Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-5956

Encrypt keypair for key recovery using a selectable crypto token, for local key generation

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 6.9.0
    • Component/s: RA UI
    • Labels:
    • Issue discovered during:
      Another issue
    • Sprint:
      6.9.0 Sprint 2

      Description

      Currently, key pairs in the KeyRecoveryData table are encrypted and decrypted using the CAs defaultKey. This does not work with delegated key recovery, since we don't want the CA to have to keys.

      Instead, it should be possible to select a key for encrypting locally generated key pairs on the RA. See ECA-5954 for the GUI part.

        Attachments

          Issue Links

          blocks

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. ECA-5175 Support for delegated key pair generation

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed
          is blocked by

          Bug - A problem which impairs or prevents the functions of the product. ECA-5981 Enrollment by username does not work on the RA

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. ECA-5954 Add system config option for local key generation

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          is related to

          Improvement - An improvement or enhancement to an existing feature or task. ECA-6028 System test for delegated key generation

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

            Activity

              People

              Assignee:
              samuel Samuel Lidén Borell
              Reporter:
              samuel Samuel Lidén Borell
              Verified by:
              Henrik Sunmark, Mike Agrenius Kushner
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: