public virtual Response RolloverKey(string name, IDictionary jsonMaterial)
{
KMSWebApp.GetAdminCallsMeter().Mark();
UserGroupInformation user = HttpUserGroupInformation.Get();
AssertAccess(KMSACLs.Type.Rollover, user, KMS.KMSOp.RollNewVersion, name);
KMSClientProvider.CheckNotEmpty(name, "name");
string material = (string)jsonMaterial[KMSRESTConstants.MaterialField];
if (material != null)
{
AssertAccess(KMSACLs.Type.SetKeyMaterial, user, KMS.KMSOp.RollNewVersion, name);
}
KeyProvider.KeyVersion keyVersion = user.DoAs(new _PrivilegedExceptionAction_200(
this, material, name));
kmsAudit.Ok(user, KMS.KMSOp.RollNewVersion, name, "UserProvidedMaterial:" + (material
!= null) + " NewVersion:" + keyVersion.GetVersionName());
if (!KMSWebApp.GetACLs().HasAccess(KMSACLs.Type.Get, user))
{
keyVersion = RemoveKeyMaterial(keyVersion);
}
IDictionary json = KMSServerJSONUtils.ToJSON(keyVersion);
return(Response.Ok().Type(MediaType.ApplicationJson).Entity(json).Build());
}
public virtual Response GetKeyNames()
{
KMSWebApp.GetAdminCallsMeter().Mark();
UserGroupInformation user = HttpUserGroupInformation.Get();
AssertAccess(KMSACLs.Type.GetKeys, user, KMS.KMSOp.GetKeys);
IList <string> json = user.DoAs(new _PrivilegedExceptionAction_256(this));
kmsAudit.Ok(user, KMS.KMSOp.GetKeys, string.Empty);
return(Response.Ok().Type(MediaType.ApplicationJson).Entity(json).Build());
}
public virtual Response DeleteKey(string name)
{
KMSWebApp.GetAdminCallsMeter().Mark();
UserGroupInformation user = HttpUserGroupInformation.Get();
AssertAccess(KMSACLs.Type.Delete, user, KMS.KMSOp.DeleteKey, name);
KMSClientProvider.CheckNotEmpty(name, "name");
user.DoAs(new _PrivilegedExceptionAction_168(this, name));
kmsAudit.Ok(user, KMS.KMSOp.DeleteKey, name, string.Empty);
return(Response.Ok().Build());
}
public virtual Response CreateKey(IDictionary jsonKey)
{
KMSWebApp.GetAdminCallsMeter().Mark();
UserGroupInformation user = HttpUserGroupInformation.Get();
string name = (string)jsonKey[KMSRESTConstants.NameField];
KMSClientProvider.CheckNotEmpty(name, KMSRESTConstants.NameField);
AssertAccess(KMSACLs.Type.Create, user, KMS.KMSOp.CreateKey, name);
string cipher = (string)jsonKey[KMSRESTConstants.CipherField];
string material = (string)jsonKey[KMSRESTConstants.MaterialField];
int length = (jsonKey.Contains(KMSRESTConstants.LengthField)) ? (int)jsonKey[KMSRESTConstants
.LengthField] : 0;
string description = (string)jsonKey[KMSRESTConstants.DescriptionField];
IDictionary <string, string> attributes = (IDictionary <string, string>)jsonKey[KMSRESTConstants
.AttributesField];
if (material != null)
{
AssertAccess(KMSACLs.Type.SetKeyMaterial, user, KMS.KMSOp.CreateKey, name);
}
KeyProvider.Options options = new KeyProvider.Options(KMSWebApp.GetConfiguration(
));
if (cipher != null)
{
options.SetCipher(cipher);
}
if (length != 0)
{
options.SetBitLength(length);
}
options.SetDescription(description);
options.SetAttributes(attributes);
KeyProvider.KeyVersion keyVersion = user.DoAs(new _PrivilegedExceptionAction_132(
this, material, name, options));
kmsAudit.Ok(user, KMS.KMSOp.CreateKey, name, "UserProvidedMaterial:" + (material
!= null) + " Description:" + description);
if (!KMSWebApp.GetACLs().HasAccess(KMSACLs.Type.Get, user))
{
keyVersion = RemoveKeyMaterial(keyVersion);
}
IDictionary json = KMSServerJSONUtils.ToJSON(keyVersion);
string requestURL = KMSMDCFilter.GetURL();
int idx = requestURL.LastIndexOf(KMSRESTConstants.KeysResource);
requestURL = Runtime.Substring(requestURL, 0, idx);
string keyURL = requestURL + KMSRESTConstants.KeyResource + "/" + name;
return(Response.Created(GetKeyURI(name)).Type(MediaType.ApplicationJson).Header("Location"
, keyURL).Entity(json).Build());
}
public virtual Response GetMetadata(string name)
{
UserGroupInformation user = HttpUserGroupInformation.Get();
KMSClientProvider.CheckNotEmpty(name, "name");
KMSWebApp.GetAdminCallsMeter().Mark();
AssertAccess(KMSACLs.Type.GetMetadata, user, KMS.KMSOp.GetMetadata, name);
KeyProvider.Metadata metadata = user.DoAs(new _PrivilegedExceptionAction_287(this
, name));
object json = KMSServerJSONUtils.ToJSON(name, metadata);
kmsAudit.Ok(user, KMS.KMSOp.GetMetadata, name, string.Empty);
return(Response.Ok().Type(MediaType.ApplicationJson).Entity(json).Build());
}
public virtual Response GetKeysMetadata(IList <string> keyNamesList)
{
KMSWebApp.GetAdminCallsMeter().Mark();
UserGroupInformation user = HttpUserGroupInformation.Get();
string[] keyNames = Collections.ToArray(keyNamesList, new string[keyNamesList
.Count]);
AssertAccess(KMSACLs.Type.GetMetadata, user, KMS.KMSOp.GetKeysMetadata);
KeyProvider.Metadata[] keysMeta = user.DoAs(new _PrivilegedExceptionAction_234(this
, keyNames));
object json = KMSServerJSONUtils.ToJSON(keyNames, keysMeta);
kmsAudit.Ok(user, KMS.KMSOp.GetKeysMetadata, string.Empty);
return(Response.Ok().Type(MediaType.ApplicationJson).Entity(json).Build());
}
