[Pki-devel] [pki-devel][PATCH] 0020-Recovery-and-Renewal-feature.patch
John Magne
jmagne at redhat.com
Tue Sep 2 18:17:25 UTC 2014
Recovery and Renewal feature:
1. Basic token key recovery functionality is there.
2. Tested with mostly the "damaged" scenerio. The low level
code that writes the recovered certs to the token works and has been
tested with a real token. Some of the other more obscure cases need
some more testing, for instance, the temporary on hold scenario.
3. Renewal has been tested with a real token to work.
4. Much of the complex code to write cert objects and key objects,
as well as importing recovered keys, has been centralized to a method.
This leaves the calling code simpler and easier to trouble shoot.
5. Added a method to check token operation transition states.
6. Fixed an issue with formatting a blank token I introduced.
7. Fixed a few issues with updating certificate records for a token that were discovered.
8. Added tps code to retrieve a certificate for the recovery case.
ToDos.
More testing for the other recover scenarios at a higher level.
When recovering a cert we need to unrevoke it. This is not done
now because the TPS UI does not revoke certs yet when tokens are markes
as lost or what not.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0020-Recovery-and-Renewal-feature.patch
Type: text/x-patch
Size: 98721 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20140902/fa81a073/attachment.bin>
More information about the Pki-devel
mailing list