From 875e5c8098b0c72d9c04b5886dde9f07299158f6 Mon Sep 17 00:00:00 2001 From: Marco Fargetta Date: Mon, 27 Nov 2023 12:04:13 +0100 Subject: [PATCH] Fix CRMFPopClient on FIPS environment When FIPS is enabled RSA key generation cannot have both temporary and sensitive to false. Since temporary is defined from a command option the sensitive is set to null so the default for the environment will be used (true if FIPS is enabled and false if FIPS is disabled). Fix BZ Bug 2250716 --- .../src/main/java/com/netscape/cmstools/CRMFPopClient.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/base/tools/src/main/java/com/netscape/cmstools/CRMFPopClient.java b/base/tools/src/main/java/com/netscape/cmstools/CRMFPopClient.java index b275baba80d..0125142d577 100644 --- a/base/tools/src/main/java/com/netscape/cmstools/CRMFPopClient.java +++ b/base/tools/src/main/java/com/netscape/cmstools/CRMFPopClient.java @@ -484,7 +484,6 @@ public static void main(String args[]) throws Exception { if (algorithm.equals("rsa")) { - boolean sens = false; boolean extract = true; Usage[] usages = CryptoUtil.RSA_KEYPAIR_USAGES; @@ -494,7 +493,7 @@ public static void main(String args[]) throws Exception { token, keySize, temporary, - sens, + null, extract, usages, usagesMask);