SC650 format/enroll fails

Simple fix to correctly identify scp01/gp201 sc650 card.

1 files changed, 11 insertions, 1 deletions

diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java
index 14e8eadbf..637cfa394 100644
--- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java
+++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSProcessor.java
@@ -3402,10 +3402,20 @@ public class TPSProcessor {
         byte protocol = oidSecureChannelProtocol.at(length - 2);
         byte implementation = oidSecureChannelProtocol.at(length - 1);
 
+        if (protocol == SecureChannel.SECURE_PROTO_03) {
+            throw new TPSException("TPSProcessor.gp211GetSecureChannelProtocolDetails: No support for SCP03 as of yet, bailing.",
+                    TPSStatus.STATUS_ERROR_SECURE_CHANNEL);
+        }
+
         platProtInfo.setProtocol(protocol);
         platProtInfo.setImplementation(implementation);
         platProtInfo.setKeysetInfoData(keyData);
-        platProtInfo.setPlatform(SecureChannel.GP211);
+
+        if (protocol == SecureChannel.SECURE_PROTO_02)
+            platProtInfo.setPlatform(SecureChannel.GP211);
+        else
+            platProtInfo.setPlatform(SecureChannel.GP201);
+
 
         CMS.debug("TPSProcessor.gp211GetSecureChannelProtocolDetails: protocol: " + protocol + " implementation: "
                 + implementation + " keyInfoData: " + keyData.toHexString());