Package org.mozilla.jss.pkcs11
Class PK11Store
java.lang.Object
org.mozilla.jss.pkcs11.PK11Store
- All Implemented Interfaces:
CryptoStore
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoiddeleteCert(X509Certificate cert) Deletes the specified certificate and its associated private key from the store.voidDeletes the specified certificate from the store.voiddeletePrivateKey(PrivateKey privateKey) Permanently deletes a private key from the token.voiddeletePublicKey(PublicKey publicKey) Permanently deletes a public key from the token.findCert(byte[] certBytes) Find a certificate in this token from its binary data.findCertFromDERCertItem(byte[] certBytes) findPublicKey(PrivateKey privateKey) Returns the public key corresponding to the private key.Returns all user certificates stored on this token.byte[]getEncryptedPrivateKeyInfo(KeyGenerator.CharToByteConverter conv, Password pw, Algorithm alg, int n, PrivateKey k) Get an encrypted private key, with optional password conversion.byte[]getEncryptedPrivateKeyInfo(X509Certificate cert, PBEAlgorithm pbeAlg, Password pw, int iteration) Get an encrypted private key for the given cert.Returns all private keys stored on this token.Returns all public keys stored on this token.Returns all symmetric keys stored on this token.importCert(byte[] certBytes, String nickname) Imports a certificate into this token.voidimportEncryptedPrivateKeyInfo(KeyGenerator.CharToByteConverter conv, Password pw, String nickname, PublicKey pubKey, byte[] epkiBytes) importPrivateKey(byte[] key, PrivateKey.Type type) Imports a raw private key into this token.importPrivateKey(byte[] key, PrivateKey.Type type, boolean temporary) Imports a raw private key into this token.protected voidloadPrivateKeys(Collection<PrivateKey> privateKeys) protected voidloadPublicKeys(Collection<PublicKey> privateKeys) protected voidputCertsInVector(Vector<X509Certificate> certs) protected voidputSymKeysInVector(Vector<SymmetricKey> symKeys)
-
Field Details
-
logger
public static org.slf4j.Logger logger -
updated
protected boolean updated -
storeProxy
-
-
Constructor Details
-
PK11Store
-
PK11Store
protected PK11Store()
-
-
Method Details
-
importPrivateKey
public PrivateKey importPrivateKey(byte[] key, PrivateKey.Type type) throws TokenException, KeyAlreadyImportedException Imports a raw private key into this token.- Specified by:
importPrivateKeyin interfaceCryptoStore- Parameters:
key- The private key.- Throws:
TokenException- If the key cannot be imported to this token.KeyAlreadyImportedException- If the key already on this token.
-
importPrivateKey
public PrivateKey importPrivateKey(byte[] key, PrivateKey.Type type, boolean temporary) throws TokenException, KeyAlreadyImportedException Description copied from interface:CryptoStoreImports a raw private key into this token.- Specified by:
importPrivateKeyin interfaceCryptoStore- Parameters:
key- The private key.temporary- Whether the key should be temporary.- Throws:
TokenException- If the key cannot be imported to this token.KeyAlreadyImportedException- If the key already exists on this token.
-
getPrivateKeys
Description copied from interface:CryptoStoreReturns all private keys stored on this token.- Specified by:
getPrivateKeysin interfaceCryptoStore- Returns:
- An array of all private keys stored on this token.
- Throws:
TokenException- If an error occurs on the token while gathering the keys.
-
loadPrivateKeys
- Throws:
TokenException
-
getPublicKeys
Description copied from interface:CryptoStoreReturns all public keys stored on this token.- Specified by:
getPublicKeysin interfaceCryptoStore- Returns:
- An array of all public keys stored on this token.
- Throws:
TokenException- If an error occurs on the token while gathering the keys.
-
loadPublicKeys
- Throws:
TokenException
-
findPublicKey
public PublicKey findPublicKey(PrivateKey privateKey) throws TokenException, ObjectNotFoundException Description copied from interface:CryptoStoreReturns the public key corresponding to the private key.- Specified by:
findPublicKeyin interfaceCryptoStore- Returns:
- The corresponding public key.
- Throws:
TokenException- If an error occurs on the token.ObjectNotFoundException- If the corresponding public key is not found.
-
getSymmetricKeys
Description copied from interface:CryptoStoreReturns all symmetric keys stored on this token.- Specified by:
getSymmetricKeysin interfaceCryptoStore- Returns:
- An array of all symmetric keys stored on this token.
- Throws:
TokenException- If an error occurs on the token while gathering the keys.
-
putSymKeysInVector
- Throws:
TokenException
-
deletePrivateKey
public void deletePrivateKey(PrivateKey privateKey) throws NoSuchItemOnTokenException, TokenException Description copied from interface:CryptoStorePermanently deletes a private key from the token.- Specified by:
deletePrivateKeyin interfaceCryptoStore- Parameters:
privateKey- A private key to be permanently deleted.- Throws:
NoSuchItemOnTokenException- If the given private key does not reside on this token.TokenException- If an error occurs on the token while deleting the key.
-
deletePublicKey
Description copied from interface:CryptoStorePermanently deletes a public key from the token.- Specified by:
deletePublicKeyin interfaceCryptoStore- Parameters:
publicKey- A public key to be permanently deleted.- Throws:
NoSuchItemOnTokenException- If the given public key does not reside on this token.TokenException- If an error occurs on the token while deleting the key.
-
getEncryptedPrivateKeyInfo
public byte[] getEncryptedPrivateKeyInfo(X509Certificate cert, PBEAlgorithm pbeAlg, Password pw, int iteration) throws NotInitializedException, ObjectNotFoundException, TokenException Description copied from interface:CryptoStoreGet an encrypted private key for the given cert.- Specified by:
getEncryptedPrivateKeyInfoin interfaceCryptoStore- Parameters:
cert- Certificate of key to be exportedpbeAlg- The PBEAlgorithm to usepw- The password to encrypt withiteration- Iteration count; default of 2000 if le 0- Throws:
NotInitializedExceptionObjectNotFoundExceptionTokenException
-
getEncryptedPrivateKeyInfo
public byte[] getEncryptedPrivateKeyInfo(KeyGenerator.CharToByteConverter conv, Password pw, Algorithm alg, int n, PrivateKey k) Description copied from interface:CryptoStoreGet an encrypted private key, with optional password conversion.- Specified by:
getEncryptedPrivateKeyInfoin interfaceCryptoStore- Parameters:
conv- Password converter. If null, pw.getByteCopy() will be used to get password bytes.pw- The passwordalg- The encryption algorithmn- Iteration count; default of 2000 if le 0k- The private key
-
importEncryptedPrivateKeyInfo
public void importEncryptedPrivateKeyInfo(KeyGenerator.CharToByteConverter conv, Password pw, String nickname, PublicKey pubKey, byte[] epkiBytes) - Specified by:
importEncryptedPrivateKeyInfoin interfaceCryptoStore- Parameters:
conv- Password converter. If null, pw.getByteCopy() will be used to get password bytes.pw- The passwordnickname- Nickname to use for private keypubKey- Public key corresponding to private key
-
getCertificates
Description copied from interface:CryptoStoreReturns all user certificates stored on this token. A user certificate is one that has a matching private key.- Specified by:
getCertificatesin interfaceCryptoStore- Returns:
- An array of all user certificates present on this token.
- Throws:
TokenException- If an error occurs on the token while gathering the certificates.
-
putCertsInVector
- Throws:
TokenException
-
findCert
Description copied from interface:CryptoStoreFind a certificate in this token from its binary data.- Specified by:
findCertin interfaceCryptoStore- Parameters:
certBytes- Certificate binaries- Returns:
- X509Certificate object
- Throws:
TokenException
-
findCertFromDERCertItem
- Throws:
TokenException
-
importCert
Description copied from interface:CryptoStoreImports a certificate into this token.- Specified by:
importCertin interfaceCryptoStore- Parameters:
certBytes- Certificate binariesnickname- Certificate nickname- Returns:
- X509Certificate object of the imported certificate
- Throws:
TokenException
-
deleteCert
Deletes the specified certificate and its associated private key from the store.- Specified by:
deleteCertin interfaceCryptoStore- Parameters:
cert- certificate to be deleted- Throws:
NoSuchItemOnTokenException- If the certificate not foundTokenException- General token error
-
deleteCertOnly
Deletes the specified certificate from the store.- Specified by:
deleteCertOnlyin interfaceCryptoStore- Parameters:
cert- certificate to be deleted- Throws:
NoSuchItemOnTokenException- If the certificate not foundTokenException- General token error
-