From c704a505cc2bda29dacd780084253d8b502c367e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20Kil=C3=A5s?= Date: Fri, 2 Jun 2023 20:35:13 +0200 Subject: [PATCH] DSS-2643: Compile PKCS11CryptoToken against CESeCore instead of KFC for now. --- signserver/modules/SignServer-Server/pom.xml | 5 +++++ .../cryptotokens/PKCS11CryptoToken.java | 22 +++++++++---------- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/signserver/modules/SignServer-Server/pom.xml b/signserver/modules/SignServer-Server/pom.xml index 41ff83afe..6b3dae926 100644 --- a/signserver/modules/SignServer-Server/pom.xml +++ b/signserver/modules/SignServer-Server/pom.xml @@ -23,6 +23,11 @@ log4j log4j + + + org.ejbca.cesecore + x509-common-util + diff --git a/signserver/modules/SignServer-Server/src/main/java/org/signserver/server/cryptotokens/PKCS11CryptoToken.java b/signserver/modules/SignServer-Server/src/main/java/org/signserver/server/cryptotokens/PKCS11CryptoToken.java index 36b74e32c..9e0b11e31 100644 --- a/signserver/modules/SignServer-Server/src/main/java/org/signserver/server/cryptotokens/PKCS11CryptoToken.java +++ b/signserver/modules/SignServer-Server/src/main/java/org/signserver/server/cryptotokens/PKCS11CryptoToken.java @@ -50,9 +50,9 @@ import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; import org.bouncycastle.operator.OperatorCreationException; import org.cesecore.certificates.util.AlgorithmTools; -import com.keyfactor.util.keys.token.CryptoTokenAuthenticationFailedException; -import com.keyfactor.util.keys.token.pkcs11.Pkcs11SlotLabelType; -import com.keyfactor.util.keys.token.pkcs11.NoSuchSlotException; +import org.cesecore.keys.token.CryptoTokenAuthenticationFailedException; +import org.cesecore.keys.token.p11.Pkcs11SlotLabelType; +import org.cesecore.keys.token.p11.exception.NoSuchSlotException; import org.cesecore.util.query.QueryCriteria; import org.signserver.common.CryptoTokenAuthenticationFailureException; import org.signserver.common.CryptoTokenInitializationFailureException; @@ -291,7 +291,7 @@ public void init(int workerId, Properties props, org.signserver.server.IServices // don't initialize keystore delegator when not auto-activated } - } catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException | NumberFormatException ex) { + } catch (org.cesecore.keys.token.CryptoTokenOfflineException | NumberFormatException ex) { LOG.error("Init failed", ex); throw new CryptoTokenInitializationFailureException(ex.getMessage()); } catch (NoSuchSlotException ex) { @@ -326,7 +326,7 @@ public int getCryptoTokenStatus(IServices services) { } } } - } catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeyException | SignatureException | ProviderException | OperatorCreationException | IOException ex) { + } catch (org.cesecore.keys.token.CryptoTokenOfflineException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeyException | SignatureException | ProviderException | OperatorCreationException | IOException ex) { LOG.error("Error testing activation", ex); } } @@ -339,7 +339,7 @@ public void activate(String authenticationcode, IServices services) throws Crypt try { delegate.activate(authenticationcode.toCharArray()); keystoreDelegator = new JavaKeyStoreDelegator(delegate.getActivatedKeyStore()); - } catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException ex) { + } catch (org.cesecore.keys.token.CryptoTokenOfflineException ex) { LOG.error("Activate failed", ex); throw new CryptoTokenOfflineException(ex); } catch (CryptoTokenAuthenticationFailedException ex) { @@ -368,7 +368,7 @@ public boolean deactivate(IServices services) throws CryptoTokenOfflineException private PrivateKey getPrivateKey(String alias) throws CryptoTokenOfflineException { try { return delegate.getPrivateKey(alias); - } catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException ex) { + } catch (org.cesecore.keys.token.CryptoTokenOfflineException ex) { throw new CryptoTokenOfflineException(ex); } } @@ -402,7 +402,7 @@ public ICertReqData genCertificateRequest(ISignerCertReqInfo info, } try { return CryptoTokenHelper.genCertificateRequest(info, delegate.getPrivateKey(alias), getProvider(ICryptoTokenV4.PROVIDERUSAGE_SIGN), delegate.getPublicKey(alias), explicitEccParameters); - } catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException e) { + } catch (org.cesecore.keys.token.CryptoTokenOfflineException e) { LOG.error("Certificate request error: " + e.getMessage(), e); throw new CryptoTokenOfflineException(e); } catch (IllegalArgumentException ex) { @@ -482,7 +482,7 @@ private void generateKeyPair(String keyAlgorithm, String keySpec, String alias, final KeyStore ks = delegate.getActivatedKeyStore(); CryptoTokenHelper.regenerateCertIfWanted(alias, authCode, params, keystoreDelegator, ks.getProvider().getName()); } - } catch (InvalidAlgorithmParameterException | com.keyfactor.util.keys.token.CryptoTokenOfflineException | CertificateException | IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | OperatorCreationException ex) { + } catch (InvalidAlgorithmParameterException | org.cesecore.keys.token.CryptoTokenOfflineException | CertificateException | IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | OperatorCreationException ex) { LOG.error(ex, ex); throw new CryptoTokenOfflineException(ex); } @@ -533,7 +533,7 @@ private void generateSecretKey(String keyAlgorithm, String keySpec, String alias } try { delegate.generateKey(keyAlgorithm, Integer.valueOf(keySpec), alias); - } catch (IllegalArgumentException | NoSuchAlgorithmException | NoSuchProviderException | KeyStoreException | com.keyfactor.util.keys.token.CryptoTokenOfflineException ex) { + } catch (IllegalArgumentException | NoSuchAlgorithmException | NoSuchProviderException | KeyStoreException | org.cesecore.keys.token.CryptoTokenOfflineException ex) { LOG.error(ex, ex); throw new CryptoTokenOfflineException(ex); } @@ -639,7 +639,7 @@ public KeyStorePKCS11CryptoToken() throws InstantiationException { public KeyStore getActivatedKeyStore() throws CryptoTokenOfflineException { try { return getKeyStore().getKeyStore(); // TODO: Consider if we should instead use the CachingKeystoreWrapper - } catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException ex) { + } catch (org.cesecore.keys.token.CryptoTokenOfflineException ex) { throw new CryptoTokenOfflineException(ex); } }