Add methods to getKeyInfo and change key status

4 files changed, 34 insertions, 16 deletions

diff --git a/base/common/python/pki/__init__.py b/base/common/python/pki/__init__.py
index 4b18ea0ed..e9802a4ba 100644
--- a/base/common/python/pki/__init__.py
+++ b/base/common/python/pki/__init__.py
@@ -185,6 +185,9 @@ class CertNotFoundException(ResourceNotFoundException):
 class GroupNotFoundException(ResourceNotFoundException):
     ''' Group Not Found Exception: return code = 404 '''
 
+class KeyNotFoundException(ResourceNotFoundException):
+    ''' Key Not Found Exception: return code 404 '''
+
 class ProfileNotFoundException(ResourceNotFoundException):
     ''' Profile Not Found Exception: return code = 404 '''
 
@@ -202,6 +205,7 @@ EXCEPTION_MAPPINGS = {
     "com.netscape.certsrv.base.ResourceNotFoundException": "pki.ResourceNotFoundException",
     "com.netscape.certsrv.cert.CertNotFoundException": "pki.CertNotFoundException",
     "com.netscape.certsrv.group.GroupNotFoundException": "pki.GroupNotFoundException",
+    "com.netscape.certsrv.key.KeyNotFoundException": "pki.KeyNotFoundException",
     "com.netscape.certsrv.profile.ProfileNotFoundException": "pki.ProfileNotFoundException",
     "com.netscape.certsrv.request.RequestNotFoundException": "pki.RequestNotFoundException",
     "com.netscape.certsrv.base.UserNotFoundException": "pki.UserNotFoundException",
diff --git a/base/common/python/pki/key.py b/base/common/python/pki/key.py
index 30f6baeb7..1e959785c 100644
--- a/base/common/python/pki/key.py
+++ b/base/common/python/pki/key.py
@@ -294,7 +294,7 @@ class KeyClient(object):
         self.keyURL = '/rest/agent/keys'
         self.keyRequestsURL = '/rest/agent/keyrequests'
 
-    @pki.handle_exceptions
+    @pki.handle_exceptions()
     def list_keys(self, client_id=None, status=None, max_results=None,
                   max_time=None, start=None, size=None):
         ''' List/Search archived secrets in the DRM.
@@ -308,7 +308,7 @@ class KeyClient(object):
         response = self.connection.get(self.keyURL, self.headers, params=query_params)
         return KeyInfoCollection.from_json(response.json())
 
-    @pki.handle_exceptions
+    @pki.handle_exceptions()
     def retrieve_key(self, data):
         ''' Retrieve a secret from the DRM.
 
@@ -324,7 +324,7 @@ class KeyClient(object):
         response = self.connection.post(url, keyRequest, self.headers)
         return KeyData.from_dict(response.json())
 
-    @pki.handle_exceptions
+    @pki.handle_exceptions()
     def request_key_retrieval(self, key_id, request_id, trans_wrapped_session_key=None,
                      session_wrapped_passphrase=None, passphrase=None, nonce_data=None):
         ''' Retrieve a secret from the DRM.
@@ -357,7 +357,7 @@ class KeyClient(object):
 
         return self.retrieve_key(request)
 
-    @pki.handle_exceptions
+    @pki.handle_exceptions()
     def list_requests(self, request_state=None, request_type=None, client_id=None,
                      start=None, page_size=None, max_results=None, max_time=None):
         ''' List/Search key requests in the DRM.
@@ -372,14 +372,14 @@ class KeyClient(object):
                                 params=query_params)
         return KeyRequestInfoCollection.from_json(response.json())
 
-    @pki.handle_exceptions
+    @pki.handle_exceptions()
     def get_request_info(self, request_id):
         ''' Return a KeyRequestInfo object for a specific request. '''
         url = self.keyRequestsURL + '/' + request_id
         response = self.connection.get(url, self.headers)
         return KeyRequestInfo.from_dict(response.json())
 
-    @pki.handle_exceptions
+    @pki.handle_exceptions()
     def create_request(self, request):
         ''' Submit an archival, recovery or key generation request
             to the DRM.
@@ -394,25 +394,25 @@ class KeyClient(object):
         response = self.connection.post(url, key_request, self.headers)
         return KeyRequestResponse.from_json(response.json())
 
-    @pki.handle_exceptions
+    @pki.handle_exceptions()
     def approve_request(self, request_id):
         ''' Approve a secret recovery request '''
         url = self.keyRequestsURL + '/' + request_id + '/approve'
-        return self.connection.post(url, self.headers)
+        self.connection.post(url, self.headers)
 
-    @pki.handle_exceptions
+    @pki.handle_exceptions()
     def reject_request(self, request_id):
         ''' Reject a secret recovery request. '''
         url = self.keyRequestsURL + '/' + request_id + '/reject'
-        return self.connection.post(url, self.headers)
+        self.connection.post(url, self.headers)
 
-    @pki.handle_exceptions
+    @pki.handle_exceptions()
     def cancel_request(self, request_id):
         ''' Cancel a secret recovery request '''
         url = self.keyRequestsURL + '/' + request_id + '/cancel'
-        return self.connection.post(url, self.headers)
+        self.connection.post(url, self.headers)
 
-    @pki.handle_exceptions
+    @pki.handle_exceptions()
     def request_recovery(self, key_id, request_id=None, session_wrapped_passphrase=None,
                         trans_wrapped_session_key=None, b64certificate=None, nonce_data=None):
         ''' Create a request to recover a secret.
@@ -433,7 +433,7 @@ class KeyClient(object):
                                      nonce_data=nonce_data)
         return self.create_request(request)
 
-    @pki.handle_exceptions
+    @pki.handle_exceptions()
     def request_archival(self, client_id, data_type, wrapped_private_data,
                     key_algorithm=None, key_size=None):
         ''' Archive a secret (symmetric key or passphrase) on the DRM.
@@ -458,6 +458,20 @@ class KeyClient(object):
                                      key_size=key_size)
         return self.create_request(request)
 
+    @pki.handle_exceptions()
+    def get_key_info(self, key_id):
+        ''' Get the info in the KeyRecord for a specific secret in the DRM. '''
+        url = self.keyURL + '/' + key_id
+        response = self.connection.get(url, headers=self.headers)
+        return KeyInfo.from_dict(response.json())
+
+    @pki.handle_exceptions()
+    def modify_key_status(self, key_id, status):
+        ''' Modify the status of a key '''
+        url = self.keyURL + '/' + key_id
+        params = {'status':status}
+        self.connection.post(url, None, headers=self.headers, params=params)
+
 encoder.NOTYPES['Attribute'] = pki.Attribute
 encoder.NOTYPES['AttributeList'] = pki.AttributeList
 encoder.NOTYPES['KeyArchivalRequest'] = KeyArchivalRequest
diff --git a/base/common/python/pki/kraclient.py b/base/common/python/pki/kraclient.py
index f2b7a5582..18707b744 100644
--- a/base/common/python/pki/kraclient.py
+++ b/base/common/python/pki/kraclient.py
@@ -95,7 +95,7 @@ class KRAClient(object):
             return key_data, None
 
         unwrapped_key = self.crypto.symmetric_unwrap(key_data.wrappedPrivateData, session_key,
-                                                     iv=key_data.nonceData)
+                                                     nonce_iv=key_data.nonceData)
         return key_data, unwrapped_key
 
     def retrieve_key_by_passphrase(self, key_id, passphrase=None,
diff --git a/base/common/python/pki/systemcert.py b/base/common/python/pki/systemcert.py
index 8a1488dea..2f51de6f3 100644
--- a/base/common/python/pki/systemcert.py
+++ b/base/common/python/pki/systemcert.py
@@ -38,7 +38,7 @@ class SystemCertClient(object):
                         'Accept': 'application/json'}
         self.cert_url = '/rest/config/cert'
 
-    @pki.handle_exceptions
+    @pki.handle_exceptions()
     def get_transport_cert(self):
         ''' Return transport certificate '''
         url = self.cert_url +  '/transport'