public static IDictionary ToJSON(KeyProvider.KeyVersion keyVersion)
{
IDictionary json = new LinkedHashMap();
if (keyVersion != null)
{
json[KMSRESTConstants.NameField] = keyVersion.GetName();
json[KMSRESTConstants.VersionNameField] = keyVersion.GetVersionName();
json[KMSRESTConstants.MaterialField] = Base64.EncodeBase64URLSafeString(keyVersion
.GetMaterial());
}
return(json);
}
private static KeyProvider.KeyVersion RemoveKeyMaterial(KeyProvider.KeyVersion keyVersion
)
{
return(new KMSClientProvider.KMSKeyVersion(keyVersion.GetName(), keyVersion.GetVersionName
(), null));
}
public virtual Response RolloverKey(string name, IDictionary jsonMaterial)
{
KMSWebApp.GetAdminCallsMeter().Mark();
UserGroupInformation user = HttpUserGroupInformation.Get();
AssertAccess(KMSACLs.Type.Rollover, user, KMS.KMSOp.RollNewVersion, name);
KMSClientProvider.CheckNotEmpty(name, "name");
string material = (string)jsonMaterial[KMSRESTConstants.MaterialField];
if (material != null)
{
AssertAccess(KMSACLs.Type.SetKeyMaterial, user, KMS.KMSOp.RollNewVersion, name);
}
KeyProvider.KeyVersion keyVersion = user.DoAs(new _PrivilegedExceptionAction_200(
this, material, name));
kmsAudit.Ok(user, KMS.KMSOp.RollNewVersion, name, "UserProvidedMaterial:" + (material
!= null) + " NewVersion:" + keyVersion.GetVersionName());
if (!KMSWebApp.GetACLs().HasAccess(KMSACLs.Type.Get, user))
{
keyVersion = RemoveKeyMaterial(keyVersion);
}
IDictionary json = KMSServerJSONUtils.ToJSON(keyVersion);
return(Response.Ok().Type(MediaType.ApplicationJson).Entity(json).Build());
}