Bug 744797 - KRA key recovery (retrieve pkcs#12) fails after the in-place upgrade( CS 8.0->8.1)

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2274 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
author: cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2011-10-22 19:09:25 +0000
committer: cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2011-10-22 19:09:25 +0000
commit: 0acd942a0ff6558eb2b34b97188c7f80603911df (patch)
tree: be52dd916c8ac91c9bccf82b2209436570306eba /pki/base/common/src/com/netscape/cms
parent: 93a2f2630e5c10b3e1744df4daf8f0291203b17b (diff)
download: pki-0acd942a0ff6558eb2b34b97188c7f80603911df.tar.gz
pki-0acd942a0ff6558eb2b34b97188c7f80603911df.tar.xz
pki-0acd942a0ff6558eb2b34b97188c7f80603911df.zip
2 files changed, 18 insertions, 13 deletions
diff --git a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java
index b60b73c9a..cc8789390 100644
--- a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java
+++ b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java
@@ -937,10 +937,16 @@ public abstract class EnrollProfile extends BasicProfile
             sigver = CMS.getConfigStore().getBoolean("ca.requestVerify.enabled", true);
             if (sigver) {
                 CMS.debug("EnrollProfile: parsePKCS10: signature verification enabled");
-                String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token",
-                   "Internal Key Storage Token");
+                String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", "internal");
                 savedToken = cm.getThreadToken();
-                CryptoToken signToken = cm.getTokenByName(tokenName);
+                CryptoToken signToken = null;
+                if (tokenName.equals("internal")) {
+                    CMS.debug("EnrollProfile: parsePKCS10: use internal token");
+                    signToken = cm.getInternalCryptoToken();
+                } else {
+                    CMS.debug("EnrollProfile: parsePKCS10: tokenName="+ tokenName);
+                    signToken = cm.getTokenByName(tokenName);
+                }
                 CMS.debug("EnrollProfile: parsePKCS10 setting thread token");
                 cm.setThreadToken(signToken);
                 pkcs10 = new PKCS10(data);
@@ -1365,15 +1371,14 @@ public abstract class EnrollProfile extends BasicProfile
 
         try {
             CryptoManager cm = CryptoManager.getInstance();
-            String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token",
-                   "Internal Key Storage Token");
-            CryptoToken verifyToken = cm.getTokenByName(tokenName);
-            if (tokenName.equals("Internal Key Storage Token")) {
-                //use internal token
+            CryptoToken verifyToken = null;
+            String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", "internal");
+            if (tokenName.equals("internal")) {
                 CMS.debug("POP verification using internal token");
                 certReqMsg.verify();
             } else {
                 CMS.debug("POP verification using token:"+ tokenName);
+                verifyToken = cm.getTokenByName(tokenName);
                 certReqMsg.verify(verifyToken);
             }
 
diff --git a/pki/base/common/src/com/netscape/cms/profile/input/EnrollInput.java b/pki/base/common/src/com/netscape/cms/profile/input/EnrollInput.java
index 949e58b1a..f704a2297 100644
--- a/pki/base/common/src/com/netscape/cms/profile/input/EnrollInput.java
+++ b/pki/base/common/src/com/netscape/cms/profile/input/EnrollInput.java
@@ -198,15 +198,15 @@ public abstract class EnrollInput implements IProfileInput {
             }
             CMS.debug("POP verification begins:");
             CryptoManager cm = CryptoManager.getInstance();
-            String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token",
-                   "Internal Key Storage Token");
-            CryptoToken verifyToken = cm.getTokenByName(tokenName);
-            if (tokenName.equals("Internal Key Storage Token")) {
-                //use internal token
+
+            CryptoToken verifyToken = null;
+            String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", "internal");
+            if (tokenName.equals("internal")) {
                 CMS.debug("POP verification using internal token");
                 certReqMsg.verify();
             } else {
                 CMS.debug("POP verification using token:"+ tokenName);
+                verifyToken = cm.getTokenByName(tokenName);
                 certReqMsg.verify(verifyToken);
             }
author	cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2011-10-22 19:09:25 +0000
committer	cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2011-10-22 19:09:25 +0000
commit	0acd942a0ff6558eb2b34b97188c7f80603911df (patch)
tree	be52dd916c8ac91c9bccf82b2209436570306eba /pki/base/common/src/com/netscape/cms
parent	93a2f2630e5c10b3e1744df4daf8f0291203b17b (diff)
download	pki-0acd942a0ff6558eb2b34b97188c7f80603911df.tar.gz pki-0acd942a0ff6558eb2b34b97188c7f80603911df.tar.xz pki-0acd942a0ff6558eb2b34b97188c7f80603911df.zip