summaryrefslogtreecommitdiffstats
path: root/base/common/src/com/netscape/cms/servlet/cert/CertRequestDAO.java
diff options
context:
space:
mode:
Diffstat (limited to 'base/common/src/com/netscape/cms/servlet/cert/CertRequestDAO.java')
-rw-r--r--base/common/src/com/netscape/cms/servlet/cert/CertRequestDAO.java25
1 files changed, 11 insertions, 14 deletions
diff --git a/base/common/src/com/netscape/cms/servlet/cert/CertRequestDAO.java b/base/common/src/com/netscape/cms/servlet/cert/CertRequestDAO.java
index 4d0fc38b2..d4785e957 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/CertRequestDAO.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/CertRequestDAO.java
@@ -21,6 +21,7 @@ import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
+import java.util.Map;
import java.util.Random;
import javax.servlet.ServletException;
@@ -29,7 +30,6 @@ import javax.ws.rs.core.UriInfo;
import com.netscape.certsrv.apps.CMS;
import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.Nonces;
import com.netscape.certsrv.ca.ICertificateAuthority;
import com.netscape.certsrv.cert.CertEnrollmentRequest;
import com.netscape.certsrv.cert.CertRequestInfo;
@@ -54,7 +54,6 @@ public class CertRequestDAO extends CMSRequestDAO {
private IRequestQueue queue;
private ICertificateAuthority ca;
IProfileSubsystem ps;
- private Nonces nonces = null;
private Random random = null;
public static final String ATTR_SERIALNO = "serialNumber";
@@ -65,7 +64,6 @@ public class CertRequestDAO extends CMSRequestDAO {
queue = ca.getRequestQueue();
if (ca.noncesEnabled()) {
random = new Random();
- nonces = ca.getNonces();
}
ps = (IProfileSubsystem) CMS.getSubsystem(IProfileSubsystem.ID);
}
@@ -141,20 +139,19 @@ public class CertRequestDAO extends CMSRequestDAO {
String profileId = request.getExtDataInString("profileId");
IProfile profile = ps.getProfile(profileId);
CertReviewResponse info = CertReviewResponseFactory.create(request, profile, uriInfo, locale);
- if (ca.noncesEnabled()) {
- addNonce(info, servletRequest);
- }
- return info;
- }
- private void addNonce(CertReviewResponse info, HttpServletRequest servletRequest) throws EBaseException {
- if (nonces != null) {
+ if (ca.noncesEnabled()) {
+ // generate nonce
long n = random.nextLong();
- long m = nonces.addNonce(n, Processor.getSSLClientCertificate(servletRequest));
- if ((n + m) != 0) {
- info.setNonce(Long.toString(m));
- }
+
+ // store nonce in session
+ Map<Object, Long> nonces = ca.getNonces(servletRequest, "cert-request");
+ nonces.put(info.getRequestId().toBigInteger(), n);
+
+ // return nonce to client
+ info.setNonce(Long.toString(n));
}
+ return info;
}
/**