diff options
| author | Ade Lee <alee@redhat.com> | 2017-06-06 16:16:40 -0400 |
|---|---|---|
| committer | Ade Lee <alee@redhat.com> | 2017-06-07 16:00:52 -0400 |
| commit | d5c331a42955365b76a1549aec047e613d3185dc (patch) | |
| tree | 6258a518501aa166cb803abe04f046da410aec31 /base/kra | |
| parent | 38df4274214938ceece85627abb6d4fe77b960ff (diff) | |
| download | pki-d5c331a42955365b76a1549aec047e613d3185dc.tar.gz pki-d5c331a42955365b76a1549aec047e613d3185dc.tar.xz pki-d5c331a42955365b76a1549aec047e613d3185dc.zip | |
Server side changes to correctly parse the new PKIArchiveOptions
The server is modified to read the new OIDs in the PKIArchiveOptions
and handle them correctly.
Change-Id: I328df4d6588b3c2c26a387ab2e9ed742d36824d4
Diffstat (limited to 'base/kra')
| -rw-r--r-- | base/kra/src/com/netscape/kra/TransportKeyUnit.java | 21 |
1 files changed, 9 insertions, 12 deletions
diff --git a/base/kra/src/com/netscape/kra/TransportKeyUnit.java b/base/kra/src/com/netscape/kra/TransportKeyUnit.java index d0ad8b3e4..91af7cfc2 100644 --- a/base/kra/src/com/netscape/kra/TransportKeyUnit.java +++ b/base/kra/src/com/netscape/kra/TransportKeyUnit.java @@ -267,7 +267,7 @@ public class TransportKeyUnit extends EncryptionUnit implements * Decrypts the user private key. This is called on the transport unit. */ public byte[] decryptExternalPrivate(byte encSymmKey[], - String symmAlgOID, byte symmAlgParams[], byte encValue[], + String wrapOID, byte wrapIV[], byte encValue[], org.mozilla.jss.crypto.X509Certificate transCert) throws Exception { @@ -279,12 +279,10 @@ public class TransportKeyUnit extends EncryptionUnit implements CryptoToken token = getToken(transCert); PrivateKey wrappingKey = getPrivateKey(transCert); String priKeyAlgo = wrappingKey.getAlgorithm(); - WrappingParams params = new WrappingParams( - symmAlgOID, - null, + WrappingParams params = WrappingParams.getWrappingParamsFromArchiveOptions( + wrapOID, priKeyAlgo, - new IVParameterSpec(symmAlgParams), - null); + new IVParameterSpec(wrapIV)); SymmetricKey sk = CryptoUtil.unwrap( token, @@ -303,6 +301,7 @@ public class TransportKeyUnit extends EncryptionUnit implements params.getPayloadEncryptionAlgorithm()); } + /** * External unwrapping. Unwraps the symmetric key using * the transport private key. @@ -342,19 +341,17 @@ public class TransportKeyUnit extends EncryptionUnit implements * the transport private key. */ public PrivateKey unwrap(byte encSymmKey[], - String symmAlgOID, byte symmAlgParams[], + String wrapOID, byte wrapIV[], byte encValue[], PublicKey pubKey, org.mozilla.jss.crypto.X509Certificate transCert) throws Exception { CryptoToken token = getToken(transCert); PrivateKey wrappingKey = getPrivateKey(transCert); String priKeyAlgo = wrappingKey.getAlgorithm(); - WrappingParams params = new WrappingParams( - symmAlgOID, - null, + WrappingParams params = WrappingParams.getWrappingParamsFromArchiveOptions( + wrapOID, priKeyAlgo, - new IVParameterSpec(symmAlgParams), - new IVParameterSpec(symmAlgParams)); + new IVParameterSpec(wrapIV)); // (1) unwrap the session key SymmetricKey sk = CryptoUtil.unwrap( |