summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms')
-rw-r--r--pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java21
-rw-r--r--pki/base/common/src/com/netscape/cms/profile/input/EnrollInput.java10
2 files changed, 18 insertions, 13 deletions
diff --git a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java
index b60b73c9a..cc8789390 100644
--- a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java
+++ b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java
@@ -937,10 +937,16 @@ public abstract class EnrollProfile extends BasicProfile
sigver = CMS.getConfigStore().getBoolean("ca.requestVerify.enabled", true);
if (sigver) {
CMS.debug("EnrollProfile: parsePKCS10: signature verification enabled");
- String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token",
- "Internal Key Storage Token");
+ String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", "internal");
savedToken = cm.getThreadToken();
- CryptoToken signToken = cm.getTokenByName(tokenName);
+ CryptoToken signToken = null;
+ if (tokenName.equals("internal")) {
+ CMS.debug("EnrollProfile: parsePKCS10: use internal token");
+ signToken = cm.getInternalCryptoToken();
+ } else {
+ CMS.debug("EnrollProfile: parsePKCS10: tokenName="+ tokenName);
+ signToken = cm.getTokenByName(tokenName);
+ }
CMS.debug("EnrollProfile: parsePKCS10 setting thread token");
cm.setThreadToken(signToken);
pkcs10 = new PKCS10(data);
@@ -1365,15 +1371,14 @@ public abstract class EnrollProfile extends BasicProfile
try {
CryptoManager cm = CryptoManager.getInstance();
- String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token",
- "Internal Key Storage Token");
- CryptoToken verifyToken = cm.getTokenByName(tokenName);
- if (tokenName.equals("Internal Key Storage Token")) {
- //use internal token
+ CryptoToken verifyToken = null;
+ String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", "internal");
+ if (tokenName.equals("internal")) {
CMS.debug("POP verification using internal token");
certReqMsg.verify();
} else {
CMS.debug("POP verification using token:"+ tokenName);
+ verifyToken = cm.getTokenByName(tokenName);
certReqMsg.verify(verifyToken);
}
diff --git a/pki/base/common/src/com/netscape/cms/profile/input/EnrollInput.java b/pki/base/common/src/com/netscape/cms/profile/input/EnrollInput.java
index 949e58b1a..f704a2297 100644
--- a/pki/base/common/src/com/netscape/cms/profile/input/EnrollInput.java
+++ b/pki/base/common/src/com/netscape/cms/profile/input/EnrollInput.java
@@ -198,15 +198,15 @@ public abstract class EnrollInput implements IProfileInput {
}
CMS.debug("POP verification begins:");
CryptoManager cm = CryptoManager.getInstance();
- String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token",
- "Internal Key Storage Token");
- CryptoToken verifyToken = cm.getTokenByName(tokenName);
- if (tokenName.equals("Internal Key Storage Token")) {
- //use internal token
+
+ CryptoToken verifyToken = null;
+ String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", "internal");
+ if (tokenName.equals("internal")) {
CMS.debug("POP verification using internal token");
certReqMsg.verify();
} else {
CMS.debug("POP verification using token:"+ tokenName);
+ verifyToken = cm.getTokenByName(tokenName);
certReqMsg.verify(verifyToken);
}
generated by cgit (git 2.34.1) at 2024-07-04 18:21:08 +0000