diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2017-01-20 23:57:11 +0100 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2017-01-26 00:56:15 +0100 |
| commit | 48cefdea31e62d49c8b728576d29e0f298141a04 (patch) | |
| tree | 3a5e68b45dd4da38df7ba1e6d54956c0c5155d8f /base/java-tools | |
| parent | 97ac6024c813621856b3cbfc8207416a46855108 (diff) | |
| download | pki-48cefdea31e62d49c8b728576d29e0f298141a04.tar.gz pki-48cefdea31e62d49c8b728576d29e0f298141a04.tar.xz pki-48cefdea31e62d49c8b728576d29e0f298141a04.zip | |
Fixed inconsistent internal token detection.
The codes that detect internal token name have been modified to
use CryptoUtil.isInternalToken() such that the comparison can be
done consistently both in normal mode and FIPS mode.
https://fedorahosted.org/pki/ticket/2556
Diffstat (limited to 'base/java-tools')
6 files changed, 25 insertions, 25 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/CMCEnroll.java b/base/java-tools/src/com/netscape/cmstools/CMCEnroll.java index edf6e1335..9b435eea2 100644 --- a/base/java-tools/src/com/netscape/cmstools/CMCEnroll.java +++ b/base/java-tools/src/com/netscape/cmstools/CMCEnroll.java @@ -95,7 +95,7 @@ public class CMCEnroll { CryptoManager manager = CryptoManager.getInstance(); CryptoToken token = null; - if (tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) { + if (CryptoUtil.isInternalToken(tokenname)) { token = manager.getInternalKeyStorageToken(); } else { token = manager.getTokenByName(tokenname); diff --git a/base/java-tools/src/com/netscape/cmstools/CMCRequest.java b/base/java-tools/src/com/netscape/cmstools/CMCRequest.java index 865d410ed..5a692a031 100644 --- a/base/java-tools/src/com/netscape/cmstools/CMCRequest.java +++ b/base/java-tools/src/com/netscape/cmstools/CMCRequest.java @@ -33,10 +33,6 @@ import java.security.NoSuchAlgorithmException; import java.util.Date; import java.util.StringTokenizer; -import netscape.security.pkcs.PKCS10; -import netscape.security.x509.X500Name; -import netscape.security.x509.X509CertImpl; - import org.mozilla.jss.CryptoManager; import org.mozilla.jss.asn1.ANY; import org.mozilla.jss.asn1.ASN1Util; @@ -83,6 +79,10 @@ import com.netscape.cmsutil.crypto.CryptoUtil; import com.netscape.cmsutil.util.HMACDigest; import com.netscape.cmsutil.util.Utils; +import netscape.security.pkcs.PKCS10; +import netscape.security.x509.X500Name; +import netscape.security.x509.X509CertImpl; + /** * Tool for creating CMC full request * @@ -108,7 +108,7 @@ public class CMCRequest { CryptoManager manager = CryptoManager.getInstance(); CryptoToken token = null; - if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) { + if (CryptoUtil.isInternalToken(tokenName)) { token = manager.getInternalKeyStorageToken(); } else { token = manager.getTokenByName(tokenName); @@ -1019,7 +1019,7 @@ public class CMCRequest { CryptoManager cm = CryptoManager.getInstance(); System.out.println("CryptoManger initialized"); - if ((tokenName == null) || (tokenName.equals(""))) { + if (CryptoUtil.isInternalToken(tokenName)) { token = cm.getInternalKeyStorageToken(); tokenName = CryptoUtil.INTERNAL_TOKEN_NAME; } else { diff --git a/base/java-tools/src/com/netscape/cmstools/CMCRevoke.java b/base/java-tools/src/com/netscape/cmstools/CMCRevoke.java index b238321ac..bb0cc44a7 100644 --- a/base/java-tools/src/com/netscape/cmstools/CMCRevoke.java +++ b/base/java-tools/src/com/netscape/cmstools/CMCRevoke.java @@ -27,9 +27,6 @@ import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Date; -import netscape.security.x509.X500Name; -import netscape.security.x509.X509CertImpl; - import org.mozilla.jss.CryptoManager; import org.mozilla.jss.NoSuchTokenException; import org.mozilla.jss.asn1.ANY; @@ -61,6 +58,9 @@ import org.mozilla.jss.util.Password; import com.netscape.cmsutil.crypto.CryptoUtil; import com.netscape.cmsutil.util.Utils; +import netscape.security.x509.X500Name; +import netscape.security.x509.X509CertImpl; + /** * Tool for signing a CMC revocation request with an agent's certificate. * @@ -175,21 +175,21 @@ public class CMCRevoke { // initialize CryptoManager mPath = dValue; System.out.println("cert/key prefix = " + mPrefix); - System.out.println("path = " + mPath); + System.out.println("path = " + mPath); CryptoManager.InitializationValues vals = - new CryptoManager.InitializationValues(mPath, mPrefix, mPrefix, "secmod.db"); + new CryptoManager.InitializationValues(mPath, mPrefix, mPrefix, "secmod.db"); CryptoManager.initialize(vals); - + CryptoManager cm = CryptoManager.getInstance(); CryptoToken token = null; - if ((hValue == null) || (hValue.equals(""))) { + if (CryptoUtil.isInternalToken(hValue)) { token = cm.getInternalKeyStorageToken(); hValue = CryptoUtil.INTERNAL_TOKEN_NAME; } else { token = cm.getTokenByName(hValue); } - + Password pass = new Password(pValue.toCharArray()); token.login(pass); @@ -259,7 +259,7 @@ public class CMCRevoke { Exception, TokenException { CryptoToken token = null; - if (tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) { + if (CryptoUtil.isInternalToken(tokenname)) { token = manager.getInternalKeyStorageToken(); } else { token = manager.getTokenByName(tokenname); diff --git a/base/java-tools/src/com/netscape/cmstools/HttpClient.java b/base/java-tools/src/com/netscape/cmstools/HttpClient.java index c2134648b..05f64f9f4 100644 --- a/base/java-tools/src/com/netscape/cmstools/HttpClient.java +++ b/base/java-tools/src/com/netscape/cmstools/HttpClient.java @@ -114,7 +114,7 @@ public class HttpClient { CryptoManager.initialize(vals); CryptoManager cm = CryptoManager.getInstance(); CryptoToken token = null; - if ((tokenName == null) || (tokenName.equals(""))) { + if (CryptoUtil.isInternalToken(tokenName)) { token = cm.getInternalKeyStorageToken(); tokenName = CryptoUtil.INTERNAL_TOKEN_NAME; } else { diff --git a/base/java-tools/src/com/netscape/cmstools/KRATool.java b/base/java-tools/src/com/netscape/cmstools/KRATool.java index c89d488e2..2ec09658f 100644 --- a/base/java-tools/src/com/netscape/cmstools/KRATool.java +++ b/base/java-tools/src/com/netscape/cmstools/KRATool.java @@ -42,12 +42,6 @@ import java.util.Iterator; import java.util.Vector; import java.util.regex.PatternSyntaxException; -import netscape.security.provider.RSAPublicKey; -import netscape.security.util.DerInputStream; -import netscape.security.util.DerOutputStream; -import netscape.security.util.DerValue; -import netscape.security.x509.X509CertImpl; - import org.mozilla.jss.CertDatabaseException; import org.mozilla.jss.CryptoManager; import org.mozilla.jss.KeyDatabaseException; @@ -68,6 +62,12 @@ import org.mozilla.jss.util.Password; import com.netscape.cmsutil.crypto.CryptoUtil; import com.netscape.cmsutil.util.Utils; +import netscape.security.provider.RSAPublicKey; +import netscape.security.util.DerInputStream; +import netscape.security.util.DerOutputStream; +import netscape.security.util.DerValue; +import netscape.security.x509.X509CertImpl; + /** * The KRATool class is a utility program designed to operate on an LDIF file * to perform one or more of the following tasks: @@ -1620,7 +1620,7 @@ public class KRATool { + "'." + NEWLINE, true); - if (mSourceStorageTokenName.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) { + if (CryptoUtil.isInternalToken(mSourceStorageTokenName)) { mSourceToken = cm.getInternalKeyStorageToken(); } else { mSourceToken = cm.getTokenByName(mSourceStorageTokenName); diff --git a/base/java-tools/src/com/netscape/cmstools/TestCRLSigning.java b/base/java-tools/src/com/netscape/cmstools/TestCRLSigning.java index 24a51f8ee..90535296a 100644 --- a/base/java-tools/src/com/netscape/cmstools/TestCRLSigning.java +++ b/base/java-tools/src/com/netscape/cmstools/TestCRLSigning.java @@ -63,7 +63,7 @@ public class TestCRLSigning { // Login to token CryptoToken token = null; - if (tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) { + if (CryptoUtil.isInternalToken(tokenname)) { token = cm.getInternalKeyStorageToken(); } else { token = cm.getTokenByName(tokenname); |