Search in sources :

Example 1 with PrivateKey

use of iaik.pkcs.pkcs11.objects.PrivateKey in project xipki by xipki.

the class IaikP11Slot method generateSM2Keypair0.

@Override
protected P11Identity generateSM2Keypair0(String label, P11NewKeyControl control) throws P11TokenException {
    long mech = PKCS11Constants.CKM_VENDOR_SM2_KEY_PAIR_GEN;
    assertMechanismSupported(mech);
    SM2PrivateKey privateKey = new SM2PrivateKey();
    SM2PublicKey publicKey = new SM2PublicKey();
    setKeyAttributes(label, PKCS11Constants.CKK_VENDOR_SM2, control, publicKey, privateKey);
    return generateKeyPair(mech, privateKey, publicKey);
}
Also used : SM2PrivateKey(iaik.pkcs.pkcs11.objects.SM2PrivateKey) SM2PublicKey(iaik.pkcs.pkcs11.objects.SM2PublicKey)

Example 2 with PrivateKey

use of iaik.pkcs.pkcs11.objects.PrivateKey in project xipki by xipki.

the class IaikP11Slot method generateKeyPair.

private P11Identity generateKeyPair(long mech, PrivateKey privateKey, PublicKey publicKey) throws P11TokenException {
    final String label = toString(privateKey.getLabel());
    byte[] id = null;
    try {
        KeyPair keypair;
        Session session = borrowWritableSession();
        try {
            if (labelExists(session, label)) {
                throw new IllegalArgumentException("label " + label + " exists, please specify another one");
            }
            id = generateKeyId(session);
            privateKey.getId().setByteArrayValue(id);
            publicKey.getId().setByteArrayValue(id);
            try {
                keypair = session.generateKeyPair(Mechanism.get(mech), publicKey, privateKey);
            } catch (TokenException ex) {
                throw new P11TokenException("could not generate keypair " + Pkcs11Functions.mechanismCodeToString(mech), ex);
            }
            P11ObjectIdentifier objId = new P11ObjectIdentifier(id, label);
            P11EntityIdentifier entityId = new P11EntityIdentifier(slotId, objId);
            java.security.PublicKey jcePublicKey;
            try {
                jcePublicKey = generatePublicKey(keypair.getPublicKey());
            } catch (XiSecurityException ex) {
                throw new P11TokenException("could not generate public key " + objId, ex);
            }
            PrivateKey privateKey2 = getPrivateKeyObject(session, id, label.toCharArray());
            if (privateKey2 == null) {
                throw new P11TokenException("could not read the generated private key");
            }
            return new IaikP11Identity(this, entityId, privateKey2, jcePublicKey, null);
        } finally {
            returnWritableSession(session);
        }
    } catch (P11TokenException | RuntimeException ex) {
        try {
            removeObjects(id, label);
        } catch (Throwable th) {
            LogUtil.error(LOG, th, "could not remove objects");
        }
        throw ex;
    }
}
Also used : KeyPair(iaik.pkcs.pkcs11.objects.KeyPair) RSAPrivateKey(iaik.pkcs.pkcs11.objects.RSAPrivateKey) ECPrivateKey(iaik.pkcs.pkcs11.objects.ECPrivateKey) SM2PrivateKey(iaik.pkcs.pkcs11.objects.SM2PrivateKey) PrivateKey(iaik.pkcs.pkcs11.objects.PrivateKey) DSAPrivateKey(iaik.pkcs.pkcs11.objects.DSAPrivateKey) P11TokenException(org.xipki.security.exception.P11TokenException) P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier) DEROctetString(org.bouncycastle.asn1.DEROctetString) XiSecurityException(org.xipki.security.exception.XiSecurityException) P11TokenException(org.xipki.security.exception.P11TokenException) TokenException(iaik.pkcs.pkcs11.TokenException) P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier) Session(iaik.pkcs.pkcs11.Session)

Example 3 with PrivateKey

use of iaik.pkcs.pkcs11.objects.PrivateKey in project xipki by xipki.

the class IaikP11Slot method generateRSAKeypair0.

@Override
protected P11Identity generateRSAKeypair0(int keysize, BigInteger publicExponent, String label, P11NewKeyControl control) throws P11TokenException {
    long mech = PKCS11Constants.CKM_RSA_PKCS_KEY_PAIR_GEN;
    assertMechanismSupported(mech);
    RSAPrivateKey privateKey = new RSAPrivateKey();
    RSAPublicKey publicKey = new RSAPublicKey();
    setKeyAttributes(label, PKCS11Constants.CKK_RSA, control, publicKey, privateKey);
    publicKey.getModulusBits().setLongValue((long) keysize);
    if (publicExponent != null) {
        publicKey.getPublicExponent().setByteArrayValue(publicExponent.toByteArray());
    }
    return generateKeyPair(mech, privateKey, publicKey);
}
Also used : RSAPublicKey(iaik.pkcs.pkcs11.objects.RSAPublicKey) RSAPrivateKey(iaik.pkcs.pkcs11.objects.RSAPrivateKey)

Example 4 with PrivateKey

use of iaik.pkcs.pkcs11.objects.PrivateKey in project xipki by xipki.

the class IaikP11Slot method analyseSingleKey.

private void analyseSingleKey(Session session, PrivateKey privKey, P11SlotRefreshResult refreshResult) throws P11TokenException, XiSecurityException {
    byte[] id = privKey.getId().getByteArrayValue();
    java.security.PublicKey pubKey = null;
    X509Cert cert = refreshResult.getCertForId(id);
    if (cert != null) {
        pubKey = cert.getCert().getPublicKey();
    } else {
        PublicKey p11PublicKey = getPublicKeyObject(session, id, null);
        if (p11PublicKey == null) {
            LOG.info("neither certificate nor public key for the key (" + hex(id) + " is available");
            return;
        }
        pubKey = generatePublicKey(p11PublicKey);
    }
    P11ObjectIdentifier objectId = new P11ObjectIdentifier(id, toString(privKey.getLabel()));
    X509Certificate[] certs = (cert == null) ? null : new X509Certificate[] { cert.getCert() };
    IaikP11Identity identity = new IaikP11Identity(this, new P11EntityIdentifier(slotId, objectId), privKey, pubKey, certs);
    refreshResult.addIdentity(identity);
}
Also used : DSAPublicKey(iaik.pkcs.pkcs11.objects.DSAPublicKey) RSAPublicKey(iaik.pkcs.pkcs11.objects.RSAPublicKey) SM2PublicKey(iaik.pkcs.pkcs11.objects.SM2PublicKey) ECPublicKey(iaik.pkcs.pkcs11.objects.ECPublicKey) PublicKey(iaik.pkcs.pkcs11.objects.PublicKey) X509Cert(org.xipki.security.X509Cert) P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier) P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier) X509Certificate(java.security.cert.X509Certificate)

Example 5 with PrivateKey

use of iaik.pkcs.pkcs11.objects.PrivateKey in project xipki by xipki.

the class IaikP11Slot method getAllPrivateObjects.

private List<PrivateKey> getAllPrivateObjects(Session session) throws P11TokenException {
    PrivateKey template = new PrivateKey();
    List<Storage> tmpObjects = getObjects(session, template);
    if (CollectionUtil.isEmpty(tmpObjects)) {
        return Collections.emptyList();
    }
    final int n = tmpObjects.size();
    LOG.info("found {} private keys", n);
    List<PrivateKey> privateKeys = new ArrayList<>(n);
    for (Storage tmpObject : tmpObjects) {
        PrivateKey privateKey = (PrivateKey) tmpObject;
        privateKeys.add(privateKey);
    }
    return privateKeys;
}
Also used : RSAPrivateKey(iaik.pkcs.pkcs11.objects.RSAPrivateKey) ECPrivateKey(iaik.pkcs.pkcs11.objects.ECPrivateKey) SM2PrivateKey(iaik.pkcs.pkcs11.objects.SM2PrivateKey) PrivateKey(iaik.pkcs.pkcs11.objects.PrivateKey) DSAPrivateKey(iaik.pkcs.pkcs11.objects.DSAPrivateKey) Storage(iaik.pkcs.pkcs11.objects.Storage) ArrayList(java.util.ArrayList)

Aggregations

DSAPrivateKey (iaik.pkcs.pkcs11.objects.DSAPrivateKey)5 ECPrivateKey (iaik.pkcs.pkcs11.objects.ECPrivateKey)5 RSAPrivateKey (iaik.pkcs.pkcs11.objects.RSAPrivateKey)5 SM2PrivateKey (iaik.pkcs.pkcs11.objects.SM2PrivateKey)5 PrivateKey (iaik.pkcs.pkcs11.objects.PrivateKey)4 P11TokenException (org.xipki.security.exception.P11TokenException)4 Session (iaik.pkcs.pkcs11.Session)3 TokenException (iaik.pkcs.pkcs11.TokenException)3 DSAPublicKey (iaik.pkcs.pkcs11.objects.DSAPublicKey)3 ECPublicKey (iaik.pkcs.pkcs11.objects.ECPublicKey)3 RSAPublicKey (iaik.pkcs.pkcs11.objects.RSAPublicKey)3 SM2PublicKey (iaik.pkcs.pkcs11.objects.SM2PublicKey)3 DEROctetString (org.bouncycastle.asn1.DEROctetString)3 P11ObjectIdentifier (org.xipki.security.pkcs11.P11ObjectIdentifier)3 PublicKey (iaik.pkcs.pkcs11.objects.PublicKey)2 SecretKey (iaik.pkcs.pkcs11.objects.SecretKey)2 ValuedSecretKey (iaik.pkcs.pkcs11.objects.ValuedSecretKey)2 X509PublicKeyCertificate (iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate)2 XiSecurityException (org.xipki.security.exception.XiSecurityException)2 P11EntityIdentifier (org.xipki.security.pkcs11.P11EntityIdentifier)2