diff options
author | Andrew Wnuk <awnuk@redhat.com> | 2012-07-24 11:44:32 -0700 |
---|---|---|
committer | Andrew Wnuk <awnuk@redhat.com> | 2012-07-24 11:44:32 -0700 |
commit | 87c92d0d2e170e0c7a6c307fcf98c8b7a0438dda (patch) | |
tree | 759e7bbc0f22fc9a4c20bc15af255b6d1fd45149 | |
parent | 6ff5c1754cac41727f76269d3a1be547a382f3ac (diff) | |
download | pki-87c92d0d2e170e0c7a6c307fcf98c8b7a0438dda.tar.gz pki-87c92d0d2e170e0c7a6c307fcf98c8b7a0438dda.tar.xz pki-87c92d0d2e170e0c7a6c307fcf98c8b7a0438dda.zip |
elimination of CA crash
This patch eliminates CA crash caused by default Android browser.
Bug: 819123.
7 files changed, 38 insertions, 8 deletions
diff --git a/base/common/src/com/netscape/cms/profile/input/CMCCertReqInput.java b/base/common/src/com/netscape/cms/profile/input/CMCCertReqInput.java index 4c368c03e..d2a2fc718 100644 --- a/base/common/src/com/netscape/cms/profile/input/CMCCertReqInput.java +++ b/base/common/src/com/netscape/cms/profile/input/CMCCertReqInput.java @@ -96,6 +96,11 @@ public class CMCCertReqInput extends EnrollInput implements IProfileInput { X509CertInfo info = request.getExtDataInCertInfo(EnrollProfile.REQUEST_CERTINFO); + if (cert_request == null) { + CMS.debug("CMCCertReqInput: populate - invalid certificate request"); + throw new EProfileException(CMS.getUserMessage( + getLocale(request), "CMS_PROFILE_NO_CERT_REQ")); + } TaggedRequest msgs[] = mEnrollProfile.parseCMC(getLocale(request), cert_request); if (msgs == null) { diff --git a/base/common/src/com/netscape/cms/profile/input/CertReqInput.java b/base/common/src/com/netscape/cms/profile/input/CertReqInput.java index 565b7795e..958845335 100644 --- a/base/common/src/com/netscape/cms/profile/input/CertReqInput.java +++ b/base/common/src/com/netscape/cms/profile/input/CertReqInput.java @@ -106,6 +106,11 @@ public class CertReqInput extends EnrollInput implements IProfileInput { "CMS_PROFILE_UNKNOWN_CERT_REQ_TYPE", "")); } + if (cert_request == null) { + CMS.debug("CertReqInput: populate - invalid certificate request"); + throw new EProfileException(CMS.getUserMessage( + getLocale(request), "CMS_PROFILE_NO_CERT_REQ")); + } if (cert_request_type.equals(EnrollProfile.REQ_TYPE_PKCS10)) { PKCS10 pkcs10 = mEnrollProfile.parsePKCS10(getLocale(request), cert_request); diff --git a/base/common/src/com/netscape/cms/profile/input/DualKeyGenInput.java b/base/common/src/com/netscape/cms/profile/input/DualKeyGenInput.java index dfb7be887..178977f86 100644 --- a/base/common/src/com/netscape/cms/profile/input/DualKeyGenInput.java +++ b/base/common/src/com/netscape/cms/profile/input/DualKeyGenInput.java @@ -105,6 +105,11 @@ public class DualKeyGenInput extends EnrollInput implements IProfileInput { "CMS_PROFILE_UNKNOWN_CERT_REQ_TYPE", "")); } + if (keygen_request == null) { + CMS.debug("DualKeyGenInput: populate - invalid certificate request"); + throw new EProfileException(CMS.getUserMessage( + getLocale(request), "CMS_PROFILE_NO_CERT_REQ")); + } if (keygen_request_type.startsWith("pkcs10")) { PKCS10 pkcs10 = mEnrollProfile.parsePKCS10(getLocale(request), keygen_request); diff --git a/base/common/src/com/netscape/cms/profile/input/EncryptionKeyGenInput.java b/base/common/src/com/netscape/cms/profile/input/EncryptionKeyGenInput.java index 4fb7ae863..b70a800d5 100644 --- a/base/common/src/com/netscape/cms/profile/input/EncryptionKeyGenInput.java +++ b/base/common/src/com/netscape/cms/profile/input/EncryptionKeyGenInput.java @@ -107,6 +107,11 @@ public class EncryptionKeyGenInput extends EnrollInput implements IProfileInput "CMS_PROFILE_UNKNOWN_CERT_REQ_TYPE", "")); } + if (keygen_request == null) { + CMS.debug("EncryptionKeyGenInput: populate - invalid certificate request"); + throw new EProfileException(CMS.getUserMessage( + getLocale(request), "CMS_PROFILE_NO_CERT_REQ")); + } if (keygen_request_type.startsWith(EnrollProfile.REQ_TYPE_PKCS10)) { PKCS10 pkcs10 = mEnrollProfile.parsePKCS10(getLocale(request), keygen_request); diff --git a/base/common/src/com/netscape/cms/profile/input/KeyGenInput.java b/base/common/src/com/netscape/cms/profile/input/KeyGenInput.java index cc8f9a70d..abf5d334f 100644 --- a/base/common/src/com/netscape/cms/profile/input/KeyGenInput.java +++ b/base/common/src/com/netscape/cms/profile/input/KeyGenInput.java @@ -107,6 +107,11 @@ public class KeyGenInput extends EnrollInput implements IProfileInput { "CMS_PROFILE_UNKNOWN_CERT_REQ_TYPE", "")); } + if (keygen_request == null) { + CMS.debug("KeyGenInput: populate - invalid certificate request"); + throw new EProfileException(CMS.getUserMessage( + getLocale(request), "CMS_PROFILE_NO_CERT_REQ")); + } if (keygen_request_type.startsWith(EnrollProfile.REQ_TYPE_PKCS10)) { PKCS10 pkcs10 = mEnrollProfile.parsePKCS10(getLocale(request), keygen_request); diff --git a/base/common/src/com/netscape/cms/profile/input/SigningKeyGenInput.java b/base/common/src/com/netscape/cms/profile/input/SigningKeyGenInput.java index 93aaa11b9..5a35bd0ab 100644 --- a/base/common/src/com/netscape/cms/profile/input/SigningKeyGenInput.java +++ b/base/common/src/com/netscape/cms/profile/input/SigningKeyGenInput.java @@ -107,6 +107,11 @@ public class SigningKeyGenInput extends EnrollInput implements IProfileInput { "CMS_PROFILE_UNKNOWN_CERT_REQ_TYPE", "")); } + if (keygen_request == null) { + CMS.debug("SigningKeyGenInput: populate - invalid certificate request"); + throw new EProfileException(CMS.getUserMessage( + getLocale(request), "CMS_PROFILE_NO_CERT_REQ")); + } if (keygen_request_type.startsWith(EnrollProfile.REQ_TYPE_PKCS10)) { PKCS10 pkcs10 = mEnrollProfile.parsePKCS10(getLocale(request), keygen_request); diff --git a/dogtag/ca-ui/shared/webapps/ca/ee/ca/ProfileSelect.template b/dogtag/ca-ui/shared/webapps/ca/ee/ca/ProfileSelect.template index 0e3ded046..2f1fad14d 100644 --- a/dogtag/ca-ui/shared/webapps/ca/ee/ca/ProfileSelect.template +++ b/dogtag/ca-ui/shared/webapps/ca/ee/ca/ProfileSelect.template @@ -212,7 +212,7 @@ function validate() keyTransportCert = transportCert; } // generate keys for nsm. - if (typeof(crypto.version) != "undefined") { + if (typeof(crypto) != "undefined" && typeof(crypto.version) != "undefined") { var encKeyType = "rsa-ex"; var signKeyType = "rsa-sign"; var dualKeyType = "rsa-dual-use"; @@ -304,7 +304,7 @@ function setCRMFRequest() var uri = 'profileSubmit'; if (typeof(authName) != "undefined") { if (authIsSSLClientRequired == 'true') { - uri = 'https://[PKI_MACHINE_NAME]:[PKI_EE_SECURE_CLIENT_AUTH_PORT_UI]/[PKI_SUBSYSTEM_TYPE]/eeca/[PKI_SUBSYSTEM_TYPE]/profileSubmitSSLClient'; + uri = 'https://[PKI_MACHINE_NAME]:[PKI_EE_SECURE_CLIENT_AUTH_PORT]/[PKI_SUBSYSTEM_TYPE]/eeca/[PKI_SUBSYSTEM_TYPE]/profileSubmitSSLClient'; } } if (navigator.appName == "Microsoft Internet Explorer") { @@ -314,7 +314,7 @@ function setCRMFRequest() document.writeln("<OBJECT classid='clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1' CODEBASE='/xenroll.dll' id='Enroll'></OBJECT>"); } document.writeln('<form name="ReqForm" onSubmit="if (checkRequest()) {return true;} else {window.location.reload(); return false;}" method="post" action="' + uri + '">'); - } else if (typeof(crypto.version) != "undefined") { + } else if (typeof(crypto) != "undefined" && typeof(crypto.version) != "undefined") { document.writeln('<form name="ReqForm" onSubmit="return validate();" method="post" action="' + uri + '">'); } else { document.writeln('<form name="ReqForm" method="post" action="' + uri + '">'); @@ -588,7 +588,7 @@ for (var m = 0; m < inputPluginListSet.length; m++) { } else if (inputListSet[n].inputSyntax == 'dual_keygen_request') { if (navigator.appName == "Microsoft Internet Explorer") { document.writeln('<input type=hidden name=' + inputListSet[n].inputId + '>'); - } else if (typeof(crypto.version) != "undefined") { + } else if (typeof(crypto) != "undefined" && typeof(crypto.version) != "undefined") { document.write('<SELECT NAME="encKeyParam">'+keyLengthsCurvesOptions("encryption")+'</SELECT>'); document.write('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif"> '); document.write(keyTypeOptions("encryption")+' (Encryption), </FONT>'); @@ -606,7 +606,7 @@ for (var m = 0; m < inputPluginListSet.length; m++) { if (navigator.appName == "Microsoft Internet Explorer") { document.writeln('<input type=hidden name=' + inputListSet[n].inputId + '>'); document.writeln('<SELECT NAME="keyLength">'+keyLengthsCurvesOptions("")+'</SELECT> <SELECT NAME=\"cryptprovider\"></SELECT>'); - } else if (typeof(crypto.version) != "undefined") { + } else if (typeof(crypto) != "undefined" && typeof(crypto.version) != "undefined") { document.write('<SELECT NAME="keyParam">'+keyLengthsCurvesOptions("")+'</SELECT>'); document.write('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">'); document.write(' '+keyTypeOptions("")+' '); @@ -627,7 +627,7 @@ for (var m = 0; m < inputPluginListSet.length; m++) { keygen_request = 'true'; if (navigator.appName == "Microsoft Internet Explorer") { document.writeln('Not Supported<input type=hidden name=' + inputListSet[n].inputId + ' value=>'); - } else if (typeof(crypto.version) != "undefined") { + } else if (typeof(crypto) != "undefined" && typeof(crypto.version) != "undefined") { document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">crmf</FONT><input type=hidden name=' + inputListSet[n].inputId + ' value=crmf>'); } else { document.writeln('Not Supported<input type=hidden name=' + inputListSet[n].inputId + ' value=>'); @@ -638,7 +638,7 @@ for (var m = 0; m < inputPluginListSet.length; m++) { keygen_request = 'true'; if (navigator.appName == "Microsoft Internet Explorer") { document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">pkcs10</FONT><input type=hidden name=' + inputListSet[n].inputId + ' value=pkcs10>'); - } else if (typeof(crypto.version) != "undefined") { + } else if (typeof(crypto) != "undefined" && typeof(crypto.version) != "undefined") { document.writeln('<FONT size="-1" face="PrimaSans BT, Verdana, sans-serif">crmf</FONT><input type=hidden name=' + inputListSet[n].inputId + ' value=crmf>'); } else { document.writeln('keygen<input type=hidden name=' + inputListSet[n].inputId + ' value=keygen>'); @@ -670,7 +670,7 @@ if (errorCode == 0) { } else { document.writeln('<input type=submit value="Submit">'); } - } else if (typeof(crypto.version) != "undefined") { + } else if (typeof(crypto) != "undefined" && typeof(crypto.version) != "undefined") { document.writeln('<input type=submit value="Submit">'); } else { document.writeln('<input type=submit value="Submit">'); |