Search in sources :

Example 6 with PK11Cert

use of org.mozilla.jss.pkcs11.PK11Cert in project jss by dogtagpki.

the class PKCS12Util method setTrustFlags.

/**
 * @deprecated Use PK11Cert.setTrustFlags() instead.
 */
@Deprecated
public void setTrustFlags(X509Certificate cert, String trustFlags) throws Exception {
    PK11Cert pk11Cert = (PK11Cert) cert;
    pk11Cert.setTrustFlags(trustFlags);
}
Also used : PK11Cert(org.mozilla.jss.pkcs11.PK11Cert)

Example 7 with PK11Cert

use of org.mozilla.jss.pkcs11.PK11Cert in project jss by dogtagpki.

the class JSSKeyStoreSpi method engineGetCertificateChain.

@Override
public Certificate[] engineGetCertificateChain(String alias) {
    logger.debug("JSSKeyStoreSpi: engineGetCertificateChain(" + alias + ")");
    try {
        logger.debug("JSSKeyStoreSpi: searching for leaf cert");
        CryptoManager cm = CryptoManager.getInstance();
        X509Certificate leaf = cm.findCertByNickname(alias);
        logger.debug("JSSKeyStoreSpi: building cert chain");
        X509Certificate[] certs = cm.buildCertificateChain(leaf);
        Certificate[] chain = new Certificate[certs.length];
        CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
        for (int i = 0; i < certs.length; i++) {
            X509Certificate cert = certs[i];
            logger.debug("JSSKeyStoreSpi: - " + cert.getSubjectDN());
            if (cert instanceof PK11Cert) {
                chain[i] = (PK11Cert) cert;
                continue;
            }
            byte[] bytes = cert.getEncoded();
            InputStream is = new ByteArrayInputStream(bytes);
            chain[i] = certFactory.generateCertificate(is);
        }
        return chain;
    } catch (ObjectNotFoundException e) {
        logger.debug("leaf cert not found: " + alias);
        return null;
    } catch (NotInitializedException e) {
        throw new RuntimeException(e);
    } catch (TokenException e) {
        throw new RuntimeException(e);
    } catch (CertificateException e) {
        throw new RuntimeException(e);
    }
}
Also used : NotInitializedException(org.mozilla.jss.NotInitializedException) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) CryptoManager(org.mozilla.jss.CryptoManager) CertificateException(java.security.cert.CertificateException) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(org.mozilla.jss.crypto.X509Certificate) ByteArrayInputStream(java.io.ByteArrayInputStream) ObjectNotFoundException(org.mozilla.jss.crypto.ObjectNotFoundException) NoSuchTokenException(org.mozilla.jss.NoSuchTokenException) NoSuchItemOnTokenException(org.mozilla.jss.crypto.NoSuchItemOnTokenException) TokenException(org.mozilla.jss.crypto.TokenException) PK11Cert(org.mozilla.jss.pkcs11.PK11Cert) Certificate(java.security.cert.Certificate) X509Certificate(org.mozilla.jss.crypto.X509Certificate) TokenCertificate(org.mozilla.jss.crypto.TokenCertificate)

Example 8 with PK11Cert

use of org.mozilla.jss.pkcs11.PK11Cert in project jss by dogtagpki.

the class JSSKeyStoreSpi method engineGetCertificate.

@Override
public Certificate engineGetCertificate(String alias) {
    logger.debug("JSSKeyStoreSpi: engineGetCertificate(" + alias + ")");
    try {
        CryptoManager cm = CryptoManager.getInstance();
        X509Certificate cert = cm.findCertByNickname(alias);
        logger.debug("JSSKeyStoreSpi: cert found: " + alias);
        if (cert instanceof PK11Cert) {
            return (PK11Cert) cert;
        }
        byte[] bytes = cert.getEncoded();
        InputStream is = new ByteArrayInputStream(bytes);
        CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
        return certFactory.generateCertificate(is);
    } catch (ObjectNotFoundException e) {
        logger.debug("JSSKeyStoreSpi: cert not found: " + alias);
        return null;
    } catch (NotInitializedException e) {
        throw new RuntimeException(e);
    } catch (TokenException e) {
        throw new RuntimeException(e);
    } catch (CertificateEncodingException e) {
        throw new RuntimeException(e);
    } catch (CertificateException e) {
        throw new RuntimeException(e);
    }
}
Also used : NotInitializedException(org.mozilla.jss.NotInitializedException) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) CryptoManager(org.mozilla.jss.CryptoManager) CertificateEncodingException(java.security.cert.CertificateEncodingException) CertificateException(java.security.cert.CertificateException) CertificateFactory(java.security.cert.CertificateFactory) X509Certificate(org.mozilla.jss.crypto.X509Certificate) ByteArrayInputStream(java.io.ByteArrayInputStream) ObjectNotFoundException(org.mozilla.jss.crypto.ObjectNotFoundException) NoSuchTokenException(org.mozilla.jss.NoSuchTokenException) NoSuchItemOnTokenException(org.mozilla.jss.crypto.NoSuchItemOnTokenException) TokenException(org.mozilla.jss.crypto.TokenException) PK11Cert(org.mozilla.jss.pkcs11.PK11Cert)

Aggregations

PK11Cert (org.mozilla.jss.pkcs11.PK11Cert)8 CryptoManager (org.mozilla.jss.CryptoManager)5 CertificateException (java.security.cert.CertificateException)3 NotInitializedException (org.mozilla.jss.NotInitializedException)3 X509Certificate (org.mozilla.jss.crypto.X509Certificate)3 ByteArrayInputStream (java.io.ByteArrayInputStream)2 InputStream (java.io.InputStream)2 CertificateFactory (java.security.cert.CertificateFactory)2 NoSuchTokenException (org.mozilla.jss.NoSuchTokenException)2 BMPString (org.mozilla.jss.asn1.BMPString)2 NoSuchItemOnTokenException (org.mozilla.jss.crypto.NoSuchItemOnTokenException)2 ObjectNotFoundException (org.mozilla.jss.crypto.ObjectNotFoundException)2 TokenException (org.mozilla.jss.crypto.TokenException)2 X509CertImpl (org.mozilla.jss.netscape.security.x509.X509CertImpl)2 Certificate (java.security.cert.Certificate)1 CertificateEncodingException (java.security.cert.CertificateEncodingException)1 X509Certificate (java.security.cert.X509Certificate)1 ArrayList (java.util.ArrayList)1 SSLException (javax.net.ssl.SSLException)1 SSLHandshakeException (javax.net.ssl.SSLHandshakeException)1