Bug 635033 - At installation wizard selecting key types other than CA's signing cert will fail

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1319 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
author: cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2010-09-26 21:30:38 +0000
committer: cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2010-09-26 21:30:38 +0000
commit: 30559544cdae556ec0371a09170fada98a3cdc60 (patch)
tree: 06cb5aea1cdced785cb3462fbe1e70f92d9b4186 /pki/base/common/src/com/netscape/cms/servlet/csadmin
parent: 84f0992d60e2075146681afc911a631e137dcdb0 (diff)
download: pki-30559544cdae556ec0371a09170fada98a3cdc60.tar.gz
pki-30559544cdae556ec0371a09170fada98a3cdc60.tar.xz
pki-30559544cdae556ec0371a09170fada98a3cdc60.zip
2 files changed, 12 insertions, 6 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java
index 592312084..bae3745ee 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java
@@ -260,7 +260,7 @@ public class CertUtil {
  */
 
     public static String getAdminProfileAlgorithm(IConfigStore config) {
-        String algorithm = "SHA1withRSA";
+        String algorithm = "SHA256withRSA";
         try {
             String caSigningKeyType = config.getString("preop.cert.signing.keytype","rsa");
             String pfile = config.getString("profile.caAdminCert.config");
@@ -405,14 +405,19 @@ public class CertUtil {
             CMS.debug("key algorithm is " + keyAlgo);
             String caSigningKeyType = 
                  config.getString("preop.cert.signing.keytype","rsa");
+            String caSigningKeyAlgo = 
+                 config.getString("preop.cert.signing.keyalgorithm","SHA256withRSA");
             CMS.debug("CA Signing Key type " + caSigningKeyType);
+            CMS.debug("CA Signing Key algorithm " + caSigningKeyAlgo);
 
             if (caSigningKeyType.equals("ecc")) {
-              CMS.debug("Signing ECC certificate");
-              cert = CryptoUtil.signECCCert(caPrik, info, keyAlgorithm);
+              CMS.debug("CA signing cert is ECC");
+              cert = CryptoUtil.signECCCert(caPrik, info,
+                      caSigningKeyAlgo);
             } else {
-              CMS.debug("Signing RSA certificate");
-              cert = CryptoUtil.signCert(caPrik, info, keyAlgorithm);
+              CMS.debug("CA signing cert is not ecc");
+              cert = CryptoUtil.signCert(caPrik, info,
+                      caSigningKeyAlgo);
             }
 
             if (cert != null) {
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java
index 39cc2c211..d7670cd9b 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java
@@ -416,7 +416,8 @@ public class SizePanel extends WizardPanelBase {
     public void createECCKeyPair(String token, int keysize, IConfigStore config, String ct) 
             throws NoSuchAlgorithmException, NoSuchTokenException, TokenException, CryptoManager.NotInitializedException
     {
-        CMS.debug("Generating ECC key pair");
+        CMS.debug("Generating ECC key pair with keysize="+ keysize +
+                    ", token="+token);
         KeyPair pair = null;
         /*
          * default ssl server cert to ECDHE unless stated otherwise
author	cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2010-09-26 21:30:38 +0000
committer	cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2010-09-26 21:30:38 +0000
commit	30559544cdae556ec0371a09170fada98a3cdc60 (patch)
tree	06cb5aea1cdced785cb3462fbe1e70f92d9b4186 /pki/base/common/src/com/netscape/cms/servlet/csadmin
parent	84f0992d60e2075146681afc911a631e137dcdb0 (diff)
download	pki-30559544cdae556ec0371a09170fada98a3cdc60.tar.gz pki-30559544cdae556ec0371a09170fada98a3cdc60.tar.xz pki-30559544cdae556ec0371a09170fada98a3cdc60.zip