Merge branch 'fb-DSS-2643-compile-pkcs11cryptotoken-against-cesecore'…

… into 'main' DSS-2643: Compile PKCS11CryptoToken against CESeCore instead of KFC for now. See merge request signserver/signserver!237
Keyfactor · Jun 5, 2023 · 255fa30 · 255fa30
2 parents 3a6ccb6 + 7de2f16
commit 255fa30
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 11 deletions.
diff --git a/signserver/modules/SignServer-Server/pom.xml b/signserver/modules/SignServer-Server/pom.xml
@@ -23,6 +23,11 @@
           <groupId>log4j</groupId>
           <artifactId>log4j</artifactId>
         </exclusion>
+        <!-- DSS-2643: Workaround for PKCS11CryptoToken available in x509-common-util conflicing with the one from cesecore-common -->
+        <exclusion>
+          <groupId>org.ejbca.cesecore</groupId>
+          <artifactId>x509-common-util</artifactId>
+        </exclusion>
       </exclusions>
     </dependency>
     <dependency>

diff --git a/...SignServer-Server/src/main/java/org/signserver/server/cryptotokens/PKCS11CryptoToken.java b/...SignServer-Server/src/main/java/org/signserver/server/cryptotokens/PKCS11CryptoToken.java
@@ -50,9 +50,9 @@
 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
 import org.bouncycastle.operator.OperatorCreationException;
 import org.cesecore.certificates.util.AlgorithmTools;
-import com.keyfactor.util.keys.token.CryptoTokenAuthenticationFailedException;
-import com.keyfactor.util.keys.token.pkcs11.Pkcs11SlotLabelType;
-import com.keyfactor.util.keys.token.pkcs11.NoSuchSlotException;
+import org.cesecore.keys.token.CryptoTokenAuthenticationFailedException;
+import org.cesecore.keys.token.p11.Pkcs11SlotLabelType;
+import org.cesecore.keys.token.p11.exception.NoSuchSlotException;
 import org.cesecore.util.query.QueryCriteria;
 import org.signserver.common.CryptoTokenAuthenticationFailureException;
 import org.signserver.common.CryptoTokenInitializationFailureException;
@@ -291,7 +291,7 @@ public void init(int workerId, Properties props, org.signserver.server.IServices
                 // don't initialize keystore delegator when not auto-activated
             }
 
-        } catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException | NumberFormatException ex) {
+        } catch (org.cesecore.keys.token.CryptoTokenOfflineException | NumberFormatException ex) {
             LOG.error("Init failed", ex);
             throw new CryptoTokenInitializationFailureException(ex.getMessage());
         } catch (NoSuchSlotException ex) {
@@ -326,7 +326,7 @@ public int getCryptoTokenStatus(IServices services) {
                         }
                     }
                 }
-            } catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeyException | SignatureException | ProviderException | OperatorCreationException | IOException ex) {
+            } catch (org.cesecore.keys.token.CryptoTokenOfflineException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeyException | SignatureException | ProviderException | OperatorCreationException | IOException ex) {
                 LOG.error("Error testing activation", ex);
             }
         }
@@ -339,7 +339,7 @@ public void activate(String authenticationcode, IServices services) throws Crypt
         try {
             delegate.activate(authenticationcode.toCharArray());
             keystoreDelegator = new JavaKeyStoreDelegator(delegate.getActivatedKeyStore());
-        } catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException ex) {
+        } catch (org.cesecore.keys.token.CryptoTokenOfflineException ex) {
             LOG.error("Activate failed", ex);
             throw new CryptoTokenOfflineException(ex);
         } catch (CryptoTokenAuthenticationFailedException ex) {
@@ -368,7 +368,7 @@ public boolean deactivate(IServices services) throws CryptoTokenOfflineException
     private PrivateKey getPrivateKey(String alias) throws CryptoTokenOfflineException {
         try {
             return delegate.getPrivateKey(alias);
-        } catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException ex) {
+        } catch (org.cesecore.keys.token.CryptoTokenOfflineException ex) {
             throw new CryptoTokenOfflineException(ex);
         }
     }
@@ -402,7 +402,7 @@ public ICertReqData genCertificateRequest(ISignerCertReqInfo info,
         }
         try {
             return CryptoTokenHelper.genCertificateRequest(info, delegate.getPrivateKey(alias), getProvider(ICryptoTokenV4.PROVIDERUSAGE_SIGN), delegate.getPublicKey(alias), explicitEccParameters);
-        } catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException e) {
+        } catch (org.cesecore.keys.token.CryptoTokenOfflineException e) {
             LOG.error("Certificate request error: " + e.getMessage(), e);
             throw new CryptoTokenOfflineException(e);
         } catch (IllegalArgumentException ex) {
@@ -482,7 +482,7 @@ private void generateKeyPair(String keyAlgorithm, String keySpec, String alias,
                 final KeyStore ks = delegate.getActivatedKeyStore();
                 CryptoTokenHelper.regenerateCertIfWanted(alias, authCode, params, keystoreDelegator, ks.getProvider().getName());
             }
-        } catch (InvalidAlgorithmParameterException | com.keyfactor.util.keys.token.CryptoTokenOfflineException | CertificateException | IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | OperatorCreationException ex) {
+        } catch (InvalidAlgorithmParameterException | org.cesecore.keys.token.CryptoTokenOfflineException | CertificateException | IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | OperatorCreationException ex) {
             LOG.error(ex, ex);
             throw new CryptoTokenOfflineException(ex);
         }
@@ -533,7 +533,7 @@ private void generateSecretKey(String keyAlgorithm, String keySpec, String alias
         }
         try {
             delegate.generateKey(keyAlgorithm, Integer.valueOf(keySpec), alias);
-        } catch (IllegalArgumentException | NoSuchAlgorithmException | NoSuchProviderException | KeyStoreException | com.keyfactor.util.keys.token.CryptoTokenOfflineException ex) {
+        } catch (IllegalArgumentException | NoSuchAlgorithmException | NoSuchProviderException | KeyStoreException | org.cesecore.keys.token.CryptoTokenOfflineException ex) {
             LOG.error(ex, ex);
             throw new CryptoTokenOfflineException(ex);
         }
@@ -639,7 +639,7 @@ public KeyStorePKCS11CryptoToken() throws InstantiationException {
         public KeyStore getActivatedKeyStore() throws CryptoTokenOfflineException {
             try {
                 return getKeyStore().getKeyStore(); // TODO: Consider if we should instead use the CachingKeystoreWrapper
-            } catch (com.keyfactor.util.keys.token.CryptoTokenOfflineException ex) {
+            } catch (org.cesecore.keys.token.CryptoTokenOfflineException ex) {
                 throw new CryptoTokenOfflineException(ex);
             }
         }