The system supports key rollover. This has the issue that all fobs need to be seen by a reader for keys to update, and as such the system supports three concurrent keys in the door controllers. However the system lacks a user interface to instigate key roll over.
- Add back end message and UI for "Key rollover", making a new key for specific AID, and triggering door update
- Auto retire any keys not in use - will have side effect of allowing older keys still in use to come back in to top 3
- Add user interface to show key versions in use per AID, this may mean mirroring some key version data from SSKey to SS to allow web interface to see this.
- Ensure current key version is logged per fob/aid and include user interface to show on fob view
- Show counts of fobs with each key version in the aid view so admin can see when a key retire can be done
- Test rollover works properly with updates to fobs as expected.
- Some way to show keys that are not up to date, not just a count...
Issue #210 relates to this, and can be incorporated at the same time.
- Add additional field to keys table to flag if the key is to be encrypted (i.e. the actual key used on the fob is result of encrypting the UID with the database key)
- Add a setting to indicate to the door controller which of the keys are encrypted
- Make new keys flagged as encrypted by default (it could be a site setting, but why)
- Change door controller to understand how to use encrypted keys
- Change fob adopt to understand how to use encrypted keys when adopting fobs
Finally
- Check it is possible to re-adopt a fob if keys too old
The system supports key rollover. This has the issue that all fobs need to be seen by a reader for keys to update, and as such the system supports three concurrent keys in the door controllers. However the system lacks a user interface to instigate key roll over.
- [x] Add back end message and UI for "Key rollover", making a new key for specific AID, and triggering door update
- [x] Auto retire any keys not in use - will have side effect of allowing older keys still in use to come back in to top 3
- [x] Add user interface to show key versions in use per AID, this may mean mirroring some key version data from SSKey to SS to allow web interface to see this.
- [x] Ensure current key version is logged per fob/aid and include user interface to show on fob view
- [x] Show counts of fobs with each key version in the aid view so admin can see when a key retire can be done
- [x] Test rollover works properly with updates to fobs as expected.
- [x] Some way to show keys that are not up to date, not just a count...
Issue #210 relates to this, and can be incorporated at the same time.
- [x] Add additional field to keys table to flag if the key is to be encrypted (i.e. the actual key used on the fob is result of encrypting the UID with the database key)
- [x] Add a setting to indicate to the door controller which of the keys are encrypted
- [x] Make new keys flagged as encrypted by default (it could be a site setting, but why)
- [x] Change door controller to understand how to use encrypted keys
- [x] Change fob adopt to understand how to use encrypted keys when adopting fobs
Finally
- [x] Check it is possible to re-adopt a fob if keys too old