Search in sources :

Example 1 with PublicKey

use of iaik.pkcs.pkcs11.objects.PublicKey in project xipki by xipki.

the class IaikP11Slot method generateSM2Keypair0.

@Override
protected P11Identity generateSM2Keypair0(String label, P11NewKeyControl control) throws P11TokenException {
    long mech = PKCS11Constants.CKM_VENDOR_SM2_KEY_PAIR_GEN;
    assertMechanismSupported(mech);
    SM2PrivateKey privateKey = new SM2PrivateKey();
    SM2PublicKey publicKey = new SM2PublicKey();
    setKeyAttributes(label, PKCS11Constants.CKK_VENDOR_SM2, control, publicKey, privateKey);
    return generateKeyPair(mech, privateKey, publicKey);
}
Also used : SM2PrivateKey(iaik.pkcs.pkcs11.objects.SM2PrivateKey) SM2PublicKey(iaik.pkcs.pkcs11.objects.SM2PublicKey)

Example 2 with PublicKey

use of iaik.pkcs.pkcs11.objects.PublicKey in project xipki by xipki.

the class IaikP11Slot method generateKeyPair.

private P11Identity generateKeyPair(long mech, PrivateKey privateKey, PublicKey publicKey) throws P11TokenException {
    final String label = toString(privateKey.getLabel());
    byte[] id = null;
    try {
        KeyPair keypair;
        Session session = borrowWritableSession();
        try {
            if (labelExists(session, label)) {
                throw new IllegalArgumentException("label " + label + " exists, please specify another one");
            }
            id = generateKeyId(session);
            privateKey.getId().setByteArrayValue(id);
            publicKey.getId().setByteArrayValue(id);
            try {
                keypair = session.generateKeyPair(Mechanism.get(mech), publicKey, privateKey);
            } catch (TokenException ex) {
                throw new P11TokenException("could not generate keypair " + Pkcs11Functions.mechanismCodeToString(mech), ex);
            }
            P11ObjectIdentifier objId = new P11ObjectIdentifier(id, label);
            P11EntityIdentifier entityId = new P11EntityIdentifier(slotId, objId);
            java.security.PublicKey jcePublicKey;
            try {
                jcePublicKey = generatePublicKey(keypair.getPublicKey());
            } catch (XiSecurityException ex) {
                throw new P11TokenException("could not generate public key " + objId, ex);
            }
            PrivateKey privateKey2 = getPrivateKeyObject(session, id, label.toCharArray());
            if (privateKey2 == null) {
                throw new P11TokenException("could not read the generated private key");
            }
            return new IaikP11Identity(this, entityId, privateKey2, jcePublicKey, null);
        } finally {
            returnWritableSession(session);
        }
    } catch (P11TokenException | RuntimeException ex) {
        try {
            removeObjects(id, label);
        } catch (Throwable th) {
            LogUtil.error(LOG, th, "could not remove objects");
        }
        throw ex;
    }
}
Also used : KeyPair(iaik.pkcs.pkcs11.objects.KeyPair) RSAPrivateKey(iaik.pkcs.pkcs11.objects.RSAPrivateKey) ECPrivateKey(iaik.pkcs.pkcs11.objects.ECPrivateKey) SM2PrivateKey(iaik.pkcs.pkcs11.objects.SM2PrivateKey) PrivateKey(iaik.pkcs.pkcs11.objects.PrivateKey) DSAPrivateKey(iaik.pkcs.pkcs11.objects.DSAPrivateKey) P11TokenException(org.xipki.security.exception.P11TokenException) P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier) DEROctetString(org.bouncycastle.asn1.DEROctetString) XiSecurityException(org.xipki.security.exception.XiSecurityException) P11TokenException(org.xipki.security.exception.P11TokenException) TokenException(iaik.pkcs.pkcs11.TokenException) P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier) Session(iaik.pkcs.pkcs11.Session)

Example 3 with PublicKey

use of iaik.pkcs.pkcs11.objects.PublicKey in project xipki by xipki.

the class IaikP11Slot method generateRSAKeypair0.

@Override
protected P11Identity generateRSAKeypair0(int keysize, BigInteger publicExponent, String label, P11NewKeyControl control) throws P11TokenException {
    long mech = PKCS11Constants.CKM_RSA_PKCS_KEY_PAIR_GEN;
    assertMechanismSupported(mech);
    RSAPrivateKey privateKey = new RSAPrivateKey();
    RSAPublicKey publicKey = new RSAPublicKey();
    setKeyAttributes(label, PKCS11Constants.CKK_RSA, control, publicKey, privateKey);
    publicKey.getModulusBits().setLongValue((long) keysize);
    if (publicExponent != null) {
        publicKey.getPublicExponent().setByteArrayValue(publicExponent.toByteArray());
    }
    return generateKeyPair(mech, privateKey, publicKey);
}
Also used : RSAPublicKey(iaik.pkcs.pkcs11.objects.RSAPublicKey) RSAPrivateKey(iaik.pkcs.pkcs11.objects.RSAPrivateKey)

Example 4 with PublicKey

use of iaik.pkcs.pkcs11.objects.PublicKey in project xipki by xipki.

the class IaikP11Slot method analyseSingleKey.

private void analyseSingleKey(Session session, PrivateKey privKey, P11SlotRefreshResult refreshResult) throws P11TokenException, XiSecurityException {
    byte[] id = privKey.getId().getByteArrayValue();
    java.security.PublicKey pubKey = null;
    X509Cert cert = refreshResult.getCertForId(id);
    if (cert != null) {
        pubKey = cert.getCert().getPublicKey();
    } else {
        PublicKey p11PublicKey = getPublicKeyObject(session, id, null);
        if (p11PublicKey == null) {
            LOG.info("neither certificate nor public key for the key (" + hex(id) + " is available");
            return;
        }
        pubKey = generatePublicKey(p11PublicKey);
    }
    P11ObjectIdentifier objectId = new P11ObjectIdentifier(id, toString(privKey.getLabel()));
    X509Certificate[] certs = (cert == null) ? null : new X509Certificate[] { cert.getCert() };
    IaikP11Identity identity = new IaikP11Identity(this, new P11EntityIdentifier(slotId, objectId), privKey, pubKey, certs);
    refreshResult.addIdentity(identity);
}
Also used : DSAPublicKey(iaik.pkcs.pkcs11.objects.DSAPublicKey) RSAPublicKey(iaik.pkcs.pkcs11.objects.RSAPublicKey) SM2PublicKey(iaik.pkcs.pkcs11.objects.SM2PublicKey) ECPublicKey(iaik.pkcs.pkcs11.objects.ECPublicKey) PublicKey(iaik.pkcs.pkcs11.objects.PublicKey) X509Cert(org.xipki.security.X509Cert) P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier) P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier) X509Certificate(java.security.cert.X509Certificate)

Example 5 with PublicKey

use of iaik.pkcs.pkcs11.objects.PublicKey in project xipki by xipki.

the class IaikP11Slot method removeIdentity0.

@Override
protected void removeIdentity0(P11ObjectIdentifier objectId) throws P11TokenException {
    Session session = borrowWritableSession();
    try {
        byte[] id = objectId.getId();
        char[] label = objectId.getLabelChars();
        SecretKey secretKey = getSecretKeyObject(session, id, label);
        if (secretKey != null) {
            try {
                session.destroyObject(secretKey);
            } catch (TokenException ex) {
                String msg = "could not delete secret key " + objectId;
                LogUtil.error(LOG, ex, msg);
                throw new P11TokenException(msg);
            }
        }
        PrivateKey privKey = getPrivateKeyObject(session, id, label);
        if (privKey != null) {
            try {
                session.destroyObject(privKey);
            } catch (TokenException ex) {
                String msg = "could not delete private key " + objectId;
                LogUtil.error(LOG, ex, msg);
                throw new P11TokenException(msg);
            }
        }
        PublicKey pubKey = getPublicKeyObject(session, id, label);
        if (pubKey != null) {
            try {
                session.destroyObject(pubKey);
            } catch (TokenException ex) {
                String msg = "could not delete public key " + objectId;
                LogUtil.error(LOG, ex, msg);
                throw new P11TokenException(msg);
            }
        }
        X509PublicKeyCertificate[] certs = getCertificateObjects(session, id, label);
        if (certs != null && certs.length > 0) {
            for (int i = 0; i < certs.length; i++) {
                try {
                    session.destroyObject(certs[i]);
                } catch (TokenException ex) {
                    String msg = "could not delete certificate " + objectId;
                    LogUtil.error(LOG, ex, msg);
                    throw new P11TokenException(msg);
                }
            }
        }
    } finally {
        returnWritableSession(session);
    }
}
Also used : ValuedSecretKey(iaik.pkcs.pkcs11.objects.ValuedSecretKey) SecretKey(iaik.pkcs.pkcs11.objects.SecretKey) RSAPrivateKey(iaik.pkcs.pkcs11.objects.RSAPrivateKey) ECPrivateKey(iaik.pkcs.pkcs11.objects.ECPrivateKey) SM2PrivateKey(iaik.pkcs.pkcs11.objects.SM2PrivateKey) PrivateKey(iaik.pkcs.pkcs11.objects.PrivateKey) DSAPrivateKey(iaik.pkcs.pkcs11.objects.DSAPrivateKey) DSAPublicKey(iaik.pkcs.pkcs11.objects.DSAPublicKey) RSAPublicKey(iaik.pkcs.pkcs11.objects.RSAPublicKey) SM2PublicKey(iaik.pkcs.pkcs11.objects.SM2PublicKey) ECPublicKey(iaik.pkcs.pkcs11.objects.ECPublicKey) PublicKey(iaik.pkcs.pkcs11.objects.PublicKey) P11TokenException(org.xipki.security.exception.P11TokenException) TokenException(iaik.pkcs.pkcs11.TokenException) P11TokenException(org.xipki.security.exception.P11TokenException) X509PublicKeyCertificate(iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate) DEROctetString(org.bouncycastle.asn1.DEROctetString) Session(iaik.pkcs.pkcs11.Session)

Aggregations

DSAPublicKey (iaik.pkcs.pkcs11.objects.DSAPublicKey)4 ECPublicKey (iaik.pkcs.pkcs11.objects.ECPublicKey)4 RSAPublicKey (iaik.pkcs.pkcs11.objects.RSAPublicKey)4 DSAPrivateKey (iaik.pkcs.pkcs11.objects.DSAPrivateKey)3 ECPrivateKey (iaik.pkcs.pkcs11.objects.ECPrivateKey)3 RSAPrivateKey (iaik.pkcs.pkcs11.objects.RSAPrivateKey)3 SM2PrivateKey (iaik.pkcs.pkcs11.objects.SM2PrivateKey)3 SM2PublicKey (iaik.pkcs.pkcs11.objects.SM2PublicKey)3 P11TokenException (org.xipki.security.exception.P11TokenException)3 Session (iaik.pkcs.pkcs11.Session)2 TokenException (iaik.pkcs.pkcs11.TokenException)2 PrivateKey (iaik.pkcs.pkcs11.objects.PrivateKey)2 PublicKey (iaik.pkcs.pkcs11.objects.PublicKey)2 DEROctetString (org.bouncycastle.asn1.DEROctetString)2 XiSecurityException (org.xipki.security.exception.XiSecurityException)2 P11EntityIdentifier (org.xipki.security.pkcs11.P11EntityIdentifier)2 P11ObjectIdentifier (org.xipki.security.pkcs11.P11ObjectIdentifier)2 KeyPair (iaik.pkcs.pkcs11.objects.KeyPair)1 SecretKey (iaik.pkcs.pkcs11.objects.SecretKey)1 ValuedSecretKey (iaik.pkcs.pkcs11.objects.ValuedSecretKey)1