diff options
Diffstat (limited to 'base/server/cms/src/com/netscape/cms')
11 files changed, 56 insertions, 51 deletions
diff --git a/base/server/cms/src/com/netscape/cms/authentication/CMCAuth.java b/base/server/cms/src/com/netscape/cms/authentication/CMCAuth.java index 67938af5d..3f46d918d 100644 --- a/base/server/cms/src/com/netscape/cms/authentication/CMCAuth.java +++ b/base/server/cms/src/com/netscape/cms/authentication/CMCAuth.java @@ -36,15 +36,8 @@ import java.util.Hashtable; import java.util.Locale; import java.util.Vector; -import netscape.security.pkcs.PKCS10; -import netscape.security.x509.X500Name; -import netscape.security.x509.X509CertImpl; -import netscape.security.x509.X509CertInfo; -import netscape.security.x509.X509Key; import org.mozilla.jss.CryptoManager; import org.mozilla.jss.CryptoManager.NotInitializedException; -import org.mozilla.jss.crypto.CryptoToken; -import org.mozilla.jss.crypto.PrivateKey; import org.mozilla.jss.asn1.ASN1Util; import org.mozilla.jss.asn1.INTEGER; import org.mozilla.jss.asn1.InvalidBERException; @@ -52,10 +45,12 @@ import org.mozilla.jss.asn1.OBJECT_IDENTIFIER; import org.mozilla.jss.asn1.OCTET_STRING; import org.mozilla.jss.asn1.SEQUENCE; import org.mozilla.jss.asn1.SET; +import org.mozilla.jss.crypto.CryptoToken; import org.mozilla.jss.crypto.DigestAlgorithm; +import org.mozilla.jss.crypto.PrivateKey; import org.mozilla.jss.pkcs10.CertificationRequest; -import org.mozilla.jss.pkcs11.PK11PubKey; import org.mozilla.jss.pkcs11.PK11ECPublicKey; +import org.mozilla.jss.pkcs11.PK11PubKey; import org.mozilla.jss.pkix.cert.Certificate; import org.mozilla.jss.pkix.cert.CertificateInfo; import org.mozilla.jss.pkix.cmc.PKIData; @@ -91,8 +86,15 @@ import com.netscape.certsrv.profile.IProfileAuthenticator; import com.netscape.certsrv.property.Descriptor; import com.netscape.certsrv.property.IDescriptor; import com.netscape.certsrv.request.IRequest; +import com.netscape.cmsutil.crypto.CryptoUtil; import com.netscape.cmsutil.util.Utils; +import netscape.security.pkcs.PKCS10; +import netscape.security.x509.X500Name; +import netscape.security.x509.X509CertImpl; +import netscape.security.x509.X509CertInfo; +import netscape.security.x509.X509Key; + //import com.netscape.cmscore.util.*; ////////////////////// // class definition // @@ -515,9 +517,9 @@ public class CMCAuth implements IAuthManager, IExtendedPluginInfo, cm = CryptoManager.getInstance(); if (sigver == true) { String tokenName = - CMS.getConfigStore().getString("ca.requestVerify.token", "internal"); + CMS.getConfigStore().getString("ca.requestVerify.token", CryptoUtil.INTERNAL_TOKEN_NAME); savedToken = cm.getThreadToken(); - if (tokenName.equals("internal")) { + if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) { signToken = cm.getInternalCryptoToken(); } else { signToken = cm.getTokenByName(tokenName); @@ -914,7 +916,7 @@ public class CMCAuth implements IAuthManager, IExtendedPluginInfo, CMS.debug("CMCAuth: signing key alg=EC"); keyType = PrivateKey.EC; byte publicKeyData[] = ((X509Key) signKey).getEncoded(); - pubK = (PK11PubKey) PK11ECPublicKey.fromSPKI(/*keyType,*/ publicKeyData); + pubK = PK11ECPublicKey.fromSPKI(/*keyType,*/ publicKeyData); } else if (alg.equals("DSA")) { CMS.debug("CMCAuth: signing key alg=DSA"); keyType = PrivateKey.DSA; @@ -922,9 +924,9 @@ public class CMCAuth implements IAuthManager, IExtendedPluginInfo, } String tokenName = - CMS.getConfigStore().getString("ca.requestVerify.token", "internal"); + CMS.getConfigStore().getString("ca.requestVerify.token", CryptoUtil.INTERNAL_TOKEN_NAME); // by default JSS will use internal crypto token - if (!tokenName.equals("internal")) { + if (!tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) { savedToken = cm.getThreadToken(); signToken = cm.getTokenByName(tokenName); if(signToken != null) { diff --git a/base/server/cms/src/com/netscape/cms/profile/common/EnrollProfile.java b/base/server/cms/src/com/netscape/cms/profile/common/EnrollProfile.java index fbb982629..47e886361 100644 --- a/base/server/cms/src/com/netscape/cms/profile/common/EnrollProfile.java +++ b/base/server/cms/src/com/netscape/cms/profile/common/EnrollProfile.java @@ -74,6 +74,7 @@ import com.netscape.certsrv.profile.IEnrollProfile; import com.netscape.certsrv.profile.IProfileContext; import com.netscape.certsrv.request.IRequest; import com.netscape.certsrv.request.IRequestQueue; +import com.netscape.cmsutil.crypto.CryptoUtil; import com.netscape.cmsutil.util.HMACDigest; import netscape.security.pkcs.PKCS10; @@ -699,9 +700,9 @@ public abstract class EnrollProfile extends BasicProfile cm = CryptoManager.getInstance(); if (sigver == true) { String tokenName = - CMS.getConfigStore().getString("ca.requestVerify.token", "internal"); + CMS.getConfigStore().getString("ca.requestVerify.token", CryptoUtil.INTERNAL_TOKEN_NAME); savedToken = cm.getThreadToken(); - if (tokenName.equals("internal")) { + if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) { signToken = cm.getInternalCryptoToken(); } else { signToken = cm.getTokenByName(tokenName); @@ -1054,10 +1055,10 @@ public abstract class EnrollProfile extends BasicProfile sigver = CMS.getConfigStore().getBoolean("ca.requestVerify.enabled", true); if (sigver) { CMS.debug("EnrollProfile: parsePKCS10: signature verification enabled"); - String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", "internal"); + String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", CryptoUtil.INTERNAL_TOKEN_NAME); savedToken = cm.getThreadToken(); CryptoToken signToken = null; - if (tokenName.equals("internal")) { + if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) { CMS.debug("EnrollProfile: parsePKCS10: use internal token"); signToken = cm.getInternalCryptoToken(); } else { @@ -1507,8 +1508,8 @@ public abstract class EnrollProfile extends BasicProfile try { CryptoManager cm = CryptoManager.getInstance(); CryptoToken verifyToken = null; - String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", "internal"); - if (tokenName.equals("internal")) { + String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", CryptoUtil.INTERNAL_TOKEN_NAME); + if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) { CMS.debug("POP verification using internal token"); certReqMsg.verify(); } else { diff --git a/base/server/cms/src/com/netscape/cms/profile/input/EnrollInput.java b/base/server/cms/src/com/netscape/cms/profile/input/EnrollInput.java index b4ed31223..3ec74eda2 100644 --- a/base/server/cms/src/com/netscape/cms/profile/input/EnrollInput.java +++ b/base/server/cms/src/com/netscape/cms/profile/input/EnrollInput.java @@ -39,6 +39,7 @@ import com.netscape.certsrv.property.EPropertyException; import com.netscape.certsrv.property.IDescriptor; import com.netscape.certsrv.request.IRequest; import com.netscape.cms.profile.common.EnrollProfile; +import com.netscape.cmsutil.crypto.CryptoUtil; /** * This class implements the base enrollment input. @@ -206,8 +207,8 @@ public abstract class EnrollInput implements IProfileInput { CryptoManager cm = CryptoManager.getInstance(); CryptoToken verifyToken = null; - String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", "internal"); - if (tokenName.equals("internal")) { + String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", CryptoUtil.INTERNAL_TOKEN_NAME); + if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) { CMS.debug("POP verification using internal token"); certReqMsg.verify(); } else { diff --git a/base/server/cms/src/com/netscape/cms/publish/publishers/OCSPPublisher.java b/base/server/cms/src/com/netscape/cms/publish/publishers/OCSPPublisher.java index bfdcc7530..45aae2495 100644 --- a/base/server/cms/src/com/netscape/cms/publish/publishers/OCSPPublisher.java +++ b/base/server/cms/src/com/netscape/cms/publish/publishers/OCSPPublisher.java @@ -145,7 +145,7 @@ public class OCSPPublisher implements ILdapPublisher, IExtendedPluginInfo { try { nickname = config.getString("ca.subsystem.nickname", ""); String tokenname = config.getString("ca.subsystem.tokenname", ""); - if (!tokenname.equals("internal") && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) + if (!tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME) && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) nickname = tokenname + ":" + nickname; } catch (Exception e) { } diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java index 5acedbc0d..d652963b1 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java @@ -764,7 +764,7 @@ public class CertUtil { String fullnickname = nickname; - if (!tokenname.equals("internal") && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) { + if (!tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME) && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) { fullnickname = tokenname + ":" + nickname; } diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java index c7014a2a4..65bd371eb 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java @@ -998,7 +998,7 @@ public class ConfigurationUtils { String name1 = "preop.master." + tag + ".nickname"; String nickname = cs.getString(name1, ""); if (!tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME) && - !tokenname.equals("internal")) + !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) nickname = tokenname + ":" + nickname; CMS.debug("ConfigurationUtils.verifySystemCertificates(): checking certificate " + nickname); @@ -2342,7 +2342,7 @@ public class ConfigurationUtils { CryptoManager cm = CryptoManager.getInstance(); if (token != null) { - if (!token.equals("internal") && !token.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) + if (!token.equals(CryptoUtil.INTERNAL_TOKEN_NAME) && !token.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) nickname = token + ":" + nickname; } @@ -3332,7 +3332,7 @@ public class ConfigurationUtils { if (certTag.equals("signing") && subsystem.equals("ca")) { String NickName = nickname; - if (!tokenname.equals("internal") && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) + if (!tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME) && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) NickName = tokenname + ":" + nickname; CMS.debug("handleCerts(): set trust on CA signing cert " + NickName); @@ -3375,7 +3375,7 @@ public class ConfigurationUtils { String fullnickname = nickname; boolean hardware = false; - if (!tokenname.equals("internal") && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) { + if (!tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME) && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) { hardware = true; fullnickname = tokenname + ":" + nickname; } @@ -3439,7 +3439,7 @@ public class ConfigurationUtils { String fullnickname = nickname; if (!tokenname.equals("") && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME) && - !tokenname.equals("internal")) + !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) fullnickname = tokenname + ":" + nickname; CMS.debug("deleteCert: nickname=" + fullnickname); @@ -3999,7 +3999,7 @@ public class ConfigurationUtils { if (!tokenname.equals("") && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME) && - !tokenname.equals("internal")) { + !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) { nickname = tokenname + ":" + nickname; } CMS.debug("updateDomainXML() nickname=" + nickname); @@ -4574,7 +4574,7 @@ public class ConfigurationUtils { String nickname = cs.getString("preop.cert.subsystem.nickname", ""); String tokenname = cs.getString("preop.module.token", ""); - if (!tokenname.equals("internal") && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME) + if (!tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME) && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME) && !tokenname.equals("")) { nickname = tokenname + ":" + nickname; } diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java index aa5c830a3..6bb0746b7 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java @@ -70,7 +70,7 @@ public class GetSubsystemCert extends CMSServlet { try { nickname = cs.getString("ca.subsystem.nickname", ""); String tokenname = cs.getString("ca.subsystem.tokenname", ""); - if (!tokenname.equals("internal") && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) + if (!tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME) && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) nickname = tokenname + ":" + nickname; } catch (Exception e) { } diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java index 12bb3d41b..d5b552be8 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java @@ -108,7 +108,7 @@ public class UpdateOCSPConfig extends CMSServlet { try { nickname = cs.getString("ca.subsystem.nickname", ""); String tokenname = cs.getString("ca.subsystem.tokenname", ""); - if (!tokenname.equals("internal") && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) + if (!tokenname.equals(CryptoUtil.INTERNAL_TOKEN_NAME) && !tokenname.equals(CryptoUtil.INTERNAL_TOKEN_FULL_NAME)) nickname = tokenname + ":" + nickname; } catch (Exception e) { } diff --git a/base/server/cms/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java b/base/server/cms/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java index ac1aad373..d4e8f92b6 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java +++ b/base/server/cms/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java @@ -29,10 +29,6 @@ import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import netscape.security.x509.X509CRLImpl; -import netscape.security.x509.X509CertImpl; -import netscape.security.x509.X509ExtensionException; - import org.mozilla.jss.CryptoManager; import org.mozilla.jss.crypto.CryptoToken; @@ -54,8 +50,13 @@ import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.CMSTemplate; import com.netscape.cms.servlet.common.CMSTemplateParams; import com.netscape.cms.servlet.common.ECMSGWException; +import com.netscape.cmsutil.crypto.CryptoUtil; import com.netscape.cmsutil.util.Cert; +import netscape.security.x509.X509CRLImpl; +import netscape.security.x509.X509CertImpl; +import netscape.security.x509.X509ExtensionException; + /** * Update the OCSP responder with a new CRL * @@ -353,9 +354,9 @@ public class AddCRLServlet extends CMSServlet { CMS.debug("AddCRLServlet: start verify"); String tokenName = - CMS.getConfigStore().getString("ocsp.crlVerify.token", "internal"); + CMS.getConfigStore().getString("ocsp.crlVerify.token", CryptoUtil.INTERNAL_TOKEN_NAME); savedToken = cmanager.getThreadToken(); - if (tokenName.equals("internal")) { + if (tokenName.equals(CryptoUtil.INTERNAL_TOKEN_NAME)) { verToken = cmanager.getInternalCryptoToken(); } else { verToken = cmanager.getTokenByName(tokenName); diff --git a/base/server/cms/src/com/netscape/cms/servlet/tks/SecureChannelProtocol.java b/base/server/cms/src/com/netscape/cms/servlet/tks/SecureChannelProtocol.java index 6dfd1d2a2..a5cae347b 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/tks/SecureChannelProtocol.java +++ b/base/server/cms/src/com/netscape/cms/servlet/tks/SecureChannelProtocol.java @@ -27,12 +27,12 @@ import org.mozilla.jss.crypto.SymmetricKey.NotExtractableException; import org.mozilla.jss.crypto.SymmetricKeyDeriver; import org.mozilla.jss.crypto.TokenException; -import sun.security.pkcs11.wrapper.PKCS11Constants; - import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.EBaseException; import com.netscape.cmsutil.crypto.CryptoUtil; +import sun.security.pkcs11.wrapper.PKCS11Constants; + public class SecureChannelProtocol { static String sharedSecretKeyName = null; @@ -218,7 +218,7 @@ public class SecureChannelProtocol { try { cm = CryptoManager.getInstance(); token = returnTokenByName(selectedToken, cm); - internalToken = returnTokenByName("internal", cm); + internalToken = returnTokenByName(CryptoUtil.INTERNAL_TOKEN_NAME, cm); } catch (NotInitializedException e) { CMS.debug(method + " " + e); throw new EBaseException(e); @@ -376,7 +376,7 @@ public class SecureChannelProtocol { CryptoManager cm = null; try { cm = CryptoManager.getInstance(); - internalToken = returnTokenByName("internal", cm); + internalToken = returnTokenByName(CryptoUtil.INTERNAL_TOKEN_NAME, cm); finalToken = internalToken; } catch (NotInitializedException e) { CMS.debug(method + " " + e); diff --git a/base/server/cms/src/com/netscape/cms/servlet/tks/TokenServlet.java b/base/server/cms/src/com/netscape/cms/servlet/tks/TokenServlet.java index a2a797534..39cd429df 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/tks/TokenServlet.java +++ b/base/server/cms/src/com/netscape/cms/servlet/tks/TokenServlet.java @@ -471,7 +471,7 @@ public class TokenServlet extends CMSServlet { String mappingValue = CMS.getConfigStore().getString(keyInfoMap, null); if (mappingValue == null) { selectedToken = - CMS.getConfigStore().getString("tks.defaultSlot", "internal"); + CMS.getConfigStore().getString("tks.defaultSlot", CryptoUtil.INTERNAL_TOKEN_NAME); keyNickName = rKeyInfo; } else { StringTokenizer st = new StringTokenizer(mappingValue, ":"); @@ -491,7 +491,7 @@ public class TokenServlet extends CMSServlet { if (mappingValue == null) { try { selectedToken = - CMS.getConfigStore().getString("tks.defaultSlot", "internal"); + CMS.getConfigStore().getString("tks.defaultSlot", CryptoUtil.INTERNAL_TOKEN_NAME); } catch (EBaseException e) { e.printStackTrace(); @@ -597,7 +597,7 @@ public class TokenServlet extends CMSServlet { if (useSoftToken_s.equals("true")) { CMS.debug("TokenServlet.computeSessionKeySCP02: key encryption key generated on internal"); - desKey = SessionKey.GenerateSymkey("internal"); + desKey = SessionKey.GenerateSymkey(CryptoUtil.INTERNAL_TOKEN_NAME); } else { CMS.debug("TokenServlet.computeSessionKeySCP02: key encryption key generated on " @@ -1075,7 +1075,7 @@ public class TokenServlet extends CMSServlet { String mappingValue = CMS.getConfigStore().getString(keyInfoMap, null); if (mappingValue == null) { selectedToken = - CMS.getConfigStore().getString("tks.defaultSlot", "internal"); + CMS.getConfigStore().getString("tks.defaultSlot", CryptoUtil.INTERNAL_TOKEN_NAME); keyNickName = rKeyInfo; } else { StringTokenizer st = new StringTokenizer(mappingValue, ":"); @@ -1179,7 +1179,7 @@ public class TokenServlet extends CMSServlet { CMS.debug("TokenServlet: key encryption key generated on internal"); //cfu audit here? sym key gen - desKey = protocol.generateSymKey("internal"); + desKey = protocol.generateSymKey(CryptoUtil.INTERNAL_TOKEN_NAME); //cfu audit here? sym key gen done } else { CMS.debug("TokenServlet: key encryption key generated on " + selectedToken); @@ -1772,7 +1772,7 @@ public class TokenServlet extends CMSServlet { String oldMappingValue = CMS.getConfigStore().getString(oldKeyInfoMap, null); String oldSelectedToken = null; if (oldMappingValue == null) { - oldSelectedToken = CMS.getConfigStore().getString("tks.defaultSlot", "internal"); + oldSelectedToken = CMS.getConfigStore().getString("tks.defaultSlot", CryptoUtil.INTERNAL_TOKEN_NAME); oldKeyNickName = req.getParameter(IRemoteRequest.TOKEN_KEYINFO); } else { StringTokenizer st = new StringTokenizer(oldMappingValue, ":"); @@ -1784,7 +1784,7 @@ public class TokenServlet extends CMSServlet { String newMappingValue = CMS.getConfigStore().getString(newKeyInfoMap, null); String newSelectedToken = null; if (newMappingValue == null) { - newSelectedToken = CMS.getConfigStore().getString("tks.defaultSlot", "internal"); + newSelectedToken = CMS.getConfigStore().getString("tks.defaultSlot", CryptoUtil.INTERNAL_TOKEN_NAME); newKeyNickName = rnewKeyInfo; } else { StringTokenizer st = new StringTokenizer(newMappingValue, ":"); @@ -2108,7 +2108,7 @@ public class TokenServlet extends CMSServlet { String keyInfoMap = "tks." + keySet + ".mk_mappings." + rKeyInfo; String mappingValue = CMS.getConfigStore().getString(keyInfoMap, null); if (mappingValue == null) { - selectedToken = CMS.getConfigStore().getString("tks.defaultSlot", "internal"); + selectedToken = CMS.getConfigStore().getString("tks.defaultSlot", CryptoUtil.INTERNAL_TOKEN_NAME); keyNickName = rKeyInfo; } else { StringTokenizer st = new StringTokenizer(mappingValue, ":"); @@ -2451,7 +2451,7 @@ public class TokenServlet extends CMSServlet { String symmKeys = null; boolean keyPresent = false; try { - symmKeys = SessionKey.ListSymmetricKeys("internal"); + symmKeys = SessionKey.ListSymmetricKeys(CryptoUtil.INTERNAL_TOKEN_NAME); CMS.debug("TokenServlet.getSharedSecretTransportKey: symmKeys List: " + symmKeys); } catch (Exception e) { // TODO Auto-generated catch block |