that's even  weirder becouse when I type:
# pki -c pass -n "PKI Administrator for localdomain" key-find --start 0 --size 100

I get list of all keys stored in DRM but this which keys were not filed with keyUrl and keyId(when i list them with java code from start post) are on the list with keyId, but without status.

...
  Key ID: 0x2d
  Algorithm: 1.2.840.113549.1.1.1
  Size: 2048
  Owner: UID=cachebroker...

  Key ID: 0x2e
  Algorithm: 1.2.840.113549.1.1.1
  Size: 2048
  Owner: UID=cachebroker6...
-----------------------------
Number of entries returned 46



2015-10-21 22:29 GMT+02:00 John Magne <jmagne@redhat.com>:
Try something like this:

pki  -d ./ -c Secret123 -n "PKI Administrator for localdomain" key-find

This will list the keys and have the id like:

Key ID: 0xe
  Client Key ID: UUID: 123-45-6789 RKEK Wed Sep 16 14:16:07 PDT 2015
  Status: active
  Owner: kraadmin

  Key ID: 0xf
  Client Key ID: Symmetric Key #1234f Wed Sep 16 14:16:08 PDT 2015
  Status: active
  Algorithm: AES
  Size: 128
  Owner: kraadmin

  Key ID: 0x10
  Client Key ID: UUID: 123-45-6789 VEK Wed Sep 16 14:16:08 PDT 2015
  Status: inactive
  Algorithm: AES
  Size: 128
  Owner: kraadmin


----- Original Message -----
From: "Marcin Mierzejewski" <marcinmierzejewski1024@gmail.com>
To: pki-users@redhat.com
Sent: Wednesday, October 21, 2015 2:57:40 AM
Subject: [Pki-users] Possible bug or at least weird behaviour while listing     DRM recovery request

after requests a key recovery with:



public RequestId requestRecoveryPrivateKey(KeyId keyID,String base64Certificate ) throws Exception
{
//trim header and footer from cert
if ( base64Certificate .contains(CertData. HEADER )) {
base64Certificate = base64Certificate .substring(CertData. HEADER .length(),
base64Certificate .indexOf(CertData. FOOTER ));
}

log ( "Requesting X509 key recovery." + keyID);
KeyRequestResponse response = keyClient .recoverKey(keyID, null , null , null , base64Certificate );
RequestId requestId = response.getRequestId();
log ( "ask kra admins to approve request " +requestId);


KeyRequestInfo info = keyClient .getRequestInfo(requestId);
log ( "info about request to approve" );
printRequestInfo (info);

return requestId;
}

when I try to find request by keyId
public List<KeyRequestInfo> findRecoveryRequest(KeyId keyid)
{
//        String requestState,
//        String requestType,
//        String clientID,
//        RequestId start,
//        Integer pageSize,
//        Integer maxResults,
//        Integer maxTime)
ArrayList<KeyRequestInfo> result = new ArrayList<KeyRequestInfo>();
KeyRequestInfoCollection requests = keyClient .listRequests( null , "recovery" , null , null , 99999 , Integer. MAX_VALUE , 99999 );
for (KeyRequestInfo keyRequestInfo : requests.getEntries()) {
KeyId reqKeyId = keyRequestInfo.getKeyId();
printRequestInfo (keyRequestInfo);

log ( "req " +keyRequestInfo.getRequestId()+ " " +reqKeyId+ "==" +keyid);
if (keyid.equals(keyRequestInfo.getKeyId()))
{
result.add(keyRequestInfo);
}
}
log ( "found " + result.size() + " requests" );
return result;
}

keyClient .listRequests( null , "recovery" , null , null , 99999 , Integer. MAX_VALUE , 99999 );
returns collection with null KeyUrl so getKeyId returns also a null

but when I open requests with some null in KeyUrl in agent ( https://localhost.localdomain:8443/kra/agent/kra/processReq?op=processReq&seqNum=113 )
I got all informations I need:


Request 113 Request Status: pending Type: recovery Created on: 21/10/2015, 11:25:41 Updated by: kraagent Updated on: 21/10/2015, 11:25:41 Recovery Information Key identifier: 42 Recovery Initiating Agent: kraagent Recovery Approving Agents: Action Asynchronous Key Recovery: Grant

How to get Key Identiver from keyClient?

_______________________________________________
Pki-users mailing list
Pki-users@redhat.com
https://www.redhat.com/mailman/listinfo/pki-users