summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * | Parametrize crypto methods part 2Ade Lee2017-03-061-30/+53
| | | | | | | | | | | | Most of the methods to unwrap the payload are parameterized.
| * | Parametrize the encryption functionsAde Lee2017-03-062-15/+125
| | | | | | | | | | | | | | | Theis patch parametrizes some of the encryption functions, for key wrapping and storage.
| * | Refactored EncryptionUnitAde Lee2017-03-066-211/+207
| | | | | | | | | | | | | | | | | | | | | EncryptionUnit is a bit of a mess right now. Refactored so that crypto specific code is in a few functions. These can now be parameterized to allow selection of parameters for wrapping method, algorithm etc.
| * | Remove unused methodAde Lee2017-03-062-18/+4
| | |
| * | Refactored PKIInstance.load().Endi S. Dewata2017-03-012-13/+34
| |/ | | | | | | | | | | The code that loads the password.conf in PKIInstance.load() has been converted into a general purpose load_properties() method. A corresponding store_properties() method has been added as well.
* | Refactor key recovery to centralize crypt functionsAde Lee2017-02-281-43/+49
| | | | | | | | | | Refactor key recovery to put al crypto specific operations in a few fucntions, which are parameterized for algorithm types.
* | Refactor exception handling in the EncryptionUnitAde Lee2017-02-2810-392/+380
| | | | | | | | | | Exceptions should be bubbled up and not swallowed at the EncryptionUnit level. This will help in diagnosing issues.
* | Cleanup exception handlingAde Lee2017-02-281-246/+13
| | | | | | | | | | | | The current exception handling really does nothing other than clutter up the file. Really, we should be passing up the exceptions, rather than catching them at this level. Subsequent patches will fix this.
* | Parameterize crypto functions, part 3Ade Lee2017-02-286-34/+75
| | | | | | | | The crypto functions to unwrap the session key have been parameterized.
* | Parametrize crypto methods part 2Ade Lee2017-02-281-30/+53
| | | | | | | | Most of the methods to unwrap the payload are parameterized.
* | Parametrize the encryption functionsAde Lee2017-02-282-15/+125
| | | | | | | | | | Theis patch parametrizes some of the encryption functions, for key wrapping and storage.
* | Refactored EncryptionUnitAde Lee2017-02-286-211/+207
| | | | | | | | | | | | | | EncryptionUnit is a bit of a mess right now. Refactored so that crypto specific code is in a few functions. These can now be parameterized to allow selection of parameters for wrapping method, algorithm etc.
* | Remove unused methodAde Lee2017-02-282-18/+4
|/
* Added access banner for PKI CLI.Endi S. Dewata2017-02-242-0/+83
| | | | | | | | | The PKI CLI has been modified to retrieve access banner from the server and ask for user confirmation at the beginning of the program. An --ignore-banner option was added to allow bypassing the banner for automation. https://fedorahosted.org/pki/ticket/2582
* Added access banner for PKI console.Endi S. Dewata2017-02-241-1/+34
| | | | | | | | The PKI console has been modified to retrieve access banner from the server and ask for user confirmation at the beginning of the program. https://fedorahosted.org/pki/ticket/2582
* Added access banner to TPS UI.Endi S. Dewata2017-02-245-3/+30
| | | | | | | All pages in TPS UI have been modified to retrieve access banner and display it once at the beginning of the SSL connection. https://fedorahosted.org/pki/ticket/2582
* Added access banner to TKS UI.Endi S. Dewata2017-02-2418-22/+130
| | | | | | | All pages in TKS UI have been modified to retrieve access banner and display it once at the beginning of the SSL connection. https://fedorahosted.org/pki/ticket/2582
* Added access banner to OCSP UI.Endi S. Dewata2017-02-2439-20/+254
| | | | | | | All pages in OCSP UI have been modified to retrieve access banner and display it once at the beginning of the SSL connection. https://fedorahosted.org/pki/ticket/2582
* Added access banner to KRA UI.Endi S. Dewata2017-02-2452-29/+346
| | | | | | | All pages in KRA UI have been modified to retrieve access banner and display it once at the beginning of the SSL connection. https://fedorahosted.org/pki/ticket/2582
* Added access banner for CA UI.Endi S. Dewata2017-02-24162-33/+1040
| | | | | | | All pages in CA UI have been modified to retrieve access banner and display it once at the beginning of the SSL connection. https://fedorahosted.org/pki/ticket/2582
* Added access banner for PKI UI.Endi S. Dewata2017-02-243-2/+105
| | | | | | | | | | | | | The PKI UI main page has been modified to retrieve access banner and display it in a dialog box. After displaying the banner it will notify the server such that the banner is not returned again in the same server session. To prevent displaying multiple dialog boxes in pages with frames the critical code is locked such that only one frame can actually display the banner. https://fedorahosted.org/pki/ticket/2582
* Added InfoService and LoginService.Endi S. Dewata2017-02-2411-3/+437
| | | | | | | | | | | New REST services classes have been added to PKIApplication. The InfoService provides general information about the server including version number and access banner. The LoginService provides a way to notify the server that the banner has been displayed on the client, which in that case the InfoService will no longer return the banner again in the same session. https://fedorahosted.org/pki/ticket/2582
* Added PKIApplication.Endi S. Dewata2017-02-233-0/+102
| | | | | | | A new PKIApplication class has been added into /pki web application to define common PKI REST services such as access banner. https://fedorahosted.org/pki/ticket/2582
* Fixed build problem on RHEL.Endi S. Dewata2017-02-235-45/+45
| | | | | | The CMake create_symlink commands do not work on RHEL if the source does not exist yet, so they have been replaced with regular ln commands.
* Refactor CertRetrievalRequest constructionFraser Tweedale2017-02-222-15/+3
| | | | | | | Remove an unused constructor from CertRetrievalRequest, and add a constructor that receives the CertId, simplifying usage. Part of: https://fedorahosted.org/pki/ticket/2601
* Remove unused importFraser Tweedale2017-02-221-1/+0
| | | | Part of: https://fedorahosted.org/pki/ticket/2601
* Secured PKI UI main page.Endi S. Dewata2017-02-211-0/+22
| | | | | | | A web.xml has been added to /pki web application to require SSL connection to access the PKI UI main page at /pki/ui. https://fedorahosted.org/pki/ticket/2582
* Reorganized PKI UI pages.Endi S. Dewata2017-02-213-163/+273
| | | | | | | | | | | | Previously the index.jsp of the ROOT web application was storing PKI UI main page which contains links to PKI subsystems installed on the instance. Now the file has been changed to redirect to /pki which provides a new PKI UI welcome page. The PKI UI main page itself has been moved to /pki/ui. https://fedorahosted.org/pki/ticket/2582
* Updated classpath in Console wrapper script.Endi S. Dewata2017-02-211-13/+15
| | | | | The classpath in Console wrapper script has been updated to include the complete PKI client library.
* Fixed error handling for Console authentication.Endi S. Dewata2017-02-212-42/+121
| | | | | The CMSAdmin class has been modified to show the error dialog if Console authentication fails.
* Added Console source folder to Eclipse classpath.Endi S. Dewata2017-02-211-0/+1
| | | | | The Console source folder has been added to Eclipse classpath to help updating the code.
* Refactored pki-ui.js.Endi S. Dewata2017-02-203-152/+173
| | | | | For clarity the non-UI code in the pki-ui.js has been moved into pki.js.
* Renamed index.html to index.jsp in TPS UI.Endi S. Dewata2017-02-202-0/+0
| | | | | | | The index.html files in TPS UI have been renamed to index.jsp such that they can be protected by access banner. https://fedorahosted.org/pki/ticket/2582
* Renamed index.html to index.jsp in TKS UI.Endi S. Dewata2017-02-205-2/+2
| | | | | | | The index.html files in TKS UI have been renamed to index.jsp such that they can be protected by access banner. https://fedorahosted.org/pki/ticket/2582
* Renamed index.html to index.jsp in OCSP UI.Endi S. Dewata2017-02-205-2/+2
| | | | | | | The index.html files in OCSP UI have been renamed to index.jsp such that they can be protected by access banner. https://fedorahosted.org/pki/ticket/2582
* Renamed index.html to index.jsp in KRA UI.Endi S. Dewata2017-02-206-4/+4
| | | | | | | The index.html files in KRA UI have been renamed to index.jsp such that they can be protected by access banner. https://fedorahosted.org/pki/ticket/2582
* Renamed index.html to index.jsp in CA UI.Endi S. Dewata2017-02-2010-2/+2
| | | | | | | The index.html files in CA UI have been renamed to index.jsp such that they can be protected by access banner. https://fedorahosted.org/pki/ticket/2582
* Fix NPE in server shutdown when startup failedFraser Tweedale2017-02-201-1/+2
| | | | | | | | If server startup fails, the shutdown() routine tries to shut down the logger instance, which may not have been initialised. This raises a NullPointerException which can mask the original exception. Only attempt to shut down the logger instance if it is non-null.
* Troubleshooting improvements for CertRequestService.Endi S. Dewata2017-02-171-27/+26
| | | | | To help troubleshooting the CertRequestService has been modified to chain the original exceptions.
* Added log message in CMCAuth.Endi S. Dewata2017-02-171-0/+2
| | | | | To help troubleshooting the CMCAuth has been modified to log a message when the CMC is missing.
* Updated RPM spec to include Java examples.Endi S. Dewata2017-02-161-0/+1
| | | | | | | The pki-core.spec has been modified to include Java examples in pki-base-java package. https://fedorahosted.org/pki/ticket/2584
* Added CACertClientExample.Endi S. Dewata2017-02-161-0/+76
| | | | | | A sample program has been added to show how to use CertClient. https://fedorahosted.org/pki/ticket/2584
* Added CAClientExample.Endi S. Dewata2017-02-164-0/+108
| | | | | | A sample program has been added to show how to use CAClient. https://fedorahosted.org/pki/ticket/2584
* Refactored SubsystemClient.Endi S. Dewata2017-02-161-2/+3
| | | | | The SubsystemClient.login() method has been modified to return the AccountInfo obtained from AccountClient.login().
* Refactored ClientConfig.Endi S. Dewata2017-02-161-11/+42
| | | | | | | | The serverURI field in ClientConfig has been replaced with serverURL since it actually stores the location of the server. New methods have been added to access the serverURL field. Existing methods for serverURI are retained for backward compatibility.
* Refactored PKIService class.Endi S. Dewata2017-02-1515-113/+132
| | | | | | | | | The subsystem-based methods and fields in PKIService class have been moved into a new SubsystemService class to allow creating more generic non-subsystem-based services. The classes that use these methods and fields have been updated accordingly.
* Cleaned up CMake scripts for Jackson libraries.Endi S. Dewata2017-02-152-14/+14
| | | | | To avoid redundancy the code that finds Jackson libraries has been moved to the top level CMake script.
* Removed library links creation from RPM spec.Endi S. Dewata2017-02-151-12/+0
| | | | | | The code that creates links to subsystem library files have been removed from RPM spec file since it has been converted into CMake scripts.
* Converted library links creation into CMake scripts.Endi S. Dewata2017-02-155-0/+115
| | | | | | To improve consistency across platforms the code in RPM spec that creates the links to subsystem library files has been converted into CMake scripts.
* Allow DirAclAuthz to be configured to read alternative entryFraser Tweedale2017-02-101-3/+23
| | | | | | | | | | Add the `searchBase' parameter for DirAclAuthz instances. If specified, it prepends the searchBase to the baseDN. This allows reusing an existing LDAP connection config (e.g. "internaldb") whilst changing where the instances loads the ACLs from. Part of: https://fedorahosted.org/pki/ticket/1359 Fixes: https://fedorahosted.org/pki/ticket/2525
generated by cgit (git 2.34.1) at 2025-09-27 05:55:54 +0000