[Pki-devel] [PATCH] 0001-KRA-changes-for-archiving-and-recovering-symmetric-keys.patch
Ade Lee
alee at redhat.com
Thu Feb 9 19:28:57 UTC 2012
Additional comments:
1. In SecurityDataRecoveryService, javadoc comments at top appear to be
for a generic service.
2. In SecurityDataRecoveryService.java --
a) You use RecoveryService.ATTR_TRANSPORT_PWD -- which is
transportPassword. Seems like a good idea to use the existing xml field
name.
b) change transWrappedPassPhraseStr to sessWrappedPassPhraseStr
c) check for where transWrappedPassphrase != null and
sessWrappedPassPhrase == null needs to be done at a higher level -- so
that we can throw WebApplicationException(BAD_REQUEST)
3. In SecurityDataService:
a) javadocs comments are for a generic service
b) Can options be null? You can confirm it cannot by writing some
conditional code if (options == null) { foo.., } and eclipse should
complain about dead code if it cannot be null.
c) Is there a check to confirm that the request has data in it? At top
level?
d) Put a TODO in getOwnerName()
Ade
On Wed, 2012-02-08 at 21:56 -0500, Ade Lee wrote:
> Comments:
>
> 1. We should create indexes for the new attributes -- certainly for
> clientID
> 2. In IKeyRecord, you have an accessor for clientID. Should we add
> accessors for the other two attributes added?
> 3. In IEncryptionUnit.java, there is no javadoc comments for three of
> the functions added.
> 4. Documentation in ITransportKeyUnit.java?
> 5. KeyResourceService.java still has incorrect check for
> Request.Complete
> 6. KeysResourceService.java -- remove bad code (don't just comment out)
> 7. KeyDao -- rename params --> requestParams
> what happens in the case where no wrapping parameters are
> passed? we should check for that.
> do we need to check for new() failing for KeyData?
> 8. In KeyRequestResourceService -> you return NOT_FOUND - should be
> BAD_REQUEST instead?
> 9. Remove check for duplicate clientID in KeyRequestDAO in
> submitRequest(ArchivalRequesData ..) Instead it should be a check for
> active keys with the same client ID. Also remove the TODO in the same
> function. And add a trac class to add status changes to the
> interface/implemntation.
> 10. In KeyRequestDAO that you added queue.updateRequest(request); to
> approveRequest(), please also add to cancelRequest() and rejectRequest()
> 11. typo in KeyRepository.java
> 12. Need getters for status and dataType in KeyRecord.java
>
> More to come as I delve into the depths of KRA changes ..
>
> On Wed, 2012-02-08 at 14:36 -0500, John Magne wrote:
> > Provides the ability to archive and recover symmetric keys and pass phrases under the restful interface.
> > Java client included to test functionality.
> > _______________________________________________ Pki-devel mailing list Pki-devel at redhat.com https://www.redhat.com/mailman/listinfo/pki-devel
>
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
More information about the Pki-devel
mailing list