Search in sources :

Example 1 with KeyStoreException

use of org.xwiki.crypto.store.KeyStoreException in project xwiki-platform by xwiki.

the class X509KeyWikiStore method store.

/**
 * {@inheritDoc}
 *
 * The key will be stored in the same document as the certificate. If a document reference is used, this
 * store could only contain one privateKey since no identifier are associated to a private key. They are linked
 * to their certificate just by being in the same document as the certificate.
 *
 * @param store an {@link org.xwiki.crypto.store.WikiStoreReference} to a document reference or a space reference.
 */
@Override
public void store(StoreReference store, CertifiedKeyPair keyPair, byte[] password) throws KeyStoreException {
    byte[] key;
    try {
        key = this.encryptor.encrypt(password, keyPair.getPrivateKey());
    } catch (Exception e) {
        throw new KeyStoreException("Error while encrypting private key to store a key pair in [" + store + "]", e);
    }
    storeKeyPair(store, keyPair.getCertificate(), key);
}
Also used : KeyStoreException(org.xwiki.crypto.store.KeyStoreException) XWikiException(com.xpn.xwiki.XWikiException) IOException(java.io.IOException) CertificateStoreException(org.xwiki.crypto.store.CertificateStoreException) KeyStoreException(org.xwiki.crypto.store.KeyStoreException)

Example 2 with KeyStoreException

use of org.xwiki.crypto.store.KeyStoreException in project xwiki-platform by xwiki.

the class X509KeyWikiStore method retrieve.

/**
 * {@inheritDoc}
 *
 * @param store an {@link org.xwiki.crypto.store.WikiStoreReference} to a space reference.
 */
@Override
public CertifiedKeyPair retrieve(StoreReference store, CertifiedPublicKey certificate, byte[] password) throws KeyStoreException {
    if (!(certificate instanceof X509CertifiedPublicKey)) {
        throw new IllegalArgumentException("Certificate should be X509 certificates.");
    }
    X509CertifiedPublicKey publicKey = (X509CertifiedPublicKey) certificate;
    XWikiContext context = getXWikiContext();
    try {
        CertificateObjectReference certRef = findCertificate(store, publicKey);
        if (certRef == null) {
            return null;
        }
        XWikiDocument document = getDocument(store, certRef, context);
        BaseObject pkObj = document.getXObject(PRIVATEKEYCLASS);
        if (pkObj == null) {
            return null;
        }
        byte[] key = getEncoder().decode(pkObj.getLargeStringValue(PRIVATEKEYCLASS_PROP_KEY));
        if (password != null) {
            return new CertifiedKeyPair(this.encryptor.decrypt(password, key), certificate);
        } else {
            return new CertifiedKeyPair(this.keyFactory.fromPKCS8(key), certificate);
        }
    } catch (Exception e) {
        throw new KeyStoreException("Failed to retrieved private key for certificate [" + publicKey.getSubject().getName() + "]");
    }
}
Also used : XWikiDocument(com.xpn.xwiki.doc.XWikiDocument) X509CertifiedPublicKey(org.xwiki.crypto.pkix.params.x509certificate.X509CertifiedPublicKey) XWikiContext(com.xpn.xwiki.XWikiContext) CertificateObjectReference(org.xwiki.crypto.store.wiki.internal.query.CertificateObjectReference) KeyStoreException(org.xwiki.crypto.store.KeyStoreException) XWikiException(com.xpn.xwiki.XWikiException) IOException(java.io.IOException) CertificateStoreException(org.xwiki.crypto.store.CertificateStoreException) KeyStoreException(org.xwiki.crypto.store.KeyStoreException) BaseObject(com.xpn.xwiki.objects.BaseObject) CertifiedKeyPair(org.xwiki.crypto.pkix.params.CertifiedKeyPair)

Example 3 with KeyStoreException

use of org.xwiki.crypto.store.KeyStoreException in project xwiki-platform by xwiki.

the class X509KeyWikiStore method retrieve.

/**
 * {@inheritDoc}
 *
 * @param store an {@link org.xwiki.crypto.store.WikiStoreReference} to a document reference.
 */
@Override
public CertifiedKeyPair retrieve(StoreReference store, byte[] password) throws KeyStoreException {
    XWikiContext context = getXWikiContext();
    try {
        XWikiDocument document = context.getWiki().getDocument(getDocumentReference(store), context);
        BaseObject certObj = document.getXObject(X509CertificateWikiStore.CERTIFICATECLASS);
        BaseObject pkObj = document.getXObject(PRIVATEKEYCLASS);
        if (pkObj == null || certObj == null) {
            return null;
        }
        byte[] cert = getEncoder().decode(certObj.getLargeStringValue(X509CertificateWikiStore.CERTIFICATECLASS_PROP_CERTIFICATE));
        byte[] key = getEncoder().decode(pkObj.getLargeStringValue(PRIVATEKEYCLASS_PROP_KEY));
        if (password != null) {
            return new CertifiedKeyPair(this.encryptor.decrypt(password, key), getCertificateFactory().decode(cert));
        } else {
            return new CertifiedKeyPair(this.keyFactory.fromPKCS8(key), getCertificateFactory().decode(cert));
        }
    } catch (Exception e) {
        throw new KeyStoreException("Failed to retrieved private key from [" + store + "]");
    }
}
Also used : XWikiDocument(com.xpn.xwiki.doc.XWikiDocument) XWikiContext(com.xpn.xwiki.XWikiContext) KeyStoreException(org.xwiki.crypto.store.KeyStoreException) XWikiException(com.xpn.xwiki.XWikiException) IOException(java.io.IOException) CertificateStoreException(org.xwiki.crypto.store.CertificateStoreException) KeyStoreException(org.xwiki.crypto.store.KeyStoreException) BaseObject(com.xpn.xwiki.objects.BaseObject) CertifiedKeyPair(org.xwiki.crypto.pkix.params.CertifiedKeyPair)

Example 4 with KeyStoreException

use of org.xwiki.crypto.store.KeyStoreException in project xwiki-platform by xwiki.

the class X509KeyWikiStore method storeKeyPair.

private void storeKeyPair(StoreReference store, CertifiedPublicKey certificate, byte[] privateKey) throws KeyStoreException {
    XWikiContext context = getXWikiContext();
    XWikiDocument document;
    try {
        document = storeCertificate(store, certificate, context);
    } catch (CertificateStoreException e) {
        throw new KeyStoreException("Error while preparing certificate to store a key pair in [" + store + "]", e);
    }
    try {
        BaseObject obj = document.getXObject(PRIVATEKEYCLASS);
        if (obj == null) {
            obj = document.newXObject(PRIVATEKEYCLASS, context);
        }
        obj.setLargeStringValue(PRIVATEKEYCLASS_PROP_KEY, getEncoder().encode(privateKey, 64));
        context.getWiki().saveDocument(document, context);
    } catch (IOException e) {
        throw new KeyStoreException("Error while preparing private key for [" + document.getDocumentReference() + "]", e);
    } catch (XWikiException e) {
        throw new KeyStoreException("Error while saving key pair for [" + document.getDocumentReference() + "]", e);
    }
}
Also used : XWikiDocument(com.xpn.xwiki.doc.XWikiDocument) XWikiContext(com.xpn.xwiki.XWikiContext) CertificateStoreException(org.xwiki.crypto.store.CertificateStoreException) KeyStoreException(org.xwiki.crypto.store.KeyStoreException) IOException(java.io.IOException) XWikiException(com.xpn.xwiki.XWikiException) BaseObject(com.xpn.xwiki.objects.BaseObject)

Aggregations

XWikiException (com.xpn.xwiki.XWikiException)4 IOException (java.io.IOException)4 CertificateStoreException (org.xwiki.crypto.store.CertificateStoreException)4 KeyStoreException (org.xwiki.crypto.store.KeyStoreException)4 XWikiContext (com.xpn.xwiki.XWikiContext)3 XWikiDocument (com.xpn.xwiki.doc.XWikiDocument)3 BaseObject (com.xpn.xwiki.objects.BaseObject)3 CertifiedKeyPair (org.xwiki.crypto.pkix.params.CertifiedKeyPair)2 X509CertifiedPublicKey (org.xwiki.crypto.pkix.params.x509certificate.X509CertifiedPublicKey)1 CertificateObjectReference (org.xwiki.crypto.store.wiki.internal.query.CertificateObjectReference)1