From 0505fc5833dfc17b69bcb12e2c28e4e07a7b339f Mon Sep 17 00:00:00 2001
From: Yuriy Movchan <Yuriy.Movchan@gmail.com>
Date: Fri, 29 Jul 2022 16:59:10 +0000
Subject: [PATCH] Revert "Check if BC FIPS provider exists before loading it"
---
opendj-server-legacy/src/main/java/org/opends/server/tools/InstallDS.java | 50 ++------------------------------------------------
1 files changed, 2 insertions(+), 48 deletions(-)
diff --git a/opendj-server-legacy/src/main/java/org/opends/server/tools/InstallDS.java b/opendj-server-legacy/src/main/java/org/opends/server/tools/InstallDS.java
index f5bf1a4..8410788 100644
--- a/opendj-server-legacy/src/main/java/org/opends/server/tools/InstallDS.java
+++ b/opendj-server-legacy/src/main/java/org/opends/server/tools/InstallDS.java
@@ -820,11 +820,6 @@
certType = SecurityOptions.CertificateType.PKCS12;
pathToCertificat = argParser.usePkcs12Arg.getValue();
}
- else if (argParser.useBcfksArg.isPresent())
- {
- certType = SecurityOptions.CertificateType.BCFKS;
- pathToCertificat = argParser.useBcfksArg.getValue();
- }
else
{
certType = SecurityOptions.CertificateType.NO_CERTIFICATE;
@@ -1597,12 +1592,6 @@
createSecurityOptionsPrompting(SecurityOptions.CertificateType.PKCS11,
enableSSL, enableStartTLS, ldapsPort);
}
- else if (argParser.useBcfksArg.isPresent())
- {
- securityOptions =
- createSecurityOptionsPrompting(SecurityOptions.CertificateType.BCFKS,
- enableSSL, enableStartTLS, ldapsPort);
- }
else if (!enableSSL && !enableStartTLS)
{
// If the user did not want to enable SSL or start TLS do not ask
@@ -1616,15 +1605,13 @@
final int JCEKS = 3;
final int PKCS12 = 4;
final int PKCS11 = 5;
- final int BCFKS = 6;
- final int[] indexes = {SELF_SIGNED, JKS, JCEKS, PKCS12, PKCS11, BCFKS};
+ final int[] indexes = {SELF_SIGNED, JKS, JCEKS, PKCS12, PKCS11};
final LocalizableMessage[] msgs = {
INFO_INSTALLDS_CERT_OPTION_SELF_SIGNED.get(),
INFO_INSTALLDS_CERT_OPTION_JKS.get(),
INFO_INSTALLDS_CERT_OPTION_JCEKS.get(),
INFO_INSTALLDS_CERT_OPTION_PKCS12.get(),
- INFO_INSTALLDS_CERT_OPTION_PKCS11.get(),
- INFO_INSTALLDS_CERT_OPTION_BCFKS.get()
+ INFO_INSTALLDS_CERT_OPTION_PKCS11.get()
};
final MenuBuilder<Integer> builder = new MenuBuilder<>(this);
@@ -1660,10 +1647,6 @@
builder.setDefault(LocalizableMessage.raw(String.valueOf(PKCS12)),
MenuResult.success(PKCS12));
break;
- case BCFKS:
- builder.setDefault(LocalizableMessage.raw(String.valueOf(BCFKS)),
- MenuResult.success(BCFKS));
- break;
default:
builder.setDefault(LocalizableMessage.raw(String.valueOf(SELF_SIGNED)),
MenuResult.success(SELF_SIGNED));
@@ -1722,13 +1705,6 @@
SecurityOptions.CertificateType.PKCS11, enableSSL,
enableStartTLS, ldapsPort);
}
- else if (certType == BCFKS)
- {
- securityOptions =
- createSecurityOptionsPrompting(
- SecurityOptions.CertificateType.BCFKS, enableSSL,
- enableStartTLS, ldapsPort);
- }
else
{
throw new IllegalStateException("Unexpected cert type: "+ certType);
@@ -1876,13 +1852,6 @@
pwd);
break;
- case BCFKS:
- certManager = new CertificateManager(
- path,
- CertificateManager.KEY_STORE_TYPE_BCFKS,
- pwd);
- break;
-
default:
throw new IllegalArgumentException("Invalid type: "+type);
}
@@ -1904,9 +1873,6 @@
case PKCS11:
errorMessages.add(INFO_PKCS11_KEYSTORE_DOES_NOT_EXIST.get());
break;
- case BCFKS:
- errorMessages.add(INFO_BCFKS_KEYSTORE_DOES_NOT_EXIST.get());
- break;
default:
throw new IllegalArgumentException("Invalid type: "+type);
}
@@ -2034,15 +2000,6 @@
}
pathPrompt = INFO_INSTALLDS_PROMPT_PKCS12_PATH.get();
break;
- case BCFKS:
- path = argParser.useBcfksArg.getValue();
- defaultPathValue = argParser.useBcfksArg.getValue();
- if (defaultPathValue == null)
- {
- defaultPathValue = lastResetKeyStorePath;
- }
- pathPrompt = INFO_INSTALLDS_PROMPT_BCFKS_PATH.get();
- break;
default:
throw new IllegalStateException(
"Called promptIfRequiredCertificate with invalid type: "+type);
@@ -2138,9 +2095,6 @@
certNicknames);
case PKCS11:
return SecurityOptions.createPKCS11CertificateOptions(pwd, enableSSL, enableStartTLS, ldapsPort, certNicknames);
- case BCFKS:
- return SecurityOptions.createBCFKSCertificateOptions(path, pwd, enableSSL, enableStartTLS, ldapsPort,
- certNicknames);
default:
throw new IllegalStateException("Called createSecurityOptionsPrompting with invalid type: " + type);
}
--
Gitblit v1.10.0