reame client_id to client_key_id

3 files changed, 24 insertions, 21 deletions

diff --git a/base/common/python/pki/cryptoutil.py b/base/common/python/pki/cryptoutil.py
index c48c6ca0f..b450e820c 100644
--- a/base/common/python/pki/cryptoutil.py
+++ b/base/common/python/pki/cryptoutil.py
@@ -113,6 +113,7 @@ class NSSCryptoUtil(CryptoUtil):
         self.nonce_iv = "e4:bb:3b:d3:c3:71:2e:58"
 
     def initialize_db(self):
+        ''' initialize the nss db.  Must be done before any crypto operations '''
         nss.nss_init(self.certdb_dir)
 
     def import_cert(self, cert_nick, cert, trust):
diff --git a/base/common/python/pki/key.py b/base/common/python/pki/key.py
index ab6db9625..0d1dd36f3 100644
--- a/base/common/python/pki/key.py
+++ b/base/common/python/pki/key.py
@@ -76,7 +76,7 @@ class KeyInfo(object):
 
     def __init__(self):
         ''' Constructor '''
-        self.clientID = None
+        self.clientKeyID = None
         self.keyURL = None
         self.algorithm = None
         self.status = None
@@ -219,12 +219,12 @@ class KeyArchivalRequest(pki.ResourceMessage):
     Class representing the object sent to the DRM when archiving a secret.
     '''
 
-    def __init__(self, client_id=None, data_type=None, wrapped_private_data=None,
+    def __init__(self, client_key_id=None, data_type=None, wrapped_private_data=None,
                  key_algorithm=None, key_size=None):
         ''' Constructor '''
         pki.ResourceMessage.__init__(self,
                                  "com.netscape.certsrv.key.KeyArchivalRequest")
-        self.add_attribute("clientID", client_id)
+        self.add_attribute("clientKeyID", client_key_id)
         self.add_attribute("dataType", data_type)
         self.add_attribute("wrappedPrivateData", wrapped_private_data)
         self.add_attribute("keyAlgorithm", key_algorithm)
@@ -266,13 +266,13 @@ class SymKeyGenerationRequest(pki.ResourceMessage):
     DECRYPT_USAGE = "decrypt"
     ENCRYPT_USAGE = "encrypt"
 
-    def __init__(self, client_id=None, key_size=None, key_algorithm=None,
+    def __init__(self, client_key_id=None, key_size=None, key_algorithm=None,
                  key_usages=None):
         ''' Constructor '''
         pki.ResourceMessage.__init__(self,
                                  "com.netscape.certsrv.key.SymKeyGenerationRequest")
         key_usages = key_usages or []
-        self.add_attribute("clientID", client_id)
+        self.add_attribute("clientKeyID", client_key_id)
         self.add_attribute("keySize", key_size)
         self.add_attribute("keyAlgorithm", key_algorithm)
         self.add_attribute("keyUsage", ','.join(key_usages))
@@ -296,14 +296,14 @@ class KeyClient(object):
         self.keyRequestsURL = '/rest/agent/keyrequests'
 
     @pki.handle_exceptions()
-    def list_keys(self, client_id=None, status=None, max_results=None,
+    def list_keys(self, client_key_id=None, status=None, max_results=None,
                   max_time=None, start=None, size=None):
         ''' List/Search archived secrets in the DRM.
 
             See KRAClient.list_keys for the valid values of status.
             Returns a KeyInfoCollection object.
         '''
-        query_params = {'clientID':client_id, 'status':status,
+        query_params = {'clientKeyID':client_key_id, 'status':status,
                         'maxResults':max_results, 'maxTime':max_time,
                         'start':start, 'size':size}
         response = self.connection.get(self.keyURL, self.headers, params=query_params)
@@ -359,7 +359,7 @@ class KeyClient(object):
         return self.retrieve_key(request)
 
     @pki.handle_exceptions()
-    def list_requests(self, request_state=None, request_type=None, client_id=None,
+    def list_requests(self, request_state=None, request_type=None, client_key_id=None,
                      start=None, page_size=None, max_results=None, max_time=None):
         ''' List/Search key requests in the DRM.
 
@@ -367,7 +367,7 @@ class KeyClient(object):
             request_type.  Returns a KeyRequestInfoCollection object.
         '''
         query_params = {'requestState':request_state, 'requestType':request_type,
-                        'clientID':client_id, 'start':start, 'pageSize':page_size,
+                        'clientKeyID':client_key_id, 'start':start, 'pageSize':page_size,
                         'maxResults':max_results, 'maxTime':max_time}
         response = self.connection.get(self.keyRequestsURL, self.headers,
                                 params=query_params)
@@ -435,7 +435,7 @@ class KeyClient(object):
         return self.create_request(request)
 
     @pki.handle_exceptions()
-    def request_archival(self, client_id, data_type, wrapped_private_data,
+    def request_archival(self, client_key_id, data_type, wrapped_private_data,
                     key_algorithm=None, key_size=None):
         ''' Archive a secret (symmetric key or passphrase) on the DRM.
 
@@ -452,7 +452,7 @@ class KeyClient(object):
             key_algorithm and key_size are applicable to symmetric keys only.
             If a symmetric key is being archived, these parameters are required.
         '''
-        request = KeyArchivalRequest(client_id=client_id,
+        request = KeyArchivalRequest(client_key_id=client_key_id,
                                      data_type=data_type,
                                      wrapped_private_data=wrapped_private_data,
                                      key_algorithm=key_algorithm,
@@ -467,9 +467,9 @@ class KeyClient(object):
         return KeyInfo.from_json(response.json())
 
     @pki.handle_exceptions()
-    def get_active_key_info(self, client_id):
+    def get_active_key_info(self, client_key_id):
         ''' Get the info in the KeyRecord for the active secret in the DRM. '''
-        url = self.keyURL + '/active/' + urllib.quote_plus(client_id)
+        url = self.keyURL + '/active/' + urllib.quote_plus(client_key_id)
         response = self.connection.get(url, headers=self.headers)
         print response
         return KeyInfo.from_json(response.json())
@@ -491,9 +491,9 @@ encoder.NOTYPES['SymKeyGenerationRequest'] = SymKeyGenerationRequest
 def main():
     ''' Some unit tests - basically printing different types of requests '''
     print "printing symkey generation request"
-    client_id = "vek 123"
+    client_key_id = "vek 123"
     usages = [SymKeyGenerationRequest.DECRYPT_USAGE, SymKeyGenerationRequest.ENCRYPT_USAGE]
-    gen_request = SymKeyGenerationRequest(client_id, 128, "AES", usages)
+    gen_request = SymKeyGenerationRequest(client_key_id, 128, "AES", usages)
     print json.dumps(gen_request, cls=encoder.CustomTypeEncoder, sort_keys=True)
 
     print "printing key recovery request"
@@ -502,7 +502,7 @@ def main():
     print json.dumps(key_request, cls=encoder.CustomTypeEncoder, sort_keys=True)
 
     print "printing key archival request"
-    archival_request = KeyArchivalRequest(client_id, "symmetricKey",
+    archival_request = KeyArchivalRequest(client_key_id, "symmetricKey",
                                           "MX123AABBCD", "AES", 128)
     print json.dumps(archival_request, cls=encoder.CustomTypeEncoder, sort_keys=True)
 
diff --git a/base/common/python/pki/kraclient.py b/base/common/python/pki/kraclient.py
index 227298c85..25c4dc9ca 100644
--- a/base/common/python/pki/kraclient.py
+++ b/base/common/python/pki/kraclient.py
@@ -42,9 +42,11 @@ class KRAClient(object):
         :param crypto - CryptoUtil object.  NSSCryptoUtil is provided by default.
                         If a different crypto implementation is desired, a different
                         subclass of CryptoUtil must be provided.
-        :param trnasport_cert_nick - identifier for the DRM transport certificate.  This will
+        :param transport_cert_nick - identifier for the DRM transport certificate.  This will
                         be passed to the CryptoUtil.get_cert() command to get a representation
                         of the transport certificate usable for crypto operations.
+                        Note that for NSS databases, the database must have been initialized
+                        beforehand.
         '''
         self.connection = connection
         self.keys = key.KeyClient(connection)
@@ -170,19 +172,19 @@ class KRAClient(object):
         return self.keys.request_key_retrieval(key_id, request_id, passphrase)
 
 
-    def generate_sym_key(self, client_id, algorithm, size, usages):
+    def generate_symmetric_key(self, client_key_id, algorithm, size, usages):
         ''' Generate and archive a symmetric key on the DRM.
 
             Return a KeyRequestResponse which contains a KeyRequestInfo
             object that describes the URL for the request and generated key.
         '''
-        request = key.SymKeyGenerationRequest(client_id=client_id,
+        request = key.SymKeyGenerationRequest(client_key_id=client_key_id,
                                               key_size=size,
                                               key_algorithm=algorithm,
                                               key_usages=usages)
         return self.keys.create_request(request)
 
-    def archive_key(self, client_id, data_type, private_data=None,
+    def archive_key(self, client_key_id, data_type, private_data=None,
                     wrapped_private_data=None,
                     key_algorithm=None, key_size=None):
         ''' Archive a secret (symmetric key or passphrase) on the DRM.
@@ -218,7 +220,7 @@ class KRAClient(object):
                 # raise BadRequestException - to be added in next patch
                 return None
             wrapped_private_data = self.generate_archive_options(private_data)
-        return self.keys.request_archival(client_id, data_type, wrapped_private_data,
+        return self.keys.request_archival(client_key_id, data_type, wrapped_private_data,
                                           key_algorithm, key_size)
 
     def generate_pki_archive_options(self, trans_wrapped_session_key, session_wrapped_secret):