[Pki-devel] Ideas on ticket 1084 - pki key-generate CLI command does not provide option for processing a template.

[Abhishek Koneru]

Currently there are three templates for three kinds of key related
requests i.e. for archival, retrieval and generation.

The template for key generation [as of now] is for generation of
symmetric keys in the DRM.

This template can be marshaled directly into a SymKeyGenerationRequest
object in the code, which will be a problem in case of generation of
asymmetric key requests as both of them are currently done using the
same key-generate command. 

Possible solutions: 

1. Add a template for asymmetric key generation request which can be
marshaled directly into an AsymKeyGenerationRequest object.

We can also further divide key-generate CLI command into symkey-generate
and asymkey-generate commands.

2. Replace SymKeyGenerationRequest and AsymKeyGenerationRequest classes
with a single KeyGenerationRequest. Both of them have similar attributes
(the AsymKeyGenerationRequest will have an extra attribute keyCurve when
using the EC algorithm).
An extra attribute keyType can be added to the KeyGenerationRequest
class to differentiate between the two types of generations. (Which is
also not required since we can differentiate easily based on the
algorithm used.)
We will only have one template now for key generation.

Patch 101 which i submitted has a class KeyGenerationRequest with all
the common code, but i still used two subclasses for symmetric key and
asymmetric key requests. It can be used to implement the 2nd option.
(Which is my preferred solution.)

Please let me know of your views. If we decide on the 2nd option, i will
check-in patch 101 and take up this ticket.

-- Abhishek