Examples with PK11Store org.mozilla.jss.pkcs11.PK11Store used on opensource projects

Search in sources :

Example 1 with PK11Store

use of org.mozilla.jss.pkcs11.PK11Store in project jss by dogtagpki.

the class PKCS12Util method importKey.

public void importKey(PKCS12 pkcs12, Password password, String nickname, PKCS12KeyInfo keyInfo) throws Exception {
    PKCS12CertInfo certInfo = pkcs12.getCertInfoByKeyID(keyInfo.getID());
    if (certInfo == null) {
        logger.debug("Private key has no certificate, ignore");
        return;
    }
    CryptoManager cm = CryptoManager.getInstance();
    CryptoToken token = cm.getInternalKeyStorageToken();
    PK11Store store = (PK11Store) token.getCryptoStore();
    X509CertImpl certImpl = certInfo.getCert();
    X509Certificate cert = cm.importCACertPackage(certImpl.getEncoded());
    // get public key
    PublicKey publicKey = cert.getPublicKey();
    byte[] epkiBytes = keyInfo.getEncryptedPrivateKeyInfoBytes();
    if (epkiBytes == null) {
        logger.debug("No EncryptedPrivateKeyInfo for key '" + keyInfo.getFriendlyName() + "'; skipping key");
    }
    try {
        // first true without BMPString-encoding the passphrase.
        store.importEncryptedPrivateKeyInfo(null, password, nickname, publicKey, epkiBytes);
    } catch (Exception e) {
        // if that failed, try again with BMPString-encoded
        // passphrase.  This is required for PKCS #12 PBE
        // schemes and for PKCS #12 files using PBES2 generated
        // by NSS < 3.31
        store.importEncryptedPrivateKeyInfo(new PasswordConverter(), password, nickname, publicKey, epkiBytes);
    }
    // with the correct nickname)
    try {
        store.deleteCertOnly(cert);
    } catch (NoSuchItemOnTokenException e) {
    // this is OK
    }
}
Also used : CryptoToken(org.mozilla.jss.crypto.CryptoToken) PublicKey(java.security.PublicKey) PK11Store(org.mozilla.jss.pkcs11.PK11Store) X509CertImpl(org.mozilla.jss.netscape.security.x509.X509CertImpl) NoSuchItemOnTokenException(org.mozilla.jss.crypto.NoSuchItemOnTokenException) PasswordConverter(org.mozilla.jss.pkcs12.PasswordConverter) CryptoManager(org.mozilla.jss.CryptoManager) X509Certificate(org.mozilla.jss.crypto.X509Certificate) NoSuchItemOnTokenException(org.mozilla.jss.crypto.NoSuchItemOnTokenException) ObjectNotFoundException(org.mozilla.jss.crypto.ObjectNotFoundException) CertificateException(java.security.cert.CertificateException) InvalidNameException(javax.naming.InvalidNameException)

Aggregations

PublicKey (java.security.PublicKey)1 CertificateException (java.security.cert.CertificateException)1 InvalidNameException (javax.naming.InvalidNameException)1 CryptoManager (org.mozilla.jss.CryptoManager)1 CryptoToken (org.mozilla.jss.crypto.CryptoToken)1 NoSuchItemOnTokenException (org.mozilla.jss.crypto.NoSuchItemOnTokenException)1 ObjectNotFoundException (org.mozilla.jss.crypto.ObjectNotFoundException)1 X509Certificate (org.mozilla.jss.crypto.X509Certificate)1 X509CertImpl (org.mozilla.jss.netscape.security.x509.X509CertImpl)1 PK11Store (org.mozilla.jss.pkcs11.PK11Store)1 PasswordConverter (org.mozilla.jss.pkcs12.PasswordConverter)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial