2 files changed, 25 insertions, 9 deletions

diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java
index d9bdd8843..e9ce7f2ec 100644
--- a/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/key/KeyArchiveCLI.java
@@ -45,6 +45,10 @@ public class KeyArchiveCLI extends CLI {
                 "Location of the request template file.\nUsed for archiving already encrypted data.");
         option.setArgName("Input file path");
         options.addOption(option);
+
+        option = new Option(null, "realm", true, "Authorization realm.");
+        option.setArgName("Realm");
+        options.addOption(option);
     }
 
     public void execute(String[] args) {
@@ -88,13 +92,15 @@ public class KeyArchiveCLI extends CLI {
 
                 if (req.getPKIArchiveOptions() != null) {
                     response = keyCLI.keyClient.archivePKIOptions(req.getClientKeyId(), req.getDataType(),
-                            req.getKeyAlgorithm(), req.getKeySize(), Utils.base64decode(req.getPKIArchiveOptions()));
+                            req.getKeyAlgorithm(), req.getKeySize(), Utils.base64decode(req.getPKIArchiveOptions()),
+                            req.getRealm());
                 } else {
                     response = keyCLI.keyClient.archiveEncryptedData(req.getClientKeyId(), req.getDataType(),
                             req.getKeyAlgorithm(), req.getKeySize(), req.getAlgorithmOID(),
                             Utils.base64decode(req.getSymmetricAlgorithmParams()),
                             Utils.base64decode(req.getWrappedPrivateData()),
-                            Utils.base64decode(req.getTransWrappedSessionKey()));
+                            Utils.base64decode(req.getTransWrappedSessionKey()),
+                            req.getRealm());
                 }
 
             } catch (JAXBException e) {
@@ -123,8 +129,10 @@ public class KeyArchiveCLI extends CLI {
                 printHelp();
                 System.exit(-1);
             }
+            String realm = cmd.getOptionValue("realm");
+
             try {
-                response = keyCLI.keyClient.archivePassphrase(clientKeyId, passphrase);
+                response = keyCLI.keyClient.archivePassphrase(clientKeyId, passphrase, realm);
             } catch (Exception e) {
                 System.err.println(e.getMessage());
                 if (verbose)
diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java
index c8608731e..4149ee677 100644
--- a/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java
@@ -48,6 +48,14 @@ public class KeyGenerateCLI extends CLI {
                 + "\nAdditional usages for RSA and DSA type keys: derive, sign_recover, verify_recover.");
         option.setArgName("list of usages");
         options.addOption(option);
+
+        option = new Option(
+                null,
+                "realm",
+                true,
+                "Authorization realm");
+        option.setArgName("realm");
+        options.addOption(option);
     }
 
     public void execute(String[] args) {
@@ -80,6 +88,7 @@ public class KeyGenerateCLI extends CLI {
         String clientKeyId = cmdArgs[0];
         String keyAlgorithm = cmd.getOptionValue("key-algorithm");
         String keySize = cmd.getOptionValue("key-size");
+        String realm = cmd.getOptionValue("realm");
 
         if (keySize == null) {
             switch (keyAlgorithm) {
@@ -118,6 +127,7 @@ public class KeyGenerateCLI extends CLI {
         if (givenUsages != null) {
             usages = Arrays.asList(givenUsages.split(","));
         }
+
         KeyRequestResponse response = null;
         switch (keyAlgorithm) {
         case KeyRequestResource.DES3_ALGORITHM:
@@ -126,15 +136,13 @@ public class KeyGenerateCLI extends CLI {
         case KeyRequestResource.RC4_ALGORITHM:
         case KeyRequestResource.AES_ALGORITHM:
         case KeyRequestResource.RC2_ALGORITHM:
-            response = keyCLI.keyClient.generateSymmetricKey(clientKeyId, keyAlgorithm,
-                    size,
-                    usages, null);
+            response = keyCLI.keyClient.generateSymmetricKey(
+                    clientKeyId, keyAlgorithm, size, usages, null, realm);
             break;
         case KeyRequestResource.RSA_ALGORITHM:
         case KeyRequestResource.DSA_ALGORITHM:
-            response = keyCLI.keyClient.generateAsymmetricKey(clientKeyId, keyAlgorithm,
-                    size,
-                    usages, null);
+            response = keyCLI.keyClient.generateAsymmetricKey(
+                    clientKeyId, keyAlgorithm, size, usages, null, realm);
             break;
         default:
             System.err.println("Error: Algorithm not supported.");