[PATCH] 429 Table refresh improvement for TPS UI.
by Endi Sukma Dewata
Currently when a table is refreshed the rows are deleted and recreated,
which makes the UI appear slow. The process has been changed such that
all rows are created initially, then when the refresh happens, it will
simply overwrite the content of the rows and clear the unused ones.
The Table class has been refactored such that operations such as add,
remove, and open can be overriden by the subclass. It also has been
modified to clear the checkboxes on refresh. The ID columns have been
standardized to use "id" attribute name.
The HTML templates have been modified to use a new CSS class for better
control over formatting and to include a default page number.
Ticet #848
--
Endi S. Dewata
10 years, 1 month
[PATCH] 427 Added search filter for TPS UI.
by Endi Sukma Dewata
The tables in TPS UI has been modified to handle search filters. When
the user presses enter in the search field, the UI will perform a search
operation using the filter specified in the field. The table will be
updated with the new results. If the filter is empty it will show all
entries.
Ticket #847
--
Endi S. Dewata
10 years, 1 month
[PATCH] 428 Pagination improvement for TPS UI.
by Endi Sukma Dewata
The TPS UI has been modified to provide buttons to go to the first
page, previous page, next page, and last page. The UI will also show
the total entries, the current page number, and the total number of
pages. Users can jump to a specific page by entering the page number.
The CSS has been modified to allow better control of UI components.
The UI table now has a default size of 5. It's no longer necessary
to specify the size in each table.
Ticket #848
--
Endi S. Dewata
10 years, 1 month
[PATCH] 88 Refactoring KeyClient and NSSCryptoProvider classes
by Abhishek Koneru
On discussing with Ade and Endi on IRC on the documentation for using
the Java KeyClient, there were some comments that required refactoring
the code a bit.
Please review the patch which addresses the following comments: (for
both code and documentation)
Documentation link:
http://pki.fedoraproject.org/wiki/Using_Java_Key_Client.
1. NSS setup - copy the p12 file to pki-user's $HOME and set the
ownership to the user. -- Doc
2. Provide auxiliary methods archiveSymmetricKey and archivePassphrase
-- Code
3. Remove try-catch blocks from code samples -- Doc
4. Replace "client server" with "application" -- Doc
5. The reference to DRMTest.java should point to the source in git repo.
-- Doc
6. Improve description for Client Key Id -- Doc
7. Use a convenience method getKeyId() for KeyRequestResponse -- Doc and
Code
8. Rename method archiveWrappedData to archiveEncryptedData -- Code.
9. Rename getWrappedData methods to getEncryptedData -- Code
10. Rename KeyClient.archiveOptionsData to archivePKIOptions -- Code
11. Replace "using" with "with" for all unwrap* and wrap* methods in
CryptoProvider. -- Code
12. All base64 encode/decode should happen inside the client libraries.
The user should not perform these operations.
Add a new Key class which contains all the information in KeyData class
but the base64 encoded attributes will already be decoded. All the
retrieveKey* methods should return this object. -- Code
13. Rename archiving and retrieving data variables name to "secret" in
cde snippets. -- Docs
--Abhishek.
10 years, 1 month
[PATCH] 862 HttpConnFactory addendum
by Christina Fu
The HttpConnFactory was apparently missed in #862 for multi-uri support.
This patch adds such support. Please note that in order to add
multi-uri support, the maximum connection is turned "soft" limit to
accommodate the likely case that when the max has reached but no
existing connection for a needed uri is present.
To support this, the original Java Array is replaced by Vector instead
for mConns so that the size can be flexible and increased to exceed the
max when needed.
The existing service for KRA was tested as well as the TPS (TKS, CA and
mixed uri's) cases.
Please review.
thanks,
Christina
10 years, 1 month
[PATCH] 862 TPS rewrite: provide connector service for JAVA-based TPS subsystem
by Christina Fu
The is a request for code review.
Attached please find the code that implements the following trac ticket:
https://fedorahosted.org/pki/ticket/862 TPS rewrite: provide connector
service for JAVA-based TPS subsystem
This patch makes available the connector that has been used between CA
and KRA to TPS and other authorities (CA, TKS, KRA).
A few things to note:
1.
One key modification to the existing connector framework is the
introduction of "muti-uri" implementation which will allow TPS to
provide connectors according to an "op". For example:
tps.connector.ca1.uri.enrollment=/ca/ee/ca/profileSubmitSSLClient
tps.connector.ca1.uri.renewal=/ca/ee/ca/profileSubmitSSLClient
tps.connector.ca1.uri.revoke=/ca/ee/subsystem/ca/doRevoke
tps.connector.ca1.uri.unrevoke=/ca/ee/subsystem/ca/doUnrevoke
In the above configuration, "renewal" is an op, which will match to the
servlet /ca/ee/ca/profileSubmitSSLClient in the uri.
2.
The connection configuration has been modified to take after the same
style as that of the CA/KRA.
- the change of target.Subsystem_Connections.pattern allows cli to
work with the new connector parameters, however, the browser will show
raw xml (it reports: "This XML file does not appear to have any style
information associated with it. The document tree is shown below.")
3.
Due to the unfilled parameters in the connector area, CS.cfg needs to be
manually configured at this time. Which means you need to add
"pki_skip_configuration=True" to your tps.cfg for pkispawn, and manually
configure it.
4.
Due to some unfortunate constant eclipse crashing issue, I had to
manually visit each modified/added file to check for warnings. It is to
my best knowledge that I did not add new warnings to the tree.
5.
To know what NOT to expect in this ticket, please take a look of the
following two tickets:
https://fedorahosted.org/pki/ticket/888 - TPS rewrite: provide remote
authority functions
https://fedorahosted.org/pki/ticket/890 - TPS rewrite: connector
configuration during installation
thank you,
Christina
10 years, 1 month
[PATCH] Ticket #888 - TPS rewrite: provide remote authority functions (patch 1: TKS functions)
by Christina Fu
This is a request for review for the attached patch.
The patch is the first part for https://fedorahosted.org/pki/ticket/888
- TPS rewrite: provide remote authority functions
This patch provides functions for TKS:
- computeSessionKey
- createKeySetData
- encryptData
- computeRandomData
Two things to note:
* Because of code not yet available, only computeRandomData() was
tested. Other functions can be tested/adusted when the needed info are
available.
* Because we don't know where the tps profile name will be at this
point, computeSessionKey currently has a hard-coded entry in there. It
is noted in a TODO comment. Again, this will be adjusted when it's more
clear where it comes from.
thanks,
Christina
10 years, 1 month
[PATCH] 87 Added new CLIs for Key resource
by Abhishek Koneru
Please review the patch which adds three new CLI commands
key-show <Key Id>
key-request-show <Request Id>
key-mod <Key Id> --status [active/inactive]
Thanks,
Abhishek
10 years, 1 month
<pki-devel> [PATCH] 0004- Further work on TPS Processor, format operation.patch
by John Magne
Ticket #895 https://fedorahosted.org/pki/ticket/895
Further work on TPS Processor, format operation.
This patch gets a bit farther on the TPS format operation, just before applet upgrade, which will also need secure channel functionality.
Also, patch provides some misc clean up and functionality.
1. Method to calculate the token type.
2. Some added convenience methods to get various config params for the Format operation.
3. More progress for the format operation up until we attempt to upgrade the applet.
4. Added TPSException that holds a message and end op return code. Can be used to throw from anywhere and the return code makes it back to the client.
---
10 years, 1 month
