summaryrefslogtreecommitdiffstats
path: root/base/kra/src/org
Commit message (Collapse)AuthorAgeFilesLines
* Encapsulate key status change audit logsAde Lee2017-05-251-9/+7
| | | | Change-Id: I57b30cdff571056d0a95436858308872a8dc007b
* Encapsulate symmetric and asymmetric keygen audit eventsAde Lee2017-05-241-11/+8
| | | | Change-Id: Ifc8d05bd1d2d34bb0ef25877f838731bed58d00e
* Simplify recovery audit loggingAde Lee2017-05-241-4/+7
| | | | | | | | | | | | | | | | | Currently, when we use the retrieveKey() REST interface, there are two logs generated for the processing of a recovery request. To rectify this, logging has been removed from the lower level in the SecurityDataProcessor and is delegated to the higher level. This necessitated adding audit logging to the SecurityDataRecoveryService, which processes recovery events asynchronously. In addition, the logging in retrieveKey() has been pushed down to the retrieveKeyImpl, because there is at least one success exit point in retrieveKeyImpl where a recovery request is created, but no key is exported. Hence in this case, a KeyRetrieve success event is not warranted. Change-Id: I0725e6fe82046ae666bf6c81d6a6ba58261dfc87
* Make sure archivalID is passed through archivalAde Lee2017-05-241-0/+1
| | | | | | | | | | | | | | | | There was some confusion in the previous commit for archival logging. The archivalID is the id provided by the CA for the archival and is its requestID. This allows the cert request operation to be tracked through the archival. Made sure therefore, that we have two fields - one for the archivalID and one for the requestId (which is the KRA archival request ID) In addition, some of the archival events occur in the CA component just before the request id sent to the KRA. These events will not be displayed unless the audit event is added to the CA CS.cfg. Change-Id: I3904d42ae677d5916385e0120f0e25311b4d9d08
* Encapsulate recovery request approval audit logsAde Lee2017-05-231-5/+4
| | | | | | | | The audit logs where an agent grants an asynchronous recovery request and the case where recovery request is appproved from the REST API are consolidated and encapsulated in a class. Change-Id: I237c1dcfc413012d421f3ccc64e21c7caf5a7701
* Fix auditing in retrieveKeyAde Lee2017-05-231-17/+71
| | | | | | | | | | | | The auditing in retrieveKey is all messed up. * Added new audit event to track accesses to KeyInfo queries. They may produce a lot of events, especially if events are generated for every listing of data. By default, this event may be turned off. * Added audit events for generation and processing of key recovery requests. Change-Id: Icb695e712bdfadf0a80903aa52bd00b9d4883182
* Encapsulate key retrieval audit eventsAde Lee2017-05-231-7/+7
| | | | | | | | | | | Key retrieval is when the key/secret is extracted and returned to the client (once the recovery request is approved). We combine SECURITY_DATA_RETRIEVE_KEY and a couple of older EXPORT events. Note: an analysis of the key retrieval rest flow (and the auditing there will be done in a subsequent patch). Change-Id: Ibd897772fef154869a721fda55ff7498210ca03c
* Encapsulate key recovery audit eventsAde Lee2017-05-231-5/+5
| | | | | | | | Encapsulate SECURITY_DATA_KEY_RECOVERY_REQUEST and KEY_RECOVERY_REQUEST audit events as audit event objects. We have collapse to a single audit event type. Change-Id: I68c27573725cf27c34d008c58847d6a22e0d0bac
* Encapsulate the archival audit logAde Lee2017-05-231-5/+4
| | | | | | | | | | | | | This patch encapsulates the SECURITY_DATA_ARCHIVAL_REQUEST and PRIVATE_DATA_ARCHIVAL_REQUEST audit logs as audit events. The PRIVATE_DATA_ARCHIVAL_REQUEST events are mapped to the SECURITY_DATA ones to simplify the whole structure. They used to provide an archivalID parameter which was pretty much meaningless as it was at best just the same as the request id which is alreadty logged. So this is now dropped. Change-Id: I705d25ce716c73f2c954c5715b0aafdad80b99d2
* Reorganized audit event constants for KRA.Endi S. Dewata2017-04-122-27/+9
| | | | Change-Id: Ic4a79b0c73812c7b89daca3c804e6a88c738536a
* Add KRAInfo resourceAde Lee2017-04-111-0/+4
| | | | | | | | | | This resource (which will be accessed at /kra/rest/info) will initially return the mechanism for archival or retrieval. This is needed by clients to know how to package secrets when archiving. Change-Id: I6990ebb9c9dafc4158e51ba61a30e773d1d953ec
* Added audit service and CLI to all subsystems.Endi S. Dewata2017-04-041-0/+4
| | | | | | | Previously the audit service and CLI were only available on TPS. Now they have been added to all subsystems. Change-Id: I3b472254641eb887289c5122df390c46ccd97d47
* Removed redundant Context attributes.Endi S. Dewata2017-03-312-34/+0
| | | | | | | All subclasses of PKIService have been modified to remove the Context attribute since they have been declared in the base class. Change-Id: Icdbe97efa2b910a579264099f817930c2cc2ed1a
* Fix retrieval for symmetric keysAde Lee2017-03-281-2/+19
| | | | | | | | | | | | | Up to now, we have only ever used the same algorithm (DES3_CBC) for key wrapping and encryption. With the change to use AES Keywrap and AES CBC, we need to know which mechanism was used to encrypt/wrap the secrets when returned to the client. This means passing back more information to the client with the key data, and also modifying the client to use this information to decode the data correctly. Change-Id: I7232085c1eedf38c63abad81db08acc912fa1da1
* Refactored PKIService class.Endi S. Dewata2017-02-152-4/+4
| | | | | | | | | The subsystem-based methods and fields in PKIService class have been moved into a new SubsystemService class to allow creating more generic non-subsystem-based services. The classes that use these methods and fields have been updated accordingly.
* Fix bug in getting secrets from approved requestAde Lee2016-11-221-22/+13
| | | | | | | When request was approved and retrieved through the rest interface, the corresponding volatile requests object was not created due to the new flow. This makes sure the volatile request is created.
* Moved policy framework classes to org.dogtagpki.legacy.Endi S. Dewata2016-11-111-0/+78
| | | | | | | To discourage the use of policy framework, the framework classes have been moved into org.dogtagpki.legacy. https://fedorahosted.org/pki/ticket/6
* Fix auditing and rename kra.ephemeral as per review commentsAde Lee2016-11-101-34/+69
|
* Add field to KeyData to allow request to be returned when non-synchronousAde Lee2016-11-101-0/+20
| | | | | If a retrieval is non-sychronous, we create a non-ephemeral recovery request and return this Request ID to the client.
* Modify retrieval and archival mechanisms in KRA RESTAde Lee2016-11-102-199/+173
| | | | | | | | | | | | | | | | | | | When clients call retrieveKey(), three possible alternatives now obtain: 1. client passes in an approved request. Request is processed and the secret is retrieved. 2. client passes in key_id and wrapping parameters and either: a) request can be processed immediately and synchronously and request is created, and secret is returned. b) request cannot be processed immediately. Recovery request is created and request_id returned to the client Depending on server configuration, the requests in case (2a) will be stored in ldap or will be ephemeral (in memory only). More complicated realm based logic to determine if requests can be processed synchronously or ephemerally will be added in a later patch.
* Realm: allow auth instances to support multiple realmsAde Lee2016-04-202-7/+7
| | | | | | | | | | | | | | | | In practice, most folks will use something like DirAclAuthz to manage their realm. Rather than requiring a new authz plugin for each realm, we allow the authz plugin to support multiple realms (as a comma separated list). For the Acl plugins in particular, we expand the authorize call to allow the caller to pass in the realm as well as the resource and operation. The resource queried would then be constructed on the fly as realm.resource Examples will be provided in the wiki page. Trac Ticket 2041
* Realms - Address comments from reviewAde Lee2016-04-202-32/+67
| | | | | | | | | | | | Review comments addressed: 1. when archiving or generating keys, realm is checked 2. when no plugin is found for a realm, access is denied. 3. rename mFoo to foo for new variables. 4. add chaining of exceptions 5. remove attributes from KeyArchivalRequest etc. when realm is null 6. Add more detail to denial in BasicGroupAuthz Part of Trac Ticket 2041
* Add authz checks for all operationsAde Lee2016-04-202-32/+97
| | | | | | | We add authz realm checks as appropriate for each operation. Part of Trac Ticket #2041
* Make recovery methods more consistentAde Lee2016-04-201-48/+9
| | | | | | | | | | | The async recovery request mechanism was implemented differently from other requests. This makes it difficult to add tings like authorization consisitently. We move the required methods to the KeyRequestDAO to be more consistent. Part of Ticket #2041
* Added realm to methods for listing requests and keysAde Lee2016-04-202-12/+33
| | | | | | | | | | | 1. Added query parameters for the realm. If a realm is specified, then only the key requests and keys associated with the realm are returned. If no realm is specified, then only those requests and keys without a realm are returned. 2. Added parameters to keyClient and the CLI Part of Trac Ticket #2041
* Removed audit CLI from non-TPS subsystems.Endi S. Dewata2015-07-171-4/+0
| | | | | | | | | | Due to database upgrade issue the pki <subsystem>-audit CLI has been removed from all subsystems except TPS. The AuditModifyCLI has been modified to clarify that the --action and the --input parameters are mutually exclusive. https://fedorahosted.org/pki/ticket/1437
* Fixed NPE during key-retrieve.Endi S. Dewata2015-07-131-12/+25
| | | | | | | | | | | | Keys archived through the KRA connector in CA have null data type attribute which causes a NPE during retrieval using the key-retrieve CLI. The SecurityDataRecoveryService has been modified to consider null data type attribute as asymmetric key type. The KeyRetrieveCLI and KeyService have been modified to generate better debugging messages to help troubleshooting. https://fedorahosted.org/pki/ticket/1481
* Ticket 1160 audit needed for getKeyInfo; audit missing for auth/authz at ↵Christina Fu2015-05-142-43/+155
| | | | REST. This patch addresses: (2) audit needed for getKeyInfo, the 2nd part of this ticket where the key services are missing some auditing.
* Fixed authentication data in audit log.Endi S. Dewata2015-05-051-1/+3
| | | | | | | | | | | The REST methods may be executed by different threads even though they are invoked in the same session. A new interceptor has been added to all subsystems to make sure the SessionContext is created properly for each thread. This will fix the authentication data in the audit log. The SessionContext has also been improved to use ThreadLocal instead of a global Hashtable. https://fedorahosted.org/pki/ticket/1054
* Makes output of secrets consistent for all clients.Abhishek Koneru2014-08-291-8/+2
| | | | | | All the secrets/keys retrieved using the client API's using Java/python clients will be of the type - byte array. This applies to output of the retrieveKey method and the public key attribute of the KeyInfo object.
* Generate asymmetric keys in the DRM.Abhishek Koneru2014-08-272-6/+53
| | | | | | | | | | | | Adds methods to key client to generate asymmetric keys using algorithms RSA and DSA for a valid key sizes of 512, 1024, 2048,4096. The generated keys are archived in the database. Using the CLI, the public key(base64 encoded) can be retrieved by using the key-show command. The private key(base64 encoded) can be retrieved using the key-retrieve command. Ticket #1023
* Add ability to create database as subtree of existing treeAde Lee2014-07-171-1/+1
| | | | | | | | | | | | | | | | This patch adds the ability to create a subsystem that uses an existing subtree to create the internal basedn. This is useful for instance, for IPA which will use the original o=ipaca as the top level DN for a KRA, which will be situated at o=ipadrm, o=ipaca. The patch also allows such a system to be cloned, but not to setup the replication agreements, on the assumption that the data is already being replicated at the top-level DN or some higher level. The patch also contains some minor cleanups - removing unused imports and removal of an invalid reference in the python code. Ticket 1051
* Fix identities for security data storage, retrieval and generationAde Lee2014-06-132-16/+34
| | | | | | | | | | | | For the new security data storage and retrieval, and for symmetric key generation, we need to store the identity of the agent that is requesting and approving each operation, both in the ldap record and in the audit logs. (Tickets 806 and 807) This patch also adds required logic to check that the owner of the recovery request is the same agent that retrieves the key. It also adds missing audit log constants for symmmetric key generation so that they will show up in the audit log.
* Added minimum search keyword length requirement.Endi S. Dewata2014-05-121-1/+0
| | | | | | | | | | Some REST services that accept search keywords have been modified to require a minimum length of 3 characters. The DEFAULT_SIZE constant has been moved into the base PKIService class to reduce multiple declarations. Ticket #920
* Fixed message format for PKIException.Endi S. Dewata2014-05-071-2/+2
| | | | | | | | | | | Previously PKIException was not displayed properly in browser because it doesn't have a writer for HTML. Now the exception mapper will compute the message format properly, and will default to XML. The exception mapper itself has been moved into a server package due to class dependency. The REST application classes have been updated accordingly. Ticket #554
* Refactored SystemConfigService (part 12).Endi S. Dewata2014-04-251-0/+34
| | | | | | | Subsystem-specific configuration codes have been moved from the SystemConfigService into the subsystem-specific installer. Ticket #890
* Refactored SystemConfigService (part 9).Endi S. Dewata2014-04-252-2/+33
| | | | | | | | | New subclasses of SystemConfigService have been added for each subsystem to replace the base installer. Initially these classes are blank, so they are identical to the base class. Later they will store subsystem-specific installation code. Ticket #890
* Added CLI parameter to select message format.Endi S. Dewata2014-03-041-0/+2
| | | | | | | | | | | A new CLI parameter has been added to allow the user select the REST message format. This is done by setting the default consumes and produces when creating the client proxy. For this to work the hard-coded @Consumes and @Produces annotations need to be removed from the interface definition. A new interceptor has been added to validate the message format before executing the operation. Ticket #554
* Reorganized REST service classes.Endi S. Dewata2014-02-283-0/+1105
The REST service classes have been moved into org.dogtagpki.server namespace. A new upgrade script has been added to update existing instances. Ticket #114
generated by cgit (git 2.34.1) at 2026-01-21 03:03:19 +0000