Search in sources :

Example 1 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method updateCertificate0.

@Override
protected void updateCertificate0(P11ObjectIdentifier objectId, X509Certificate newCert) throws P11TokenException {
    removeCerts(objectId);
    try {
        Thread.sleep(1000);
    } catch (InterruptedException ex) {
    // CHECKSTYLE:SKIP
    }
    X509PublicKeyCertificate newCertTemp = createPkcs11Template(new X509Cert(newCert), objectId.getId(), objectId.getLabelChars());
    Session session = borrowWritableSession();
    try {
        session.createObject(newCertTemp);
    } catch (TokenException ex) {
        throw new P11TokenException("could not createObject: " + ex.getMessage(), ex);
    } finally {
        returnWritableSession(session);
    }
}
Also used : X509Cert(org.xipki.security.X509Cert) P11TokenException(org.xipki.security.exception.P11TokenException) TokenException(iaik.pkcs.pkcs11.TokenException) P11TokenException(org.xipki.security.exception.P11TokenException) X509PublicKeyCertificate(iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate) Session(iaik.pkcs.pkcs11.Session)

Example 2 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method getCertificateObjects.

private X509PublicKeyCertificate[] getCertificateObjects(Session session, byte[] keyId, char[] keyLabel) throws P11TokenException {
    X509PublicKeyCertificate template = new X509PublicKeyCertificate();
    if (keyId != null) {
        template.getId().setByteArrayValue(keyId);
    }
    if (keyLabel != null) {
        template.getLabel().setCharArrayValue(keyLabel);
    }
    List<Storage> tmpObjects = getObjects(session, template);
    if (CollectionUtil.isEmpty(tmpObjects)) {
        LOG.info("found no certificate identified by {}", getDescription(keyId, keyLabel));
        return null;
    }
    int size = tmpObjects.size();
    X509PublicKeyCertificate[] certs = new X509PublicKeyCertificate[size];
    for (int i = 0; i < size; i++) {
        certs[i] = (X509PublicKeyCertificate) tmpObjects.get(i);
    }
    return certs;
}
Also used : Storage(iaik.pkcs.pkcs11.objects.Storage) X509PublicKeyCertificate(iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate)

Example 3 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method removeIdentity0.

@Override
protected void removeIdentity0(P11ObjectIdentifier objectId) throws P11TokenException {
    Session session = borrowWritableSession();
    try {
        byte[] id = objectId.getId();
        char[] label = objectId.getLabelChars();
        SecretKey secretKey = getSecretKeyObject(session, id, label);
        if (secretKey != null) {
            try {
                session.destroyObject(secretKey);
            } catch (TokenException ex) {
                String msg = "could not delete secret key " + objectId;
                LogUtil.error(LOG, ex, msg);
                throw new P11TokenException(msg);
            }
        }
        PrivateKey privKey = getPrivateKeyObject(session, id, label);
        if (privKey != null) {
            try {
                session.destroyObject(privKey);
            } catch (TokenException ex) {
                String msg = "could not delete private key " + objectId;
                LogUtil.error(LOG, ex, msg);
                throw new P11TokenException(msg);
            }
        }
        PublicKey pubKey = getPublicKeyObject(session, id, label);
        if (pubKey != null) {
            try {
                session.destroyObject(pubKey);
            } catch (TokenException ex) {
                String msg = "could not delete public key " + objectId;
                LogUtil.error(LOG, ex, msg);
                throw new P11TokenException(msg);
            }
        }
        X509PublicKeyCertificate[] certs = getCertificateObjects(session, id, label);
        if (certs != null && certs.length > 0) {
            for (int i = 0; i < certs.length; i++) {
                try {
                    session.destroyObject(certs[i]);
                } catch (TokenException ex) {
                    String msg = "could not delete certificate " + objectId;
                    LogUtil.error(LOG, ex, msg);
                    throw new P11TokenException(msg);
                }
            }
        }
    } finally {
        returnWritableSession(session);
    }
}
Also used : ValuedSecretKey(iaik.pkcs.pkcs11.objects.ValuedSecretKey) SecretKey(iaik.pkcs.pkcs11.objects.SecretKey) RSAPrivateKey(iaik.pkcs.pkcs11.objects.RSAPrivateKey) ECPrivateKey(iaik.pkcs.pkcs11.objects.ECPrivateKey) SM2PrivateKey(iaik.pkcs.pkcs11.objects.SM2PrivateKey) PrivateKey(iaik.pkcs.pkcs11.objects.PrivateKey) DSAPrivateKey(iaik.pkcs.pkcs11.objects.DSAPrivateKey) DSAPublicKey(iaik.pkcs.pkcs11.objects.DSAPublicKey) RSAPublicKey(iaik.pkcs.pkcs11.objects.RSAPublicKey) SM2PublicKey(iaik.pkcs.pkcs11.objects.SM2PublicKey) ECPublicKey(iaik.pkcs.pkcs11.objects.ECPublicKey) PublicKey(iaik.pkcs.pkcs11.objects.PublicKey) P11TokenException(org.xipki.security.exception.P11TokenException) TokenException(iaik.pkcs.pkcs11.TokenException) P11TokenException(org.xipki.security.exception.P11TokenException) X509PublicKeyCertificate(iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate) DEROctetString(org.bouncycastle.asn1.DEROctetString) Session(iaik.pkcs.pkcs11.Session)

Example 4 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method createPkcs11Template.

private static X509PublicKeyCertificate createPkcs11Template(X509Cert cert, byte[] keyId, char[] label) {
    if (label == null || label.length == 0) {
        throw new IllegalArgumentException("label must not be null or empty");
    }
    X509PublicKeyCertificate newCertTemp = new X509PublicKeyCertificate();
    newCertTemp.getId().setByteArrayValue(keyId);
    newCertTemp.getLabel().setCharArrayValue(label);
    newCertTemp.getToken().setBooleanValue(true);
    newCertTemp.getCertificateType().setLongValue(CertificateType.X_509_PUBLIC_KEY);
    newCertTemp.getSubject().setByteArrayValue(cert.getCert().getSubjectX500Principal().getEncoded());
    newCertTemp.getIssuer().setByteArrayValue(cert.getCert().getIssuerX500Principal().getEncoded());
    newCertTemp.getSerialNumber().setByteArrayValue(cert.getCert().getSerialNumber().toByteArray());
    newCertTemp.getValue().setByteArrayValue(cert.getEncodedCert());
    return newCertTemp;
}
Also used : X509PublicKeyCertificate(iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate)

Example 5 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method addCert0.

@Override
protected void addCert0(P11ObjectIdentifier objectId, X509Certificate cert) throws P11TokenException {
    X509PublicKeyCertificate newCaCertTemp = createPkcs11Template(new X509Cert(cert), objectId.getId(), objectId.getLabelChars());
    Session session = borrowWritableSession();
    try {
        session.createObject(newCaCertTemp);
    } catch (TokenException ex) {
        throw new P11TokenException(ex.getMessage(), ex);
    } finally {
        returnWritableSession(session);
    }
}
Also used : X509Cert(org.xipki.security.X509Cert) P11TokenException(org.xipki.security.exception.P11TokenException) TokenException(iaik.pkcs.pkcs11.TokenException) P11TokenException(org.xipki.security.exception.P11TokenException) X509PublicKeyCertificate(iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate) Session(iaik.pkcs.pkcs11.Session)

Aggregations

X509PublicKeyCertificate (iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate)10 TokenException (iaik.pkcs.pkcs11.TokenException)6 P11TokenException (org.xipki.security.exception.P11TokenException)6 DSAPrivateKey (iaik.pkcs.pkcs11.objects.DSAPrivateKey)5 ECPrivateKey (iaik.pkcs.pkcs11.objects.ECPrivateKey)5 PrivateKey (iaik.pkcs.pkcs11.objects.PrivateKey)5 RSAPrivateKey (iaik.pkcs.pkcs11.objects.RSAPrivateKey)5 SM2PrivateKey (iaik.pkcs.pkcs11.objects.SM2PrivateKey)5 SecretKey (iaik.pkcs.pkcs11.objects.SecretKey)5 ValuedSecretKey (iaik.pkcs.pkcs11.objects.ValuedSecretKey)5 Session (iaik.pkcs.pkcs11.Session)4 DSAPublicKey (iaik.pkcs.pkcs11.objects.DSAPublicKey)4 ECPublicKey (iaik.pkcs.pkcs11.objects.ECPublicKey)4 PublicKey (iaik.pkcs.pkcs11.objects.PublicKey)4 RSAPublicKey (iaik.pkcs.pkcs11.objects.RSAPublicKey)4 SM2PublicKey (iaik.pkcs.pkcs11.objects.SM2PublicKey)4 Key (iaik.pkcs.pkcs11.objects.Key)3 PKCS11Object (iaik.pkcs.pkcs11.objects.PKCS11Object)3 DEROctetString (org.bouncycastle.asn1.DEROctetString)3 Storage (iaik.pkcs.pkcs11.objects.Storage)2