diff options
| author | Jack Magne <jmagne@localhost.localdomain> | 2015-03-12 19:08:41 -0700 |
|---|---|---|
| committer | Jack Magne <jmagne@localhost.localdomain> | 2015-03-17 12:44:28 -0700 |
| commit | 87ffc7a341860f3f1ece434e90e4bc33a02b8155 (patch) | |
| tree | d833d1868284ce2c3865a674aca0bad66a0f7ebd /base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java | |
| parent | f98e599b1e95572a589b8813bc6cb0c2e70fdd0b (diff) | |
| download | pki-87ffc7a341860f3f1ece434e90e4bc33a02b8155.tar.gz pki-87ffc7a341860f3f1ece434e90e4bc33a02b8155.tar.xz pki-87ffc7a341860f3f1ece434e90e4bc33a02b8155.zip | |
NISTSP8000 feature.
Implementation of the nistSP800 dervication feature.
Works for both supported scp01 cards and scp02 cards.
During the various session key and key upgrade functions, the nist dervication code is being called.
Review comments addressed
Cleanup of some input validation on the TKS.
Added some sanity checking on the TPS side for key versions and token cuid's and kdd's.
Final review comments.
Fixed issue with extracting the kdd from the AppletInfo class.
Fixed issue with sending the KDD to the encryptData TKS servlet.
Added requested entries to the CS.cfg .
Diffstat (limited to 'base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java')
| -rw-r--r-- | base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java index 5b8560a1d..265ce0491 100644 --- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java +++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java @@ -301,7 +301,7 @@ public class TPSEnrollProcessor extends TPSProcessor { CMS.debug("TPSEnrollProcessor.enroll: Finished updating applet if needed."); //Check and upgrade keys if called for - SecureChannel channel = checkAndUpgradeSymKeys(); + SecureChannel channel = checkAndUpgradeSymKeys(appletInfo,tokenRecord); channel.externalAuthenticate(); //Reset the token's pin, create one if we don't have one already @@ -467,13 +467,13 @@ public class TPSEnrollProcessor extends TPSProcessor { pkcs11objx.setFormatVersion(pkcs11objx.getOldFormatVersion()); // Make sure we have a good secure channel before writing out the final objects - channel = setupSecureChannel(); + channel = setupSecureChannel(appletInfo); statusUpdate(92, "PROGRESS_WRITE_OBJECTS"); writeFinalPKCS11ObjectToToken(pkcs11objx, appletInfo, channel); statusUpdate(98, "PROGRESS_ISSUER_INFO"); - writeIssuerInfoToToken(channel); + writeIssuerInfoToToken(channel,appletInfo); statusUpdate(99, "PROGRESS_SET_LIFECYCLE"); channel.setLifeycleState((byte) 0x0f); |