From a5cbfd0fcd966604a5188352bb09042e3132eb32 Mon Sep 17 00:00:00 2001 From: Ade Lee Date: Tue, 28 Mar 2017 13:01:30 -0400 Subject: Fix retrieval for symmetric keys Up to now, we have only ever used the same algorithm (DES3_CBC) for key wrapping and encryption. With the change to use AES Keywrap and AES CBC, we need to know which mechanism was used to encrypt/wrap the secrets when returned to the client. This means passing back more information to the client with the key data, and also modifying the client to use this information to decode the data correctly. Change-Id: I7232085c1eedf38c63abad81db08acc912fa1da1 --- base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'base/java-tools/src/com/netscape/cmstools') diff --git a/base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java b/base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java index fafe956e7..901528c2f 100644 --- a/base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java +++ b/base/java-tools/src/com/netscape/cmstools/CRMFPopClient.java @@ -554,7 +554,7 @@ public class CRMFPopClient { EncryptionAlgorithm encryptAlg = null; String keyset = System.getenv("KEY_WRAP_PARAMETER_SET"); - if ((keyset != null) && (keyset.equalsIgnoreCase("0"))) { + if (keyset != null && keyset.equalsIgnoreCase("0")) { // talking to an old server? encryptAlg = EncryptionAlgorithm.DES3_CBC; } else { -- cgit