TPS token enrollment fails to setupSecureChannel when TPS and TKS security db is on fips mode.

Ticket #2513. Simple fix allows the TPS and TKS the ability to obtain the proper internal token, even in FiPS mode.
author: Jack Magne <jmagne@dhcp-16-206.sjc.redhat.com> 2016-10-20 15:18:12 -0700
committer: Jack Magne <jmagne@dhcp-16-206.sjc.redhat.com> 2016-10-21 11:19:04 -0700
commit: cb2cc3c7fd93e1a0519a0b530cbc2edbab7741cc (patch)
tree: f39ee1f0fc58d4f261b16bf4838cbbb03476c575 /base/server/cms/src/com
parent: 8c15e8d60a4004cb63ebb0bf2bed73be919d54ee (diff)
download: pki-cb2cc3c7fd93e1a0519a0b530cbc2edbab7741cc.tar.gz
pki-cb2cc3c7fd93e1a0519a0b530cbc2edbab7741cc.tar.xz
pki-cb2cc3c7fd93e1a0519a0b530cbc2edbab7741cc.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/tks/SecureChannelProtocol.java b/base/server/cms/src/com/netscape/cms/servlet/tks/SecureChannelProtocol.java
index db42cab77..6dfd1d2a2 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/tks/SecureChannelProtocol.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/tks/SecureChannelProtocol.java
@@ -31,6 +31,7 @@ import sun.security.pkcs11.wrapper.PKCS11Constants;
 
 import com.netscape.certsrv.apps.CMS;
 import com.netscape.certsrv.base.EBaseException;
+import com.netscape.cmsutil.crypto.CryptoUtil;
 
 public class SecureChannelProtocol {
 
@@ -688,10 +689,11 @@ public class SecureChannelProtocol {
 
     public CryptoToken returnTokenByName(String name, CryptoManager manager) throws NoSuchTokenException {
 
+        CMS.debug("returnTokenByName: requested name: " + name);
         if (name == null || manager == null)
             throw new NoSuchTokenException();
 
-        if (name.equals("internal") || name.equals("Internal KeyStorage Token")) {
+        if(CryptoUtil.isInternalToken(name)) {
             return manager.getInternalKeyStorageToken();
         } else {
             return manager.getTokenByName(name);
author	Jack Magne <jmagne@dhcp-16-206.sjc.redhat.com>	2016-10-20 15:18:12 -0700
committer	Jack Magne <jmagne@dhcp-16-206.sjc.redhat.com>	2016-10-21 11:19:04 -0700
commit	cb2cc3c7fd93e1a0519a0b530cbc2edbab7741cc (patch)
tree	f39ee1f0fc58d4f261b16bf4838cbbb03476c575 /base/server/cms/src/com
parent	8c15e8d60a4004cb63ebb0bf2bed73be919d54ee (diff)
download	pki-cb2cc3c7fd93e1a0519a0b530cbc2edbab7741cc.tar.gz pki-cb2cc3c7fd93e1a0519a0b530cbc2edbab7741cc.tar.xz pki-cb2cc3c7fd93e1a0519a0b530cbc2edbab7741cc.zip