Search in sources :

Example 1 with PasswordCallbackInfo

use of org.mozilla.jss.util.PasswordCallbackInfo in project jss by dogtagpki.

the class TokenCallbackInfo method changePassword.

/**
 * Change password.  This changes the user's PIN after it has already
 * been initialized.
 *
 * @param oldPINcb The user's old PIN callback.
 * @param newPINcb The new PIN callback.
 * @exception IncorrectPasswordException If the old PIN is incorrect.
 * @exception TokenException If some other error occurs on the token.
 */
@Override
public void changePassword(PasswordCallback oldPINcb, PasswordCallback newPINcb) throws IncorrectPasswordException, TokenException {
    byte[] oldPW = null;
    byte[] newPW = null;
    Password oldPIN = null;
    Password newPIN = null;
    PasswordCallbackInfo pwcb = makePWCBInfo();
    if (oldPINcb == null) {
        oldPINcb = new NullPasswordCallback();
    }
    if (newPINcb == null) {
        newPINcb = new NullPasswordCallback();
    }
    try {
        // Verify the old password
        oldPIN = oldPINcb.getPasswordFirstAttempt(pwcb);
        oldPW = Tunnel.getPasswordByteCopy(oldPIN);
        if (!userPasswordIsCorrect(oldPW)) {
            do {
                Password.wipeBytes(oldPW);
                oldPIN.clear();
                oldPIN = oldPINcb.getPasswordAgain(pwcb);
                oldPW = Tunnel.getPasswordByteCopy(oldPIN);
            } while (!userPasswordIsCorrect(oldPW));
        }
        // Now change the PIN
        newPIN = newPINcb.getPasswordFirstAttempt(pwcb);
        newPW = Tunnel.getPasswordByteCopy(newPIN);
        changePassword(oldPW, newPW);
    } catch (PasswordCallback.GiveUpException e) {
        throw new IncorrectPasswordException(e.toString());
    } finally {
        if (oldPW != null) {
            Password.wipeBytes(oldPW);
        }
        if (oldPIN != null) {
            oldPIN.clear();
        }
        if (newPW != null) {
            Password.wipeBytes(newPW);
        }
        if (newPIN != null) {
            newPIN.clear();
        }
    }
}
Also used : IncorrectPasswordException(org.mozilla.jss.util.IncorrectPasswordException) PasswordCallback(org.mozilla.jss.util.PasswordCallback) NullPasswordCallback(org.mozilla.jss.util.NullPasswordCallback) NullPasswordCallback(org.mozilla.jss.util.NullPasswordCallback) PasswordCallbackInfo(org.mozilla.jss.util.PasswordCallbackInfo) Password(org.mozilla.jss.util.Password)

Example 2 with PasswordCallbackInfo

use of org.mozilla.jss.util.PasswordCallbackInfo in project jss by dogtagpki.

the class TokenCallbackInfo method initPassword.

/**
 * Determines whether this is a removable token. For example, a smart card
 * is removable, while the Netscape internal module and a hardware
 * accelerator card are not removable.
 * @return true if the token is removable, false otherwise.
 */
// public native boolean isRemovable();
/**
 * Initialize PIN.  This sets the user's new PIN, using the current
 * security officer PIN for authentication.
 *
 * @param ssopwcb The security officer's current password callback.
 * @param userpwcb The user's new password callback.
 * @exception IncorrectPasswordException If the security officer PIN is
 *  incorrect.
 * @exception AlreadyInitializedException If the password hasn't already
 *  been set.
 * @exception TokenException If the PIN was already initialized,
 *  or there was an unspecified error in the token.
 */
@Override
public void initPassword(PasswordCallback ssopwcb, PasswordCallback userpwcb) throws IncorrectPasswordException, AlreadyInitializedException, TokenException {
    byte[] ssopwArray = null;
    byte[] userpwArray = null;
    Password ssopw = null;
    Password userpw = null;
    PasswordCallbackInfo pwcb = makePWCBInfo();
    if (ssopwcb == null) {
        ssopwcb = new NullPasswordCallback();
    }
    if (userpwcb == null) {
        userpwcb = new NullPasswordCallback();
    }
    try {
        // checks for the internal module
        if (!PWInitable()) {
            throw new AlreadyInitializedException();
        }
        // Verify the SSO Password, except on internal module
        if (isInternalKeyStorageToken()) {
            ssopwArray = new byte[] { 0 };
        } else {
            ssopw = ssopwcb.getPasswordFirstAttempt(pwcb);
            ssopwArray = Tunnel.getPasswordByteCopy(ssopw);
            while (!SSOPasswordIsCorrect(ssopwArray)) {
                Password.wipeBytes(ssopwArray);
                ssopw.clear();
                ssopw = ssopwcb.getPasswordAgain(pwcb);
                ssopwArray = Tunnel.getPasswordByteCopy(ssopw);
            }
        }
        // Now change the PIN
        userpw = userpwcb.getPasswordFirstAttempt(pwcb);
        userpwArray = Tunnel.getPasswordByteCopy(userpw);
        initPassword(ssopwArray, userpwArray);
    } catch (PasswordCallback.GiveUpException e) {
        throw new IncorrectPasswordException(e.toString());
    } finally {
        // zero-out the arrays
        if (ssopwArray != null) {
            Password.wipeBytes(ssopwArray);
        }
        if (ssopw != null) {
            ssopw.clear();
        }
        if (userpwArray != null) {
            Password.wipeBytes(userpwArray);
        }
        if (userpw != null) {
            userpw.clear();
        }
    }
}
Also used : IncorrectPasswordException(org.mozilla.jss.util.IncorrectPasswordException) PasswordCallback(org.mozilla.jss.util.PasswordCallback) NullPasswordCallback(org.mozilla.jss.util.NullPasswordCallback) NullPasswordCallback(org.mozilla.jss.util.NullPasswordCallback) PasswordCallbackInfo(org.mozilla.jss.util.PasswordCallbackInfo) AlreadyInitializedException(org.mozilla.jss.crypto.AlreadyInitializedException) Password(org.mozilla.jss.util.Password)

Aggregations

IncorrectPasswordException (org.mozilla.jss.util.IncorrectPasswordException)2 NullPasswordCallback (org.mozilla.jss.util.NullPasswordCallback)2 Password (org.mozilla.jss.util.Password)2 PasswordCallback (org.mozilla.jss.util.PasswordCallback)2 PasswordCallbackInfo (org.mozilla.jss.util.PasswordCallbackInfo)2 AlreadyInitializedException (org.mozilla.jss.crypto.AlreadyInitializedException)1