From 0acd942a0ff6558eb2b34b97188c7f80603911df Mon Sep 17 00:00:00 2001 From: cfu Date: Sat, 22 Oct 2011 19:09:25 +0000 Subject: Bug 744797 - KRA key recovery (retrieve pkcs#12) fails after the in-place upgrade( CS 8.0->8.1) git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2274 c9f7a03b-bd48-0410-a16d-cbbf54688b0b --- .../netscape/cms/profile/common/EnrollProfile.java | 21 +++++++++++++-------- .../com/netscape/cms/profile/input/EnrollInput.java | 10 +++++----- 2 files changed, 18 insertions(+), 13 deletions(-) (limited to 'pki/base/common') diff --git a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java index b60b73c9a..cc8789390 100644 --- a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java +++ b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java @@ -937,10 +937,16 @@ public abstract class EnrollProfile extends BasicProfile sigver = CMS.getConfigStore().getBoolean("ca.requestVerify.enabled", true); if (sigver) { CMS.debug("EnrollProfile: parsePKCS10: signature verification enabled"); - String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", - "Internal Key Storage Token"); + String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", "internal"); savedToken = cm.getThreadToken(); - CryptoToken signToken = cm.getTokenByName(tokenName); + CryptoToken signToken = null; + if (tokenName.equals("internal")) { + CMS.debug("EnrollProfile: parsePKCS10: use internal token"); + signToken = cm.getInternalCryptoToken(); + } else { + CMS.debug("EnrollProfile: parsePKCS10: tokenName="+ tokenName); + signToken = cm.getTokenByName(tokenName); + } CMS.debug("EnrollProfile: parsePKCS10 setting thread token"); cm.setThreadToken(signToken); pkcs10 = new PKCS10(data); @@ -1365,15 +1371,14 @@ public abstract class EnrollProfile extends BasicProfile try { CryptoManager cm = CryptoManager.getInstance(); - String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", - "Internal Key Storage Token"); - CryptoToken verifyToken = cm.getTokenByName(tokenName); - if (tokenName.equals("Internal Key Storage Token")) { - //use internal token + CryptoToken verifyToken = null; + String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", "internal"); + if (tokenName.equals("internal")) { CMS.debug("POP verification using internal token"); certReqMsg.verify(); } else { CMS.debug("POP verification using token:"+ tokenName); + verifyToken = cm.getTokenByName(tokenName); certReqMsg.verify(verifyToken); } diff --git a/pki/base/common/src/com/netscape/cms/profile/input/EnrollInput.java b/pki/base/common/src/com/netscape/cms/profile/input/EnrollInput.java index 949e58b1a..f704a2297 100644 --- a/pki/base/common/src/com/netscape/cms/profile/input/EnrollInput.java +++ b/pki/base/common/src/com/netscape/cms/profile/input/EnrollInput.java @@ -198,15 +198,15 @@ public abstract class EnrollInput implements IProfileInput { } CMS.debug("POP verification begins:"); CryptoManager cm = CryptoManager.getInstance(); - String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", - "Internal Key Storage Token"); - CryptoToken verifyToken = cm.getTokenByName(tokenName); - if (tokenName.equals("Internal Key Storage Token")) { - //use internal token + + CryptoToken verifyToken = null; + String tokenName = CMS.getConfigStore().getString("ca.requestVerify.token", "internal"); + if (tokenName.equals("internal")) { CMS.debug("POP verification using internal token"); certReqMsg.verify(); } else { CMS.debug("POP verification using token:"+ tokenName); + verifyToken = cm.getTokenByName(tokenName); certReqMsg.verify(verifyToken); } -- cgit