pki.git/base/server/cms/src/org, branch master Unnamed repository; edit this file 'description' to name the repository. Refactored SystemConfigService.processCert(). 2017-07-08T04:59:43+00:00 Endi S. Dewata edewata@redhat.com 2017-07-08T03:29:03+00:00 263adf41e84c63f51c10dbf8a310b3e8802b186d The code in SystemConfigService.processCert() that handles external cert has been reorganized for clarity. https://pagure.io/dogtagpki/issue/2280 Change-Id: Ia1800cc6560dce1757959bea9e352a2e6d30307e 
The code in SystemConfigService.processCert() that handles external
cert has been reorganized for clarity.

https://pagure.io/dogtagpki/issue/2280

Change-Id: Ia1800cc6560dce1757959bea9e352a2e6d30307e
Refactored SystemConfigService.processKeyPair(). 2017-07-08T04:59:31+00:00 Endi S. Dewata edewata@redhat.com 2017-07-07T05:06:40+00:00 313561ca3270d0f08da95d4ca3bf6782ed32159d The code in SystemConfigService.processCert() that loads or generates key pair has been moved into processKeyPair(). The code that sets key pair properties in createECCKeyPair() and createRSAKeyPair() has been replaced with storeKeyPair(). The processCert() has been modified to return a Cert object. Some debug messages have been added for clarity. https://pagure.io/dogtagpki/issue/2280 Change-Id: Ica16c7ce4f33fb23df2813a8b65d66fc2d4ea198 
The code in SystemConfigService.processCert() that loads or
generates key pair has been moved into processKeyPair().

The code that sets key pair properties in createECCKeyPair() and
createRSAKeyPair() has been replaced with storeKeyPair().

The processCert() has been modified to return a Cert object.

Some debug messages have been added for clarity.

https://pagure.io/dogtagpki/issue/2280

Change-Id: Ica16c7ce4f33fb23df2813a8b65d66fc2d4ea198
Fixed error message in SystemConfigService.processCerts(). 2017-07-08T02:53:13+00:00 Endi S. Dewata edewata@redhat.com 2017-07-08T02:42:22+00:00 7b293a9b68b0f58af03c068291ca1bd07b2cca33 The exception handler in SystemConfigService.processCerts() has been removed since it's redundant and generates misleading error message. https://pagure.io/dogtagpki/issue/2280 Change-Id: I3aa4f0414519a7cd2c53481663f4880c5c1dafd0 
The exception handler in SystemConfigService.processCerts() has
been removed since it's redundant and generates misleading error
message.

https://pagure.io/dogtagpki/issue/2280

Change-Id: I3aa4f0414519a7cd2c53481663f4880c5c1dafd0
Refactored ConfigurationUtils.updateCloneConfig(). 2017-07-08T02:52:44+00:00 Endi S. Dewata edewata@redhat.com 2017-07-07T17:36:56+00:00 2dc3c84777dcd8fe20611511ed5fc422c8b05541 The ConfigurationUtils.updateCloneConfig() invocation has been modified such that it will only be executed once. https://pagure.io/dogtagpki/issue/2280 Change-Id: I1d42acb8cf7c7ffedcd109fcd5252a03fb9622e7 
The ConfigurationUtils.updateCloneConfig() invocation has been
modified such that it will only be executed once.

https://pagure.io/dogtagpki/issue/2280

Change-Id: I1d42acb8cf7c7ffedcd109fcd5252a03fb9622e7
Refactored ConfigurationUtils.updateServerCertNickConf(). 2017-07-08T02:52:20+00:00 Endi S. Dewata edewata@redhat.com 2017-07-07T15:23:54+00:00 eb08fba8a15e044802e9fa32ba0d4ed6c8eb31bc The code that updates serverCertNick.conf has been moved into ConfigurationUtils.updateServerCertNickConf() and will only be executed once. https://pagure.io/dogtagpki/issue/2280 Change-Id: Iaae4429724ece683939aea8defe6fceeca237c4b 
The code that updates serverCertNick.conf has been moved into
ConfigurationUtils.updateServerCertNickConf() and will only be
executed once.

https://pagure.io/dogtagpki/issue/2280

Change-Id: Iaae4429724ece683939aea8defe6fceeca237c4b
Refactored ConfigurationUtils.handleLocalCert(). 2017-07-06T23:36:41+00:00 Endi S. Dewata edewata@redhat.com 2017-06-29T06:23:09+00:00 2dd97bf5569974fc7cc5a65c863594d176a0a346 The code for creating and importing local cert into NSS database has been moved into ConfigurationUtils.handleLocalCert(). https://pagure.io/dogtagpki/issue/2280 Change-Id: Idac7bc3e08e95f94fe50c417898ef12b2288d17c 
The code for creating and importing local cert into NSS database
has been moved into ConfigurationUtils.handleLocalCert().

https://pagure.io/dogtagpki/issue/2280

Change-Id: Idac7bc3e08e95f94fe50c417898ef12b2288d17c
Consolidated log() for audit events. 2017-06-27T05:32:52+00:00 Endi S. Dewata edewata@redhat.com 2017-06-24T02:11:41+00:00 c297d987d29755452b192ae1306610733381771a Duplicate log() methods for audit events have been merged into the Logger class. https://pagure.io/dogtagpki/issue/2689 Change-Id: I7a5147ff3221a52a82e69f56faf2156c04256db2 
Duplicate log() methods for audit events have been merged into the
Logger class.

https://pagure.io/dogtagpki/issue/2689

Change-Id: I7a5147ff3221a52a82e69f56faf2156c04256db2
Refactored signed audit logger. 2017-06-23T22:04:03+00:00 Endi S. Dewata edewata@redhat.com 2017-06-20T22:48:39+00:00 db84bffad64dd4b9a9d684255794719ae13d677f Signed audit logger creation has been simplified into: Logger signedAuditLogger = SignedAuditLogger.getLogger(); The null checks on signed audit logger have been removed since it cannot be null. Audit messages can be logged as follows: signedAuditLogger.log(message); https://pagure.io/dogtagpki/issue/2689 Change-Id: I3bf781b0194a6cbb166f71751c098d1c2a3a657a 
Signed audit logger creation has been simplified into:

  Logger signedAuditLogger = SignedAuditLogger.getLogger();

The null checks on signed audit logger have been removed since
it cannot be null. Audit messages can be logged as follows:

  signedAuditLogger.log(message);

https://pagure.io/dogtagpki/issue/2689

Change-Id: I3bf781b0194a6cbb166f71751c098d1c2a3a657a
Server side changes to correctly parse the new PKIArchiveOptions 2017-06-07T20:00:52+00:00 Ade Lee alee@redhat.com 2017-06-06T20:16:40+00:00 d5c331a42955365b76a1549aec047e613d3185dc The server is modified to read the new OIDs in the PKIArchiveOptions and handle them correctly. Change-Id: I328df4d6588b3c2c26a387ab2e9ed742d36824d4 
The server is modified to read the new OIDs in the PKIArchiveOptions
and handle them correctly.

Change-Id: I328df4d6588b3c2c26a387ab2e9ed742d36824d4
Refactor client to not use keysets 2017-06-07T20:00:41+00:00 Ade Lee alee@redhat.com 2017-05-26T17:06:18+00:00 38df4274214938ceece85627abb6d4fe77b960ff It is simpler to simply tell the client which algorithm to use for key wrapping and encryption, rather than use key sets. Therefore: * KRAInfo and CAInfo are refactored to provide the algorithms required for key wrapping and encryption. * Client is modified to use these parameters to determine which algorithms to use. * We specify the OIDs that will be used in the PKIARchiveOptions more correctly. The options are basically: AES-128-CBC, DES3-CBC, AES KeyWrap/Pad Change-Id: Ic3fca902bbc45f7f72bcd4676c994f8a89c3a409 
It is simpler to simply tell the client which
algorithm to use for key wrapping and encryption, rather
than use key sets.  Therefore:

* KRAInfo and CAInfo are refactored to provide the
  algorithms required for key wrapping and encryption.

* Client is modified to use these parameters to determine
  which algorithms to use.

* We specify the OIDs that will be used in the PKIARchiveOptions
  more correctly.  The options are basically:
  AES-128-CBC, DES3-CBC, AES KeyWrap/Pad

Change-Id: Ic3fca902bbc45f7f72bcd4676c994f8a89c3a409