| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
| |
1. Use size/keySize consistently, instead of strength.
2. Change to using Integer instead of int in SymKeyGenerationRequest.
3. Fix error message.
|
| |
|
|
|
|
| |
We will likely want to extend the REST API to allow the immediate return
of a generated key, and perhaps of a recovered key in a single step.
This change allows us to do that.
|
| |
|
|
|
|
| |
Make sure these are updated so that clients can get this information
when accessing a symmetric key. Also allow a default for generation
requests (but not for archival requests).
|
| |
|
|
|
|
|
|
|
|
|
| |
In the archival, recovery and generation code for symmetric keys,
we use functions that require knowledge of the symmetric keys algorithm
and key size. These were hardcoded to DES3, and so only DES3 worked.
We added those parameters to the archival request, save them in the
KeyRecord and retrive them when recovering the key.
Tests have been added to DRMTest for the relevant usages.
|
| |
|
|
|
|
|
|
|
| |
1. Remove Link attribute from ResourceMessage,
2. Rename KeyDataInfo and KeyDataInfoCollection.
3. Move KEYGEN_ALGORITHMS
4. Fix missing space in PKIException
5. Move properties to attributes in ResourceMessage
6. Add missing code to update the request and set IRequest.RESULT
|
| |
|
|
|
|
| |
Refactor ResourceMessage to include classname instead of Request Type.
Also changed PKIException.Data to extend ResourceMessage.
Modifications to the server code to get the tests working.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Refactored KeyRequest API to use requests containing a
generic request object.
|
| |
|
|
|
|
|
|
| |
TPS resources that are stored in CS.cfg have been refactored to update
their statuses properly. These resources include profiles, profile
mappings, connections, and authenticators.
Ticket #654
|
| |
|
|
|
|
|
|
| |
A new dialog box has been added for adding TPS token. A separate
token ID attribute has been added to the REST service as required
by Backbone.
Ticket #654
|
| |
|
|
|
|
| |
TPS-rewrite effort):
http://pki.fedoraproject.org/wiki/TPS_-_New_Recovery_Option:_External_Registration_DS
|
| |
|
|
|
|
|
|
| |
A new dialog box has been added for adding TPS groups. A separate
group ID attribute has been added to the REST service as required
by Backbone.
Ticket #654
|
| |
|
|
|
|
|
|
|
| |
A new dialog box has been added for adding TPS users. Backbone requires
that a separate attribute is used to specify the user ID (instead of id)
when creating new users, so a new userID field has been added to the
backend service as well.
Ticket #654
|
| |
|
|
|
|
|
|
|
|
| |
Some modify operations have been modified to use HTTP PATCH method
since the request only contains changes to the resource, not the
entire resource. To replace the entire resource, separate replace
operations using HTTP PUT method will be used instead. The Backbone
library is using the same convention by default.
Ticket #654
|
| |
|
|
|
|
|
| |
An inititial implementation of TPS UI has been added. The UI will
display TPS resources as tables.
Ticket #654
|
| |
|
|
|
| |
The pki-cmsbundle.jar is distributed in pki-server package so the files
have been moved into the base/server folder.
|
| |
|
|
|
|
|
| |
New ACL has been added to allow only the administrators to access
TPS profile mappings.
Ticket #652
|
| |
|
|
|
|
| |
This patch provides REST interface extension allowing recovery of asymmetric keys.
Ticket #439.
|
| |
|
|
|
|
| |
The key-find command did not return any results due to recent changes.
The method name in KeyDataInfos has been fixed such that XML mapping
would work properly.
|
| |
|
|
|
| |
A new CLI command has been added to simplify the creation of client
certificate database.
|
| |
|
|
|
| |
The ACL and auth method mapping names in some resources have been
modified to be more consistent with those in other resources.
|
| |
|
|
|
|
|
| |
New ACL has been added to allow only the administrators to access
TPS selftests.
Ticket #652
|
| |
|
|
|
|
|
| |
New ACL has been added to allow only the administrators to access
TPS connections.
Ticket #652
|
| |
|
|
|
|
|
| |
New ACL has been added to allow only the administrators to access
TPS configuration.
Ticket #652
|
| |
|
|
|
|
|
|
|
|
| |
New ACL has been added to allow only the administrators to access
TPS authenticators.
The set of interceptors in each application has been modified to
preserve the order.
Ticket #652
|
| |
|
|
|
|
| |
The find commands in some REST services have been modified to support
paging to be consistent with others. The other find commands have been
cleaned up as well.
|
| |
|
|
|
|
|
|
|
|
|
| |
Some of the REST services have been fixed to consistently return a
DataCollection which contains the total count, the requested subset
of results, and links to request other subsets of the results.
The TPSConnectorFindCLI has been split into separate find and show
commands.
Ticket #749
|
| |
|
|
|
|
|
|
|
| |
The user and group services have been modified to return consistent HTTP
return codes under various situations. The UGSubsystem has been modified
to capture any LDAP exceptions and throw the proper PKIException subclass
that represents the appropriate HTTP error code for the situation.
Ticket #669, #749
|
| |
|
|
| |
Ticket 749
|
| |
|
|
| |
Also added some missing checks, and some missing options in the Key Request CLI
|
| |
|
|
| |
Ticket 749
|
| |
|
|
|
|
|
| |
A new REST service and clients have been added to manage the profiles
in the TPS configuration file.
Ticket #652
|
| |
|
|
|
|
|
| |
The ACL and ACLEntry in com.netscape.cmscore.realm are duplicates
of the ones in com.netscape.certsrv.acls. They have been removed
since they are no longer used. All differences have been merged
into the remaining copy.
|
| |
|
|
|
| |
The test classes have been moved from base/common/test to base/server/test
and into the cmscore package because they are dependent on server classes.
|
| |
|
|
|
|
|
|
|
| |
Previously the CMS.shutdown() was called multiple times during Tomcat
shutdown, one by CMSStarServlet.destroy() and the other by the shutdown
hook, causing some errors. The shutdown hook should only be used in a
standalone application, so it has been moved into CMS.main().
Bugzilla #1018628
|
| |
|
|
|
|
|
| |
The TPS token REST interface has been modified to require client certificate
authentication. TPS admins, agents, and operators are allowed to view tokens,
but only admins are allowed to add and remove tokens, and only agents are
allowed to modify tokens.
|
| |
|
|
|
| |
The CertEnrollmentRequest, ProfileInput, ProfileAttribute, and Descriptor
have been cleaned up to fix some bugs and minor formatting issues.
|
| |
|
|
|
| |
The tomcat, cms, and cmscore packages have been moved from base/common
into separate folders in base/server so that they can be built separately.
|
| |
|
|
|
|
|
| |
Due to a regression RESTEasy is unable to find some sub-resources properly.
As a workaround some resources need to be merged into the parent resource.
The UserCertResource and UserMembershipResource have been merged into
UserResource. The GroupMemberResource has been merged into GroupResource.
|
| |
|
|
|
| |
The PKIPrincipal is in cmscore package but it's needed by the REST
services in cms package so the class has been moved into cms package.
|
| |
|
|
|
|
|
| |
The CertUserDBAuthentication and PasswdUserDBAuthentication are authentication
managers in cmscore package but they are needed by PKIRealm that is now in cms
package, so new interfaces have been refactored from these classes so they
can be used without causing dependency issue.
|
| |
|
|
|
| |
PKIRealm has been moved from pki-cmscore into pki-cms package because
it's needed by CMSStartServlet which is in the pki-cms package.
|
| |
|
|
| |
* TRAC Ticket #667 - provide option for ca-less drm install
|
| | |
|
| |
|
|
| |
Ticket 727
|
| |
|
|
|
|
|
| |
A new REST service and clients have been added to manage the audit
configuration in all subsystems.
Ticket #652
|
