use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.
the class IaikP11Slot method updateCertificate0.
@Override
protected void updateCertificate0(P11ObjectIdentifier objectId, X509Certificate newCert) throws P11TokenException {
removeCerts(objectId);
try {
Thread.sleep(1000);
} catch (InterruptedException ex) {
// CHECKSTYLE:SKIP
}
X509PublicKeyCertificate newCertTemp = createPkcs11Template(new X509Cert(newCert), objectId.getId(), objectId.getLabelChars());
Session session = borrowWritableSession();
try {
session.createObject(newCertTemp);
} catch (TokenException ex) {
throw new P11TokenException("could not createObject: " + ex.getMessage(), ex);
} finally {
returnWritableSession(session);
}
}
use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.
the class IaikP11Slot method getCertificateObjects.
private X509PublicKeyCertificate[] getCertificateObjects(Session session, byte[] keyId, char[] keyLabel) throws P11TokenException {
X509PublicKeyCertificate template = new X509PublicKeyCertificate();
if (keyId != null) {
template.getId().setByteArrayValue(keyId);
}
if (keyLabel != null) {
template.getLabel().setCharArrayValue(keyLabel);
}
List<Storage> tmpObjects = getObjects(session, template);
if (CollectionUtil.isEmpty(tmpObjects)) {
LOG.info("found no certificate identified by {}", getDescription(keyId, keyLabel));
return null;
}
int size = tmpObjects.size();
X509PublicKeyCertificate[] certs = new X509PublicKeyCertificate[size];
for (int i = 0; i < size; i++) {
certs[i] = (X509PublicKeyCertificate) tmpObjects.get(i);
}
return certs;
}
use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.
the class IaikP11Slot method removeIdentity0.
@Override
protected void removeIdentity0(P11ObjectIdentifier objectId) throws P11TokenException {
Session session = borrowWritableSession();
try {
byte[] id = objectId.getId();
char[] label = objectId.getLabelChars();
SecretKey secretKey = getSecretKeyObject(session, id, label);
if (secretKey != null) {
try {
session.destroyObject(secretKey);
} catch (TokenException ex) {
String msg = "could not delete secret key " + objectId;
LogUtil.error(LOG, ex, msg);
throw new P11TokenException(msg);
}
}
PrivateKey privKey = getPrivateKeyObject(session, id, label);
if (privKey != null) {
try {
session.destroyObject(privKey);
} catch (TokenException ex) {
String msg = "could not delete private key " + objectId;
LogUtil.error(LOG, ex, msg);
throw new P11TokenException(msg);
}
}
PublicKey pubKey = getPublicKeyObject(session, id, label);
if (pubKey != null) {
try {
session.destroyObject(pubKey);
} catch (TokenException ex) {
String msg = "could not delete public key " + objectId;
LogUtil.error(LOG, ex, msg);
throw new P11TokenException(msg);
}
}
X509PublicKeyCertificate[] certs = getCertificateObjects(session, id, label);
if (certs != null && certs.length > 0) {
for (int i = 0; i < certs.length; i++) {
try {
session.destroyObject(certs[i]);
} catch (TokenException ex) {
String msg = "could not delete certificate " + objectId;
LogUtil.error(LOG, ex, msg);
throw new P11TokenException(msg);
}
}
}
} finally {
returnWritableSession(session);
}
}
use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.
the class IaikP11Slot method createPkcs11Template.
private static X509PublicKeyCertificate createPkcs11Template(X509Cert cert, byte[] keyId, char[] label) {
if (label == null || label.length == 0) {
throw new IllegalArgumentException("label must not be null or empty");
}
X509PublicKeyCertificate newCertTemp = new X509PublicKeyCertificate();
newCertTemp.getId().setByteArrayValue(keyId);
newCertTemp.getLabel().setCharArrayValue(label);
newCertTemp.getToken().setBooleanValue(true);
newCertTemp.getCertificateType().setLongValue(CertificateType.X_509_PUBLIC_KEY);
newCertTemp.getSubject().setByteArrayValue(cert.getCert().getSubjectX500Principal().getEncoded());
newCertTemp.getIssuer().setByteArrayValue(cert.getCert().getIssuerX500Principal().getEncoded());
newCertTemp.getSerialNumber().setByteArrayValue(cert.getCert().getSerialNumber().toByteArray());
newCertTemp.getValue().setByteArrayValue(cert.getEncodedCert());
return newCertTemp;
}
use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.
the class IaikP11Slot method addCert0.
@Override
protected void addCert0(P11ObjectIdentifier objectId, X509Certificate cert) throws P11TokenException {
X509PublicKeyCertificate newCaCertTemp = createPkcs11Template(new X509Cert(cert), objectId.getId(), objectId.getLabelChars());
Session session = borrowWritableSession();
try {
session.createObject(newCaCertTemp);
} catch (TokenException ex) {
throw new P11TokenException(ex.getMessage(), ex);
} finally {
returnWritableSession(session);
}
}
Aggregations