Package org.mozilla.jss.pkcs11
Class PK11Store
java.lang.Object
org.mozilla.jss.pkcs11.PK11Store
- All Implemented Interfaces:
CryptoStore
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
deleteCert
(X509Certificate cert) Deletes the specified certificate and its associated private key from the store.void
Deletes the specified certificate from the store.void
deletePrivateKey
(PrivateKey privateKey) Permanently deletes a private key from the token.void
deletePublicKey
(PublicKey publicKey) Permanently deletes a public key from the token.findPublicKey
(PrivateKey privateKey) Returns the public key corresponding to the private key.Returns all user certificates stored on this token.byte[]
getEncryptedPrivateKeyInfo
(KeyGenerator.CharToByteConverter conv, Password pw, Algorithm alg, int n, PrivateKey k) Get an encrypted private key, with optional password conversion.byte[]
getEncryptedPrivateKeyInfo
(X509Certificate cert, PBEAlgorithm pbeAlg, Password pw, int iteration) Get an encrypted private key for the given cert.Returns all private keys stored on this token.Returns all public keys stored on this token.Returns all symmetric keys stored on this token.importCert
(byte[] certBytes, String nickname) Imports a certificate into this token.void
importEncryptedPrivateKeyInfo
(KeyGenerator.CharToByteConverter conv, Password pw, String nickname, PublicKey pubKey, byte[] epkiBytes) importPrivateKey
(byte[] key, PrivateKey.Type type) Imports a raw private key into this token.importPrivateKey
(byte[] key, PrivateKey.Type type, boolean temporary) Imports a raw private key into this token.protected void
loadPrivateKeys
(Collection<PrivateKey> privateKeys) protected void
loadPublicKeys
(Collection<PublicKey> privateKeys) protected void
putCertsInVector
(Vector<X509Certificate> certs) protected void
putSymKeysInVector
(Vector<SymmetricKey> symKeys)
-
Field Details
-
logger
public static org.slf4j.Logger logger -
updated
protected boolean updated -
storeProxy
-
-
Constructor Details
-
PK11Store
-
PK11Store
protected PK11Store()
-
-
Method Details
-
importPrivateKey
public PrivateKey importPrivateKey(byte[] key, PrivateKey.Type type) throws TokenException, KeyAlreadyImportedException Imports a raw private key into this token.- Specified by:
importPrivateKey
in interfaceCryptoStore
- Parameters:
key
- The private key.- Throws:
TokenException
- If the key cannot be imported to this token.KeyAlreadyImportedException
- If the key already on this token.
-
importPrivateKey
public PrivateKey importPrivateKey(byte[] key, PrivateKey.Type type, boolean temporary) throws TokenException, KeyAlreadyImportedException Description copied from interface:CryptoStore
Imports a raw private key into this token.- Specified by:
importPrivateKey
in interfaceCryptoStore
- Parameters:
key
- The private key.temporary
- Whether the key should be temporary.- Throws:
TokenException
- If the key cannot be imported to this token.KeyAlreadyImportedException
- If the key already exists on this token.
-
getPrivateKeys
Description copied from interface:CryptoStore
Returns all private keys stored on this token.- Specified by:
getPrivateKeys
in interfaceCryptoStore
- Returns:
- An array of all private keys stored on this token.
- Throws:
TokenException
- If an error occurs on the token while gathering the keys.
-
loadPrivateKeys
- Throws:
TokenException
-
getPublicKeys
Description copied from interface:CryptoStore
Returns all public keys stored on this token.- Specified by:
getPublicKeys
in interfaceCryptoStore
- Returns:
- An array of all public keys stored on this token.
- Throws:
TokenException
- If an error occurs on the token while gathering the keys.
-
loadPublicKeys
- Throws:
TokenException
-
findPublicKey
public PublicKey findPublicKey(PrivateKey privateKey) throws TokenException, ObjectNotFoundException Description copied from interface:CryptoStore
Returns the public key corresponding to the private key.- Specified by:
findPublicKey
in interfaceCryptoStore
- Parameters:
privateKey
-- Returns:
- The corresponding public key.
- Throws:
TokenException
- If an error occurs on the token.ObjectNotFoundException
- If the corresponding public key is not found.
-
getSymmetricKeys
Description copied from interface:CryptoStore
Returns all symmetric keys stored on this token.- Specified by:
getSymmetricKeys
in interfaceCryptoStore
- Returns:
- An array of all symmetric keys stored on this token.
- Throws:
TokenException
- If an error occurs on the token while gathering the keys.
-
putSymKeysInVector
- Throws:
TokenException
-
deletePrivateKey
public void deletePrivateKey(PrivateKey privateKey) throws NoSuchItemOnTokenException, TokenException Description copied from interface:CryptoStore
Permanently deletes a private key from the token.- Specified by:
deletePrivateKey
in interfaceCryptoStore
- Parameters:
privateKey
- A private key to be permanently deleted.- Throws:
NoSuchItemOnTokenException
- If the given private key does not reside on this token.TokenException
- If an error occurs on the token while deleting the key.
-
deletePublicKey
Description copied from interface:CryptoStore
Permanently deletes a public key from the token.- Specified by:
deletePublicKey
in interfaceCryptoStore
- Parameters:
publicKey
- A public key to be permanently deleted.- Throws:
NoSuchItemOnTokenException
- If the given public key does not reside on this token.TokenException
- If an error occurs on the token while deleting the key.
-
getEncryptedPrivateKeyInfo
public byte[] getEncryptedPrivateKeyInfo(X509Certificate cert, PBEAlgorithm pbeAlg, Password pw, int iteration) throws NotInitializedException, ObjectNotFoundException, TokenException Description copied from interface:CryptoStore
Get an encrypted private key for the given cert.- Specified by:
getEncryptedPrivateKeyInfo
in interfaceCryptoStore
- Parameters:
cert
- Certificate of key to be exportedpbeAlg
- The PBEAlgorithm to usepw
- The password to encrypt withiteration
- Iteration count; default of 2000 if le 0- Throws:
NotInitializedException
ObjectNotFoundException
TokenException
-
getEncryptedPrivateKeyInfo
public byte[] getEncryptedPrivateKeyInfo(KeyGenerator.CharToByteConverter conv, Password pw, Algorithm alg, int n, PrivateKey k) Description copied from interface:CryptoStore
Get an encrypted private key, with optional password conversion.- Specified by:
getEncryptedPrivateKeyInfo
in interfaceCryptoStore
- Parameters:
conv
- Password converter. If null, pw.getByteCopy() will be used to get password bytes.pw
- The passwordalg
- The encryption algorithmn
- Iteration count; default of 2000 if le 0k
- The private key
-
importEncryptedPrivateKeyInfo
public void importEncryptedPrivateKeyInfo(KeyGenerator.CharToByteConverter conv, Password pw, String nickname, PublicKey pubKey, byte[] epkiBytes) - Specified by:
importEncryptedPrivateKeyInfo
in interfaceCryptoStore
- Parameters:
conv
- Password converter. If null, pw.getByteCopy() will be used to get password bytes.pw
- The passwordnickname
- Nickname to use for private keypubKey
- Public key corresponding to private key
-
getCertificates
Description copied from interface:CryptoStore
Returns all user certificates stored on this token. A user certificate is one that has a matching private key.- Specified by:
getCertificates
in interfaceCryptoStore
- Returns:
- An array of all user certificates present on this token.
- Throws:
TokenException
- If an error occurs on the token while gathering the certificates.
-
putCertsInVector
- Throws:
TokenException
-
importCert
Description copied from interface:CryptoStore
Imports a certificate into this token.- Specified by:
importCert
in interfaceCryptoStore
- Parameters:
certBytes
- Certificate binariesnickname
- Certificate nickname- Returns:
- X509Certificate object of the imported certificate
- Throws:
TokenException
-
deleteCert
Deletes the specified certificate and its associated private key from the store.- Specified by:
deleteCert
in interfaceCryptoStore
- Parameters:
cert
- certificate to be deleted- Throws:
NoSuchItemOnTokenException
- If the certificate not foundTokenException
- General token error
-
deleteCertOnly
Deletes the specified certificate from the store.- Specified by:
deleteCertOnly
in interfaceCryptoStore
- Parameters:
cert
- certificate to be deleted- Throws:
NoSuchItemOnTokenException
- If the certificate not foundTokenException
- General token error
-