdentifierValue + RevocationReason RevocationReason + CompromiseOccurrenceDate *time.Time } // Table 270 diff --git a/kmip20/op_setattribute.go b/kmip20/op_setattribute.go index 3898cbb..c4b3a5c 100644 --- a/kmip20/op_setattribute.go +++ b/kmip20/op_setattribute.go @@ -12,16 +12,13 @@ import ( type SetAttributeRequestPayload struct { UniqueIdentifier *UniqueIdentifierValue - AttributeName string - AttributeValue string + NewAttribute Attributes `ttlv:"DerivationData"` } // Table 297 type SetAttributeResponsePayload struct { UniqueIdentifier string - AttributeName string - AttributeValue string } type SetAttributeHandler struct {