Tree - rpms/pki-core - CentOS Git server

rpms / pki-core

Blame SOURCES/pki-core-SecurityDataRecoveryService.patch

Blob History Raw

		3fd438	`--- patch/base/kra/src/com/netscape/kra/SecurityDataRecoveryService.java 2017-06-06 04:56:02.188426066 +0200`
		3fd438	`+++ pki/base/kra/src/com/netscape/kra/SecurityDataRecoveryService.java 2017-06-06 01:50:56.698341052 +0200`
		3fd438	`@@ -17,6 +17,8 @@`
		3fd438	`// --- END COPYRIGHT BLOCK ---`
		3fd438	`package com.netscape.kra;`
		3fd438
		3fd438	`+import java.math.BigInteger;`
		3fd438	`+`
		3fd438	`import com.netscape.certsrv.apps.CMS;`
		3fd438	`import com.netscape.certsrv.base.EBaseException;`
		3fd438	`import com.netscape.certsrv.dbs.keydb.KeyId;`
		3fd438	`@@ -41,6 +43,7 @@ public class SecurityDataRecoveryService`
		3fd438
		3fd438	`private IKeyRecoveryAuthority kra = null;`
		3fd438	`private SecurityDataProcessor processor = null;`
		3fd438	`+ private ILogger signedAuditLogger = CMS.getSignedAuditLogger();`
		3fd438
		3fd438	`public SecurityDataRecoveryService(IKeyRecoveryAuthority kra) {`
		3fd438	`this.kra = kra;`
		3fd438	`@@ -65,8 +68,66 @@ public class SecurityDataRecoveryService`
		3fd438	`throws EBaseException {`
		3fd438
		3fd438	`CMS.debug("SecurityDataRecoveryService.serviceRequest()");`
		3fd438	`- processor.recover(request);`
		3fd438	`- kra.getRequestQueue().updateRequest(request);`
		3fd438	`+`
		3fd438	`+ // parameters for auditing`
		3fd438	`+ String auditSubjectID = request.getExtDataInString(IRequest.ATTR_REQUEST_OWNER);`
		3fd438	`+ BigInteger serialNumber = request.getExtDataInBigInteger("serialNumber");`
		3fd438	`+ KeyId keyId = serialNumber != null ? new KeyId(serialNumber): null;`
		3fd438	`+ RequestId requestID = request.getRequestId();`
		3fd438	`+ String approvers = request.getExtDataInString(IRequest.ATTR_APPROVE_AGENTS);`
		3fd438	`+`
		3fd438	`+ try {`
		3fd438	`+ processor.recover(request);`
		3fd438	`+ kra.getRequestQueue().updateRequest(request);`
		3fd438	`+ auditRecoveryRequestProcessed(`
		3fd438	`+ auditSubjectID,`
		3fd438	`+ ILogger.SUCCESS,`
		3fd438	`+ requestID,`
		3fd438	`+ keyId,`
		3fd438	`+ null,`
		3fd438	`+ approvers);`
		3fd438	`+ } catch (EBaseException e) {`
		3fd438	`+ auditRecoveryRequestProcessed(`
		3fd438	`+ auditSubjectID,`
		3fd438	`+ ILogger.FAILURE,`
		3fd438	`+ requestID,`
		3fd438	`+ keyId,`
		3fd438	`+ e.getMessage(),`
		3fd438	`+ approvers);`
		3fd438	`+ throw e;`
		3fd438	`+ }`
		3fd438	`return false; //TODO: return true?`
		3fd438	`}`
		3fd438	`+`
		3fd438	`+ private void audit(AuditEvent event) {`
		3fd438	`+`
		3fd438	`+ String template = event.getMessage();`
		3fd438	`+ Object[] params = event.getParameters();`
		3fd438	`+`
		3fd438	`+ String message = CMS.getLogMessage(template, params);`
		3fd438	`+`
		3fd438	`+ audit(message);`
		3fd438	`+ }`
		3fd438	`+`
		3fd438	`+ private void audit(String msg) {`
		3fd438	`+ if (signedAuditLogger == null)`
		3fd438	`+ return;`
		3fd438	`+`
		3fd438	`+ signedAuditLogger.log(ILogger.EV_SIGNED_AUDIT,`
		3fd438	`+ null,`
		3fd438	`+ ILogger.S_SIGNED_AUDIT,`
		3fd438	`+ ILogger.LL_SECURITY,`
		3fd438	`+ msg);`
		3fd438	`+ }`
		3fd438	`+`
		3fd438	`+ private void auditRecoveryRequestProcessed(String subjectID, String status, RequestId requestID,`
		3fd438	`+ KeyId keyID, String reason, String recoveryAgents) {`
		3fd438	`+ audit(new SecurityDataRecoveryProcessedEvent(`
		3fd438	`+ subjectID,`
		3fd438	`+ status,`
		3fd438	`+ requestID,`
		3fd438	`+ keyID,`
		3fd438	`+ reason,`
		3fd438	`+ recoveryAgents));`
		3fd438	`+ }`
		3fd438	`}`

rpms / pki-core

Source Code

Blame SOURCES/pki-core-SecurityDataRecoveryService.patch