Task #625
closed
Change encrypted key for confidential storage
100%
Description
Change location key for confidential storage agenda. Key will be placed in application properties not in separated file in resource.
- update documentaion,
- add key to properties,
- remove key from resource,
- change logic for get key.
Updated by Ondřej Kopr over 6 years ago
I retained backward compatibility with key that is in resource. For first is checked application poperties if contains key, if not check for path for file wit key. If application properties doesnt contains key or path use original logic for crypt confidential storage.
Also change initializing Cipher, now is Cipher initialized only once (constructor)
Updated by Ondřej Kopr over 6 years ago
- Subject changed from Chnage encrypted key for confidential storage to Change encrypted key for confidential storage
Updated by Ondřej Kopr over 6 years ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Ondřej Kopr to Vít Švanda
- % Done changed from 0 to 90
Implemented new three way to set secret key for confidetial storage.
- set key by application property,
- set key path by application property,
- original way by key in resource.
commit: https://github.com/bcvsolutions/CzechIdMng/commit/07562902844a5943d2d61c73b12e8302629df663
please Vitek could you make a review? Thank you.
Updated by Vít Švanda over 6 years ago
- Status changed from Needs feedback to In Progress
- Assignee changed from Vít Švanda to Ondřej Kopr
Ondra, where is documentation for this feature? ;)
Updated by Ondřej Kopr over 6 years ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Ondřej Kopr to Vít Švanda
Documentation update:
https://wiki.czechidm.com/devel/dev/security/confidential-storage#confidential_storage
https://proj.bcvsolutions.eu/ngidm/doku.php?id=help:czechidm_server_install_guide#sifrovani_lokalniho_confidential_storage
https://wiki.czechidm.com/devel/dev/configuration/backend#confidential_storage_encrypt
thanks for check documentation, please could you continue with review?
Updated by Ondřej Kopr over 6 years ago
documentation in application properties: https://wiki.czechidm.com/devel/dev/configuration/backend#confidential_storage
Updated by Vít Švanda over 6 years ago
- Status changed from Needs feedback to In Progress
- Assignee changed from Vít Švanda to Ondřej Kopr
Did review and test ... works fine.
I have only one comment for documentation, where missing clear definition order of using source of key (1. Property, File, Demo key).
Please complete the documentation and close this task.
Updated by Vít Švanda over 6 years ago
- Status changed from In Progress to Resolved
- % Done changed from 90 to 100
I completed documentation.
Updated by Radek Tomiška over 6 years ago
- Status changed from Resolved to Closed