Example 1 with NotInitializedException
use of org.mozilla.jss.NotInitializedException in project jss by dogtagpki.
the class SelfTest method main.
public static void main(String[] args) throws Throwable {
CryptoToken tok;
CryptoToken intTok;
CryptoManager manager;
Password pass1 = null, pass2 = null;
java.security.KeyPair keyPair;
char[] passchar1 = { 'f', 'o', 'o', 'b', 'a', 'r' };
char[] passchar2 = { 'n', 'e', 't', 's', 'c', 'a', 'p', 'e' };
if (args.length != 1) {
System.err.println("Usage: java ...SelfTest <dbdir>");
return;
}
try {
manager = CryptoManager.getInstance();
} catch (NotInitializedException e) {
System.out.println("CryptoManager not initialized");
return;
}
try {
tok = manager.getTokenByName("asdffda");
System.out.println("ERROR: found a nonexistent token");
} catch (NoSuchTokenException e) {
System.out.println("Good, could not find non-existent token");
}
try {
Enumeration<PK11Module> modules = manager.getModules();
System.out.println("Modules:");
while (modules.hasMoreElements()) {
System.out.println("\t" + modules.nextElement().getName());
}
Enumeration<CryptoToken> tokens = manager.getAllTokens();
System.out.println("All Tokens:");
while (tokens.hasMoreElements()) {
System.out.println("\t" + tokens.nextElement().getName());
}
Enumeration<CryptoToken> extTokens = manager.getExternalTokens();
System.out.println("External Tokens:");
while (extTokens.hasMoreElements()) {
System.out.println("\t" + extTokens.nextElement().getName());
}
tok = manager.getTokenByName("Internal Key Storage Token");
System.out.println("Good, found internal DB token");
if (tok.equals(manager.getInternalKeyStorageToken())) {
System.out.println("Good, it really is the key storage token");
} else {
System.out.println("ERROR: it's not the same as the key " + "storage token!");
}
if (((PK11Token) tok).isInternalKeyStorageToken()) {
System.out.println("Good, " + tok.getName() + " knows " + "what it is");
} else {
System.out.println("ERROR: " + tok.getName() + " doesn't know" + " it is key storage token");
}
intTok = manager.getInternalCryptoToken();
if (((PK11Token) intTok).isInternalCryptoToken()) {
System.out.println("Good, " + tok.getName() + " knows it is the internal token");
} else {
System.out.println("ERROR: " + tok.getName() + " doesn't know what that it is the internal token");
}
if (tok.isLoggedIn() == false) {
System.out.println("Good, isLoggedIn correctly says we're" + " not logged in");
} else {
System.out.println("ERROR: isLoggedIn incorrectly says we're" + " logged in");
}
System.out.println("Good, successfully opened token \"" + tok.getName() + "\"");
pass1 = new Password(passchar1.clone());
pass2 = new Password(new char[] { 0 });
tok.initPassword(pass2, pass1);
pass1.clear();
pass2.clear();
System.out.println("Good, initialized PIN");
tok.logout();
try {
pass1 = new Password(passchar2.clone());
tok.login(pass1);
System.out.println("ERROR: Successfully logged in with wrong" + " PIN");
} catch (IncorrectPasswordException e) {
System.out.println("Good, unable to login with wrong PIN");
} finally {
pass1.clear();
}
pass1 = new Password(passchar1.clone());
tok.login(pass1);
pass1.clear();
System.out.println("Good, logged in");
if (tok.isLoggedIn() == true) {
System.out.println("Good, isLoggedIn correctly says we're" + " logged in");
} else {
System.out.println("ERROR: isLoggedIn incorrectly says we're" + " not logged in");
}
pass1 = new Password(passchar1.clone());
pass2 = new Password(passchar2.clone());
tok.changePassword(pass1, pass2);
pass1.clear();
pass2.clear();
System.out.println("Good, changed PIN");
try {
pass1 = new Password(passchar1.clone());
tok.login(pass1);
// Should still be logged in
System.out.println("Good, logging in with wrong PIN ok if " + " already logged in");
} catch (IncorrectPasswordException e) {
System.out.println("ERROR: logged in second time with wrong" + "PIN, but we should still be logged in");
} finally {
pass1.clear();
}
try {
tok.logout();
System.out.println("Good, logged out successfully.");
} catch (TokenException e) {
System.out.println("ERROR: failed to logout from token");
}
if (tok.isLoggedIn() == false) {
System.out.println("Good, isLoggedIn correctly says we're" + " not logged in");
} else {
System.out.println("ERROR: isLoggedIn incorrectly says we're" + " logged in");
}
try {
tok.logout();
System.out.println("ERROR: logged out twice in a row");
} catch (TokenException e) {
System.out.println("Good, got an exception when we tried" + " to log out twice in a row");
}
try {
pass1 = new Password(passchar1.clone());
tok.login(pass1);
pass1.clear();
System.out.println("ERROR: logged in with wrong pw");
} catch (IncorrectPasswordException e) {
System.out.println("Good, logging in with wrong PIN gave err");
}
System.out.println("Test completed");
tok = null;
} catch (IncorrectPasswordException e) {
System.out.println("Got an incorrect PIN: " + e);
} catch (AlreadyInitializedException e) {
System.out.println("ERROR: This test only works with uninitialized databases");
} catch (TokenException e) {
System.out.println("Token error: " + e);
} catch (NoSuchTokenException e) {
System.out.println("ERROR: could not find internal DB token");
} finally {
if (pass1 != null) {
pass1.clear();
}
if (pass2 != null) {
pass2.clear();
}
}
// System.gc();
// NativeProxy.assertRegistryEmpty();
// System.runFinalization();
}
Also used :
CryptoToken(org.mozilla.jss.crypto.CryptoToken)
NotInitializedException(org.mozilla.jss.NotInitializedException)
PK11Token(org.mozilla.jss.pkcs11.PK11Token)
CryptoManager(org.mozilla.jss.CryptoManager)
AlreadyInitializedException(org.mozilla.jss.crypto.AlreadyInitializedException)
IncorrectPasswordException(org.mozilla.jss.util.IncorrectPasswordException)
NoSuchTokenException(org.mozilla.jss.NoSuchTokenException)
TokenException(org.mozilla.jss.crypto.TokenException)
NoSuchTokenException(org.mozilla.jss.NoSuchTokenException)
PK11Module(org.mozilla.jss.pkcs11.PK11Module)
Password(org.mozilla.jss.util.Password)
Example 2 with NotInitializedException
use of org.mozilla.jss.NotInitializedException in project jss by dogtagpki.
the class PK10Gen method main.
public static void main(String[] args) {
CryptoManager manager;
Password pass1 = null, pass2 = null;
char[] passchar1 = { 'f', 'o', 'o', 'b', 'a', 'r' };
char[] passchar2 = { 'n', 'e', 't', 's', 'c', 'a', 'p', 'e' };
if (args.length != 2) {
System.err.println("Usage: java org.mozilla.jss.PK10Gen <dbdir> [rsa|dsa]");
return;
}
try {
CryptoManager.initialize(args[0]);
/*
InitializationValues vals = new
InitializationValues( args[0]+"/secmodule.db",
args[0]+"/key3.db",
args[0]+"/cert7.db");
CryptoManager.initialize(vals);
*/
try {
manager = CryptoManager.getInstance();
} catch (NotInitializedException e) {
System.out.println("CryptoManager not initialized");
return;
}
CryptoToken token = manager.getInternalKeyStorageToken();
if (token.isLoggedIn() == false) {
System.out.println("Good, isLoggedIn correctly says we're" + " not logged in");
} else {
System.out.println("ERROR: isLoggedIn incorrectly says we're" + " logged in");
}
pass1 = new Password(passchar1.clone());
pass2 = new Password(new char[] { 0 });
token.initPassword(pass2, pass1);
pass1.clear();
pass2.clear();
System.out.println("initialized PIN");
token.login(pass1);
System.out.println("logged in");
String blob = token.generateCertRequest("cn=christina Fu", 512, args[1], (byte[]) null, (byte[]) null, (byte[]) null);
System.out.println("pkcs#10 blob = \n" + blob);
} catch (Exception e) {
System.out.println("exception caught in PK10Gen: " + e.getMessage());
e.printStackTrace();
System.exit(1);
}
System.exit(0);
}
Also used :
NotInitializedException(org.mozilla.jss.NotInitializedException)
CryptoToken(org.mozilla.jss.crypto.CryptoToken)
CryptoManager(org.mozilla.jss.CryptoManager)
NotInitializedException(org.mozilla.jss.NotInitializedException)
Password(org.mozilla.jss.util.Password)
Example 3 with NotInitializedException
use of org.mozilla.jss.NotInitializedException in project jss by dogtagpki.
the class SocketBase method setClientCertNickname.
/**
* Sets the nickname of the certificate to use for client authentication.
*/
public void setClientCertNickname(String nick) throws SocketException {
try {
CryptoManager cm = CryptoManager.getInstance();
X509Certificate cert = cm.findCertByNickname(nick);
setClientCert(cert);
} catch (NotInitializedException nie) {
throw new RuntimeException(nie);
} catch (ObjectNotFoundException onfe) {
throw new RuntimeException(onfe);
} catch (TokenException te) {
throw new RuntimeException(te);
}
}
Also used :
NotInitializedException(org.mozilla.jss.NotInitializedException)
ObjectNotFoundException(org.mozilla.jss.crypto.ObjectNotFoundException)
TokenException(org.mozilla.jss.crypto.TokenException)
CryptoManager(org.mozilla.jss.CryptoManager)
X509Certificate(org.mozilla.jss.crypto.X509Certificate)
Example 4 with NotInitializedException
use of org.mozilla.jss.NotInitializedException in project jss by dogtagpki.
the class JSSKeyStoreSpi method engineGetKey.
@Override
public Key engineGetKey(String alias, char[] password) {
logger.debug("JSSKeyStoreSpi: engineGetKey(" + alias + ")");
try {
CryptoManager cm = CryptoManager.getInstance();
logger.debug("JSSKeyStoreSpi: searching for cert");
try {
X509Certificate cert = cm.findCertByNickname(alias);
logger.debug("JSSKeyStoreSpi: found cert: " + alias);
PrivateKey privateKey = cm.findPrivKeyByCert(cert);
logger.debug("JSSKeyStoreSpi: found private key: " + alias);
return privateKey;
} catch (ObjectNotFoundException e) {
logger.debug("JSSKeyStoreSpi: cert/key not found, searching for key");
}
String[] parts = parseAlias(alias);
String tokenName = parts[0];
String nickname = parts[1];
CryptoToken token;
if (tokenName == null) {
token = cm.getInternalKeyStorageToken();
} else {
token = cm.getTokenByName(tokenName);
}
CryptoStore store = token.getCryptoStore();
logger.debug("JSSKeyStoreSpi: searching for private key");
for (PrivateKey privateKey : store.getPrivateKeys()) {
// convert key ID into hexadecimal
String keyID = Utils.HexEncode(privateKey.getUniqueID());
logger.debug("JSSKeyStoreSpi: - " + keyID);
if (nickname.equals(keyID)) {
logger.debug("JSSKeyStoreSpi: found private key: " + nickname);
return privateKey;
}
}
logger.debug("JSSKeyStoreSpi: searching for symmetric key");
for (SymmetricKey symmetricKey : store.getSymmetricKeys()) {
logger.debug("JSSKeyStoreSpi: - " + symmetricKey.getNickName());
if (nickname.equals(symmetricKey.getNickName())) {
logger.debug("JSSKeyStoreSpi: found symmetric key: " + nickname);
return new SecretKeyFacade(symmetricKey);
}
}
logger.debug("JSSKeyStoreSpi: key not found: " + nickname);
return null;
} catch (NoSuchTokenException e) {
throw new RuntimeException(e);
} catch (NotInitializedException e) {
throw new RuntimeException(e);
} catch (TokenException e) {
throw new RuntimeException(e);
}
}
Also used :
PrivateKey(org.mozilla.jss.crypto.PrivateKey)
CryptoToken(org.mozilla.jss.crypto.CryptoToken)
NotInitializedException(org.mozilla.jss.NotInitializedException)
SymmetricKey(org.mozilla.jss.crypto.SymmetricKey)
CryptoManager(org.mozilla.jss.CryptoManager)
X509Certificate(org.mozilla.jss.crypto.X509Certificate)
CryptoStore(org.mozilla.jss.crypto.CryptoStore)
SecretKeyFacade(org.mozilla.jss.crypto.SecretKeyFacade)
NoSuchTokenException(org.mozilla.jss.NoSuchTokenException)
ObjectNotFoundException(org.mozilla.jss.crypto.ObjectNotFoundException)
NoSuchTokenException(org.mozilla.jss.NoSuchTokenException)
NoSuchItemOnTokenException(org.mozilla.jss.crypto.NoSuchItemOnTokenException)
TokenException(org.mozilla.jss.crypto.TokenException)
Example 5 with NotInitializedException
use of org.mozilla.jss.NotInitializedException in project jss by dogtagpki.
the class JSSKeyStoreSpi method getAliases.
public Collection<String> getAliases() {
logger.debug("JSSKeyStoreSpi: getAliases()");
Set<String> aliases = new LinkedHashSet<>();
try {
List<CryptoToken> tokens = new ArrayList<>();
CryptoManager cm = CryptoManager.getInstance();
if (token == null) {
logger.debug("JSSKeyStoreSpi: getting aliases from all tokens");
Enumeration<CryptoToken> e = cm.getAllTokens();
while (e.hasMoreElements()) {
CryptoToken t = e.nextElement();
if (t == cm.getInternalCryptoToken()) {
// exclude crypto token
continue;
}
tokens.add(t);
}
} else {
logger.debug("JSSKeyStoreSpi: getting aliases from keystore token");
tokens.add(token);
}
for (CryptoToken token : tokens) {
String tokenName;
if (token == cm.getInternalKeyStorageToken()) {
tokenName = null;
logger.debug("JSSKeyStoreSpi: token: internal");
} else {
tokenName = token.getName();
logger.debug("JSSKeyStoreSpi: token: " + tokenName);
}
CryptoStore store = token.getCryptoStore();
logger.debug("JSSKeyStoreSpi: - certificates:");
for (X509Certificate cert : store.getCertificates()) {
String nickname = cert.getNickname();
logger.debug("JSSKeyStoreSpi: - " + nickname);
aliases.add(nickname);
}
logger.debug("JSSKeyStoreSpi: - private keys:");
for (PrivateKey privateKey : store.getPrivateKeys()) {
// convert key ID into hexadecimal
String keyID = Utils.HexEncode(privateKey.getUniqueID());
String nickname;
if (tokenName == null) {
nickname = keyID;
} else {
nickname = tokenName + ":" + keyID;
}
logger.debug("JSSKeyStoreSpi: - " + nickname);
aliases.add(nickname);
}
}
return aliases;
} catch (NotInitializedException e) {
throw new RuntimeException(e);
} catch (TokenException e) {
throw new RuntimeException(e);
}
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
CryptoToken(org.mozilla.jss.crypto.CryptoToken)
PrivateKey(org.mozilla.jss.crypto.PrivateKey)
NotInitializedException(org.mozilla.jss.NotInitializedException)
ArrayList(java.util.ArrayList)
CryptoManager(org.mozilla.jss.CryptoManager)
X509Certificate(org.mozilla.jss.crypto.X509Certificate)
CryptoStore(org.mozilla.jss.crypto.CryptoStore)
NoSuchTokenException(org.mozilla.jss.NoSuchTokenException)
NoSuchItemOnTokenException(org.mozilla.jss.crypto.NoSuchItemOnTokenException)
TokenException(org.mozilla.jss.crypto.TokenException)
Aggregations
NotInitializedException (org.mozilla.jss.NotInitializedException)12
CryptoManager (org.mozilla.jss.CryptoManager)11
TokenException (org.mozilla.jss.crypto.TokenException)9
NoSuchTokenException (org.mozilla.jss.NoSuchTokenException)7
NoSuchItemOnTokenException (org.mozilla.jss.crypto.NoSuchItemOnTokenException)6
ObjectNotFoundException (org.mozilla.jss.crypto.ObjectNotFoundException)6
X509Certificate (org.mozilla.jss.crypto.X509Certificate)6
CryptoToken (org.mozilla.jss.crypto.CryptoToken)5
CertificateException (java.security.cert.CertificateException)3
CryptoStore (org.mozilla.jss.crypto.CryptoStore)3
PrivateKey (org.mozilla.jss.crypto.PrivateKey)3
PK11Cert (org.mozilla.jss.pkcs11.PK11Cert)3
ByteArrayInputStream (java.io.ByteArrayInputStream)2
InputStream (java.io.InputStream)2
CertificateFactory (java.security.cert.CertificateFactory)2
ArrayList (java.util.ArrayList)2
SymmetricKey (org.mozilla.jss.crypto.SymmetricKey)2
TokenCertificate (org.mozilla.jss.crypto.TokenCertificate)2
Password (org.mozilla.jss.util.Password)2
CharConversionException (java.io.CharConversionException)1
