Search in sources :

Example 1 with NoSuchTokenException

use of org.mozilla.jss.NoSuchTokenException in project jss by dogtagpki.

the class SelfTest method main.

public static void main(String[] args) throws Throwable {
    CryptoToken tok;
    CryptoToken intTok;
    CryptoManager manager;
    Password pass1 = null, pass2 = null;
    java.security.KeyPair keyPair;
    char[] passchar1 = { 'f', 'o', 'o', 'b', 'a', 'r' };
    char[] passchar2 = { 'n', 'e', 't', 's', 'c', 'a', 'p', 'e' };
    if (args.length != 1) {
        System.err.println("Usage: java ...SelfTest <dbdir>");
        return;
    }
    try {
        manager = CryptoManager.getInstance();
    } catch (NotInitializedException e) {
        System.out.println("CryptoManager not initialized");
        return;
    }
    try {
        tok = manager.getTokenByName("asdffda");
        System.out.println("ERROR: found a nonexistent token");
    } catch (NoSuchTokenException e) {
        System.out.println("Good, could not find non-existent token");
    }
    try {
        Enumeration<PK11Module> modules = manager.getModules();
        System.out.println("Modules:");
        while (modules.hasMoreElements()) {
            System.out.println("\t" + modules.nextElement().getName());
        }
        Enumeration<CryptoToken> tokens = manager.getAllTokens();
        System.out.println("All Tokens:");
        while (tokens.hasMoreElements()) {
            System.out.println("\t" + tokens.nextElement().getName());
        }
        Enumeration<CryptoToken> extTokens = manager.getExternalTokens();
        System.out.println("External Tokens:");
        while (extTokens.hasMoreElements()) {
            System.out.println("\t" + extTokens.nextElement().getName());
        }
        tok = manager.getTokenByName("Internal Key Storage Token");
        System.out.println("Good, found internal DB token");
        if (tok.equals(manager.getInternalKeyStorageToken())) {
            System.out.println("Good, it really is the key storage token");
        } else {
            System.out.println("ERROR: it's not the same as the key " + "storage token!");
        }
        if (((PK11Token) tok).isInternalKeyStorageToken()) {
            System.out.println("Good, " + tok.getName() + " knows " + "what it is");
        } else {
            System.out.println("ERROR: " + tok.getName() + " doesn't know" + " it is key storage token");
        }
        intTok = manager.getInternalCryptoToken();
        if (((PK11Token) intTok).isInternalCryptoToken()) {
            System.out.println("Good, " + tok.getName() + " knows it is the internal token");
        } else {
            System.out.println("ERROR: " + tok.getName() + " doesn't know what that it is the internal token");
        }
        if (tok.isLoggedIn() == false) {
            System.out.println("Good, isLoggedIn correctly says we're" + " not logged in");
        } else {
            System.out.println("ERROR: isLoggedIn incorrectly says we're" + " logged in");
        }
        System.out.println("Good, successfully opened token \"" + tok.getName() + "\"");
        pass1 = new Password(passchar1.clone());
        pass2 = new Password(new char[] { 0 });
        tok.initPassword(pass2, pass1);
        pass1.clear();
        pass2.clear();
        System.out.println("Good, initialized PIN");
        tok.logout();
        try {
            pass1 = new Password(passchar2.clone());
            tok.login(pass1);
            System.out.println("ERROR: Successfully logged in with wrong" + " PIN");
        } catch (IncorrectPasswordException e) {
            System.out.println("Good, unable to login with wrong PIN");
        } finally {
            pass1.clear();
        }
        pass1 = new Password(passchar1.clone());
        tok.login(pass1);
        pass1.clear();
        System.out.println("Good, logged in");
        if (tok.isLoggedIn() == true) {
            System.out.println("Good, isLoggedIn correctly says we're" + " logged in");
        } else {
            System.out.println("ERROR: isLoggedIn incorrectly says we're" + " not logged in");
        }
        pass1 = new Password(passchar1.clone());
        pass2 = new Password(passchar2.clone());
        tok.changePassword(pass1, pass2);
        pass1.clear();
        pass2.clear();
        System.out.println("Good, changed PIN");
        try {
            pass1 = new Password(passchar1.clone());
            tok.login(pass1);
            // Should still be logged in
            System.out.println("Good, logging in with wrong PIN ok if " + " already logged in");
        } catch (IncorrectPasswordException e) {
            System.out.println("ERROR: logged in second time with wrong" + "PIN, but we should still be logged in");
        } finally {
            pass1.clear();
        }
        try {
            tok.logout();
            System.out.println("Good, logged out successfully.");
        } catch (TokenException e) {
            System.out.println("ERROR: failed to logout from token");
        }
        if (tok.isLoggedIn() == false) {
            System.out.println("Good, isLoggedIn correctly says we're" + " not logged in");
        } else {
            System.out.println("ERROR: isLoggedIn incorrectly says we're" + " logged in");
        }
        try {
            tok.logout();
            System.out.println("ERROR: logged out twice in a row");
        } catch (TokenException e) {
            System.out.println("Good, got an exception when we tried" + " to log out twice in a row");
        }
        try {
            pass1 = new Password(passchar1.clone());
            tok.login(pass1);
            pass1.clear();
            System.out.println("ERROR: logged in with wrong pw");
        } catch (IncorrectPasswordException e) {
            System.out.println("Good, logging in with wrong PIN gave err");
        }
        System.out.println("Test completed");
        tok = null;
    } catch (IncorrectPasswordException e) {
        System.out.println("Got an incorrect PIN: " + e);
    } catch (AlreadyInitializedException e) {
        System.out.println("ERROR: This test only works with uninitialized databases");
    } catch (TokenException e) {
        System.out.println("Token error: " + e);
    } catch (NoSuchTokenException e) {
        System.out.println("ERROR: could not find internal DB token");
    } finally {
        if (pass1 != null) {
            pass1.clear();
        }
        if (pass2 != null) {
            pass2.clear();
        }
    }
// System.gc();
// NativeProxy.assertRegistryEmpty();
// System.runFinalization();
}
Also used : CryptoToken(org.mozilla.jss.crypto.CryptoToken) NotInitializedException(org.mozilla.jss.NotInitializedException) PK11Token(org.mozilla.jss.pkcs11.PK11Token) CryptoManager(org.mozilla.jss.CryptoManager) AlreadyInitializedException(org.mozilla.jss.crypto.AlreadyInitializedException) IncorrectPasswordException(org.mozilla.jss.util.IncorrectPasswordException) NoSuchTokenException(org.mozilla.jss.NoSuchTokenException) TokenException(org.mozilla.jss.crypto.TokenException) NoSuchTokenException(org.mozilla.jss.NoSuchTokenException) PK11Module(org.mozilla.jss.pkcs11.PK11Module) Password(org.mozilla.jss.util.Password)

Example 2 with NoSuchTokenException

use of org.mozilla.jss.NoSuchTokenException in project jss by dogtagpki.

the class JSSKeyStoreSpi method engineGetKey.

@Override
public Key engineGetKey(String alias, char[] password) {
    logger.debug("JSSKeyStoreSpi: engineGetKey(" + alias + ")");
    try {
        CryptoManager cm = CryptoManager.getInstance();
        logger.debug("JSSKeyStoreSpi: searching for cert");
        try {
            X509Certificate cert = cm.findCertByNickname(alias);
            logger.debug("JSSKeyStoreSpi: found cert: " + alias);
            PrivateKey privateKey = cm.findPrivKeyByCert(cert);
            logger.debug("JSSKeyStoreSpi: found private key: " + alias);
            return privateKey;
        } catch (ObjectNotFoundException e) {
            logger.debug("JSSKeyStoreSpi: cert/key not found, searching for key");
        }
        String[] parts = parseAlias(alias);
        String tokenName = parts[0];
        String nickname = parts[1];
        CryptoToken token;
        if (tokenName == null) {
            token = cm.getInternalKeyStorageToken();
        } else {
            token = cm.getTokenByName(tokenName);
        }
        CryptoStore store = token.getCryptoStore();
        logger.debug("JSSKeyStoreSpi: searching for private key");
        for (PrivateKey privateKey : store.getPrivateKeys()) {
            // convert key ID into hexadecimal
            String keyID = Utils.HexEncode(privateKey.getUniqueID());
            logger.debug("JSSKeyStoreSpi: - " + keyID);
            if (nickname.equals(keyID)) {
                logger.debug("JSSKeyStoreSpi: found private key: " + nickname);
                return privateKey;
            }
        }
        logger.debug("JSSKeyStoreSpi: searching for symmetric key");
        for (SymmetricKey symmetricKey : store.getSymmetricKeys()) {
            logger.debug("JSSKeyStoreSpi: - " + symmetricKey.getNickName());
            if (nickname.equals(symmetricKey.getNickName())) {
                logger.debug("JSSKeyStoreSpi: found symmetric key: " + nickname);
                return new SecretKeyFacade(symmetricKey);
            }
        }
        logger.debug("JSSKeyStoreSpi: key not found: " + nickname);
        return null;
    } catch (NoSuchTokenException e) {
        throw new RuntimeException(e);
    } catch (NotInitializedException e) {
        throw new RuntimeException(e);
    } catch (TokenException e) {
        throw new RuntimeException(e);
    }
}
Also used : PrivateKey(org.mozilla.jss.crypto.PrivateKey) CryptoToken(org.mozilla.jss.crypto.CryptoToken) NotInitializedException(org.mozilla.jss.NotInitializedException) SymmetricKey(org.mozilla.jss.crypto.SymmetricKey) CryptoManager(org.mozilla.jss.CryptoManager) X509Certificate(org.mozilla.jss.crypto.X509Certificate) CryptoStore(org.mozilla.jss.crypto.CryptoStore) SecretKeyFacade(org.mozilla.jss.crypto.SecretKeyFacade) NoSuchTokenException(org.mozilla.jss.NoSuchTokenException) ObjectNotFoundException(org.mozilla.jss.crypto.ObjectNotFoundException) NoSuchTokenException(org.mozilla.jss.NoSuchTokenException) NoSuchItemOnTokenException(org.mozilla.jss.crypto.NoSuchItemOnTokenException) TokenException(org.mozilla.jss.crypto.TokenException)

Example 3 with NoSuchTokenException

use of org.mozilla.jss.NoSuchTokenException in project jss by dogtagpki.

the class JSSKeyStoreSpi method engineDeleteEntry.

@Override
public void engineDeleteEntry(String alias) throws KeyStoreException {
    try {
        CryptoManager manager = CryptoManager.getInstance();
        try {
            logger.debug("JSSKeyStoreSpi: searching for cert");
            X509Certificate cert = manager.findCertByNickname(alias);
            CryptoToken token;
            if (cert instanceof TokenCertificate) {
                TokenCertificate tokenCert = (TokenCertificate) cert;
                token = tokenCert.getOwningToken();
            } else {
                token = manager.getInternalKeyStorageToken();
            }
            CryptoStore store = token.getCryptoStore();
            logger.debug("JSSKeyStoreSpi: deleting cert: " + alias);
            store.deleteCertOnly(cert);
            return;
        } catch (ObjectNotFoundException e) {
            logger.debug("JSSKeyStoreSpi: cert not found, searching for key");
        }
        String[] parts = parseAlias(alias);
        String tokenName = parts[0];
        String nickname = parts[1];
        CryptoToken token;
        if (tokenName == null) {
            token = manager.getInternalKeyStorageToken();
        } else {
            token = manager.getTokenByName(tokenName);
        }
        CryptoStore store = token.getCryptoStore();
        logger.debug("JSSKeyStoreSpi: searching for private key");
        for (PrivateKey privateKey : store.getPrivateKeys()) {
            // convert key ID into hexadecimal
            String keyID = Utils.HexEncode(privateKey.getUniqueID());
            logger.debug("JSSKeyStoreSpi: - " + keyID);
            if (!nickname.equals(keyID)) {
                continue;
            }
            try {
                logger.debug("JSSKeyStoreSpi: searching for public key: " + nickname);
                PublicKey publicKey = store.findPublicKey(privateKey);
                logger.debug("JSSKeyStoreSpi: deleting public key: " + nickname);
                store.deletePublicKey(publicKey);
            } catch (ObjectNotFoundException e) {
                logger.debug("JSSKeyStoreSpi: public key not found: " + nickname);
            }
            logger.debug("JSSKeyStoreSpi: deleting private key: " + nickname);
            store.deletePrivateKey(privateKey);
            return;
        }
        logger.debug("JSSKeyStoreSpi: entry not found: " + alias);
        throw new KeyStoreException("Entry not found: " + alias);
    } catch (NotInitializedException e) {
        throw new KeyStoreException(e);
    } catch (NoSuchTokenException e) {
        throw new KeyStoreException(e);
    } catch (TokenException e) {
        throw new KeyStoreException(e);
    } catch (NoSuchItemOnTokenException e) {
        throw new KeyStoreException(e);
    }
}
Also used : CryptoToken(org.mozilla.jss.crypto.CryptoToken) PrivateKey(org.mozilla.jss.crypto.PrivateKey) NotInitializedException(org.mozilla.jss.NotInitializedException) PublicKey(java.security.PublicKey) NoSuchItemOnTokenException(org.mozilla.jss.crypto.NoSuchItemOnTokenException) CryptoManager(org.mozilla.jss.CryptoManager) KeyStoreException(java.security.KeyStoreException) X509Certificate(org.mozilla.jss.crypto.X509Certificate) CryptoStore(org.mozilla.jss.crypto.CryptoStore) NoSuchTokenException(org.mozilla.jss.NoSuchTokenException) ObjectNotFoundException(org.mozilla.jss.crypto.ObjectNotFoundException) NoSuchTokenException(org.mozilla.jss.NoSuchTokenException) NoSuchItemOnTokenException(org.mozilla.jss.crypto.NoSuchItemOnTokenException) TokenException(org.mozilla.jss.crypto.TokenException) TokenCertificate(org.mozilla.jss.crypto.TokenCertificate)

Aggregations

CryptoManager (org.mozilla.jss.CryptoManager)3 NoSuchTokenException (org.mozilla.jss.NoSuchTokenException)3 NotInitializedException (org.mozilla.jss.NotInitializedException)3 CryptoToken (org.mozilla.jss.crypto.CryptoToken)3 TokenException (org.mozilla.jss.crypto.TokenException)3 CryptoStore (org.mozilla.jss.crypto.CryptoStore)2 NoSuchItemOnTokenException (org.mozilla.jss.crypto.NoSuchItemOnTokenException)2 ObjectNotFoundException (org.mozilla.jss.crypto.ObjectNotFoundException)2 PrivateKey (org.mozilla.jss.crypto.PrivateKey)2 X509Certificate (org.mozilla.jss.crypto.X509Certificate)2 KeyStoreException (java.security.KeyStoreException)1 PublicKey (java.security.PublicKey)1 AlreadyInitializedException (org.mozilla.jss.crypto.AlreadyInitializedException)1 SecretKeyFacade (org.mozilla.jss.crypto.SecretKeyFacade)1 SymmetricKey (org.mozilla.jss.crypto.SymmetricKey)1 TokenCertificate (org.mozilla.jss.crypto.TokenCertificate)1 PK11Module (org.mozilla.jss.pkcs11.PK11Module)1 PK11Token (org.mozilla.jss.pkcs11.PK11Token)1 IncorrectPasswordException (org.mozilla.jss.util.IncorrectPasswordException)1 Password (org.mozilla.jss.util.Password)1