diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-01-20 23:57:11 +0100 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-01-26 00:56:15 +0100 |
commit | 48cefdea31e62d49c8b728576d29e0f298141a04 (patch) | |
tree | 3a5e68b45dd4da38df7ba1e6d54956c0c5155d8f /base/server/cms/src/com/netscape/cms/servlet/admin | |
parent | 97ac6024c813621856b3cbfc8207416a46855108 (diff) | |
download | pki-48cefdea31e62d49c8b728576d29e0f298141a04.tar.gz pki-48cefdea31e62d49c8b728576d29e0f298141a04.tar.xz pki-48cefdea31e62d49c8b728576d29e0f298141a04.zip |
Fixed inconsistent internal token detection.
The codes that detect internal token name have been modified to
use CryptoUtil.isInternalToken() such that the comparison can be
done consistently both in normal mode and FIPS mode.
https://fedorahosted.org/pki/ticket/2556
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/admin')
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java | 16 | ||||
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/admin/KRAConnectorProcessor.java | 2 |
2 files changed, 9 insertions, 9 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java index 46ac361fe..eecbdbcd0 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java +++ b/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java @@ -588,7 +588,7 @@ public final class CMSAdminServlet extends AdminServlet { String tokenName = (String) tokenizer.nextElement(); String nickName = (String) tokenizer.nextElement(); - if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) { + if (CryptoUtil.isInternalToken(tokenName)) { tokenName = jssSubSystem.getInternalTokenName(); } else { nickName = tokenName + ":" + nickName; @@ -693,7 +693,7 @@ public final class CMSAdminServlet extends AdminServlet { } String tokenName = (String) tokenizer.nextElement(); - if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) + if (CryptoUtil.isInternalToken(tokenName)) tokenName = ""; else tokenName = tokenName + ":"; @@ -1100,7 +1100,7 @@ public final class CMSAdminServlet extends AdminServlet { String value = req.getParameter(key); if (key.equals(Constants.PR_TOKEN_NAME)) { - if (!value.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) + if (!CryptoUtil.isInternalToken(value)) tokenName = value; } else if (key.equals(Constants.PR_KEY_LENGTH)) { keyLength = Integer.parseInt(value); @@ -1264,7 +1264,7 @@ public final class CMSAdminServlet extends AdminServlet { CMS.getSubsystem(CMS.SUBSYSTEM_CA); ISigningUnit signingUnit = ca.getSigningUnit(); - if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) + if (CryptoUtil.isInternalToken(tokenName)) signingUnit.setNewNickName(nickname); else { if (tokenName.equals("") && nickname.equals("")) @@ -1287,7 +1287,7 @@ public final class CMSAdminServlet extends AdminServlet { IRegistrationAuthority ra = (IRegistrationAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_RA); - if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) + if (CryptoUtil.isInternalToken(tokenName)) ra.setNewNickName(nickname); else { if (tokenName.equals("") && nickname.equals("")) @@ -1311,7 +1311,7 @@ public final class CMSAdminServlet extends AdminServlet { if (ocsp != null) { ISigningUnit signingUnit = ocsp.getSigningUnit(); - if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) + if (CryptoUtil.isInternalToken(tokenName)) signingUnit.setNewNickName(nickname); else { if (tokenName.equals("") && nickname.equals("")) @@ -1324,7 +1324,7 @@ public final class CMSAdminServlet extends AdminServlet { CMS.getSubsystem(CMS.SUBSYSTEM_CA); ISigningUnit signingUnit = ca.getOCSPSigningUnit(); - if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) + if (CryptoUtil.isInternalToken(tokenName)) signingUnit.setNewNickName(nickname); else { if (tokenName.equals("") && nickname.equals("")) @@ -1356,7 +1356,7 @@ public final class CMSAdminServlet extends AdminServlet { IKeyRecoveryAuthority kra = (IKeyRecoveryAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_KRA); - if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) + if (CryptoUtil.isInternalToken(tokenName)) kra.setNewNickName(nickname); else { if (tokenName.equals("") && nickname.equals("")) diff --git a/base/server/cms/src/com/netscape/cms/servlet/admin/KRAConnectorProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/admin/KRAConnectorProcessor.java index 92067c7c3..2fd5d5371 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/admin/KRAConnectorProcessor.java +++ b/base/server/cms/src/com/netscape/cms/servlet/admin/KRAConnectorProcessor.java @@ -194,7 +194,7 @@ public class KRAConnectorProcessor extends CAProcessor { String nickname = cs.getString("ca.subsystem.nickname", ""); String tokenname = cs.getString("ca.subsystem.tokenname", ""); - if (!tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) + if (!CryptoUtil.isInternalToken(tokenname)) nickname = tokenname + ":" + nickname; cs.putString(PREFIX + ".nickName", nickname); cs.commit(true); |