use of iaik.pkcs.pkcs11.objects.PrivateKey in project xipki by xipki.
the class IaikP11Slot method generateSM2Keypair0.
@Override
protected P11Identity generateSM2Keypair0(String label, P11NewKeyControl control) throws P11TokenException {
long mech = PKCS11Constants.CKM_VENDOR_SM2_KEY_PAIR_GEN;
assertMechanismSupported(mech);
SM2PrivateKey privateKey = new SM2PrivateKey();
SM2PublicKey publicKey = new SM2PublicKey();
setKeyAttributes(label, PKCS11Constants.CKK_VENDOR_SM2, control, publicKey, privateKey);
return generateKeyPair(mech, privateKey, publicKey);
}
use of iaik.pkcs.pkcs11.objects.PrivateKey in project xipki by xipki.
the class IaikP11Slot method generateKeyPair.
private P11Identity generateKeyPair(long mech, PrivateKey privateKey, PublicKey publicKey) throws P11TokenException {
final String label = toString(privateKey.getLabel());
byte[] id = null;
try {
KeyPair keypair;
Session session = borrowWritableSession();
try {
if (labelExists(session, label)) {
throw new IllegalArgumentException("label " + label + " exists, please specify another one");
}
id = generateKeyId(session);
privateKey.getId().setByteArrayValue(id);
publicKey.getId().setByteArrayValue(id);
try {
keypair = session.generateKeyPair(Mechanism.get(mech), publicKey, privateKey);
} catch (TokenException ex) {
throw new P11TokenException("could not generate keypair " + Pkcs11Functions.mechanismCodeToString(mech), ex);
}
P11ObjectIdentifier objId = new P11ObjectIdentifier(id, label);
P11EntityIdentifier entityId = new P11EntityIdentifier(slotId, objId);
java.security.PublicKey jcePublicKey;
try {
jcePublicKey = generatePublicKey(keypair.getPublicKey());
} catch (XiSecurityException ex) {
throw new P11TokenException("could not generate public key " + objId, ex);
}
PrivateKey privateKey2 = getPrivateKeyObject(session, id, label.toCharArray());
if (privateKey2 == null) {
throw new P11TokenException("could not read the generated private key");
}
return new IaikP11Identity(this, entityId, privateKey2, jcePublicKey, null);
} finally {
returnWritableSession(session);
}
} catch (P11TokenException | RuntimeException ex) {
try {
removeObjects(id, label);
} catch (Throwable th) {
LogUtil.error(LOG, th, "could not remove objects");
}
throw ex;
}
}
use of iaik.pkcs.pkcs11.objects.PrivateKey in project xipki by xipki.
the class IaikP11Slot method generateRSAKeypair0.
@Override
protected P11Identity generateRSAKeypair0(int keysize, BigInteger publicExponent, String label, P11NewKeyControl control) throws P11TokenException {
long mech = PKCS11Constants.CKM_RSA_PKCS_KEY_PAIR_GEN;
assertMechanismSupported(mech);
RSAPrivateKey privateKey = new RSAPrivateKey();
RSAPublicKey publicKey = new RSAPublicKey();
setKeyAttributes(label, PKCS11Constants.CKK_RSA, control, publicKey, privateKey);
publicKey.getModulusBits().setLongValue((long) keysize);
if (publicExponent != null) {
publicKey.getPublicExponent().setByteArrayValue(publicExponent.toByteArray());
}
return generateKeyPair(mech, privateKey, publicKey);
}
use of iaik.pkcs.pkcs11.objects.PrivateKey in project xipki by xipki.
the class IaikP11Slot method analyseSingleKey.
private void analyseSingleKey(Session session, PrivateKey privKey, P11SlotRefreshResult refreshResult) throws P11TokenException, XiSecurityException {
byte[] id = privKey.getId().getByteArrayValue();
java.security.PublicKey pubKey = null;
X509Cert cert = refreshResult.getCertForId(id);
if (cert != null) {
pubKey = cert.getCert().getPublicKey();
} else {
PublicKey p11PublicKey = getPublicKeyObject(session, id, null);
if (p11PublicKey == null) {
LOG.info("neither certificate nor public key for the key (" + hex(id) + " is available");
return;
}
pubKey = generatePublicKey(p11PublicKey);
}
P11ObjectIdentifier objectId = new P11ObjectIdentifier(id, toString(privKey.getLabel()));
X509Certificate[] certs = (cert == null) ? null : new X509Certificate[] { cert.getCert() };
IaikP11Identity identity = new IaikP11Identity(this, new P11EntityIdentifier(slotId, objectId), privKey, pubKey, certs);
refreshResult.addIdentity(identity);
}
use of iaik.pkcs.pkcs11.objects.PrivateKey in project xipki by xipki.
the class IaikP11Slot method getAllPrivateObjects.
private List<PrivateKey> getAllPrivateObjects(Session session) throws P11TokenException {
PrivateKey template = new PrivateKey();
List<Storage> tmpObjects = getObjects(session, template);
if (CollectionUtil.isEmpty(tmpObjects)) {
return Collections.emptyList();
}
final int n = tmpObjects.size();
LOG.info("found {} private keys", n);
List<PrivateKey> privateKeys = new ArrayList<>(n);
for (Storage tmpObject : tmpObjects) {
PrivateKey privateKey = (PrivateKey) tmpObject;
privateKeys.add(privateKey);
}
return privateKeys;
}
Aggregations