dc2a793248
* idp documentation * working out ouath login flow * reworked access token request * code complete for wrap / unwrap * chore: fix lints * initial work on supporting CSRs with openssl * removed launch.json from commits * CLI aplha * test certificates * before import refactor * before import refactor * started to rework import * reworking imports * more refactor on certificates * reworked option paramters in KeyBlock * more on optional values in KeyBlock * fixing certificate import * pem keys generation script * PEM import in the CLI * import of private and public keys alpha * nope - still more to go on import * RSA private key conversion OK * Public key crypto KNIP <-> openssl complete * fixed exports * fixed root export of JSON TTLV with proper root tag names * :still refactoring import * fixed Covercrypt import/export. Symmetric Key to go * made TTLVEncoding the default for keywrapping -> progress * Fixed default export of symmetric keys * export of sym, cc and ec key OK * fixed RFC 5649 wrap * Fixed key wrapping and unwrapping using ECIES - X25519 * default TTLVEncoding - fixed wrap unwrap * testing cc rekey with tags * refactoring optional tags * Fixed no update of tags on upsert if non supplied * use local openssl * Fixed Export/Get operation bug Started to convert p12 for openssl 3 * fixed correct p12 for correct openssl version in tests * Fixed preserving the original attributes on export * rewoking certificates import * rewoking certificates export * reviewing import options gfor chains with PCKS#12 * dsatabase atomic alpha * database atomic tests * impoved create_objects for redis * more work on import... * generate private key only on import * slow progress on import * import alpha * reworking pkcs12 export * debugged PKCS12 import - export * temporarily fixed empty attributes Object deserialization issue * Key Encodings tests * initial commit of PKCS#10 * PKCS10 beta * test PKCS 10 OK * get_attributes() + many import fixes + simplify retrieve objects * first pass at fixing key wrapping, unbwrapping and encrypt * fixed wrapping/unwrapping tests * added tags retrieval to attributes * added import attributesfor links to key import * improving locate * tests fix * Covercrypt key format type fix * refactored quick_cert and validate out * before rebase on develop * completed rebase on develop * unused deps * addinf support to certify public keys * refactoring certify * certify public key * warning fixes * fmt fix * removed ex validate code * removed ex quick cert code * ci: update kms_js branch * Use acme-lib fork to force NO_PAD for base64url * fix(lint): apply pre-commit conf * doc in progress... * fix: PR review * fix(pre-commit): certify_a_csr_test * started dark mode for doc * Update crate/server/src/core/operations/export_utils.rs Co-authored-by: Thibs <ThibsG@users.noreply.github.com> * Update crate/server/src/core/operations/export_utils.rs Co-authored-by: Thibs <ThibsG@users.noreply.github.com> * Update crate/server/src/core/operations/export_utils.rs Co-authored-by: Thibs <ThibsG@users.noreply.github.com> * Update crate/server/src/core/operations/export_utils.rs Co-authored-by: Thibs <ThibsG@users.noreply.github.com> * Update crate/server/src/core/operations/export_utils.rs Co-authored-by: Thibs <ThibsG@users.noreply.github.com> * Update crate/server/src/core/certificate/find.rs Co-authored-by: Thibs <ThibsG@users.noreply.github.com> * Update crate/server/src/core/certificate/tags.rs Co-authored-by: Thibs <ThibsG@users.noreply.github.com> * Update crate/server/src/core/implementation.rs Co-authored-by: Thibs <ThibsG@users.noreply.github.com> * Update crate/server/src/core/implementation.rs Co-authored-by: Thibs <ThibsG@users.noreply.github.com> * fix: audit and utils crate cleanup * fix: cp_kms_js branch * docs: Automatic generation of CLI documentation (#118) * markdown beta * header * addiitonal CR ar ent of possible values * Update crate/cli/src/main.rs Co-authored-by: Thibs <ThibsG@users.noreply.github.com> --------- Co-authored-by: Manuthor <32013169+Manuthor@users.noreply.github.com> Co-authored-by: Thibs <ThibsG@users.noreply.github.com> * more on dark mode * final (for now) dark mode. Better designers are welcome to add * testing more on dark mode * better theming, no flickering * done with dark mode * unused attributes clean up * debug of kmip calls * more work on the KMS KMIP doc * started reworking algorithms * roll-back generation of ids using hash of bytes * more on encryption doc * more and more on encryption doc * more documentation.... * more KMIP documentation * improve attributes definition for curves * more doc examples * yet another get attributes fix * yet yet another get attributes fix * re-key doc * CLI as info in test * removed debug and tracing in tests * added doc for Revoke and Destroy * certify pass 1 * ci: remove sgx * certify doc * more doc.... * doc final * docs: fix lints and missing link on json_ttlv_api * docs: delete leftover files. Add a new link to package.cosmian.com --------- Co-authored-by: Manuthor <manu.coste@gmail.com> Co-authored-by: ThibsG <thibsg@pm.me> Co-authored-by: Manuthor <32013169+Manuthor@users.noreply.github.com> Co-authored-by: Thibs <ThibsG@users.noreply.github.com> Co-authored-by: Emmanuel Coste <emmanuel.coste@cosmian.com>
7.4 KiB
7.4 KiB
In chapter 8, the KMIP 2.1 specification defines Messages functionality, which is the proper way to send/receive multiple requests/responses at once in KMIP (also called bulk mode).
One can insert multiple requests in a single Message query. These requests are processed sequentially and simultaneously by the server. The requests wrapped into the batch items are totally independent.
For each message request sent, a message response is returned, yielding a result status of the requested operation, and potentially associated result data or error messages.
Request and response example
Two operation requests and their responses are packed into a single Message, with one CreateKeyPair operation and
one Locate operation.
=== "Message Request"
```json
{
"tag": "Message",
"type": "Structure",
"value": [ {
"tag": "Header",
"type": "Structure",
"value": [ {
"tag": "ProtocolVersion",
"type": "Structure",
"value": [ {
"tag": "ProtocolVersionMajor",
"type": "Integer",
"value": 2,
}, {
"tag": "ProtocolVersionMinor",
"type": "Integer",
"value": 1,
},
]
}, {
"tag": "MaximumResponseSize",
"type": "Integer",
"value": 9999,
}, {
"tag": "BatchCount",
"type": "Integer",
"value": 2,
} ]
}, {
"tag": "Items",
"type": "Structure",
"value": [ {
"tag": "Items",
"type": "Structure",
"value": [ {
"tag": "Operation",
"type": "Enumeration",
"value": "CreateKeyPair",
}, {
"tag": "RequestPayload",
"type": "Structure",
"value": [ {
"tag": "CommonAttributes",
"type": "Structure",
"value": [ {
"tag": "CryptographicAlgorithm",
"type": "Enumeration",
"value": "ECDH",
}, {
"tag": "CryptographicLength",
"type": "Integer",
"value": 256,
}, {
"tag": "CryptographicDomainParameters",
"type": "Structure",
"value": [ {
"tag": "QLength",
"type": "Integer",
"value": 256,
}, {
"tag": "RecommendedCurve",
"type": "Enumeration",
"value": "CURVE25519",
},
],
}, {
"tag": "CryptographicUsageMask",
"type": "Integer",
"value": 2108,
}, {
"tag": "KeyFormatType",
"type": "Enumeration",
"value": "ECPrivateKey",
}, {
"tag": "ObjectType",
"type": "Enumeration",
"value": "PrivateKey",
} ],
} ],
} ],
}, {
"tag": "Items",
"type": "Structure",
"value": [ {
"tag": "Operation",
"type": "Enumeration",
"value": "Locate"
}, {
"tag": "RequestPayload",
"type": "Structure",
"value": [ {
"tag": "Attributes",
"type": "Structure",
"value": [],
} ],
},
} ],
} ],
}
```
=== "Message Response"
```json
{
"tag": "Message",
"type": "Structure",
"value": [ {
"tag": "Header",
"type": "Structure",
"value": [ {
"tag": "ProtocolVersion",
"type": "Structure",
"value": [ {
"tag": "ProtocolVersionMajor",
"type": "Integer",
"value": 2,
}, {
"tag": "ProtocolVersionMinor",
"type": "Integer",
"value": 1,
} ]
}, {
"tag": "Timestamp",
"type": "LongInteger",
"value": 1698748303,
}, {
"tag": "BatchCount",
"type": "Integer",
"value": 2,
} ]
}, {
"tag": "Items",
"type": "Structure",
"value": [ {
"tag": "Items",
"type": "Structure",
"value": [ {
"tag": "Operation",
"type": "Enumeration",
"value": "CreateKeyPair",
}, {
"tag": "ResultStatus",
"type": "Enumeration",
"value": "Success",
}, {
"tag": "ResponsePayload",
"type": "Structure",
"value": [ {
"tag": "PrivateKeyUniqueIdentifier",
"type": "TextString",
"value": "7c293777-794f-41fa-95f2-4f0a3bc730b8",
}, {
"tag": "PublicKeyUniqueIdentifier",
"type": "TextString",
"value": "042c8439-16f8-406f-b425-c18a69fb56a7",
} ],
} ],
}, {
"tag": "Items",
"type": "Structure",
"value": [ {
"tag": "Operation",
"type": "Enumeration",
"value": "Locate"
}, {
"tag": "ResponsePayload",
"type": "Structure",
"value": [ {
"tag": "LocatedItems",
"type": "Integer",
"value": 2,
}, {
"tag": "UniqueIdentifier",
"type": "Structure",
"value": [ {
"tag": "PrivateKeyUniqueIdentifier",
"type": "TextString",
"value": "7c293777-794f-41fa-95f2-4f0a3bc730b8",
}, {
"tag": "PublicKeyUniqueIdentifier",
"type": "TextString",
"value": "042c8439-16f8-406f-b425-c18a69fb56a7",
} ],
} ],
} ],
} ],
} ],
}
```