diff options
author | Endi S. Dewata <edewata@redhat.com> | 2015-07-10 16:47:29 -0400 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2015-07-13 13:46:47 -0400 |
commit | c3033776af54b27a46d0af33cf602a291e6c603d (patch) | |
tree | 41f519d148c0363d318decd27a01b50a29e741d4 /base/kra/src/org/dogtagpki/server/kra | |
parent | 11bbb4e28650e7296707e4ddf07cdf2f56c8269b (diff) | |
download | pki-c3033776af54b27a46d0af33cf602a291e6c603d.tar.gz pki-c3033776af54b27a46d0af33cf602a291e6c603d.tar.xz pki-c3033776af54b27a46d0af33cf602a291e6c603d.zip |
Fixed NPE during key-retrieve.
Keys archived through the KRA connector in CA have null data type
attribute which causes a NPE during retrieval using the key-retrieve
CLI. The SecurityDataRecoveryService has been modified to consider
null data type attribute as asymmetric key type.
The KeyRetrieveCLI and KeyService have been modified to generate
better debugging messages to help troubleshooting.
https://fedorahosted.org/pki/ticket/1481
Diffstat (limited to 'base/kra/src/org/dogtagpki/server/kra')
-rw-r--r-- | base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java | 37 |
1 files changed, 25 insertions, 12 deletions
diff --git a/base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java b/base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java index 99e6471b1..f4445bb65 100644 --- a/base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java +++ b/base/kra/src/org/dogtagpki/server/kra/rest/KeyService.java @@ -117,53 +117,66 @@ public class KeyService extends PKIService implements KeyResource { */ @Override public Response retrieveKey(KeyRecoveryRequest data) { - String method = "KeyService.retrieveKey: "; + + CMS.debug("KeyService.retrieveKey()"); String auditInfo = "KeyService.retrieveKey"; - CMS.debug(method + "begins."); + if (data == null) { - String msg = "Invalid request: data is null"; - CMS.debug(msg); - auditRetrieveKey(ILogger.FAILURE, "None", "None", auditInfo + ";" + msg); - throw new BadRequestException(method + msg); + String message = "Missing key recovery request"; + CMS.debug(message); + auditRetrieveKey(ILogger.FAILURE, "None", "None", auditInfo + ";" + message); + throw new BadRequestException(message); } - // auth and authz + RequestId requestID = data.getRequestId(); - IRequest request; - KeyId keyId = data.getKeyId(); + CMS.debug("KeyService: request ID: " + requestID); if (requestID != null) auditInfo = auditInfo + ": requestID=" + requestID.toString(); + KeyId keyId = data.getKeyId(); + CMS.debug("KeyService: key ID: " + keyId); if (keyId != null) auditInfo = auditInfo + "; keyID=" + keyId.toString(); + IRequest request; try { request = queue.findRequest(requestID); + } catch (EBaseException e) { - e.printStackTrace(); + CMS.debug(e); auditRetrieveKey(ILogger.FAILURE, requestID, null, auditInfo + ";" + e.getMessage()); throw new PKIException(e.getMessage()); } + String type = request.getRequestType(); + CMS.debug("KeyService: request type: " + type); auditInfo = auditInfo + "; request type:" + type; + KeyData keyData; try { if (IRequest.KEYRECOVERY_REQUEST.equals(type)) { keyData = recoverKey(data); + } else { keyId = validateRequest(data); keyData = getKey(keyId, data); } + } catch (Exception e) { - e.printStackTrace(); + CMS.debug(e); auditRetrieveKey(ILogger.FAILURE, requestID, keyId, auditInfo + ";" + e.getMessage()); throw new PKIException(e.getMessage()); } + if (keyData == null) { - // no key record + CMS.debug("KeyService: No key record"); auditRetrieveKey(ILogger.FAILURE, requestID, keyId, auditInfo + "; No key record"); throw new HTTPGoneException("No key record."); } + + CMS.debug("KeyService: key retrieved"); + auditRetrieveKey(ILogger.SUCCESS, requestID, keyId, auditInfo); return createOKResponse(keyData); |