diff options
author | Ade Lee <alee@redhat.com> | 2014-02-19 09:43:24 -0500 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2014-02-19 13:10:38 -0500 |
commit | a34d15a4000c70ed89cb44884b33d7c95499ebcc (patch) | |
tree | 352aace9ce8ad81981ae548bab5c657e967caf1a /base/common | |
parent | fda9b5c579d62498f846ab9c313ccbe1a85b0cdb (diff) | |
download | pki-a34d15a4000c70ed89cb44884b33d7c95499ebcc.tar.gz pki-a34d15a4000c70ed89cb44884b33d7c95499ebcc.tar.xz pki-a34d15a4000c70ed89cb44884b33d7c95499ebcc.zip |
Add methods to getKeyInfo and change key status
Diffstat (limited to 'base/common')
-rw-r--r-- | base/common/python/pki/__init__.py | 4 | ||||
-rw-r--r-- | base/common/python/pki/key.py | 42 | ||||
-rw-r--r-- | base/common/python/pki/kraclient.py | 2 | ||||
-rw-r--r-- | base/common/python/pki/systemcert.py | 2 | ||||
-rw-r--r-- | base/common/src/com/netscape/certsrv/key/KeyClient.java | 10 | ||||
-rw-r--r-- | base/common/src/com/netscape/certsrv/key/KeyNotFoundException.java | 62 | ||||
-rw-r--r-- | base/common/src/com/netscape/certsrv/key/KeyResource.java | 14 |
7 files changed, 120 insertions, 16 deletions
diff --git a/base/common/python/pki/__init__.py b/base/common/python/pki/__init__.py index 4b18ea0ed..e9802a4ba 100644 --- a/base/common/python/pki/__init__.py +++ b/base/common/python/pki/__init__.py @@ -185,6 +185,9 @@ class CertNotFoundException(ResourceNotFoundException): class GroupNotFoundException(ResourceNotFoundException): ''' Group Not Found Exception: return code = 404 ''' +class KeyNotFoundException(ResourceNotFoundException): + ''' Key Not Found Exception: return code 404 ''' + class ProfileNotFoundException(ResourceNotFoundException): ''' Profile Not Found Exception: return code = 404 ''' @@ -202,6 +205,7 @@ EXCEPTION_MAPPINGS = { "com.netscape.certsrv.base.ResourceNotFoundException": "pki.ResourceNotFoundException", "com.netscape.certsrv.cert.CertNotFoundException": "pki.CertNotFoundException", "com.netscape.certsrv.group.GroupNotFoundException": "pki.GroupNotFoundException", + "com.netscape.certsrv.key.KeyNotFoundException": "pki.KeyNotFoundException", "com.netscape.certsrv.profile.ProfileNotFoundException": "pki.ProfileNotFoundException", "com.netscape.certsrv.request.RequestNotFoundException": "pki.RequestNotFoundException", "com.netscape.certsrv.base.UserNotFoundException": "pki.UserNotFoundException", diff --git a/base/common/python/pki/key.py b/base/common/python/pki/key.py index 30f6baeb7..1e959785c 100644 --- a/base/common/python/pki/key.py +++ b/base/common/python/pki/key.py @@ -294,7 +294,7 @@ class KeyClient(object): self.keyURL = '/rest/agent/keys' self.keyRequestsURL = '/rest/agent/keyrequests' - @pki.handle_exceptions + @pki.handle_exceptions() def list_keys(self, client_id=None, status=None, max_results=None, max_time=None, start=None, size=None): ''' List/Search archived secrets in the DRM. @@ -308,7 +308,7 @@ class KeyClient(object): response = self.connection.get(self.keyURL, self.headers, params=query_params) return KeyInfoCollection.from_json(response.json()) - @pki.handle_exceptions + @pki.handle_exceptions() def retrieve_key(self, data): ''' Retrieve a secret from the DRM. @@ -324,7 +324,7 @@ class KeyClient(object): response = self.connection.post(url, keyRequest, self.headers) return KeyData.from_dict(response.json()) - @pki.handle_exceptions + @pki.handle_exceptions() def request_key_retrieval(self, key_id, request_id, trans_wrapped_session_key=None, session_wrapped_passphrase=None, passphrase=None, nonce_data=None): ''' Retrieve a secret from the DRM. @@ -357,7 +357,7 @@ class KeyClient(object): return self.retrieve_key(request) - @pki.handle_exceptions + @pki.handle_exceptions() def list_requests(self, request_state=None, request_type=None, client_id=None, start=None, page_size=None, max_results=None, max_time=None): ''' List/Search key requests in the DRM. @@ -372,14 +372,14 @@ class KeyClient(object): params=query_params) return KeyRequestInfoCollection.from_json(response.json()) - @pki.handle_exceptions + @pki.handle_exceptions() def get_request_info(self, request_id): ''' Return a KeyRequestInfo object for a specific request. ''' url = self.keyRequestsURL + '/' + request_id response = self.connection.get(url, self.headers) return KeyRequestInfo.from_dict(response.json()) - @pki.handle_exceptions + @pki.handle_exceptions() def create_request(self, request): ''' Submit an archival, recovery or key generation request to the DRM. @@ -394,25 +394,25 @@ class KeyClient(object): response = self.connection.post(url, key_request, self.headers) return KeyRequestResponse.from_json(response.json()) - @pki.handle_exceptions + @pki.handle_exceptions() def approve_request(self, request_id): ''' Approve a secret recovery request ''' url = self.keyRequestsURL + '/' + request_id + '/approve' - return self.connection.post(url, self.headers) + self.connection.post(url, self.headers) - @pki.handle_exceptions + @pki.handle_exceptions() def reject_request(self, request_id): ''' Reject a secret recovery request. ''' url = self.keyRequestsURL + '/' + request_id + '/reject' - return self.connection.post(url, self.headers) + self.connection.post(url, self.headers) - @pki.handle_exceptions + @pki.handle_exceptions() def cancel_request(self, request_id): ''' Cancel a secret recovery request ''' url = self.keyRequestsURL + '/' + request_id + '/cancel' - return self.connection.post(url, self.headers) + self.connection.post(url, self.headers) - @pki.handle_exceptions + @pki.handle_exceptions() def request_recovery(self, key_id, request_id=None, session_wrapped_passphrase=None, trans_wrapped_session_key=None, b64certificate=None, nonce_data=None): ''' Create a request to recover a secret. @@ -433,7 +433,7 @@ class KeyClient(object): nonce_data=nonce_data) return self.create_request(request) - @pki.handle_exceptions + @pki.handle_exceptions() def request_archival(self, client_id, data_type, wrapped_private_data, key_algorithm=None, key_size=None): ''' Archive a secret (symmetric key or passphrase) on the DRM. @@ -458,6 +458,20 @@ class KeyClient(object): key_size=key_size) return self.create_request(request) + @pki.handle_exceptions() + def get_key_info(self, key_id): + ''' Get the info in the KeyRecord for a specific secret in the DRM. ''' + url = self.keyURL + '/' + key_id + response = self.connection.get(url, headers=self.headers) + return KeyInfo.from_dict(response.json()) + + @pki.handle_exceptions() + def modify_key_status(self, key_id, status): + ''' Modify the status of a key ''' + url = self.keyURL + '/' + key_id + params = {'status':status} + self.connection.post(url, None, headers=self.headers, params=params) + encoder.NOTYPES['Attribute'] = pki.Attribute encoder.NOTYPES['AttributeList'] = pki.AttributeList encoder.NOTYPES['KeyArchivalRequest'] = KeyArchivalRequest diff --git a/base/common/python/pki/kraclient.py b/base/common/python/pki/kraclient.py index f2b7a5582..18707b744 100644 --- a/base/common/python/pki/kraclient.py +++ b/base/common/python/pki/kraclient.py @@ -95,7 +95,7 @@ class KRAClient(object): return key_data, None unwrapped_key = self.crypto.symmetric_unwrap(key_data.wrappedPrivateData, session_key, - iv=key_data.nonceData) + nonce_iv=key_data.nonceData) return key_data, unwrapped_key def retrieve_key_by_passphrase(self, key_id, passphrase=None, diff --git a/base/common/python/pki/systemcert.py b/base/common/python/pki/systemcert.py index 8a1488dea..2f51de6f3 100644 --- a/base/common/python/pki/systemcert.py +++ b/base/common/python/pki/systemcert.py @@ -38,7 +38,7 @@ class SystemCertClient(object): 'Accept': 'application/json'} self.cert_url = '/rest/config/cert' - @pki.handle_exceptions + @pki.handle_exceptions() def get_transport_cert(self): ''' Return transport certificate ''' url = self.cert_url + '/transport' diff --git a/base/common/src/com/netscape/certsrv/key/KeyClient.java b/base/common/src/com/netscape/certsrv/key/KeyClient.java index 374b793ff..cb5d59772 100644 --- a/base/common/src/com/netscape/certsrv/key/KeyClient.java +++ b/base/common/src/com/netscape/certsrv/key/KeyClient.java @@ -187,4 +187,14 @@ public class KeyClient extends Client { Response response = keyRequestClient.cancelRequest(id); client.getEntity(response, Void.class); } + + public KeyInfo getKeyInfo(KeyId id) { + Response response = keyClient.getKeyInfo(id); + return client.getEntity(response, KeyInfo.class); + } + + public void modifyKeyStatus(KeyId id, String status) { + Response response = keyClient.modifyKeyStatus(id, status); + client.getEntity(response, Void.class); + } } diff --git a/base/common/src/com/netscape/certsrv/key/KeyNotFoundException.java b/base/common/src/com/netscape/certsrv/key/KeyNotFoundException.java new file mode 100644 index 000000000..be21aa79d --- /dev/null +++ b/base/common/src/com/netscape/certsrv/key/KeyNotFoundException.java @@ -0,0 +1,62 @@ +package com.netscape.certsrv.key; + +//--- BEGIN COPYRIGHT BLOCK --- +//This program is free software; you can redistribute it and/or modify +//it under the terms of the GNU General Public License as published by +//the Free Software Foundation; version 2 of the License. +// +//This program is distributed in the hope that it will be useful, +//but WITHOUT ANY WARRANTY; without even the implied warranty of +//MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +//GNU General Public License for more details. +// +//You should have received a copy of the GNU General Public License along +//with this program; if not, write to the Free Software Foundation, Inc., +//51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +//(C) 2007 Red Hat, Inc. +//All rights reserved. +//--- END COPYRIGHT BLOCK --- + +import com.netscape.certsrv.base.ResourceNotFoundException; +import com.netscape.certsrv.dbs.keydb.KeyId; + +public class KeyNotFoundException extends ResourceNotFoundException { + + private static final long serialVersionUID = -4688477890485145493L; + + public KeyId keyID; + + public KeyNotFoundException(KeyId keyId) { + this(keyId, "Key ID " + keyId.toHexString() + " not found"); + } + + public KeyNotFoundException(KeyId keyId, String message) { + super(message); + this.keyID = keyId; + } + + public KeyNotFoundException(KeyId keyId, String message, Throwable cause) { + super(message, cause); + this.keyID = keyId; + } + + public KeyNotFoundException(Data data) { + super(data); + keyID = new KeyId(data.getAttribute("KeyId")); + } + + public Data getData() { + Data data = super.getData(); + data.setAttribute("KeyId", keyID.toString()); + return data; + } + + public KeyId getKeyId() { + return keyID; + } + + public void setRequestId(KeyId KeyId) { + this.keyID = KeyId; + } +} diff --git a/base/common/src/com/netscape/certsrv/key/KeyResource.java b/base/common/src/com/netscape/certsrv/key/KeyResource.java index 78ce15344..5b5bf7a74 100644 --- a/base/common/src/com/netscape/certsrv/key/KeyResource.java +++ b/base/common/src/com/netscape/certsrv/key/KeyResource.java @@ -15,6 +15,7 @@ import org.jboss.resteasy.annotations.ClientResponseType; import com.netscape.certsrv.acls.ACLMapping; import com.netscape.certsrv.authentication.AuthMethodMapping; +import com.netscape.certsrv.dbs.keydb.KeyId; @Path("agent/keys") @@ -38,6 +39,19 @@ public interface KeyResource { @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) public Response getActiveKeyInfo(@PathParam("clientID") String clientID); + @GET + @Path("{id}") + @ClientResponseType(entityType=KeyInfo.class) + @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON}) + public Response getKeyInfo(@PathParam("id") KeyId id); + + @POST + @Path("{id}") + @ClientResponseType(entityType=Void.class) + @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public Response modifyKeyStatus(@PathParam("id") KeyId id, + @QueryParam("status") String status); + /** * Used to retrieve a key * @param data |