From 5438e24e022c4c169ff9b5c6325e5ec0023d4caa Mon Sep 17 00:00:00 2001
From: Ade Lee <alee@redhat.com>
Date: Thu, 25 May 2017 16:31:45 -0400
Subject: Set encryption flag for generated keys

The key record for keys generated in the keygen servlets
was not updated to reflect whether or not the server was set up
to do encryption/key wrapping.  This patch corrects this
oversight.

Bugzilla BZ# 1455617

Change-Id: I31daece8b93a0ad58cb595e6a23fe8705f338024
---
 base/kra/src/com/netscape/kra/AsymKeyGenService.java   | 2 +-
 base/kra/src/com/netscape/kra/NetkeyKeygenService.java | 2 +-
 base/kra/src/com/netscape/kra/SymKeyGenService.java    | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'base')

diff --git a/base/kra/src/com/netscape/kra/AsymKeyGenService.java b/base/kra/src/com/netscape/kra/AsymKeyGenService.java
index ea1d0ccdd..1e38b4828 100644
--- a/base/kra/src/com/netscape/kra/AsymKeyGenService.java
+++ b/base/kra/src/com/netscape/kra/AsymKeyGenService.java
@@ -197,7 +197,7 @@ public class AsymKeyGenService implements IService {
         }
 
         try {
-            record.setWrappingParams(params, false);
+            record.setWrappingParams(params, allowEncDecrypt_archival);
         } catch (Exception e) {
             auditAsymKeyGenRequestProcessed(auditSubjectID, ILogger.FAILURE, request.getRequestId(),
                     clientKeyId, null, "Failed to store wrapping params");
diff --git a/base/kra/src/com/netscape/kra/NetkeyKeygenService.java b/base/kra/src/com/netscape/kra/NetkeyKeygenService.java
index 8383e895e..96d7aae43 100644
--- a/base/kra/src/com/netscape/kra/NetkeyKeygenService.java
+++ b/base/kra/src/com/netscape/kra/NetkeyKeygenService.java
@@ -477,7 +477,7 @@ public class NetkeyKeygenService implements IService {
                         return false;
                     }
 
-                    rec.setWrappingParams(params, false);
+                    rec.setWrappingParams(params, allowEncDecrypt_archival);
 
                     CMS.debug("NetkeyKeygenService: before addKeyRecord");
                     rec.set(KeyRecord.ATTR_ID, serialNo);
diff --git a/base/kra/src/com/netscape/kra/SymKeyGenService.java b/base/kra/src/com/netscape/kra/SymKeyGenService.java
index a4613c285..578b1ffeb 100644
--- a/base/kra/src/com/netscape/kra/SymKeyGenService.java
+++ b/base/kra/src/com/netscape/kra/SymKeyGenService.java
@@ -221,7 +221,7 @@ public class SymKeyGenService implements IService {
         }
 
         try {
-            rec.setWrappingParams(params, false);
+            rec.setWrappingParams(params, allowEncDecrypt_archival);
         } catch (Exception e) {
             mKRA.log(ILogger.LL_FAILURE,
                     "Failed to store wrapping parameters: " + e);
-- 
cgit