Examples with NotInitializedException org.mozilla.jss.NotInitializedException used on opensource projects

Search in sources :

Example 6 with NotInitializedException

use of org.mozilla.jss.NotInitializedException in project jss by dogtagpki.

the class Certificate method verify.

/**
 * Verifies the signature on this certificate, using the given public key.
 * Does not indicate the certificate is valid at any specific time.
 */
public void verify(PublicKey key) throws InvalidKeyException, NoSuchAlgorithmException, CertificateException, SignatureException {
    try {
        CryptoManager cm = CryptoManager.getInstance();
        verify(key, cm.getInternalCryptoToken());
    } catch (NotInitializedException e) {
        throw new SignatureException("CryptoManager not initialized");
    }
}
Also used : NotInitializedException(org.mozilla.jss.NotInitializedException) CryptoManager(org.mozilla.jss.CryptoManager) SignatureException(java.security.SignatureException)

Example 7 with NotInitializedException

use of org.mozilla.jss.NotInitializedException in project jss by dogtagpki.

the class JSSTrustManager method getAcceptedIssuers.

@Override
public X509Certificate[] getAcceptedIssuers() {
    logger.debug("JSSTrustManager: getAcceptedIssuers():");
    Collection<X509Certificate> caCerts = new ArrayList<>();
    try {
        CryptoManager manager = CryptoManager.getInstance();
        for (org.mozilla.jss.crypto.X509Certificate cert : manager.getCACerts()) {
            logger.debug("JSSTrustManager:  - " + cert.getSubjectDN());
            try {
                PK11Cert caCert = (PK11Cert) cert;
                caCert.checkValidity();
                caCerts.add(caCert);
            } catch (Exception e) {
                logger.debug("JSSTrustManager: invalid CA certificate: " + e);
            }
        }
    } catch (NotInitializedException e) {
        logger.error("JSSTrustManager: Unable to get CryptoManager: " + e, e);
        throw new RuntimeException(e);
    }
    return caCerts.toArray(new X509Certificate[caCerts.size()]);
}
Also used : NotInitializedException(org.mozilla.jss.NotInitializedException) ArrayList(java.util.ArrayList) CryptoManager(org.mozilla.jss.CryptoManager) X509Certificate(java.security.cert.X509Certificate) PK11Cert(org.mozilla.jss.pkcs11.PK11Cert) CertificateException(java.security.cert.CertificateException) NotInitializedException(org.mozilla.jss.NotInitializedException)

Example 8 with NotInitializedException

use of org.mozilla.jss.NotInitializedException in project jss by dogtagpki.

the class EncryptedPrivateKeyInfo method createPBE.

/**
 * Creates a new EncryptedPrivateKeyInfo, where the data is encrypted
 * with a password-based key-
 *       with wrapping/unwrapping happening on token.
 *
 * @param pbeAlg The algorithm for generating a symmetric key from
 *      a password, salt, and iteration count.
 * @param password The password to use in generating the key.
 * @param salt The salt to use in generating the key.
 * @param iterationCount The number of hashing iterations to perform
 *      while generating the key.
 * @param charToByteConverter The mechanism for converting the characters
 *      in the password into bytes.  If null, the default mechanism
 *      will be used, which is UTF8.
 * @param pri The PrivateKey to be encrypted and stored in the
 *      EncryptedContentInfo.
 */
public static EncryptedPrivateKeyInfo createPBE(PBEAlgorithm pbeAlg, Password password, byte[] salt, int iterationCount, KeyGenerator.CharToByteConverter charToByteConverter, PrivateKey pri, CryptoToken token) throws NotInitializedException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException, TokenException, CharConversionException {
    try {
        // generate key
        KeyGenerator kg = token.getKeyGenerator(pbeAlg);
        PBEKeyGenParams pbekgParams = new PBEKeyGenParams(password, salt, iterationCount);
        if (charToByteConverter != null) {
            kg.setCharToByteConverter(charToByteConverter);
        }
        kg.initialize(pbekgParams);
        kg.temporaryKeys(true);
        SymmetricKey key = kg.generate();
        // generate IV
        EncryptionAlgorithm encAlg = pbeAlg.getEncryptionAlg();
        AlgorithmParameterSpec params = null;
        Class<?>[] paramClasses = encAlg.getParameterClasses();
        for (int i = 0; i < paramClasses.length; i++) {
            if (paramClasses[i].equals(javax.crypto.spec.IvParameterSpec.class)) {
                params = new IVParameterSpec(kg.generatePBE_IV());
                break;
            }
        }
        // wrap the key
        KeyWrapper wrapper = token.getKeyWrapper(KeyWrapAlgorithm.fromOID(encAlg.toOID()));
        wrapper.initWrap(key, params);
        byte[] encrypted = wrapper.wrap(pri);
        // make encryption algorithm identifier
        PBEParameter pbeParam = new PBEParameter(salt, iterationCount);
        AlgorithmIdentifier encAlgID = new AlgorithmIdentifier(pbeAlg.toOID(), pbeParam);
        // create EncryptedPrivateKeyInfo
        EncryptedPrivateKeyInfo epki = new EncryptedPrivateKeyInfo(encAlgID, new OCTET_STRING(encrypted));
        return epki;
    } catch (Exception e) {
        System.out.println("createPBE: exception:" + e.toString());
        throw new RuntimeException("Exception in EncryptedPrivateKeyInfo" + ".createPBE: " + e.getMessage(), e);
    }
}
Also used : IVParameterSpec(org.mozilla.jss.crypto.IVParameterSpec) SymmetricKey(org.mozilla.jss.crypto.SymmetricKey) InvalidBERException(org.mozilla.jss.asn1.InvalidBERException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) IllegalBlockSizeException(org.mozilla.jss.crypto.IllegalBlockSizeException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) CharConversionException(java.io.CharConversionException) TokenException(org.mozilla.jss.crypto.TokenException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) NotInitializedException(org.mozilla.jss.NotInitializedException) InvalidKeyException(java.security.InvalidKeyException) KeyWrapper(org.mozilla.jss.crypto.KeyWrapper) PBEKeyGenParams(org.mozilla.jss.crypto.PBEKeyGenParams) OCTET_STRING(org.mozilla.jss.asn1.OCTET_STRING) EncryptionAlgorithm(org.mozilla.jss.crypto.EncryptionAlgorithm) KeyGenerator(org.mozilla.jss.crypto.KeyGenerator) AlgorithmParameterSpec(java.security.spec.AlgorithmParameterSpec)

Example 9 with NotInitializedException

use of org.mozilla.jss.NotInitializedException in project jss by dogtagpki.

the class JSSKeyStoreSpi method engineDeleteEntry.

@Override
public void engineDeleteEntry(String alias) throws KeyStoreException {
    try {
        CryptoManager manager = CryptoManager.getInstance();
        try {
            logger.debug("JSSKeyStoreSpi: searching for cert");
            X509Certificate cert = manager.findCertByNickname(alias);
            CryptoToken token;
            if (cert instanceof TokenCertificate) {
                TokenCertificate tokenCert = (TokenCertificate) cert;
                token = tokenCert.getOwningToken();
            } else {
                token = manager.getInternalKeyStorageToken();
            }
            CryptoStore store = token.getCryptoStore();
            logger.debug("JSSKeyStoreSpi: deleting cert: " + alias);
            store.deleteCertOnly(cert);
            return;
        } catch (ObjectNotFoundException e) {
            logger.debug("JSSKeyStoreSpi: cert not found, searching for key");
        }
        String[] parts = parseAlias(alias);
        String tokenName = parts[0];
        String nickname = parts[1];
        CryptoToken token;
        if (tokenName == null) {
            token = manager.getInternalKeyStorageToken();
        } else {
            token = manager.getTokenByName(tokenName);
        }
        CryptoStore store = token.getCryptoStore();
        logger.debug("JSSKeyStoreSpi: searching for private key");
        for (PrivateKey privateKey : store.getPrivateKeys()) {
            // convert key ID into hexadecimal
            String keyID = Utils.HexEncode(privateKey.getUniqueID());
            logger.debug("JSSKeyStoreSpi: - " + keyID);
            if (!nickname.equals(keyID)) {
                continue;
            }
            try {
                logger.debug("JSSKeyStoreSpi: searching for public key: " + nickname);
                PublicKey publicKey = store.findPublicKey(privateKey);
                logger.debug("JSSKeyStoreSpi: deleting public key: " + nickname);
                store.deletePublicKey(publicKey);
            } catch (ObjectNotFoundException e) {
                logger.debug("JSSKeyStoreSpi: public key not found: " + nickname);
            }
            logger.debug("JSSKeyStoreSpi: deleting private key: " + nickname);
            store.deletePrivateKey(privateKey);
            return;
        }
        logger.debug("JSSKeyStoreSpi: entry not found: " + alias);
        throw new KeyStoreException("Entry not found: " + alias);
    } catch (NotInitializedException e) {
        throw new KeyStoreException(e);
    } catch (NoSuchTokenException e) {
        throw new KeyStoreException(e);
    } catch (TokenException e) {
        throw new KeyStoreException(e);
    } catch (NoSuchItemOnTokenException e) {
        throw new KeyStoreException(e);
    }
}
Also used : CryptoToken(org.mozilla.jss.crypto.CryptoToken) PrivateKey(org.mozilla.jss.crypto.PrivateKey) NotInitializedException(org.mozilla.jss.NotInitializedException) PublicKey(java.security.PublicKey) NoSuchItemOnTokenException(org.mozilla.jss.crypto.NoSuchItemOnTokenException) CryptoManager(org.mozilla.jss.CryptoManager) KeyStoreException(java.security.KeyStoreException) X509Certificate(org.mozilla.jss.crypto.X509Certificate) CryptoStore(org.mozilla.jss.crypto.CryptoStore) NoSuchTokenException(org.mozilla.jss.NoSuchTokenException) ObjectNotFoundException(org.mozilla.jss.crypto.ObjectNotFoundException) NoSuchTokenException(org.mozilla.jss.NoSuchTokenException) NoSuchItemOnTokenException(org.mozilla.jss.crypto.NoSuchItemOnTokenException) TokenException(org.mozilla.jss.crypto.TokenException) TokenCertificate(org.mozilla.jss.crypto.TokenCertificate)

Example 10 with NotInitializedException

use of org.mozilla.jss.NotInitializedException in project jss by dogtagpki.

the class JSSKeyStoreSpi method engineIsCertificateEntry.

/**
 * Returns true if there is a cert with this nickname but there is no
 * key associated with the cert.
 */
@Override
public boolean engineIsCertificateEntry(String alias) {
    logger.debug("JSSKeyStoreSpi: engineIsCertificateEntry(" + alias + ")");
    try {
        CryptoManager cm = CryptoManager.getInstance();
        cm.findCertByNickname(alias);
        logger.debug("JSSKeyStoreSpi: cert found: " + alias);
        return true;
    } catch (ObjectNotFoundException e) {
        logger.debug("JSSKeyStoreSpi: cert not found: " + alias);
        return false;
    } catch (NotInitializedException e) {
        throw new RuntimeException(e);
    } catch (TokenException e) {
        throw new RuntimeException(e);
    }
}
Also used : NotInitializedException(org.mozilla.jss.NotInitializedException) ObjectNotFoundException(org.mozilla.jss.crypto.ObjectNotFoundException) NoSuchTokenException(org.mozilla.jss.NoSuchTokenException) NoSuchItemOnTokenException(org.mozilla.jss.crypto.NoSuchItemOnTokenException) TokenException(org.mozilla.jss.crypto.TokenException) CryptoManager(org.mozilla.jss.CryptoManager)

Aggregations

NotInitializedException (org.mozilla.jss.NotInitializedException)12 CryptoManager (org.mozilla.jss.CryptoManager)11 TokenException (org.mozilla.jss.crypto.TokenException)9 NoSuchTokenException (org.mozilla.jss.NoSuchTokenException)7 NoSuchItemOnTokenException (org.mozilla.jss.crypto.NoSuchItemOnTokenException)6 ObjectNotFoundException (org.mozilla.jss.crypto.ObjectNotFoundException)6 X509Certificate (org.mozilla.jss.crypto.X509Certificate)6 CryptoToken (org.mozilla.jss.crypto.CryptoToken)5 CertificateException (java.security.cert.CertificateException)3 CryptoStore (org.mozilla.jss.crypto.CryptoStore)3 PrivateKey (org.mozilla.jss.crypto.PrivateKey)3 PK11Cert (org.mozilla.jss.pkcs11.PK11Cert)3 ByteArrayInputStream (java.io.ByteArrayInputStream)2 InputStream (java.io.InputStream)2 CertificateFactory (java.security.cert.CertificateFactory)2 ArrayList (java.util.ArrayList)2 SymmetricKey (org.mozilla.jss.crypto.SymmetricKey)2 TokenCertificate (org.mozilla.jss.crypto.TokenCertificate)2 Password (org.mozilla.jss.util.Password)2 CharConversionException (java.io.CharConversionException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial