/// <exception cref="System.Exception"/> public Void Run() { KeyProvider.Options opt = TestKeyAuthorizationKeyProvider.NewOptions(conf); IDictionary <string, string> m = new Dictionary <string, string>(); m["key.acl.name"] = "testKey"; opt.SetAttributes(m); KeyProvider.KeyVersion kv = kpExt.CreateKey("foo", SecureRandom.GetSeed(16), opt); kpExt.RollNewVersion(kv.GetName()); kpExt.RollNewVersion(kv.GetName(), SecureRandom.GetSeed(16)); KeyProviderCryptoExtension.EncryptedKeyVersion ekv = kpExt.GenerateEncryptedKey(kv .GetName()); ekv = KeyProviderCryptoExtension.EncryptedKeyVersion.CreateForDecryption(ekv.GetEncryptionKeyName () + "x", ekv.GetEncryptionKeyVersionName(), ekv.GetEncryptedKeyIv(), ekv.GetEncryptedKeyVersion ().GetMaterial()); kpExt.DecryptEncryptedKey(ekv); return(null); }
public static IDictionary ToJSON(KeyProvider.KeyVersion keyVersion) { IDictionary json = new LinkedHashMap(); if (keyVersion != null) { json[KMSRESTConstants.NameField] = keyVersion.GetName(); json[KMSRESTConstants.VersionNameField] = keyVersion.GetVersionName(); json[KMSRESTConstants.MaterialField] = Base64.EncodeBase64URLSafeString(keyVersion .GetMaterial()); } return(json); }
/// <exception cref="System.Exception"/> public Void Run() { KeyProvider.Options opt = TestKeyAuthorizationKeyProvider.NewOptions(conf); IDictionary <string, string> m = new Dictionary <string, string>(); m["key.acl.name"] = "testKey"; opt.SetAttributes(m); try { KeyProvider.KeyVersion kv = kpExt.CreateKey("foo", SecureRandom.GetSeed(16), opt); kpExt.RollNewVersion(kv.GetName()); kpExt.RollNewVersion(kv.GetName(), SecureRandom.GetSeed(16)); KeyProviderCryptoExtension.EncryptedKeyVersion ekv = kpExt.GenerateEncryptedKey(kv .GetName()); kpExt.DecryptEncryptedKey(ekv); kpExt.DeleteKey(kv.GetName()); } catch (IOException) { NUnit.Framework.Assert.Fail("User should be Allowed to do everything !!"); } return(null); }
/// <exception cref="System.IO.IOException"/> public override KeyProvider.KeyVersion GetKeyVersion(string versionName) { readLock.Lock(); try { KeyProvider.KeyVersion keyVersion = provider.GetKeyVersion(versionName); if (keyVersion != null) { DoAccessCheck(keyVersion.GetName(), KeyAuthorizationKeyProvider.KeyOpType.Read); } return(keyVersion); } finally { readLock.Unlock(); } }
/// <exception cref="System.IO.IOException"/> private void VerifyKeyVersionBelongsToKey(KeyProviderCryptoExtension.EncryptedKeyVersion ekv) { string kn = ekv.GetEncryptionKeyName(); string kvn = ekv.GetEncryptionKeyVersionName(); KeyProvider.KeyVersion kv = provider.GetKeyVersion(kvn); if (kv == null) { throw new ArgumentException(string.Format("'%s' not found", kvn)); } if (!kv.GetName().Equals(kn)) { throw new ArgumentException(string.Format("KeyVersion '%s' does not belong to the key '%s'" , kvn, kn)); } }
public virtual Response GetKeyVersion(string versionName) { UserGroupInformation user = HttpUserGroupInformation.Get(); KMSClientProvider.CheckNotEmpty(versionName, "versionName"); KMSWebApp.GetKeyCallsMeter().Mark(); AssertAccess(KMSACLs.Type.Get, user, KMS.KMSOp.GetKeyVersion); KeyProvider.KeyVersion keyVersion = user.DoAs(new _PrivilegedExceptionAction_336( this, versionName)); if (keyVersion != null) { kmsAudit.Ok(user, KMS.KMSOp.GetKeyVersion, keyVersion.GetName(), string.Empty); } object json = KMSServerJSONUtils.ToJSON(keyVersion); return(Response.Ok().Type(MediaType.ApplicationJson).Entity(json).Build()); }
private static KeyProvider.KeyVersion RemoveKeyMaterial(KeyProvider.KeyVersion keyVersion ) { return(new KMSClientProvider.KMSKeyVersion(keyVersion.GetName(), keyVersion.GetVersionName (), null)); }