Package org.mozilla.jss.pkcs11
Class PK11Store
- java.lang.Object
-
- org.mozilla.jss.pkcs11.PK11Store
-
- All Implemented Interfaces:
CryptoStore
public final class PK11Store extends java.lang.Object implements CryptoStore
-
-
Field Summary
Fields Modifier and Type Field Description static org.slf4j.Logger
logger
protected TokenProxy
storeProxy
protected boolean
updated
-
Constructor Summary
Constructors Modifier Constructor Description protected
PK11Store()
PK11Store(TokenProxy proxy)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
deleteCert(X509Certificate cert)
Deletes the specified certificate and its associated private key from the store.void
deleteCertOnly(X509Certificate cert)
Deletes the specified certificate from the store.void
deletePrivateKey(PrivateKey privateKey)
Permanently deletes a private key from the token.void
deletePublicKey(java.security.PublicKey publicKey)
Permanently deletes a public key from the token.java.security.PublicKey
findPublicKey(PrivateKey privateKey)
Returns the public key corresponding to the private key.X509Certificate[]
getCertificates()
Returns all user certificates stored on this token.byte[]
getEncryptedPrivateKeyInfo(KeyGenerator.CharToByteConverter conv, Password pw, Algorithm alg, int n, PrivateKey k)
Get an encrypted private key, with optional password conversion.byte[]
getEncryptedPrivateKeyInfo(X509Certificate cert, PBEAlgorithm pbeAlg, Password pw, int iteration)
Get an encrypted private key for the given cert.PrivateKey[]
getPrivateKeys()
Returns all private keys stored on this token.java.security.PublicKey[]
getPublicKeys()
Returns all public keys stored on this token.SymmetricKey[]
getSymmetricKeys()
Returns all symmetric keys stored on this token.void
importEncryptedPrivateKeyInfo(KeyGenerator.CharToByteConverter conv, Password pw, java.lang.String nickname, java.security.PublicKey pubKey, byte[] epkiBytes)
PrivateKey
importPrivateKey(byte[] key, PrivateKey.Type type)
Imports a raw private key into this token.PrivateKey
importPrivateKey(byte[] key, PrivateKey.Type type, boolean temporary)
Imports a raw private key into this token.protected void
loadPrivateKeys(java.util.Collection<PrivateKey> privateKeys)
protected void
loadPublicKeys(java.util.Collection<java.security.PublicKey> privateKeys)
protected void
putCertsInVector(java.util.Vector<X509Certificate> certs)
protected void
putSymKeysInVector(java.util.Vector<SymmetricKey> symKeys)
-
-
-
Field Detail
-
logger
public static org.slf4j.Logger logger
-
updated
protected boolean updated
-
storeProxy
protected TokenProxy storeProxy
-
-
Constructor Detail
-
PK11Store
public PK11Store(TokenProxy proxy)
-
PK11Store
protected PK11Store()
-
-
Method Detail
-
importPrivateKey
public PrivateKey importPrivateKey(byte[] key, PrivateKey.Type type) throws TokenException, KeyAlreadyImportedException
Imports a raw private key into this token.- Specified by:
importPrivateKey
in interfaceCryptoStore
- Parameters:
key
- The private key.- Throws:
TokenException
- If the key cannot be imported to this token.KeyAlreadyImportedException
- If the key already on this token.
-
importPrivateKey
public PrivateKey importPrivateKey(byte[] key, PrivateKey.Type type, boolean temporary) throws TokenException, KeyAlreadyImportedException
Description copied from interface:CryptoStore
Imports a raw private key into this token.- Specified by:
importPrivateKey
in interfaceCryptoStore
- Parameters:
key
- The private key.temporary
- Whether the key should be temporary.- Throws:
TokenException
- If the key cannot be imported to this token.KeyAlreadyImportedException
- If the key already exists on this token.
-
getPrivateKeys
public PrivateKey[] getPrivateKeys() throws TokenException
Description copied from interface:CryptoStore
Returns all private keys stored on this token.- Specified by:
getPrivateKeys
in interfaceCryptoStore
- Returns:
- An array of all private keys stored on this token.
- Throws:
TokenException
- If an error occurs on the token while gathering the keys.
-
loadPrivateKeys
protected void loadPrivateKeys(java.util.Collection<PrivateKey> privateKeys) throws TokenException
- Throws:
TokenException
-
getPublicKeys
public java.security.PublicKey[] getPublicKeys() throws TokenException
Description copied from interface:CryptoStore
Returns all public keys stored on this token.- Specified by:
getPublicKeys
in interfaceCryptoStore
- Returns:
- An array of all public keys stored on this token.
- Throws:
TokenException
- If an error occurs on the token while gathering the keys.
-
loadPublicKeys
protected void loadPublicKeys(java.util.Collection<java.security.PublicKey> privateKeys) throws TokenException
- Throws:
TokenException
-
findPublicKey
public java.security.PublicKey findPublicKey(PrivateKey privateKey) throws TokenException, ObjectNotFoundException
Description copied from interface:CryptoStore
Returns the public key corresponding to the private key.- Specified by:
findPublicKey
in interfaceCryptoStore
- Returns:
- The corresponding public key.
- Throws:
TokenException
- If an error occurs on the token.ObjectNotFoundException
- If the corresponding public key is not found.
-
getSymmetricKeys
public SymmetricKey[] getSymmetricKeys() throws TokenException
Description copied from interface:CryptoStore
Returns all symmetric keys stored on this token.- Specified by:
getSymmetricKeys
in interfaceCryptoStore
- Returns:
- An array of all symmetric keys stored on this token.
- Throws:
TokenException
- If an error occurs on the token while gathering the keys.
-
putSymKeysInVector
protected void putSymKeysInVector(java.util.Vector<SymmetricKey> symKeys) throws TokenException
- Throws:
TokenException
-
deletePrivateKey
public void deletePrivateKey(PrivateKey privateKey) throws NoSuchItemOnTokenException, TokenException
Description copied from interface:CryptoStore
Permanently deletes a private key from the token.- Specified by:
deletePrivateKey
in interfaceCryptoStore
- Parameters:
privateKey
- A private key to be permanently deleted.- Throws:
NoSuchItemOnTokenException
- If the given private key does not reside on this token.TokenException
- If an error occurs on the token while deleting the key.
-
deletePublicKey
public void deletePublicKey(java.security.PublicKey publicKey) throws NoSuchItemOnTokenException, TokenException
Description copied from interface:CryptoStore
Permanently deletes a public key from the token.- Specified by:
deletePublicKey
in interfaceCryptoStore
- Parameters:
publicKey
- A public key to be permanently deleted.- Throws:
NoSuchItemOnTokenException
- If the given public key does not reside on this token.TokenException
- If an error occurs on the token while deleting the key.
-
getEncryptedPrivateKeyInfo
public byte[] getEncryptedPrivateKeyInfo(X509Certificate cert, PBEAlgorithm pbeAlg, Password pw, int iteration) throws NotInitializedException, ObjectNotFoundException, TokenException
Description copied from interface:CryptoStore
Get an encrypted private key for the given cert.- Specified by:
getEncryptedPrivateKeyInfo
in interfaceCryptoStore
- Parameters:
cert
- Certificate of key to be exportedpbeAlg
- The PBEAlgorithm to usepw
- The password to encrypt withiteration
- Iteration count; default of 2000 if le 0- Throws:
NotInitializedException
ObjectNotFoundException
TokenException
-
getEncryptedPrivateKeyInfo
public byte[] getEncryptedPrivateKeyInfo(KeyGenerator.CharToByteConverter conv, Password pw, Algorithm alg, int n, PrivateKey k)
Description copied from interface:CryptoStore
Get an encrypted private key, with optional password conversion.- Specified by:
getEncryptedPrivateKeyInfo
in interfaceCryptoStore
- Parameters:
conv
- Password converter. If null, pw.getByteCopy() will be used to get password bytes.pw
- The passwordalg
- The encryption algorithmn
- Iteration count; default of 2000 if le 0k
- The private key
-
importEncryptedPrivateKeyInfo
public void importEncryptedPrivateKeyInfo(KeyGenerator.CharToByteConverter conv, Password pw, java.lang.String nickname, java.security.PublicKey pubKey, byte[] epkiBytes)
- Specified by:
importEncryptedPrivateKeyInfo
in interfaceCryptoStore
- Parameters:
conv
- Password converter. If null, pw.getByteCopy() will be used to get password bytes.pw
- The passwordnickname
- Nickname to use for private keypubKey
- Public key corresponding to private key
-
getCertificates
public X509Certificate[] getCertificates() throws TokenException
Description copied from interface:CryptoStore
Returns all user certificates stored on this token. A user certificate is one that has a matching private key.- Specified by:
getCertificates
in interfaceCryptoStore
- Returns:
- An array of all user certificates present on this token.
- Throws:
TokenException
- If an error occurs on the token while gathering the certificates.
-
putCertsInVector
protected void putCertsInVector(java.util.Vector<X509Certificate> certs) throws TokenException
- Throws:
TokenException
-
deleteCert
public void deleteCert(X509Certificate cert) throws NoSuchItemOnTokenException, TokenException
Deletes the specified certificate and its associated private key from the store.- Specified by:
deleteCert
in interfaceCryptoStore
- Parameters:
cert
- certificate to be deleted- Throws:
NoSuchItemOnTokenException
- If the certificate not foundTokenException
- General token error
-
deleteCertOnly
public void deleteCertOnly(X509Certificate cert) throws NoSuchItemOnTokenException, TokenException
Deletes the specified certificate from the store.- Specified by:
deleteCertOnly
in interfaceCryptoStore
- Parameters:
cert
- certificate to be deleted- Throws:
NoSuchItemOnTokenException
- If the certificate not foundTokenException
- General token error
-
-