dogtagpki

Clone
Source Code
GIT

#2721 Key recovery using externalReg fails with java null pointer exception on KRA
Closed: fixed 6 years ago Opened 6 years ago by mharmsen.

Closed: fixed
Reopen Issue

Key recovery using externalReg fails with java null pointer exception on KRA

Steps to Reproduce:

1. Enable externalReg and recover a cert/key onto a token (non-FIPS and non-HSM)

Actual results:

key recovery failed

Metadata Update from @mharmsen:
- Custom field component adjusted to General
- Custom field feature adjusted to ''
- Custom field origin adjusted to Community
- Custom field proposedmilestone adjusted to ''
- Custom field proposedpriority adjusted to ''
- Custom field reviewer adjusted to ''
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1458043
- Custom field type adjusted to defect
- Custom field version adjusted to ''
- Issue priority set to: critical
6 years ago

Metadata Update from @mharmsen:
- Issue assigned to vakwetu
6 years ago

commit 08bf26f786b8d233382c6fedfad5d33d8c11d78f
Author: Ade Lee alee@redhat.com
Date: Thu Jun 1 17:46:27 2017 -0400

Fix NPE in audit log invocation

Some audit log objects take a RequestId or KeyId, on which we call
toString().  In some cases, we were creating a KeyId or RequestId
with null values, resulting in an NPE.  We fix these in this patch.

Bugzilla BZ# 1458043

Change-Id: I38d5a20e9920966c8414d56afd7690dc3c11a1db

Metadata Update from @vakwetu:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
6 years ago

Metadata Update from @mharmsen:
- Issue set to the milestone: 10.4.7 (was: 10.4)
6 years ago

Metadata Update from @mharmsen:
- Custom field fixedinversion adjusted to pki-core-10.4.7-1.fc27
6 years ago

Author: Ade Lee alee@redhat.com
Date: Fri Jun 16 14:48:27 2017 -0400

Fix 3DES archival

A previous commit mistakenly conflated the wrapping parameters for
DES and DES3 cases, resulting in incorrect data being stored if the
storage was successful at all.  This broke ipa vault and probably
also token key archival and recovery.

This patch sets the right parameters for the 3DES case again.
Part of BZ# 1458043

Change-Id: Iae884715a0f510a4d492d64fac3d82cb8100deb4

Ade Lee 2017-06-16 19:35:17 EDT

commit a91b457abfd61c39e1e4318c2443e38b2dd93c5c
Author: Ade Lee alee@redhat.com
Date: Fri Jun 16 19:25:05 2017 -0400

Fix token enrollment and recovery ivs

In encryption mode, the archival of the geenrated key uses the
wrapIV, while the recovery uses the encryptIV.  To make sure
these are consistent, they need to be set to be the same.

Bugzilla BZ #1458043

Change-Id: I1ecece74bd6e486c0f37b5e1df4929744fac262b
Edited 6 years ago by mharmsen

Metadata Update from @mharmsen:
- Issue set to the milestone: 10.4.8 (was: 10.4.7)
6 years ago

Metadata Update from @mharmsen:
- Custom field fixedinversion adjusted to pki-core-10.4.1-10.el7 (was: pki-core-10.4.7-1.fc27)
6 years ago

Metadata Update from @mharmsen:
- Custom field fixedinversion reset (from pki-core-10.4.1-10.el7)
6 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/2841

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Login to comment on this ticket.

Metadata
None
None
None
critical
None
None
defect
''
None
None
None
''
Community
''
None
None
None
None
''
General
''
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.