diff options
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/request/KeyRequestService.java')
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/request/KeyRequestService.java | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/request/KeyRequestService.java b/base/server/cms/src/com/netscape/cms/servlet/request/KeyRequestService.java index dd27c2ac7..e2253b6e8 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/request/KeyRequestService.java +++ b/base/server/cms/src/com/netscape/cms/servlet/request/KeyRequestService.java @@ -162,12 +162,23 @@ public class KeyRequestService extends PKIService implements KeyRequestResource // auth and authz // Catch this before internal server processing has to deal with it - if (data == null || data.getClientKeyId() == null - || data.getWrappedPrivateData() == null - || data.getDataType() == null) { + if (data == null || data.getClientKeyId() == null || data.getDataType() == null) { throw new BadRequestException("Invalid key archival request."); } + if (data.getWrappedPrivateData() != null) { + if (data.getTransWrappedSessionKey() == null || + data.getAlgorithmOID() == null || + data.getSymmetricAlgorithmParams() == null) { + throw new BadRequestException( + "Invalid key archival request. " + + "Missing wrapped session key, algoriithmOIS or symmetric key parameters"); + } + } else if (data.getPKIArchiveOptions() == null) { + throw new BadRequestException( + "Invalid key archival request. No data to archive"); + } + if (data.getDataType().equals(KeyRequestResource.SYMMETRIC_KEY_TYPE)) { if ((data.getKeyAlgorithm() == null) || (! SYMKEY_TYPES.containsKey(data.getKeyAlgorithm()))) { |