use of org.mozilla.jss.crypto.TokenException in project jss by dogtagpki.
the class CryptoManager method getTokenByName.
/**
* Looks up the CryptoToken with the given name. Searches all
* loaded cryptographic modules for the token.
*
* @param name The name of the token.
* @return The token.
* @exception org.mozilla.jss.NoSuchTokenException If no token
* is found with the given name.
*/
public synchronized CryptoToken getTokenByName(String name) throws NoSuchTokenException {
Enumeration<CryptoToken> tokens = getAllTokens();
CryptoToken token;
while (tokens.hasMoreElements()) {
token = tokens.nextElement();
try {
if (name.equals(token.getName())) {
return token;
}
} catch (TokenException e) {
throw new RuntimeException(e);
}
}
throw new NoSuchTokenException("No such token: " + name);
}
use of org.mozilla.jss.crypto.TokenException in project jss by dogtagpki.
the class SelfTest method main.
public static void main(String[] args) throws Throwable {
CryptoToken tok;
CryptoToken intTok;
CryptoManager manager;
Password pass1 = null, pass2 = null;
java.security.KeyPair keyPair;
char[] passchar1 = { 'f', 'o', 'o', 'b', 'a', 'r' };
char[] passchar2 = { 'n', 'e', 't', 's', 'c', 'a', 'p', 'e' };
if (args.length != 1) {
System.err.println("Usage: java ...SelfTest <dbdir>");
return;
}
try {
manager = CryptoManager.getInstance();
} catch (NotInitializedException e) {
System.out.println("CryptoManager not initialized");
return;
}
try {
tok = manager.getTokenByName("asdffda");
System.out.println("ERROR: found a nonexistent token");
} catch (NoSuchTokenException e) {
System.out.println("Good, could not find non-existent token");
}
try {
Enumeration<PK11Module> modules = manager.getModules();
System.out.println("Modules:");
while (modules.hasMoreElements()) {
System.out.println("\t" + modules.nextElement().getName());
}
Enumeration<CryptoToken> tokens = manager.getAllTokens();
System.out.println("All Tokens:");
while (tokens.hasMoreElements()) {
System.out.println("\t" + tokens.nextElement().getName());
}
Enumeration<CryptoToken> extTokens = manager.getExternalTokens();
System.out.println("External Tokens:");
while (extTokens.hasMoreElements()) {
System.out.println("\t" + extTokens.nextElement().getName());
}
tok = manager.getTokenByName("Internal Key Storage Token");
System.out.println("Good, found internal DB token");
if (tok.equals(manager.getInternalKeyStorageToken())) {
System.out.println("Good, it really is the key storage token");
} else {
System.out.println("ERROR: it's not the same as the key " + "storage token!");
}
if (((PK11Token) tok).isInternalKeyStorageToken()) {
System.out.println("Good, " + tok.getName() + " knows " + "what it is");
} else {
System.out.println("ERROR: " + tok.getName() + " doesn't know" + " it is key storage token");
}
intTok = manager.getInternalCryptoToken();
if (((PK11Token) intTok).isInternalCryptoToken()) {
System.out.println("Good, " + tok.getName() + " knows it is the internal token");
} else {
System.out.println("ERROR: " + tok.getName() + " doesn't know what that it is the internal token");
}
if (tok.isLoggedIn() == false) {
System.out.println("Good, isLoggedIn correctly says we're" + " not logged in");
} else {
System.out.println("ERROR: isLoggedIn incorrectly says we're" + " logged in");
}
System.out.println("Good, successfully opened token \"" + tok.getName() + "\"");
pass1 = new Password(passchar1.clone());
pass2 = new Password(new char[] { 0 });
tok.initPassword(pass2, pass1);
pass1.clear();
pass2.clear();
System.out.println("Good, initialized PIN");
tok.logout();
try {
pass1 = new Password(passchar2.clone());
tok.login(pass1);
System.out.println("ERROR: Successfully logged in with wrong" + " PIN");
} catch (IncorrectPasswordException e) {
System.out.println("Good, unable to login with wrong PIN");
} finally {
pass1.clear();
}
pass1 = new Password(passchar1.clone());
tok.login(pass1);
pass1.clear();
System.out.println("Good, logged in");
if (tok.isLoggedIn() == true) {
System.out.println("Good, isLoggedIn correctly says we're" + " logged in");
} else {
System.out.println("ERROR: isLoggedIn incorrectly says we're" + " not logged in");
}
pass1 = new Password(passchar1.clone());
pass2 = new Password(passchar2.clone());
tok.changePassword(pass1, pass2);
pass1.clear();
pass2.clear();
System.out.println("Good, changed PIN");
try {
pass1 = new Password(passchar1.clone());
tok.login(pass1);
// Should still be logged in
System.out.println("Good, logging in with wrong PIN ok if " + " already logged in");
} catch (IncorrectPasswordException e) {
System.out.println("ERROR: logged in second time with wrong" + "PIN, but we should still be logged in");
} finally {
pass1.clear();
}
try {
tok.logout();
System.out.println("Good, logged out successfully.");
} catch (TokenException e) {
System.out.println("ERROR: failed to logout from token");
}
if (tok.isLoggedIn() == false) {
System.out.println("Good, isLoggedIn correctly says we're" + " not logged in");
} else {
System.out.println("ERROR: isLoggedIn incorrectly says we're" + " logged in");
}
try {
tok.logout();
System.out.println("ERROR: logged out twice in a row");
} catch (TokenException e) {
System.out.println("Good, got an exception when we tried" + " to log out twice in a row");
}
try {
pass1 = new Password(passchar1.clone());
tok.login(pass1);
pass1.clear();
System.out.println("ERROR: logged in with wrong pw");
} catch (IncorrectPasswordException e) {
System.out.println("Good, logging in with wrong PIN gave err");
}
System.out.println("Test completed");
tok = null;
} catch (IncorrectPasswordException e) {
System.out.println("Got an incorrect PIN: " + e);
} catch (AlreadyInitializedException e) {
System.out.println("ERROR: This test only works with uninitialized databases");
} catch (TokenException e) {
System.out.println("Token error: " + e);
} catch (NoSuchTokenException e) {
System.out.println("ERROR: could not find internal DB token");
} finally {
if (pass1 != null) {
pass1.clear();
}
if (pass2 != null) {
pass2.clear();
}
}
// System.gc();
// NativeProxy.assertRegistryEmpty();
// System.runFinalization();
}
use of org.mozilla.jss.crypto.TokenException in project jss by dogtagpki.
the class SSLClientAuth method doIt.
/**
* @param args
* @throws java.lang.Exception
*/
public void doIt(String[] args) throws Exception {
if (args.length < 2) {
System.out.println("Usage: java org.mozilla.jss.tests." + "SSLClientAuth <dbdir> <passwordFile> [port]" + " [Certificate Serial Number]");
System.exit(1);
}
cm = CryptoManager.getInstance();
CryptoToken tok = cm.getInternalKeyStorageToken();
PasswordCallback cb = new FilePasswordCallback(args[1]);
tok.login(cb);
if (args.length >= 3) {
port = Integer.parseInt(args[2]);
System.out.println("using port:" + port);
}
if (args.length >= 4) {
serialNum = Integer.parseInt(args[3]);
} else {
SecureRandom rng = SecureRandom.getInstance("pkcs11prng", "Mozilla-JSS");
serialNum = nextRandInt(rng);
}
X509Certificate[] certs;
/* ensure certificate does not already exists */
/* we don't have to test all three */
serverCertNick = "SSLserver-" + serialNum;
clientCertNick = "SSLclient-" + serialNum;
certs = cm.findCertsByNickname(serverCertNick);
if (certs.length == 0) {
generateCerts(cm, serialNum);
} else {
try {
nssServerCert = cm.findCertByNickname(serverCertNick);
nssClientCert = cm.findCertByNickname(clientCertNick);
} catch (TokenException ex) {
ex.printStackTrace();
System.exit(1);
} catch (ObjectNotFoundException ex) {
ex.printStackTrace();
System.exit(1);
}
}
configureDefaultSSLoptions();
testSpecificCiphers();
useNickname = false;
testConnection();
useNickname = true;
testConnection();
System.out.println("Exiting main()");
if (getSuccess()) {
System.exit(0);
} else {
System.exit(1);
}
}
use of org.mozilla.jss.crypto.TokenException in project jss by dogtagpki.
the class SocketBase method setClientCertNickname.
/**
* Sets the nickname of the certificate to use for client authentication.
*/
public void setClientCertNickname(String nick) throws SocketException {
try {
CryptoManager cm = CryptoManager.getInstance();
X509Certificate cert = cm.findCertByNickname(nick);
setClientCert(cert);
} catch (NotInitializedException nie) {
throw new RuntimeException(nie);
} catch (ObjectNotFoundException onfe) {
throw new RuntimeException(onfe);
} catch (TokenException te) {
throw new RuntimeException(te);
}
}
use of org.mozilla.jss.crypto.TokenException in project jss by dogtagpki.
the class PK11KeyWrapper method wrap.
@Override
public byte[] wrap(SymmetricKey toBeWrapped) throws InvalidKeyException, IllegalStateException, TokenException {
if (state != WRAP) {
throw new IllegalStateException();
}
if (algorithm == KeyWrapAlgorithm.PLAINTEXT) {
throw new InvalidKeyException("plaintext wrapping not supported");
}
checkWrappee(toBeWrapped);
if (symKey != null) {
assert (privKey == null && pubKey == null);
return nativeWrapSymWithSym(token, toBeWrapped, symKey, algorithm, IV);
}
assert (pubKey != null && privKey == null && symKey == null);
NativeProxy params = null;
long params_size = 0;
if (parameters != null) {
try {
((NativeEnclosure) parameters).open();
params = ((NativeEnclosure) parameters).mPointer;
params_size = ((NativeEnclosure) parameters).mPointerSize;
} catch (Exception e) {
throw new TokenException(e.getMessage(), e);
}
}
try {
return nativeWrapSymWithPub(token, toBeWrapped, pubKey, algorithm, params, params_size);
} finally {
if (parameters != null) {
try {
((NativeEnclosure) parameters).close();
} catch (Exception e) {
throw new TokenException(e.getMessage(), e);
}
}
}
}
Aggregations