From 90f5798079ffe46502552daaddd1b6366eafac62 Mon Sep 17 00:00:00 2001 From: Ade Lee Date: Sat, 16 Apr 2016 11:48:52 -0400 Subject: Added realm for archival and key generation through REST This will allow users to specify the realm when generating or archiving a request. No interface change is needed (yet) because the extra parameter is passed through the request. Part of Ticket #2041 --- base/kra/src/com/netscape/kra/AsymKeyGenService.java | 6 ++++++ base/kra/src/com/netscape/kra/SecurityDataService.java | 7 +++++++ base/kra/src/com/netscape/kra/SymKeyGenService.java | 5 +++++ 3 files changed, 18 insertions(+) (limited to 'base/kra') diff --git a/base/kra/src/com/netscape/kra/AsymKeyGenService.java b/base/kra/src/com/netscape/kra/AsymKeyGenService.java index f4f68ea01..26a284fd0 100644 --- a/base/kra/src/com/netscape/kra/AsymKeyGenService.java +++ b/base/kra/src/com/netscape/kra/AsymKeyGenService.java @@ -78,6 +78,8 @@ public class AsymKeyGenService implements IService { String keySizeStr = request.getExtDataInString(IRequest.KEY_GEN_SIZE); int keySize = Integer.valueOf(keySizeStr); + String realm = request.getRealm(); + KeyPairGeneratorSpi.Usage[] usageList = null; String usageStr = request.getExtDataInString(IRequest.KEY_GEN_USAGES); if (usageStr != null) { @@ -174,6 +176,10 @@ public class AsymKeyGenService implements IService { record.set(KeyRecord.ATTR_KEY_SIZE, keySize); request.setExtData(ATTR_KEY_RECORD, serialNo); + if (realm != null) { + record.set(KeyRecord.ATTR_REALM, realm); + } + storage.addKeyRecord(record); auditAsymKeyGenRequestProcessed(auditSubjectID, ILogger.SUCCESS, request.getRequestId(), diff --git a/base/kra/src/com/netscape/kra/SecurityDataService.java b/base/kra/src/com/netscape/kra/SecurityDataService.java index 3a163e23b..349ef9460 100644 --- a/base/kra/src/com/netscape/kra/SecurityDataService.java +++ b/base/kra/src/com/netscape/kra/SecurityDataService.java @@ -100,6 +100,9 @@ public class SecurityDataService implements IService { String algorithm = request.getExtDataInString(IRequest.SECURITY_DATA_ALGORITHM); int strength = request.getExtDataInInteger(IRequest.SECURITY_DATA_STRENGTH); + // parameter for realm + String realm = request.getRealm(); + CMS.debug("SecurityDataService.serviceRequest. Request id: " + id); CMS.debug("SecurityDataService.serviceRequest wrappedSecurityData: " + wrappedSecurityData); @@ -262,6 +265,10 @@ public class SecurityDataService implements IService { rec.set(KeyRecord.ATTR_KEY_SIZE, strength); } + if (realm != null) { + rec.set(KeyRecord.ATTR_REALM, realm); + } + request.setExtData(ATTR_KEY_RECORD, serialNo); CMS.debug("KRA adding Security Data key record " + serialNo); diff --git a/base/kra/src/com/netscape/kra/SymKeyGenService.java b/base/kra/src/com/netscape/kra/SymKeyGenService.java index d308345d7..89c776d75 100644 --- a/base/kra/src/com/netscape/kra/SymKeyGenService.java +++ b/base/kra/src/com/netscape/kra/SymKeyGenService.java @@ -89,6 +89,7 @@ public class SymKeyGenService implements IService { String id = request.getRequestId().toString(); String clientKeyId = request.getExtDataInString(IRequest.SECURITY_DATA_CLIENT_KEY_ID); String algorithm = request.getExtDataInString(IRequest.KEY_GEN_ALGORITHM); + String realm = request.getRealm(); String usageStr = request.getExtDataInString(IRequest.KEY_GEN_USAGES); List usages = new ArrayList( @@ -212,6 +213,10 @@ public class SymKeyGenService implements IService { rec.set(KeyRecord.ATTR_KEY_SIZE, keySize); request.setExtData(ATTR_KEY_RECORD, serialNo); + if (realm != null) { + rec.set(KeyRecord.ATTR_REALM, realm); + } + CMS.debug("KRA adding Security Data key record " + serialNo); storage.addKeyRecord(rec); -- cgit