Fixed inconsistent internal token detection.

The codes that detect internal token name have been modified to use CryptoUtil.isInternalToken() such that the comparison can be done consistently both in normal mode and FIPS mode. https://fedorahosted.org/pki/ticket/2556
author: Endi S. Dewata <edewata@redhat.com> 2017-01-20 23:57:11 +0100
committer: Endi S. Dewata <edewata@redhat.com> 2017-01-26 00:56:15 +0100
commit: 48cefdea31e62d49c8b728576d29e0f298141a04 (patch)
tree: 3a5e68b45dd4da38df7ba1e6d54956c0c5155d8f /base/java-tools/src/com/netscape/cmstools
parent: 97ac6024c813621856b3cbfc8207416a46855108 (diff)
download: pki-48cefdea31e62d49c8b728576d29e0f298141a04.tar.gz
pki-48cefdea31e62d49c8b728576d29e0f298141a04.tar.xz
pki-48cefdea31e62d49c8b728576d29e0f298141a04.zip
6 files changed, 25 insertions, 25 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/CMCEnroll.java b/base/java-tools/src/com/netscape/cmstools/CMCEnroll.java
index edf6e1335..9b435eea2 100644
--- a/base/java-tools/src/com/netscape/cmstools/CMCEnroll.java
+++ b/base/java-tools/src/com/netscape/cmstools/CMCEnroll.java
@@ -95,7 +95,7 @@ public class CMCEnroll {
         CryptoManager manager = CryptoManager.getInstance();
         CryptoToken token = null;
 
-        if (tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) {
+        if (CryptoUtil.isInternalToken(tokenname)) {
             token = manager.getInternalKeyStorageToken();
         } else {
             token = manager.getTokenByName(tokenname);
diff --git a/base/java-tools/src/com/netscape/cmstools/CMCRequest.java b/base/java-tools/src/com/netscape/cmstools/CMCRequest.java
index 865d410ed..5a692a031 100644
--- a/base/java-tools/src/com/netscape/cmstools/CMCRequest.java
+++ b/base/java-tools/src/com/netscape/cmstools/CMCRequest.java
@@ -33,10 +33,6 @@ import java.security.NoSuchAlgorithmException;
 import java.util.Date;
 import java.util.StringTokenizer;
 
-import netscape.security.pkcs.PKCS10;
-import netscape.security.x509.X500Name;
-import netscape.security.x509.X509CertImpl;
-
 import org.mozilla.jss.CryptoManager;
 import org.mozilla.jss.asn1.ANY;
 import org.mozilla.jss.asn1.ASN1Util;
@@ -83,6 +79,10 @@ import com.netscape.cmsutil.crypto.CryptoUtil;
 import com.netscape.cmsutil.util.HMACDigest;
 import com.netscape.cmsutil.util.Utils;
 
+import netscape.security.pkcs.PKCS10;
+import netscape.security.x509.X500Name;
+import netscape.security.x509.X509CertImpl;
+
 /**
  * Tool for creating CMC full request
  *
@@ -108,7 +108,7 @@ public class CMCRequest {
         CryptoManager manager = CryptoManager.getInstance();
         CryptoToken token = null;
 
-        if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) {
+        if (CryptoUtil.isInternalToken(tokenName)) {
             token = manager.getInternalKeyStorageToken();
         } else {
             token = manager.getTokenByName(tokenName);
@@ -1019,7 +1019,7 @@ public class CMCRequest {
             CryptoManager cm = CryptoManager.getInstance();
             System.out.println("CryptoManger initialized");
 
-            if ((tokenName == null) || (tokenName.equals(""))) {
+            if (CryptoUtil.isInternalToken(tokenName)) {
                 token = cm.getInternalKeyStorageToken();
                 tokenName = CryptoUtil.INTERNAL_TOKEN_NAME;
             } else {
diff --git a/base/java-tools/src/com/netscape/cmstools/CMCRevoke.java b/base/java-tools/src/com/netscape/cmstools/CMCRevoke.java
index b238321ac..bb0cc44a7 100644
--- a/base/java-tools/src/com/netscape/cmstools/CMCRevoke.java
+++ b/base/java-tools/src/com/netscape/cmstools/CMCRevoke.java
@@ -27,9 +27,6 @@ import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.util.Date;
 
-import netscape.security.x509.X500Name;
-import netscape.security.x509.X509CertImpl;
-
 import org.mozilla.jss.CryptoManager;
 import org.mozilla.jss.NoSuchTokenException;
 import org.mozilla.jss.asn1.ANY;
@@ -61,6 +58,9 @@ import org.mozilla.jss.util.Password;
 import com.netscape.cmsutil.crypto.CryptoUtil;
 import com.netscape.cmsutil.util.Utils;
 
+import netscape.security.x509.X500Name;
+import netscape.security.x509.X509CertImpl;
+
 /**
  * Tool for signing a CMC revocation request with an agent's certificate.
  *
@@ -175,21 +175,21 @@ public class CMCRevoke {
                 // initialize CryptoManager
                 mPath = dValue;
                 System.out.println("cert/key prefix = " + mPrefix);
-                System.out.println("path = " + mPath); 
+                System.out.println("path = " + mPath);
                 CryptoManager.InitializationValues vals =
-                    new CryptoManager.InitializationValues(mPath, mPrefix, mPrefix, "secmod.db"); 
+                    new CryptoManager.InitializationValues(mPath, mPrefix, mPrefix, "secmod.db");
 
                 CryptoManager.initialize(vals);
-                
+
                 CryptoManager cm = CryptoManager.getInstance();
                 CryptoToken token = null;
-                if ((hValue == null) || (hValue.equals(""))) {
+                if (CryptoUtil.isInternalToken(hValue)) {
                     token = cm.getInternalKeyStorageToken();
                     hValue = CryptoUtil.INTERNAL_TOKEN_NAME;
                 } else {
                     token = cm.getTokenByName(hValue);
                 }
-    
+
                 Password pass = new Password(pValue.toCharArray());
 
                 token.login(pass);
@@ -259,7 +259,7 @@ public class CMCRevoke {
             Exception, TokenException {
         CryptoToken token = null;
 
-        if (tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) {
+        if (CryptoUtil.isInternalToken(tokenname)) {
             token = manager.getInternalKeyStorageToken();
         } else {
             token = manager.getTokenByName(tokenname);
diff --git a/base/java-tools/src/com/netscape/cmstools/HttpClient.java b/base/java-tools/src/com/netscape/cmstools/HttpClient.java
index c2134648b..05f64f9f4 100644
--- a/base/java-tools/src/com/netscape/cmstools/HttpClient.java
+++ b/base/java-tools/src/com/netscape/cmstools/HttpClient.java
@@ -114,7 +114,7 @@ public class HttpClient {
                 CryptoManager.initialize(vals);
                 CryptoManager cm = CryptoManager.getInstance();
                 CryptoToken token = null;
-                if ((tokenName == null) || (tokenName.equals(""))) {
+                if (CryptoUtil.isInternalToken(tokenName)) {
                     token = cm.getInternalKeyStorageToken();
                     tokenName = CryptoUtil.INTERNAL_TOKEN_NAME;
                 } else {
diff --git a/base/java-tools/src/com/netscape/cmstools/KRATool.java b/base/java-tools/src/com/netscape/cmstools/KRATool.java
index c89d488e2..2ec09658f 100644
--- a/base/java-tools/src/com/netscape/cmstools/KRATool.java
+++ b/base/java-tools/src/com/netscape/cmstools/KRATool.java
@@ -42,12 +42,6 @@ import java.util.Iterator;
 import java.util.Vector;
 import java.util.regex.PatternSyntaxException;
 
-import netscape.security.provider.RSAPublicKey;
-import netscape.security.util.DerInputStream;
-import netscape.security.util.DerOutputStream;
-import netscape.security.util.DerValue;
-import netscape.security.x509.X509CertImpl;
-
 import org.mozilla.jss.CertDatabaseException;
 import org.mozilla.jss.CryptoManager;
 import org.mozilla.jss.KeyDatabaseException;
@@ -68,6 +62,12 @@ import org.mozilla.jss.util.Password;
 import com.netscape.cmsutil.crypto.CryptoUtil;
 import com.netscape.cmsutil.util.Utils;
 
+import netscape.security.provider.RSAPublicKey;
+import netscape.security.util.DerInputStream;
+import netscape.security.util.DerOutputStream;
+import netscape.security.util.DerValue;
+import netscape.security.x509.X509CertImpl;
+
 /**
  * The KRATool class is a utility program designed to operate on an LDIF file
  * to perform one or more of the following tasks:
@@ -1620,7 +1620,7 @@ public class KRATool {
                     + "'."
                     + NEWLINE, true);
 
-            if (mSourceStorageTokenName.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) {
+            if (CryptoUtil.isInternalToken(mSourceStorageTokenName)) {
                 mSourceToken = cm.getInternalKeyStorageToken();
             } else {
                 mSourceToken = cm.getTokenByName(mSourceStorageTokenName);
diff --git a/base/java-tools/src/com/netscape/cmstools/TestCRLSigning.java b/base/java-tools/src/com/netscape/cmstools/TestCRLSigning.java
index 24a51f8ee..90535296a 100644
--- a/base/java-tools/src/com/netscape/cmstools/TestCRLSigning.java
+++ b/base/java-tools/src/com/netscape/cmstools/TestCRLSigning.java
@@ -63,7 +63,7 @@ public class TestCRLSigning {
 
         // Login to token
         CryptoToken token = null;
-        if (tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) {
+        if (CryptoUtil.isInternalToken(tokenname)) {
             token = cm.getInternalKeyStorageToken();
         } else {
             token = cm.getTokenByName(tokenname);
author	Endi S. Dewata <edewata@redhat.com>	2017-01-20 23:57:11 +0100
committer	Endi S. Dewata <edewata@redhat.com>	2017-01-26 00:56:15 +0100
commit	48cefdea31e62d49c8b728576d29e0f298141a04 (patch)
tree	3a5e68b45dd4da38df7ba1e6d54956c0c5155d8f /base/java-tools/src/com/netscape/cmstools
parent	97ac6024c813621856b3cbfc8207416a46855108 (diff)
download	pki-48cefdea31e62d49c8b728576d29e0f298141a04.tar.gz pki-48cefdea31e62d49c8b728576d29e0f298141a04.tar.xz pki-48cefdea31e62d49c8b728576d29e0f298141a04.zip