diff options
6 files changed, 12 insertions, 43 deletions
diff --git a/base/ca/shared/webapps/ca/agent/ca/displayBySerial.template b/base/ca/shared/webapps/ca/agent/ca/displayBySerial.template index 3b58a4779..e02fe30eb 100644 --- a/base/ca/shared/webapps/ca/agent/ca/displayBySerial.template +++ b/base/ca/shared/webapps/ca/agent/ca/displayBySerial.template @@ -192,9 +192,9 @@ Base 64 encoded certificate with CA certificate chain in pkcs7 format </font> <p><pre> <SCRIPT type="text/javascript"> -document.writeln('-----BEGIN CERTIFICATE CHAIN-----'); +document.writeln('-----BEGIN PKCS7-----'); document.write(result.header.pkcs7ChainBase64); -document.writeln('-----END CERTIFICATE CHAIN-----'); +document.writeln('-----END PKCS7-----'); </SCRIPT> </pre> diff --git a/base/ca/shared/webapps/ca/agent/ca/displayBySerial2.template b/base/ca/shared/webapps/ca/agent/ca/displayBySerial2.template index 7923f4153..f0604ef7f 100644 --- a/base/ca/shared/webapps/ca/agent/ca/displayBySerial2.template +++ b/base/ca/shared/webapps/ca/agent/ca/displayBySerial2.template @@ -98,9 +98,9 @@ Base 64 encoded certificate </font> <p><pre> <SCRIPT type="text/javascript"> -document.writeln('-----BEGIN CERTIFICATE CHAIN-----'); +document.writeln('-----BEGIN PKCS7-----'); document.write(result.header.certChainBase64); -document.writeln('-----END CERTIFICATE CHAIN-----'); +document.writeln('-----END PKCS7-----'); </SCRIPT> </pre> diff --git a/base/ca/shared/webapps/ca/agent/ca/displayCertFromRequest.template b/base/ca/shared/webapps/ca/agent/ca/displayCertFromRequest.template index f1148570c..402154037 100644 --- a/base/ca/shared/webapps/ca/agent/ca/displayCertFromRequest.template +++ b/base/ca/shared/webapps/ca/agent/ca/displayCertFromRequest.template @@ -102,9 +102,9 @@ function displayCert(cert) 'Base 64 encoded certificate with CA certificate chain in pkcs7 format'+ '</font>'+ '<p><pre>'+ - '-----BEGIN CERTIFICATE CHAIN-----'); + '-----BEGIN PKCS7-----'); document.writeln(cert.pkcs7ChainBase64); - document.writeln('-----END CERTIFICATE CHAIN-----'+ + document.writeln('-----END PKCS7-----'+ '</pre>'); } diff --git a/base/ca/shared/webapps/ca/ee/ca/displayBySerial.template b/base/ca/shared/webapps/ca/ee/ca/displayBySerial.template index d1e65fa63..33bc45f22 100644 --- a/base/ca/shared/webapps/ca/ee/ca/displayBySerial.template +++ b/base/ca/shared/webapps/ca/ee/ca/displayBySerial.template @@ -117,9 +117,9 @@ Base 64 encoded certificate with CA certificate chain in pkcs7 format </font> <p><pre> <SCRIPT LANGUAUGE="JavaScript"> -document.writeln('-----BEGIN CERTIFICATE CHAIN-----'); +document.writeln('-----BEGIN PKCS7-----'); document.write(result.header.pkcs7ChainBase64); -document.writeln('-----END CERTIFICATE CHAIN-----'); +document.writeln('-----END PKCS7-----'); </SCRIPT> </pre> diff --git a/base/ca/shared/webapps/ca/ee/ca/displayCaCert.template b/base/ca/shared/webapps/ca/ee/ca/displayCaCert.template index 49a91af11..3e6a44da7 100644 --- a/base/ca/shared/webapps/ca/ee/ca/displayCaCert.template +++ b/base/ca/shared/webapps/ca/ee/ca/displayCaCert.template @@ -43,9 +43,9 @@ if (result.header.displayFormat == "chain") { document.writeln('<center><b>' + result.header.subjectdn); document.writeln('</b></center><p></font><br>'); document.writeln('<pre>'); - document.writeln('-----BEGIN CERTIFICATE CHAIN-----'); + document.writeln('-----BEGIN PKCS7-----'); document.write(result.header.chainBase64); - document.writeln('-----END CERTIFICATE CHAIN-----'); + document.writeln('-----END PKCS7-----'); document.writeln('</pre>'); } else if (result.header.displayFormat == "individual") { if (result.recordSet.length == 0) { diff --git a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java index 2a3f95528..e98027dce 100644 --- a/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java +++ b/base/util/src/com/netscape/cmsutil/crypto/CryptoUtil.java @@ -1116,46 +1116,15 @@ public class CryptoUtil { if (s == null) { return s; } - s = s.replaceAll("-----BEGIN CERTIFICATE REQUEST-----", ""); - s = s.replaceAll("-----BEGIN NEW CERTIFICATE REQUEST-----", ""); - s = s.replaceAll("-----END CERTIFICATE REQUEST-----", ""); - s = s.replaceAll("-----END NEW CERTIFICATE REQUEST-----", ""); - s = s.replaceAll("-----BEGIN CERTIFICATE-----", ""); - s = s.replaceAll("-----END CERTIFICATE-----", ""); - s = s.replaceAll("-----BEGIN CERTIFICATE CHAIN-----", ""); - s = s.replaceAll("-----END CERTIFICATE CHAIN-----", ""); + // grammar defined at https://tools.ietf.org/html/rfc7468#section-3 + s = s.replaceAll("-----(BEGIN|END) [\\p{Print}&&[^- ]]([- ]?[\\p{Print}&&[^- ]])*-----", ""); StringBuffer sb = new StringBuffer(); StringTokenizer st = new StringTokenizer(s, "\r\n "); while (st.hasMoreTokens()) { String nextLine = st.nextToken(); - nextLine = nextLine.trim(); - if (nextLine.equals("-----BEGIN CERTIFICATE REQUEST-----")) { - continue; - } - if (nextLine.equals("-----BEGIN NEW CERTIFICATE REQUEST-----")) { - continue; - } - if (nextLine.equals("-----END CERTIFICATE REQUEST-----")) { - continue; - } - if (nextLine.equals("-----END NEW CERTIFICATE REQUEST-----")) { - continue; - } - if (nextLine.equals("-----BEGIN CERTIFICATE-----")) { - continue; - } - if (nextLine.equals("-----END CERTIFICATE-----")) { - continue; - } - if (nextLine.equals("-----BEGIN CERTIFICATE CHAIN-----")) { - continue; - } - if (nextLine.equals("-----END CERTIFICATE CHAIN-----")) { - continue; - } sb.append(nextLine); } return sb.toString(); |