Added error checking in python client calls

1) Added error checking in python client calls.
2) Allow symmetric key generation with default params.  Fix bug for
   when usages is not defined.
3) Fix bug when requesting key recovery - must check if key exists.
4) Extend key gen to allow for providing trans_wrapped_session_key
5) added constants to python client for key status

3 files changed, 28 insertions, 11 deletions

diff --git a/base/kra/functional/drmtest.py b/base/kra/functional/drmtest.py
index a1db60c55..b53c5569a 100644
--- a/base/kra/functional/drmtest.py
+++ b/base/kra/functional/drmtest.py
@@ -106,18 +106,21 @@ def main():
     # Test 4: generate symkey -- same as barbican_encode()
     print "Now generating symkey on KRA"
     #client_key_id = "Vek #1" + time.strftime('%X %x %Z')
-    client_key_id = "vek1234567"
+    client_key_id = "veka6"
     algorithm = "AES"
     key_size = 128
     usages = [key.SymKeyGenerationRequest.DECRYPT_USAGE, key.SymKeyGenerationRequest.ENCRYPT_USAGE]
-    response = keyclient.generate_symmetric_key(client_key_id, algorithm, key_size, usages)
+    response = keyclient.generate_symmetric_key(client_key_id,
+                                                algorithm=algorithm,
+                                                size=key_size,
+                                                usages=usages)
     print_key_request(response.requestInfo)
     print "Request ID is " + response.requestInfo.get_request_id()
     key_id = response.get_key_id()
 
     # Test 5: Confirm the key_id matches
     print "Now getting key ID for clientKeyID=\"" + client_key_id + "\""
-    key_infos = keyclient.list_keys(client_key_id=client_key_id, status="active")
+    key_infos = keyclient.list_keys(client_key_id=client_key_id, status=keyclient.KEY_STATUS_ACTIVE)
     for key_info in key_infos.key_infos:
         print_key_info(key_info)
         key_id2 = key_info.get_key_id()
@@ -152,7 +155,10 @@ def main():
     # Test 10 = test BadRequestException on create()
     print "Trying to generate a new symkey with the same client ID"
     try:
-        response = keyclient.generate_symmetric_key(client_key_id, algorithm, key_size, usages)
+        response = keyclient.generate_symmetric_key(client_key_id,
+                                                    algorithm=algorithm,
+                                                    size=key_size,
+                                                    usages=usages)
     except pki.BadRequestException as exc:
         print "BadRequestException thrown - Code:" + exc.code + " Message: " + exc.message
 
@@ -169,10 +175,6 @@ def main():
         key_data, unwrapped_key = keyclient.retrieve_key('2000003434')
     except pki.KeyNotFoundException as exc:
         print "KeyNotFoundException thrown - Code:" + exc.code + " Message: " + exc.message
-    except pki.PKIException as exc:
-        # note: this is broken - we should be sending KeyNotFoundException here before the recovery
-        # request is created - to be fixed in next patch
-        print "PKIException thrown - Code:" + exc.code + " Message: " + exc.message
 
     #Test 13 = getKeyInfo
     print "Get key info for existing key"
@@ -186,7 +188,7 @@ def main():
 
     #Test 15: change the key status
     print "Change the key status"
-    keyclient.modify_key_status(key_id, "inactive")
+    keyclient.modify_key_status(key_id, keyclient.KEY_STATUS_INACTIVE)
     print_key_info(keyclient.get_key_info(key_id))
 
     # Test 16: Get key info for non-existent key
@@ -200,8 +202,14 @@ def main():
     print "Get non-existent active key"
     try:
         key_info = keyclient.get_active_key_info(client_key_id)
+        print_key_info(key_info)
     except pki.ResourceNotFoundException as exc:
         print "ResourceNotFoundException thrown - Code: " + exc.code + "Message: " + exc.message
 
+    #Test 18: Generate a symmetric key with default parameters
+    client_key_id = "Vek #3" + time.strftime('%X %x %Z')
+    response = keyclient.generate_symmetric_key(client_key_id)
+    print_key_request(response.requestInfo)
+
 if __name__ == "__main__":
     main()
diff --git a/base/kra/src/CMakeLists.txt b/base/kra/src/CMakeLists.txt
index 99088ce06..ccbc6a6c3 100644
--- a/base/kra/src/CMakeLists.txt
+++ b/base/kra/src/CMakeLists.txt
@@ -75,6 +75,13 @@ find_file(SYMKEY_JAR
         ${JAVA_LIB_INSTALL_DIR}
 )
 
+find_file(COMMONS_LANG_JAR
+    NAMES
+	commons-lang.jar
+    PATHS
+	/usr/share/java
+)
+
 
 # build pki-kra
 javac(pki-kra-classes
@@ -84,7 +91,7 @@ javac(pki-kra-classes
         ${PKI_CERTSRV_JAR} ${PKI_CMS_JAR} ${PKI_CMSCORE_JAR}
         ${PKI_CMSUTIL_JAR} ${PKI_NSUTIL_JAR}
         ${LDAPJDK_JAR} ${JAXRS_API_JAR}
-        ${JSS_JAR} ${COMMONS_CODEC_JAR} ${SYMKEY_JAR}
+        ${JSS_JAR} ${COMMONS_CODEC_JAR} ${COMMONS_LANG_JAR} ${SYMKEY_JAR}
     OUTPUT_DIR
         ${CMAKE_BINARY_DIR}/classes
     DEPENDS
diff --git a/base/kra/src/com/netscape/kra/SymKeyGenService.java b/base/kra/src/com/netscape/kra/SymKeyGenService.java
index 99c57b8d9..d1e60fa70 100644
--- a/base/kra/src/com/netscape/kra/SymKeyGenService.java
+++ b/base/kra/src/com/netscape/kra/SymKeyGenService.java
@@ -25,6 +25,7 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 
+import org.apache.commons.lang.StringUtils;
 import org.mozilla.jss.crypto.CryptoToken;
 import org.mozilla.jss.crypto.KeyGenAlgorithm;
 import org.mozilla.jss.crypto.KeyGenerator;
@@ -92,7 +93,8 @@ public class SymKeyGenService implements IService {
         String algorithm = request.getExtDataInString(IRequest.SYMKEY_GEN_ALGORITHM);
 
         String usageStr = request.getExtDataInString(IRequest.SYMKEY_GEN_USAGES);
-        List<String> usages = new ArrayList<String>(Arrays.asList(usageStr.split(",")));
+        List<String> usages = new ArrayList<String>(
+                Arrays.asList(StringUtils.split(usageStr, ",")));
 
         String keySizeStr = request.getExtDataInString(IRequest.SYMKEY_GEN_SIZE);
         int keySize = Integer.parseInt(keySizeStr);