Fixed error message in SystemConfigService.processCerts().

The exception handler in SystemConfigService.processCerts() has been removed since it's redundant and generates misleading error message. https://pagure.io/dogtagpki/issue/2280 Change-Id: I3aa4f0414519a7cd2c53481663f4880c5c1dafd0
author: Endi S. Dewata <edewata@redhat.com> 2017-07-08 04:42:22 +0200
committer: Endi S. Dewata <edewata@redhat.com> 2017-07-08 04:53:13 +0200
commit: 7b293a9b68b0f58af03c068291ca1bd07b2cca33 (patch)
tree: d0004251134cbd29ef1d3fdafad23322dd66b5ea
parent: 2dc3c84777dcd8fe20611511ed5fc422c8b05541 (diff)
download: pki-7b293a9b68b0f58af03c068291ca1bd07b2cca33.tar.gz
pki-7b293a9b68b0f58af03c068291ca1bd07b2cca33.tar.xz
pki-7b293a9b68b0f58af03c068291ca1bd07b2cca33.zip
1 files changed, 60 insertions, 77 deletions
diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
index a92d04ae9..9f73a9ef1 100644
--- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
+++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
@@ -21,7 +21,6 @@ import java.math.BigInteger;
 import java.net.MalformedURLException;
 import java.net.URL;
 import java.security.KeyPair;
-import java.security.NoSuchAlgorithmException;
 import java.security.PublicKey;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -297,107 +296,91 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
             Collection<Cert> certs,
             MutableBoolean hasSigningCert) throws Exception {
 
-        try {
-            boolean generateServerCert = !request.getGenerateServerCert().equalsIgnoreCase("false");
-            boolean generateSubsystemCert = request.getGenerateSubsystemCert();
+        boolean generateServerCert = !request.getGenerateServerCert().equalsIgnoreCase("false");
+        boolean generateSubsystemCert = request.getGenerateSubsystemCert();
 
-            hasSigningCert.setValue(false);
+        hasSigningCert.setValue(false);
 
-            for (String tag : certList) {
+        for (String tag : certList) {
 
-                CMS.debug("=== Processing " + tag + " cert ===");
+            CMS.debug("=== Processing " + tag + " cert ===");
 
-                boolean enable = cs.getBoolean("preop.cert." + tag + ".enable", true);
-                if (!enable) continue;
+            boolean enable = cs.getBoolean("preop.cert." + tag + ".enable", true);
+            if (!enable) continue;
 
-                SystemCertData certData = null;
+            SystemCertData certData = null;
 
-                for (SystemCertData systemCert : request.getSystemCerts()) {
-                    if (systemCert.getTag().equals(tag)) {
-                        certData = systemCert;
-                        break;
-                    }
+            for (SystemCertData systemCert : request.getSystemCerts()) {
+                if (systemCert.getTag().equals(tag)) {
+                    certData = systemCert;
+                    break;
                 }
+            }
 
-                if (certData == null) {
-                    CMS.debug("No data for '" + tag + "' was found!");
-                    throw new BadRequestException("No data for '" + tag + "' was found!");
-                }
+            if (certData == null) {
+                CMS.debug("No data for '" + tag + "' was found!");
+                throw new BadRequestException("No data for '" + tag + "' was found!");
+            }
 
-                String tokenName = certData.getToken() != null ? certData.getToken() : token;
-                if (request.getStandAlone() && request.getStepTwo()) {
-                    // Stand-alone PKI (Step 2)
-                    if (tag.equals("external_signing")) {
+            String tokenName = certData.getToken() != null ? certData.getToken() : token;
+            if (request.getStandAlone() && request.getStepTwo()) {
+                // Stand-alone PKI (Step 2)
+                if (tag.equals("external_signing")) {
 
-                        String b64 = certData.getCert();
-                        if (b64 != null && b64.length() > 0 && !b64.startsWith("...")) {
-                            hasSigningCert.setValue(true);
+                    String b64 = certData.getCert();
+                    if (b64 != null && b64.length() > 0 && !b64.startsWith("...")) {
+                        hasSigningCert.setValue(true);
 
-                            if (request.getIssuingCA().equals("External CA")) {
-                                String nickname = certData.getNickname() != null ? certData.getNickname() : "caSigningCert External CA";
-                                Cert cert = new Cert(tokenName, nickname, tag);
-                                ConfigurationUtils.setExternalCACert(b64, csSubsystem, cs, cert);
+                        if (request.getIssuingCA().equals("External CA")) {
+                            String nickname = certData.getNickname() != null ? certData.getNickname() : "caSigningCert External CA";
+                            Cert cert = new Cert(tokenName, nickname, tag);
+                            ConfigurationUtils.setExternalCACert(b64, csSubsystem, cs, cert);
 
-                                CMS.debug("Step 2:  certStr for '" + tag + "' is " + b64);
-                                String certChainStr = certData.getCertChain();
+                            CMS.debug("Step 2:  certStr for '" + tag + "' is " + b64);
+                            String certChainStr = certData.getCertChain();
 
-                                if (certChainStr != null) {
-                                    ConfigurationUtils.setExternalCACertChain(certChainStr, csSubsystem, cs, cert);
-                                    CMS.debug("Step 2:  certChainStr for '" + tag + "' is " + certChainStr);
-                                    certs.add(cert);
+                            if (certChainStr != null) {
+                                ConfigurationUtils.setExternalCACertChain(certChainStr, csSubsystem, cs, cert);
+                                CMS.debug("Step 2:  certChainStr for '" + tag + "' is " + certChainStr);
+                                certs.add(cert);
 
-                                } else {
-                                    throw new BadRequestException("CertChain not provided");
-                                }
+                            } else {
+                                throw new BadRequestException("CertChain not provided");
                             }
-
-                            continue;
                         }
-                    }
-                }
-
-                if (!generateServerCert && tag.equals("sslserver")) {
-                    updateConfiguration(request, certData, "sslserver");
-                    continue;
-                }
-
-                if (!generateSubsystemCert && tag.equals("subsystem")) {
-                    // update the details for the shared subsystem cert here.
-                    updateConfiguration(request, certData, "subsystem");
 
-                    // get parameters needed for cloning
-                    updateCloneConfiguration(certData, "subsystem", tokenName);
-                    continue;
+                        continue;
+                    }
                 }
-
-                processCert(
-                        request,
-                        token,
-                        certList,
-                        certs,
-                        hasSigningCert,
-                        certData,
-                        tokenName);
             }
 
-            // make sure to commit changes here for step 1
-            cs.commit(false);
-
-        } catch (NumberFormatException e) {
-            // move these validations to validate()?
-            throw new BadRequestException("Non-integer value for key size");
+            if (!generateServerCert && tag.equals("sslserver")) {
+                updateConfiguration(request, certData, "sslserver");
+                continue;
+            }
 
-        } catch (NoSuchAlgorithmException e) {
-            throw new BadRequestException("Invalid algorithm " + e);
+            if (!generateSubsystemCert && tag.equals("subsystem")) {
+                // update the details for the shared subsystem cert here.
+                updateConfiguration(request, certData, "subsystem");
 
-        } catch (PKIException e) {
-            throw e;
+                // get parameters needed for cloning
+                updateCloneConfiguration(certData, "subsystem", tokenName);
+                continue;
+            }
 
-        } catch (Exception e) {
-            CMS.debug(e);
-            throw new PKIException("Error in setting certificate names and key sizes: " + e);
+            processCert(
+                    request,
+                    token,
+                    certList,
+                    certs,
+                    hasSigningCert,
+                    certData,
+                    tokenName);
         }
 
+        // make sure to commit changes here for step 1
+        cs.commit(false);
+
         ConfigurationUtils.updateServerCertNickConf();
 
         if (request.isClone()) {
author	Endi S. Dewata <edewata@redhat.com>	2017-07-08 04:42:22 +0200
committer	Endi S. Dewata <edewata@redhat.com>	2017-07-08 04:53:13 +0200
commit	7b293a9b68b0f58af03c068291ca1bd07b2cca33 (patch)
tree	d0004251134cbd29ef1d3fdafad23322dd66b5ea
parent	2dc3c84777dcd8fe20611511ed5fc422c8b05541 (diff)
download	pki-7b293a9b68b0f58af03c068291ca1bd07b2cca33.tar.gz pki-7b293a9b68b0f58af03c068291ca1bd07b2cca33.tar.xz pki-7b293a9b68b0f58af03c068291ca1bd07b2cca33.zip