| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Refactor code in CryptoUtil to parametrize the algorithms used.
* Moved WrappingParams to utils jar to allow correct compilation.
* Removed code that created a PKIArchiveOptions structure from
CRMFPopClient and replaced with calls to CryptoUtil methods.
Note that the algorithms have been left as DES3. They will be
changed to AES in the next patch.
* Converted code in AuthorityKeyExportCLI to use the new methods
in CryptoUtil.
* Removed DRMTest this code is no longer maintained or used.
Change-Id: I8f625f0310877dca68f6a01285b6ff4e27e7f34a
|
| |
|
|
|
|
| |
Move some of the crypto functions in EncryptionUnit to CryptoUtil.
Change-Id: Iee391392fb88a87f6af3b450b69508fd52729a62
|
| |
|
|
|
|
|
| |
Commit f9ddb2e875355e882b14529979f6c9ae03cf720e has been reverted
due to build issue on RHEL/CentOS.
https://fedorahosted.org/pki/ticket/2535
|
| |
|
|
|
|
| |
The deprecated ProxyParser has been replaced with DefaultParser.
https://fedorahosted.org/pki/ticket/2535
|
| |
|
|
|
|
| |
All the secrets/keys retrieved using the client API's using Java/python
clients will be of the type - byte array. This applies to output of the
retrieveKey method and the public key attribute of the KeyInfo object.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Adds methods to key client to generate asymmetric keys using
algorithms RSA and DSA for a valid key sizes of 512, 1024, 2048,4096.
The generated keys are archived in the database.
Using the CLI, the public key(base64 encoded) can be retrieved by using
the key-show command.
The private key(base64 encoded) can be retrieved using the key-retrieve
command.
Ticket #1023
|
| | |
|
| |
|
|
|
| |
The KeyClient class on the java side is modified to
have a similar design as the KeyClient class on the python side.
|
| | |
|
| |
|
|
|
|
| |
With this patch, you can now either send a pkiArchiveOptions object
or the exploded parameters. This reduces the processing required on
the client side.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The REST interface for keys has been modified to return Response
objects to allow better handling of server responses. Key-related
methods in KRAClient have been moved into KeyClient. The DRMTest
has been updated accordingly.
Ticket #554
|
| |
|
|
|
|
| |
A new REST client has been added to access system certificates.
Ticket #554
|
| |
|
|
|
|
| |
1. Use size/keySize consistently, instead of strength.
2. Change to using Integer instead of int in SymKeyGenerationRequest.
3. Fix error message.
|
| |
|
|
|
|
| |
We will likely want to extend the REST API to allow the immediate return
of a generated key, and perhaps of a recovered key in a single step.
This change allows us to do that.
|
| |
|
|
|
|
| |
Make sure these are updated so that clients can get this information
when accessing a symmetric key. Also allow a default for generation
requests (but not for archival requests).
|
| |
|
|
|
|
|
|
|
|
|
| |
In the archival, recovery and generation code for symmetric keys,
we use functions that require knowledge of the symmetric keys algorithm
and key size. These were hardcoded to DES3, and so only DES3 worked.
We added those parameters to the archival request, save them in the
KeyRecord and retrive them when recovering the key.
Tests have been added to DRMTest for the relevant usages.
|
| |
|
|
|
|
|
|
|
| |
1. Remove Link attribute from ResourceMessage,
2. Rename KeyDataInfo and KeyDataInfoCollection.
3. Move KEYGEN_ALGORITHMS
4. Fix missing space in PKIException
5. Move properties to attributes in ResourceMessage
6. Add missing code to update the request and set IRequest.RESULT
|
| |
|
|
|
|
| |
Refactor ResourceMessage to include classname instead of Request Type.
Also changed PKIException.Data to extend ResourceMessage.
Modifications to the server code to get the tests working.
|
| | |
|
| |
|
|
|
|
| |
This patch provides REST interface extension allowing recovery of asymmetric keys.
Ticket #439.
|
| |
|
|
|
|
|
|
|
| |
A new Client class was added as a base for all client classes. The
SubsystemClient was added as a base for all subsystem clients. It also
provides methods to authenticate against the subsystem. The DRMClient
has been renamed to KRAClient to match the actual subsystem name.
Ticket #701
|
| |
|
|
|
|
|
|
|
|
| |
The pki-client.jar has been split and merged into pki-certsrv.jar
and pki-tools.jar. The REST client classes are now packaged in
com.netscape.certsrv.<component> packages. The REST CLI classes
are now packaged in com.netscape.cmstools.<component> packages.
The "pki" script has been moved into pki-tools RPM package.
Ticket #215
|
| |
|
|
|
|
|
| |
The common classes used by REST client and services have been moved
into the com.netscape.certsrv.<component> packages.
Ticket #215
|
| |
|
|
|
|
|
| |
The REST client classes have been moved into the
com.netscape.cms.client.<component> packages.
Ticket #215
|
| |
|
|
|
|
|
| |
The REST common classes have been renamed for better clarity
and consistency.
Ticket #259
|
| |
|
|
|
|
|
| |
The REST server classes have been renamed for better clarity
and consistency.
Ticket #259
|
| |
|
|
|
|
|
| |
The REST client classes have been renamed for better clarity
and consistency.
Ticket #259
|
| |
|
|
|
|
|
|
| |
A new ClientConfig class has been added to encapsulate client
configuration parameters. These parameters include server URI,
certificate database, certificate nickname, and password.
Ticket #107
|
| | |
|
| |
|
|
|
|
|
| |
The cert revocation REST service is based on DoRevoke and DoUnrevoke servlets.
It provides an interface to manage certificate revocation.
Ticket #161
|
| |
|
|
|
|
|
| |
A new getEntity() method has been added to obtain the entity from
a Response object and also map HTTP errors into exceptions.
Ticket #161
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Tickets #144 and #145
Providing the following:
1. Simple EE restful interface for certificates, printing, listing and searching.
2. Simple EE restful interface for certificate enrollment requests.
3. Simple EE restful interface for profiles and profile properties.
4. Simple Test client to exercise the functionality.
5. Created restful client base class inherited by CARestClient and DRMRestClient.
6. Provide simple restful implementations of new interfaces added.
ToDO: Need some more refactoring to base classes for some of the new classes which are similar to classes
in the DRM restful area.
ToDO: Actual certificate enrollment code that will be refactored from existing ProfileSubmitServlet.
Provide CA EE Restful interface and test client review fixes.
|
| |
|
|
|
| |
Simple fix to get the DRMRestClient working under SSL again.
Ticket #163.
|
| |
|
|
|
|
|
| |
Most of unused private fields have been removed because they generate
warnings in Eclipse. Some are kept because it might be useful later.
Ticket #139
|
| |
|
|
|
|
|
|
| |
Whitespaces in Java code have been removed with the following command:
find . -not -path .git -name *.java -exec sed -i 's/[[:blank:]]\+$//' {} \;
Ticket #134
|
| |
|
|
|
|
|
| |
The deprecated ApacheHttpClientExecutor class has been replaced with
ApacheHttpClient4Executor.
Ticket #3
|
| |
|
|
|
|
|
|
|
|
| |
The CMSException was added to simplify error handling in REST services.
The exception may include an error message and some other attributes.
When the server throws a CMSException (or its subclass), the exception
will be marshalled into XML and unmarshalled by the client, then thrown
again as a new exception which can be caught by the application.
Ticket #100
|
|
|
Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.
Ticket #131
|
