Skip to content

Commit

Permalink
Merge branch 'fb-DSS-2643-compile-pkcs11cryptotoken-against-cesecore'…
Browse files Browse the repository at this point in the history
… into 'main'

DSS-2643: Compile PKCS11CryptoToken against CESeCore instead of KFC for now.

See merge request signserver/signserver!237
  • Loading branch information
mlundblad committed Jun 5, 2023
2 parents b431e91 + c704a50 commit 00d1e2e
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 11 deletions.
5 changes: 5 additions & 0 deletions signserver/modules/SignServer-Server/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,11 @@
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</exclusion>
<!-- DSS-2643: Workaround for PKCS11CryptoToken available in x509-common-util conflicing with the one from cesecore-common -->
<exclusion>
<groupId>org.ejbca.cesecore</groupId>
<artifactId>x509-common-util</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -50,9 +50,9 @@
import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
import org.bouncycastle.operator.OperatorCreationException;
import org.cesecore.certificates.util.AlgorithmTools;
import com.keyfactor.util.keys.token.CryptoTokenAuthenticationFailedException;
import com.keyfactor.util.keys.token.pkcs11.Pkcs11SlotLabelType;
import com.keyfactor.util.keys.token.pkcs11.NoSuchSlotException;
import org.cesecore.keys.token.CryptoTokenAuthenticationFailedException;
import org.cesecore.keys.token.p11.Pkcs11SlotLabelType;
import org.cesecore.keys.token.p11.exception.NoSuchSlotException;
import org.cesecore.util.query.QueryCriteria;
import org.signserver.common.CryptoTokenAuthenticationFailureException;
import org.signserver.common.CryptoTokenInitializationFailureException;
Expand Down Expand Up @@ -291,7 +291,7 @@ public void init(int workerId, Properties props, org.signserver.server.IServices
// don't initialize keystore delegator when not auto-activated
}

} catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException | NumberFormatException ex) {
} catch (org.cesecore.keys.token.CryptoTokenOfflineException | NumberFormatException ex) {
LOG.error("Init failed", ex);
throw new CryptoTokenInitializationFailureException(ex.getMessage());
} catch (NoSuchSlotException ex) {
Expand Down Expand Up @@ -326,7 +326,7 @@ public int getCryptoTokenStatus(IServices services) {
}
}
}
} catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeyException | SignatureException | ProviderException | OperatorCreationException | IOException ex) {
} catch (org.cesecore.keys.token.CryptoTokenOfflineException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeyException | SignatureException | ProviderException | OperatorCreationException | IOException ex) {
LOG.error("Error testing activation", ex);
}
}
Expand All @@ -339,7 +339,7 @@ public void activate(String authenticationcode, IServices services) throws Crypt
try {
delegate.activate(authenticationcode.toCharArray());
keystoreDelegator = new JavaKeyStoreDelegator(delegate.getActivatedKeyStore());
} catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException ex) {
} catch (org.cesecore.keys.token.CryptoTokenOfflineException ex) {
LOG.error("Activate failed", ex);
throw new CryptoTokenOfflineException(ex);
} catch (CryptoTokenAuthenticationFailedException ex) {
Expand Down Expand Up @@ -368,7 +368,7 @@ public boolean deactivate(IServices services) throws CryptoTokenOfflineException
private PrivateKey getPrivateKey(String alias) throws CryptoTokenOfflineException {
try {
return delegate.getPrivateKey(alias);
} catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException ex) {
} catch (org.cesecore.keys.token.CryptoTokenOfflineException ex) {
throw new CryptoTokenOfflineException(ex);
}
}
Expand Down Expand Up @@ -402,7 +402,7 @@ public ICertReqData genCertificateRequest(ISignerCertReqInfo info,
}
try {
return CryptoTokenHelper.genCertificateRequest(info, delegate.getPrivateKey(alias), getProvider(ICryptoTokenV4.PROVIDERUSAGE_SIGN), delegate.getPublicKey(alias), explicitEccParameters);
} catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException e) {
} catch (org.cesecore.keys.token.CryptoTokenOfflineException e) {
LOG.error("Certificate request error: " + e.getMessage(), e);
throw new CryptoTokenOfflineException(e);
} catch (IllegalArgumentException ex) {
Expand Down Expand Up @@ -482,7 +482,7 @@ private void generateKeyPair(String keyAlgorithm, String keySpec, String alias,
final KeyStore ks = delegate.getActivatedKeyStore();
CryptoTokenHelper.regenerateCertIfWanted(alias, authCode, params, keystoreDelegator, ks.getProvider().getName());
}
} catch (InvalidAlgorithmParameterException | com.keyfactor.util.keys.token.CryptoTokenOfflineException | CertificateException | IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | OperatorCreationException ex) {
} catch (InvalidAlgorithmParameterException | org.cesecore.keys.token.CryptoTokenOfflineException | CertificateException | IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | OperatorCreationException ex) {
LOG.error(ex, ex);
throw new CryptoTokenOfflineException(ex);
}
Expand Down Expand Up @@ -533,7 +533,7 @@ private void generateSecretKey(String keyAlgorithm, String keySpec, String alias
}
try {
delegate.generateKey(keyAlgorithm, Integer.valueOf(keySpec), alias);
} catch (IllegalArgumentException | NoSuchAlgorithmException | NoSuchProviderException | KeyStoreException | com.keyfactor.util.keys.token.CryptoTokenOfflineException ex) {
} catch (IllegalArgumentException | NoSuchAlgorithmException | NoSuchProviderException | KeyStoreException | org.cesecore.keys.token.CryptoTokenOfflineException ex) {
LOG.error(ex, ex);
throw new CryptoTokenOfflineException(ex);
}
Expand Down Expand Up @@ -639,7 +639,7 @@ public KeyStorePKCS11CryptoToken() throws InstantiationException {
public KeyStore getActivatedKeyStore() throws CryptoTokenOfflineException {
try {
return getKeyStore().getKeyStore(); // TODO: Consider if we should instead use the CachingKeystoreWrapper
} catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException ex) {
} catch (org.cesecore.keys.token.CryptoTokenOfflineException ex) {
throw new CryptoTokenOfflineException(ex);
}
}
Expand Down

0 comments on commit 00d1e2e

Please sign in to comment.