feat(kmip): Import/Export suppport

ldesauw · ldesauw · commit 8cdb31a4f2de · 2025-09-03T11:58:04.000+02:00
diff --git a/kmipclient/import_export.go b/kmipclient/import_export.go
@@ -0,0 +1,87 @@
+package kmipclient
+
+import (
+	"github.com/ovh/kmip-go"
+	"github.com/ovh/kmip-go/payloads"
+)
+
+// ExecImport represents the execution of an import operation with the KMIP client.
+type ExecImport struct {
+	Executor[*payloads.ImportRequestPayload, *payloads.ImportResponsePayload]
+}
+
+// ExecExport represents the execution of an export operation with the KMIP client.
+type ExecExport struct {
+	Executor[*payloads.ExportRequestPayload, *payloads.ExportResponsePayload]
+}
+
+// ExecImportWantsAAD is a helper type that allows for fluent-style configuration of an import operation.
+type ExecImportWantsAAD struct {
+	req    *payloads.ImportRequestPayload
+	client *Client
+}
+
+// Import initializes an import operation with the client.
+func (c *Client) Import() ExecImportWantsAAD {
+	return ExecImportWantsAAD{
+		client: c,
+		req:    &payloads.ImportRequestPayload{},
+	}
+}
+
+// Export initializes an export operation with the client for a given key ID.
+func (c *Client) Export(id string) ExecExport {
+	return ExecExport{
+		Executor[*payloads.ExportRequestPayload, *payloads.ExportResponsePayload]{
+			client: c,
+			req:    &payloads.ExportRequestPayload{UniqueIdentifier: id},
+		},
+	}
+}
+
+// WithReplaceExisting sets the ReplaceExisting flag in the import request.
+func (ex ExecImportWantsAAD) WithReplaceExisting(replaceExisting bool) ExecImportWantsAAD {
+	ex.req.ReplaceExisting = replaceExisting
+	return ex
+}
+
+// WithKeyWrapType sets the KeyWrapType in the import request.
+func (ex ExecImportWantsAAD) WithKeyWrapType(keyWrapType kmip.KeyWrapType) ExecImportWantsAAD {
+	ex.req.KeyWrapType = keyWrapType
+	return ex
+}
+
+// AAD sets the AuthenticatedEncryptionAdditionalData in the import request and finalizes the import operation.
+func (ex ExecImportWantsAAD) AAD(aad []byte) ExecImport {
+	ex.req.AuthenticatedEncryptionAdditionalData = aad
+	return ExecImport{
+		Executor[*payloads.ImportRequestPayload, *payloads.ImportResponsePayload]{
+			client: ex.client,
+			req:    ex.req,
+		},
+	}
+}
+
+// WithKeyFormatType sets the KeyFormatType in the export request.
+func (ex ExecExport) WithKeyFormatType(keyFormatType kmip.KeyFormatType) ExecExport {
+	ex.req.KeyFormatType = keyFormatType
+	return ex
+}
+
+// WithKeyWrapType sets the KeyWrapType in the export request.
+func (ex ExecExport) WithKeyWrapType(keyWrapType kmip.KeyWrapType) ExecExport {
+	ex.req.KeyWrapType = keyWrapType
+	return ex
+}
+
+// WithKeyCompressionType sets the KeyCompressionType in the export request.
+func (ex ExecExport) WithKeyCompressionType(keyCompressionType kmip.KeyCompressionType) ExecExport {
+	ex.req.KeyCompressionType = keyCompressionType
+	return ex
+}
+
+// WithKeyWrappingSpecification sets the KeyWrappingSpecification in the export request.
+func (ex ExecExport) WithKeyWrappingSpecification(keyWrappingSpecification kmip.KeyWrappingSpecification) ExecExport {
+	ex.req.KeyWrappingSpecification = keyWrappingSpecification
+	return ex
+}
diff --git a/payloads/import_export.go b/payloads/import_export.go
@@ -0,0 +1,75 @@
+package payloads
+
+import "github.com/ovh/kmip-go"
+
+// init registers the Import and Export operation payloads with the KMIP package.
+func init() {
+	kmip.RegisterOperationPayload[ImportRequestPayload, ImportResponsePayload](kmip.OperationImport)
+	kmip.RegisterOperationPayload[ExportRequestPayload, ExportResponsePayload](kmip.OperationExport)
+}
+
+// ImportRequestPayload represents the payload for the Import operation request.
+type ImportRequestPayload struct {
+	// UniqueIdentifier is an optional field that specifies the unique identifier of the object to be imported.
+	UniqueIdentifier string
+	// ReplaceExisting is an optional field that specifies whether to replace an existing object with the imported one.
+	ReplaceExisting bool `ttlv:",omitempty,version=v1.4.."`
+	// KeyWrapType is an optional field that specifies the key wrapping type used for the imported key material.
+	KeyWrapType kmip.KeyWrapType `ttlv:",omitempty,version=v1.4.."`
+	// Attribute is an optional field that specifies additional attributes for the imported object.
+	Attribute kmip.Attribute `ttlv:",omitempty,version=v1.4.."`
+	// AuthenticatedEncryptionAdditionalData is a required field that specifies additional data for authenticated encryption.
+	AuthenticatedEncryptionAdditionalData []byte `ttlv:",version=v1.4.."`
+}
+
+// Operation returns the operation type for the ImportRequestPayload.
+func (a *ImportRequestPayload) Operation() kmip.Operation {
+	return kmip.OperationImport
+}
+
+// ImportResponsePayload represents the payload for the Import operation response.
+type ImportResponsePayload struct {
+	// UniqueIdentifier is a required field that specifies the unique identifier of the imported object.
+	UniqueIdentifier string `ttlv:",version=v1.4.."`
+}
+
+// Operation returns the operation type for the ImportResponsePayload.
+func (a *ImportResponsePayload) Operation() kmip.Operation {
+	return kmip.OperationImport
+}
+
+// ExportRequestPayload represents the payload for the Export operation request.
+type ExportRequestPayload struct {
+	// UniqueIdentifier is an optional field that specifies the unique identifier of the object to be exported.
+	UniqueIdentifier string `ttlv:",omitempty,version=v1.4.."`
+	// KeyFormatType is an optional field that specifies the format type of the exported key material.
+	KeyFormatType kmip.KeyFormatType `ttlv:",omitempty,version=v1.4.."`
+	// KeyWrapType is an optional field that specifies the key wrapping type used for the exported key material.
+	KeyWrapType kmip.KeyWrapType `ttlv:",omitempty,version=v1.4.."`
+	// KeyCompressionType is an optional field that specifies the compression type used for the exported key material.
+	KeyCompressionType kmip.KeyCompressionType `ttlv:",omitempty,version=v1.4.."`
+	// KeyWrappingSpecification is an optional field that specifies the key wrapping specification for the exported key material.
+	KeyWrappingSpecification kmip.KeyWrappingSpecification `ttlv:",omitempty,version=v1.4.."`
+}
+
+// Operation returns the operation type for the ExportRequestPayload.
+func (a *ExportRequestPayload) Operation() kmip.Operation {
+	return kmip.OperationExport
+}
+
+// ExportResponsePayload represents the payload for the Export operation response.
+type ExportResponsePayload struct {
+	// ObjectType is a required field that specifies the type of the exported object.
+	ObjectType kmip.ObjectType `ttlv:",version=v1.4.."`
+	// UniqueIdentifier is a required field that specifies the unique identifier of the exported object.
+	UniqueIdentifier string `ttlv:",version=v1.4.."`
+	// Attribute is a required field that specifies additional attributes for the exported object.
+	Attribute kmip.Attribute `ttlv:",version=v1.4.."`
+	// AuthenticatedEncryptionAdditionalData is a required field that specifies additional data for authenticated encryption.
+	AuthenticatedEncryptionAdditionalData []byte `ttlv:",version=v1.4.."`
+}
+
+// Operation returns the operation type for the ExportResponsePayload.
+func (a *ExportResponsePayload) Operation() kmip.Operation {
+	return kmip.OperationExport
+}
