Examples with X509PublicKeyCertificate iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate used on opensource projects

Example 6 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method refresh0.

@Override
protected P11SlotRefreshResult refresh0() throws P11TokenException {
    Mechanism[] mechanisms;
    try {
        mechanisms = slot.getToken().getMechanismList();
    } catch (TokenException ex) {
        throw new P11TokenException("could not getMechanismList: " + ex.getMessage(), ex);
    }
    P11SlotRefreshResult ret = new P11SlotRefreshResult();
    if (mechanisms != null) {
        for (Mechanism mech : mechanisms) {
            ret.addMechanism(mech.getMechanismCode());
        }
    }
    ConcurrentBagEntry<Session> session = borrowSession();
    try {
        // secret keys
        List<SecretKey> secretKeys = getAllSecretKeyObjects(session.value());
        for (SecretKey secKey : secretKeys) {
            byte[] keyId = secKey.getId().getByteArrayValue();
            if (keyId == null || keyId.length == 0) {
                continue;
            }
            analyseSingleKey(secKey, ret);
        }
        // first get the list of all CA certificates
        List<X509PublicKeyCertificate> p11Certs = getAllCertificateObjects(session.value());
        for (X509PublicKeyCertificate p11Cert : p11Certs) {
            P11ObjectIdentifier objId = new P11ObjectIdentifier(p11Cert.getId().getByteArrayValue(), toString(p11Cert.getLabel()));
            ret.addCertificate(objId, parseCert(p11Cert));
        }
        List<PrivateKey> privKeys = getAllPrivateObjects(session.value());
        for (PrivateKey privKey : privKeys) {
            byte[] keyId = privKey.getId().getByteArrayValue();
            if (keyId == null || keyId.length == 0) {
                break;
            }
            try {
                analyseSingleKey(session.value(), privKey, ret);
            } catch (XiSecurityException ex) {
                LogUtil.error(LOG, ex, "XiSecurityException while initializing private key " + "with id " + hex(keyId));
                continue;
            } catch (Throwable th) {
                String label = "";
                if (privKey.getLabel() != null) {
                    label = new String(privKey.getLabel().getCharArrayValue());
                }
                LOG.error("unexpected exception while initializing private key with id " + hex(keyId) + " and label " + label, th);
                continue;
            }
        }
        return ret;
    } finally {
        sessions.requite(session);
    }
}

Example 7 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method labelExists.

private static boolean labelExists(Session session, String keyLabel) throws P11TokenException {
    ParamUtil.requireNonBlank("keyLabel", keyLabel);
    Key key = new Key();
    key.getLabel().setCharArrayValue(keyLabel.toCharArray());
    Object[] objects;
    try {
        session.findObjectsInit(key);
        objects = session.findObjects(1);
        if (objects.length > 0) {
            return true;
        }
    } catch (TokenException ex) {
        throw new P11TokenException(ex.getMessage(), ex);
    } finally {
        try {
            session.findObjectsFinal();
        } catch (TokenException ex) {
            LogUtil.error(LOG, ex, "session.findObjectsFinal() failed");
        }
    }
    X509PublicKeyCertificate cert = new X509PublicKeyCertificate();
    cert.getLabel().setCharArrayValue(keyLabel.toCharArray());
    try {
        session.findObjectsInit(cert);
        objects = session.findObjects(1);
    } catch (TokenException ex) {
        throw new P11TokenException(ex.getMessage(), ex);
    } finally {
        try {
            session.findObjectsFinal();
        } catch (TokenException ex) {
            LogUtil.error(LOG, ex, "session.findObjectsFinal() failed");
        }
    }
    return objects.length > 0;
}

Example 8 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method removeObjects.

@Override
public int removeObjects(byte[] id, String label) throws P11TokenException {
    if ((id == null || id.length == 0) && StringUtil.isBlank(label)) {
        throw new IllegalArgumentException("at least one of id and label must not be null");
    }
    Key keyTemplate = new Key();
    if (id != null && id.length > 0) {
        keyTemplate.getId().setByteArrayValue(id);
    }
    if (StringUtil.isNotBlank(label)) {
        keyTemplate.getLabel().setCharArrayValue(label.toCharArray());
    }
    String objIdDesc = getDescription(id, label);
    int num = removeObjects(keyTemplate, "keys " + objIdDesc);
    X509PublicKeyCertificate certTemplate = new X509PublicKeyCertificate();
    if (id != null && id.length > 0) {
        certTemplate.getId().setByteArrayValue(id);
    }
    if (StringUtil.isNotBlank(label)) {
        certTemplate.getLabel().setCharArrayValue(label.toCharArray());
    }
    num += removeObjects(certTemplate, "certificates" + objIdDesc);
    return num;
}

Example 9 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method idExists.

private static boolean idExists(Session session, byte[] keyId) throws P11TokenException {
    Key key = new Key();
    key.getId().setByteArrayValue(keyId);
    Object[] objects;
    try {
        session.findObjectsInit(key);
        objects = session.findObjects(1);
        if (objects.length > 0) {
            return true;
        }
    } catch (TokenException ex) {
        throw new P11TokenException(ex.getMessage(), ex);
    } finally {
        try {
            session.findObjectsFinal();
        } catch (TokenException ex) {
            LogUtil.error(LOG, ex, "session.findObjectsFinal() failed");
        }
    }
    X509PublicKeyCertificate cert = new X509PublicKeyCertificate();
    cert.getId().setByteArrayValue(keyId);
    try {
        session.findObjectsInit(cert);
        objects = session.findObjects(1);
    } catch (TokenException ex) {
        throw new P11TokenException(ex.getMessage(), ex);
    } finally {
        try {
            session.findObjectsFinal();
        } catch (TokenException ex) {
            LogUtil.error(LOG, ex, "session.findObjectsFinal() failed");
        }
    }
    return objects.length > 0;
}

Example 10 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method getAllCertificateObjects.

private List<X509PublicKeyCertificate> getAllCertificateObjects(Session session) throws P11TokenException {
    X509PublicKeyCertificate template = new X509PublicKeyCertificate();
    List<Storage> tmpObjects = getObjects(session, template);
    List<X509PublicKeyCertificate> certs = new ArrayList<>(tmpObjects.size());
    for (PKCS11Object tmpObject : tmpObjects) {
        X509PublicKeyCertificate cert = (X509PublicKeyCertificate) tmpObject;
        certs.add(cert);
    }
    return certs;
}