Fix DRM archival, recovery and generation for non-DES3 keys.

In the archival, recovery and generation code for symmetric keys,
we use functions that require knowledge of the symmetric keys algorithm
and key size.  These were hardcoded to DES3, and so only DES3 worked.

We added those parameters to the archival request, save them in the
KeyRecord and retrive them when recovering the key.

Tests have been added to DRMTest for the relevant usages.

3 files changed, 43 insertions, 9 deletions

diff --git a/base/common/src/com/netscape/certsrv/key/KeyArchivalRequest.java b/base/common/src/com/netscape/certsrv/key/KeyArchivalRequest.java
index 1655fdb28..bb25974e9 100644
--- a/base/common/src/com/netscape/certsrv/key/KeyArchivalRequest.java
+++ b/base/common/src/com/netscape/certsrv/key/KeyArchivalRequest.java
@@ -39,6 +39,8 @@ public class KeyArchivalRequest extends ResourceMessage {
     private static final String CLIENT_ID = "clientID";
     private static final String DATA_TYPE = "dataType";
     private static final String WRAPPED_PRIVATE_DATA = "wrappedPrivateData";
+    private static final String KEY_ALGORITHM = "keyAlgorithm";
+    private static final String KEY_STRENGTH = "keyStrength";
 
     public KeyArchivalRequest() {
         // required for JAXB (defaults)
@@ -49,6 +51,8 @@ public class KeyArchivalRequest extends ResourceMessage {
         attributes.put(CLIENT_ID, form.getFirst(CLIENT_ID));
         attributes.put(DATA_TYPE, form.getFirst(DATA_TYPE));
         attributes.put(WRAPPED_PRIVATE_DATA, form.getFirst(WRAPPED_PRIVATE_DATA));
+        attributes.put(KEY_ALGORITHM, form.getFirst(KEY_ALGORITHM));
+        attributes.put(KEY_STRENGTH, form.getFirst(KEY_STRENGTH));
         setClassName(getClass().getName());
     }
 
@@ -99,6 +103,34 @@ public class KeyArchivalRequest extends ResourceMessage {
         attributes.put(WRAPPED_PRIVATE_DATA, wrappedPrivateData);
     }
 
+    /**
+     * @return the keyAlgorithm (valid for symmetric keys)
+     */
+    public String getKeyAlgorithm() {
+        return attributes.get(KEY_ALGORITHM);
+    }
+
+    /**
+     * @param algorithm the key algorithm to set (valid for symmetric keys)
+     */
+    public void setKeyAlgorithm(String algorithm) {
+        attributes.put(KEY_ALGORITHM, algorithm);
+    }
+
+    /**
+     * @return the key strength (valid for symmetric keys)
+     */
+    public int getKeyStrength() {
+        return Integer.parseInt(attributes.get(KEY_STRENGTH));
+    }
+
+    /**
+     * @param strength the key strength to set (valid for symmetric keys)
+     */
+    public void setKeyStrength(int strength) {
+        attributes.put(KEY_STRENGTH, Integer.toString(strength));
+    }
+
     public String toString() {
         try {
             return ResourceMessage.marshal(this, KeyArchivalRequest.class);
@@ -121,6 +153,8 @@ public class KeyArchivalRequest extends ResourceMessage {
         before.setClientId("vek 12345");
         before.setDataType(KeyRequestResource.SYMMETRIC_KEY_TYPE);
         before.setWrappedPrivateData("XXXXABCDEFXXX");
+        before.setKeyAlgorithm(KeyRequestResource.AES_ALGORITHM);
+        before.setKeyStrength(128);
 
         String string = before.toString();
         System.out.println(string);
diff --git a/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java b/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java
index 27f0362a1..81cca7b41 100644
--- a/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java
+++ b/base/common/src/com/netscape/certsrv/key/KeyRequestResource.java
@@ -28,6 +28,14 @@ public interface KeyRequestResource {
     public static final String PASS_PHRASE_TYPE = "passPhrase";
     public static final String ASYMMETRIC_KEY_TYPE = "asymmetricKey";
 
+    /* Symmetric Key Algorithms */
+    public static final String DES_ALGORITHM = "DES";
+    public static final String DESEDE_ALGORITHM = "DESede";
+    public static final String DES3_ALGORITHM = "DES3";
+    public static final String RC2_ALGORITHM = "RC2";
+    public static final String RC4_ALGORITHM = "RC4";
+    public static final String AES_ALGORITHM = "AES";
+
     /**
      * Used to generate list of key requests based on the search parameters
      */
diff --git a/base/common/src/com/netscape/certsrv/key/SymKeyGenerationRequest.java b/base/common/src/com/netscape/certsrv/key/SymKeyGenerationRequest.java
index f9feb6410..c0445e455 100644
--- a/base/common/src/com/netscape/certsrv/key/SymKeyGenerationRequest.java
+++ b/base/common/src/com/netscape/certsrv/key/SymKeyGenerationRequest.java
@@ -26,14 +26,6 @@ public class SymKeyGenerationRequest extends ResourceMessage {
     private static final String KEY_ALGORITHM = "keyAlgorithm";
     private static final String KEY_USAGE = "keyUsage";
 
-    /* Symmetric Key Algorithms */
-    public static final String DES_ALGORITHM = "DES";
-    public static final String DESEDE_ALGORITHM = "DESede";
-    public static final String DES3_ALGORITHM = "DES3";
-    public static final String RC2_ALGORITHM = "RC2";
-    public static final String RC4_ALGORITHM = "RC4";
-    public static final String AES_ALGORITHM = "AES";
-
     /* Symmetric Key usages */
     public static final String UWRAP_USAGE = "unwrap";
     public static final String WRAP_USAGE = "wrap";
@@ -148,7 +140,7 @@ public class SymKeyGenerationRequest extends ResourceMessage {
 
         SymKeyGenerationRequest before = new SymKeyGenerationRequest();
         before.setClientId("vek 12345");
-        before.setKeyAlgorithm(SymKeyGenerationRequest.AES_ALGORITHM);
+        before.setKeyAlgorithm(KeyRequestResource.AES_ALGORITHM);
         before.setKeySize(128);
         before.addUsage(SymKeyGenerationRequest.DECRYPT_USAGE);
         before.addUsage(SymKeyGenerationRequest.ENCRYPT_USAGE);