diff options
author | jmagne <jmagne@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-10-15 00:15:44 +0000 |
---|---|---|
committer | jmagne <jmagne@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-10-15 00:15:44 +0000 |
commit | 0ed4d13e5207c0e69a6d5e3f0f91d7e08d55f76f (patch) | |
tree | c1ac79b8a80038bf3691102fbf0131d0af362b54 /pki/base/kra/src/com/netscape/kra/NetkeyKeygenService.java | |
parent | e7414ef11ff25e975984457f8580f9367760a8da (diff) | |
download | pki-0ed4d13e5207c0e69a6d5e3f0f91d7e08d55f76f.tar.gz pki-0ed4d13e5207c0e69a6d5e3f0f91d7e08d55f76f.tar.xz pki-0ed4d13e5207c0e69a6d5e3f0f91d7e08d55f76f.zip |
Fix Bugzilla Bug #223313 - should do random generated IV param for symmetric keys
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1354 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/kra/src/com/netscape/kra/NetkeyKeygenService.java')
-rw-r--r-- | pki/base/kra/src/com/netscape/kra/NetkeyKeygenService.java | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/pki/base/kra/src/com/netscape/kra/NetkeyKeygenService.java b/pki/base/kra/src/com/netscape/kra/NetkeyKeygenService.java index 6f12a6714..00f219388 100644 --- a/pki/base/kra/src/com/netscape/kra/NetkeyKeygenService.java +++ b/pki/base/kra/src/com/netscape/kra/NetkeyKeygenService.java @@ -325,11 +325,12 @@ public class NetkeyKeygenService implements IService { byte iv[] = {0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1}; String iv_s =""; -/* - org.mozilla.jss.pkcs11.PK11SecureRandom random = - new org.mozilla.jss.pkcs11.PK11SecureRandom(); - random.nextBytes(iv); -*/ + try { + SecureRandom random = SecureRandom.getInstance("SHA1PRNG"); + random.nextBytes(iv); + } catch (Exception e) { + CMS.debug("NetkeyKeygenService.serviceRequest: "+ e.toString()); + } IVParameterSpec algParam = new IVParameterSpec(iv); @@ -515,7 +516,6 @@ public class NetkeyKeygenService implements IService { iv_s = /*base64Encode(iv);*/com.netscape.cmsutil.util.Utils.SpecialEncode(iv); request.setExtData("iv_s", iv_s); - /* * archival - option flag "archive" controllable by the caller - TPS */ |