summaryrefslogtreecommitdiffstats
path: root/base/java-tools/src
diff options
context:
space:
mode:
authorEndi S. Dewata <edewata@redhat.com>2017-01-24 16:17:10 +0100
committerEndi S. Dewata <edewata@redhat.com>2017-01-27 17:52:27 +0100
commit2fa7bc707a558da1b0c4d748d0805bdd0b60168c (patch)
tree9a0152fb6da9db98883bc16e8ee46ae676f0eac0 /base/java-tools/src
parent755fb2834d22131628ad1929c1bd4b1cd7592203 (diff)
downloadpki-2fa7bc707a558da1b0c4d748d0805bdd0b60168c.tar.gz
pki-2fa7bc707a558da1b0c4d748d0805bdd0b60168c.tar.xz
pki-2fa7bc707a558da1b0c4d748d0805bdd0b60168c.zip
Replaced CryptoManager.getTokenByName().
Direct invocations of CryptoManager.getTokenByName() have been replaced with CryptoUtil.getCryptoToken() and getKeyStorageToken() to ensure that internal token names are handled consistently both in normal mode and FIPS mode. https://fedorahosted.org/pki/ticket/2556
Diffstat (limited to 'base/java-tools/src')
-rw-r--r--base/java-tools/src/com/netscape/cmstools/CMCEnroll.java8
-rw-r--r--base/java-tools/src/com/netscape/cmstools/CMCRequest.java12
-rw-r--r--base/java-tools/src/com/netscape/cmstools/CMCRevoke.java12
-rw-r--r--base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java9
-rw-r--r--base/java-tools/src/com/netscape/cmstools/HttpClient.java5
-rw-r--r--base/java-tools/src/com/netscape/cmstools/KRATool.java6
-rw-r--r--base/java-tools/src/com/netscape/cmstools/PKCS10Client.java19
-rw-r--r--base/java-tools/src/com/netscape/cmstools/PasswordCache.java21
-rw-r--r--base/java-tools/src/com/netscape/cmstools/TestCRLSigning.java8
-rw-r--r--base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java8
10 files changed, 27 insertions, 81 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/CMCEnroll.java b/base/java-tools/src/com/netscape/cmstools/CMCEnroll.java
index 9b435eea2..cee97a0ef 100644
--- a/base/java-tools/src/com/netscape/cmstools/CMCEnroll.java
+++ b/base/java-tools/src/com/netscape/cmstools/CMCEnroll.java
@@ -93,13 +93,7 @@ public class CMCEnroll {
public static X509Certificate getCertificate(String tokenname,
String nickname) throws Exception {
CryptoManager manager = CryptoManager.getInstance();
- CryptoToken token = null;
-
- if (CryptoUtil.isInternalToken(tokenname)) {
- token = manager.getInternalKeyStorageToken();
- } else {
- token = manager.getTokenByName(tokenname);
- }
+ CryptoToken token = CryptoUtil.getKeyStorageToken(tokenname);
StringBuffer certname = new StringBuffer();
if (!token.equals(manager.getInternalKeyStorageToken())) {
diff --git a/base/java-tools/src/com/netscape/cmstools/CMCRequest.java b/base/java-tools/src/com/netscape/cmstools/CMCRequest.java
index 5a692a031..c51808212 100644
--- a/base/java-tools/src/com/netscape/cmstools/CMCRequest.java
+++ b/base/java-tools/src/com/netscape/cmstools/CMCRequest.java
@@ -106,13 +106,8 @@ public class CMCRequest {
public static X509Certificate getCertificate(String tokenName,
String nickname) throws Exception {
CryptoManager manager = CryptoManager.getInstance();
- CryptoToken token = null;
+ CryptoToken token = CryptoUtil.getKeyStorageToken(tokenName);
- if (CryptoUtil.isInternalToken(tokenName)) {
- token = manager.getInternalKeyStorageToken();
- } else {
- token = manager.getTokenByName(tokenName);
- }
StringBuffer certname = new StringBuffer();
if (!token.equals(manager.getInternalKeyStorageToken())) {
@@ -1019,11 +1014,10 @@ public class CMCRequest {
CryptoManager cm = CryptoManager.getInstance();
System.out.println("CryptoManger initialized");
+ token = CryptoUtil.getKeyStorageToken(tokenName);
+
if (CryptoUtil.isInternalToken(tokenName)) {
- token = cm.getInternalKeyStorageToken();
tokenName = CryptoUtil.INTERNAL_TOKEN_NAME;
- } else {
- token = cm.getTokenByName(tokenName);
}
cm.setThreadToken(token);
diff --git a/base/java-tools/src/com/netscape/cmstools/CMCRevoke.java b/base/java-tools/src/com/netscape/cmstools/CMCRevoke.java
index bb0cc44a7..c2572e64b 100644
--- a/base/java-tools/src/com/netscape/cmstools/CMCRevoke.java
+++ b/base/java-tools/src/com/netscape/cmstools/CMCRevoke.java
@@ -182,12 +182,9 @@ public class CMCRevoke {
CryptoManager.initialize(vals);
CryptoManager cm = CryptoManager.getInstance();
- CryptoToken token = null;
+ CryptoToken token = CryptoUtil.getKeyStorageToken(hValue);
if (CryptoUtil.isInternalToken(hValue)) {
- token = cm.getInternalKeyStorageToken();
hValue = CryptoUtil.INTERNAL_TOKEN_NAME;
- } else {
- token = cm.getTokenByName(hValue);
}
Password pass = new Password(pValue.toCharArray());
@@ -257,13 +254,8 @@ public class CMCRevoke {
public static X509Certificate getCertificate(CryptoManager manager, String tokenname,
String nickname) throws NoSuchTokenException,
Exception, TokenException {
- CryptoToken token = null;
+ CryptoToken token = CryptoUtil.getKeyStorageToken(tokenname);
- if (CryptoUtil.isInternalToken(tokenname)) {
- token = manager.getInternalKeyStorageToken();
- } else {
- token = manager.getTokenByName(tokenname);
- }
StringBuffer certname = new StringBuffer();
if (!token.equals(manager.getInternalKeyStorageToken())) {
diff --git a/base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java b/base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java
index 5d401f396..8d5bd1f8a 100644
--- a/base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java
+++ b/base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java
@@ -393,13 +393,8 @@ public class CRMFPopClient {
CryptoManager manager = CryptoManager.getInstance();
- CryptoToken token;
- if (tokenName == null) {
- token = manager.getInternalKeyStorageToken();
- tokenName = token.getName();
- } else {
- token = manager.getTokenByName(tokenName);
- }
+ CryptoToken token = CryptoUtil.getKeyStorageToken(tokenName);
+ tokenName = token.getName();
manager.setThreadToken(token);
Password password = new Password(tokenPassword.toCharArray());
diff --git a/base/java-tools/src/com/netscape/cmstools/HttpClient.java b/base/java-tools/src/com/netscape/cmstools/HttpClient.java
index 05f64f9f4..6a008bf2c 100644
--- a/base/java-tools/src/com/netscape/cmstools/HttpClient.java
+++ b/base/java-tools/src/com/netscape/cmstools/HttpClient.java
@@ -113,12 +113,9 @@ public class HttpClient {
new CryptoManager.InitializationValues(dbdir, "", "", "secmod.db");
CryptoManager.initialize(vals);
CryptoManager cm = CryptoManager.getInstance();
- CryptoToken token = null;
+ CryptoToken token = CryptoUtil.getKeyStorageToken(tokenName);
if (CryptoUtil.isInternalToken(tokenName)) {
- token = cm.getInternalKeyStorageToken();
tokenName = CryptoUtil.INTERNAL_TOKEN_NAME;
- } else {
- token = cm.getTokenByName(tokenName);
}
cm.setThreadToken(token);
Password pass = new Password(password.toCharArray());
diff --git a/base/java-tools/src/com/netscape/cmstools/KRATool.java b/base/java-tools/src/com/netscape/cmstools/KRATool.java
index 2ec09658f..40440c454 100644
--- a/base/java-tools/src/com/netscape/cmstools/KRATool.java
+++ b/base/java-tools/src/com/netscape/cmstools/KRATool.java
@@ -1620,11 +1620,7 @@ public class KRATool {
+ "'."
+ NEWLINE, true);
- if (CryptoUtil.isInternalToken(mSourceStorageTokenName)) {
- mSourceToken = cm.getInternalKeyStorageToken();
- } else {
- mSourceToken = cm.getTokenByName(mSourceStorageTokenName);
- }
+ mSourceToken = CryptoUtil.getKeyStorageToken(mSourceStorageTokenName);
if (mSourceToken == null) {
return FAILURE;
diff --git a/base/java-tools/src/com/netscape/cmstools/PKCS10Client.java b/base/java-tools/src/com/netscape/cmstools/PKCS10Client.java
index 0a3582754..57f879231 100644
--- a/base/java-tools/src/com/netscape/cmstools/PKCS10Client.java
+++ b/base/java-tools/src/com/netscape/cmstools/PKCS10Client.java
@@ -25,10 +25,6 @@ import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.PublicKey;
-import netscape.security.pkcs.PKCS10;
-import netscape.security.x509.X500Name;
-import netscape.security.x509.X509Key;
-
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.asn1.BMPString;
import org.mozilla.jss.asn1.INTEGER;
@@ -55,6 +51,10 @@ import com.netscape.cmsutil.crypto.CryptoUtil;
import com.netscape.cmsutil.util.HMACDigest;
import com.netscape.cmsutil.util.Utils;
+import netscape.security.pkcs.PKCS10;
+import netscape.security.x509.X500Name;
+import netscape.security.x509.X509Key;
+
/**
* Generates an ECC or RSA key pair in the security database, constructs a
* PKCS#10 certificate request with the public key, and outputs the request
@@ -199,14 +199,11 @@ public class PKCS10Client {
mPrefix, "secmod.db");
CryptoManager.initialize(vals);
- CryptoToken token = null;
+
CryptoManager cm = CryptoManager.getInstance();
- if ((tokenName == null) || (tokenName.equals(""))) {
- token = cm.getInternalKeyStorageToken();
- tokenName = token.getName();
- } else {
- token = cm.getTokenByName(tokenName);
- }
+ CryptoToken token = CryptoUtil.getKeyStorageToken(tokenName);
+ tokenName = token.getName();
+
System.out.println("PKCS10Client: Debug: got token.");
cm.setThreadToken(token);
System.out.println("PKCS10Client: Debug: thread token set.");
diff --git a/base/java-tools/src/com/netscape/cmstools/PasswordCache.java b/base/java-tools/src/com/netscape/cmstools/PasswordCache.java
index 3a4f29c11..7f17c8fef 100644
--- a/base/java-tools/src/com/netscape/cmstools/PasswordCache.java
+++ b/base/java-tools/src/com/netscape/cmstools/PasswordCache.java
@@ -41,6 +41,7 @@ import org.mozilla.jss.crypto.TokenException;
import org.mozilla.jss.util.Base64OutputStream;
import org.mozilla.jss.util.Password;
+import com.netscape.cmsutil.crypto.CryptoUtil;
import com.netscape.cmsutil.util.Utils;
/**
@@ -246,15 +247,8 @@ public class PasswordCache {
CryptoManager.initialize(vals);
- CryptoManager cm = CryptoManager.getInstance();
- CryptoToken token = null;
- if (mTokenName == null) {
- token = cm.getInternalKeyStorageToken();
- System.out.println("token name = internal");
- } else {
- token = cm.getTokenByName(mTokenName);
- System.out.println("token name = " + mTokenName);
- }
+ CryptoToken token = CryptoUtil.getKeyStorageToken(mTokenName);
+ System.out.println("token: " + token.getName());
token.login(pass);
} catch (Exception e) {
@@ -377,13 +371,8 @@ class PWsdrCache {
}
cm = CryptoManager.getInstance();
- if (mTokenName != null) {
- mToken = cm.getTokenByName(mTokenName);
- debug("PWsdrCache: mToken = " + mTokenName);
- } else {
- mToken = cm.getInternalKeyStorageToken();
- debug("PWsdrCache: mToken = internal");
- }
+ mToken = CryptoUtil.getKeyStorageToken(mTokenName);
+ debug("PWsdrCache: token: " + mToken.getName());
}
public byte[] getKeyId() {
diff --git a/base/java-tools/src/com/netscape/cmstools/TestCRLSigning.java b/base/java-tools/src/com/netscape/cmstools/TestCRLSigning.java
index 90535296a..6ca949df7 100644
--- a/base/java-tools/src/com/netscape/cmstools/TestCRLSigning.java
+++ b/base/java-tools/src/com/netscape/cmstools/TestCRLSigning.java
@@ -62,12 +62,8 @@ public class TestCRLSigning {
cm = CryptoManager.getInstance();
// Login to token
- CryptoToken token = null;
- if (CryptoUtil.isInternalToken(tokenname)) {
- token = cm.getInternalKeyStorageToken();
- } else {
- token = cm.getTokenByName(tokenname);
- }
+ CryptoToken token = CryptoUtil.getKeyStorageToken(tokenname);
+
Password pass = new Password(tokenpwd.toCharArray());
token.login(pass);
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
index 21d16b537..caccdafcb 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
@@ -457,13 +457,9 @@ public class MainCLI extends CLI {
try {
CryptoManager manager = CryptoManager.getInstance();
- CryptoToken token;
String tokenName = config.getTokenName();
- if (tokenName == null) {
- token = manager.getInternalKeyStorageToken();
- } else {
- token = manager.getTokenByName(tokenName);
- }
+ CryptoToken token = CryptoUtil.getKeyStorageToken(tokenName);
+
manager.setThreadToken(token);
Password password = new Password(config.getCertPassword().toCharArray());
generated by cgit (git 2.34.1) at 2026-01-07 08:04:24 +0000