Resolve: pkispawn does not change default ecc key size from nistp256 when nistp384 is specified in spawn config

Ticket #2552. This fix turned out simple. The client was correctly setting the required data, but it was putting the curveName in the "keySize" field of the SystemCertData object sent to the back end. The configuration routine was trying to find the name in the "curveName" field when its really in the "keySize" field. This issue is restricted to the ECC case. It is fine to simply fix this in the server, since the "keySize" is a string anyway and it makes decent sense.
author: Jack Magne <jmagne@dhcp-16-206.sjc.redhat.com> 2016-12-08 16:35:20 -0800
committer: Jack Magne <jmagne@dhcp-16-206.sjc.redhat.com> 2016-12-09 10:34:45 -0800
commit: ae350a3d4e0ae9b82fa44ebdfa37654f0083b4c1 (patch)
tree: e9ad7a904491b384d0726c17ba03d90a7eb53795 /base/server/cms/src
parent: e84e4a33570ce79f3c4d2aae4e6e96236221494b (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
index 2f9d0d65d..40f4b5834 100644
--- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
+++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
@@ -34,6 +34,8 @@ import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.Request;
 import javax.ws.rs.core.UriInfo;
 
+import netscape.security.x509.X509CertImpl;
+
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.lang.mutable.MutableBoolean;
 import org.mozilla.jss.CryptoManager;
@@ -66,8 +68,6 @@ import com.netscape.cms.servlet.csadmin.SystemCertDataFactory;
 import com.netscape.cmsutil.crypto.CryptoUtil;
 import com.netscape.cmsutil.util.Utils;
 
-import netscape.security.x509.X509CertImpl;
-
 /**
  * @author alee
  *
@@ -453,8 +453,8 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
 
         } else if (!request.getStepTwo()) {
             if (keytype.equals("ecc")) {
-                String curvename = certData.getKeyCurveName() != null ?
-                        certData.getKeyCurveName() : cs.getString("keys.ecc.curve.default");
+                String curvename = certData.getKeySize() != null ?
+                        certData.getKeySize() : cs.getString("keys.ecc.curve.default");
                 cs.putString("preop.cert." + tag + ".curvename.name", curvename);
                 ConfigurationUtils.createECCKeyPair(token, curvename, cs, tag);
author	Jack Magne <jmagne@dhcp-16-206.sjc.redhat.com>	2016-12-08 16:35:20 -0800
committer	Jack Magne <jmagne@dhcp-16-206.sjc.redhat.com>	2016-12-09 10:34:45 -0800
commit	ae350a3d4e0ae9b82fa44ebdfa37654f0083b4c1 (patch)
tree	e9ad7a904491b384d0726c17ba03d90a7eb53795 /base/server/cms/src
parent	e84e4a33570ce79f3c4d2aae4e6e96236221494b (diff)