Search in sources :

Example 6 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method refresh0.

@Override
protected P11SlotRefreshResult refresh0() throws P11TokenException {
    Mechanism[] mechanisms;
    try {
        mechanisms = slot.getToken().getMechanismList();
    } catch (TokenException ex) {
        throw new P11TokenException("could not getMechanismList: " + ex.getMessage(), ex);
    }
    P11SlotRefreshResult ret = new P11SlotRefreshResult();
    if (mechanisms != null) {
        for (Mechanism mech : mechanisms) {
            ret.addMechanism(mech.getMechanismCode());
        }
    }
    ConcurrentBagEntry<Session> session = borrowSession();
    try {
        // secret keys
        List<SecretKey> secretKeys = getAllSecretKeyObjects(session.value());
        for (SecretKey secKey : secretKeys) {
            byte[] keyId = secKey.getId().getByteArrayValue();
            if (keyId == null || keyId.length == 0) {
                continue;
            }
            analyseSingleKey(secKey, ret);
        }
        // first get the list of all CA certificates
        List<X509PublicKeyCertificate> p11Certs = getAllCertificateObjects(session.value());
        for (X509PublicKeyCertificate p11Cert : p11Certs) {
            P11ObjectIdentifier objId = new P11ObjectIdentifier(p11Cert.getId().getByteArrayValue(), toString(p11Cert.getLabel()));
            ret.addCertificate(objId, parseCert(p11Cert));
        }
        List<PrivateKey> privKeys = getAllPrivateObjects(session.value());
        for (PrivateKey privKey : privKeys) {
            byte[] keyId = privKey.getId().getByteArrayValue();
            if (keyId == null || keyId.length == 0) {
                break;
            }
            try {
                analyseSingleKey(session.value(), privKey, ret);
            } catch (XiSecurityException ex) {
                LogUtil.error(LOG, ex, "XiSecurityException while initializing private key " + "with id " + hex(keyId));
                continue;
            } catch (Throwable th) {
                String label = "";
                if (privKey.getLabel() != null) {
                    label = new String(privKey.getLabel().getCharArrayValue());
                }
                LOG.error("unexpected exception while initializing private key with id " + hex(keyId) + " and label " + label, th);
                continue;
            }
        }
        return ret;
    } finally {
        sessions.requite(session);
    }
}
Also used : RSAPrivateKey(iaik.pkcs.pkcs11.objects.RSAPrivateKey) ECPrivateKey(iaik.pkcs.pkcs11.objects.ECPrivateKey) SM2PrivateKey(iaik.pkcs.pkcs11.objects.SM2PrivateKey) PrivateKey(iaik.pkcs.pkcs11.objects.PrivateKey) DSAPrivateKey(iaik.pkcs.pkcs11.objects.DSAPrivateKey) P11TokenException(org.xipki.security.exception.P11TokenException) DEROctetString(org.bouncycastle.asn1.DEROctetString) Mechanism(iaik.pkcs.pkcs11.Mechanism) ValuedSecretKey(iaik.pkcs.pkcs11.objects.ValuedSecretKey) SecretKey(iaik.pkcs.pkcs11.objects.SecretKey) XiSecurityException(org.xipki.security.exception.XiSecurityException) P11SlotRefreshResult(org.xipki.security.pkcs11.P11SlotRefreshResult) P11TokenException(org.xipki.security.exception.P11TokenException) TokenException(iaik.pkcs.pkcs11.TokenException) X509PublicKeyCertificate(iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate) P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier) Session(iaik.pkcs.pkcs11.Session)

Example 7 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method labelExists.

private static boolean labelExists(Session session, String keyLabel) throws P11TokenException {
    ParamUtil.requireNonBlank("keyLabel", keyLabel);
    Key key = new Key();
    key.getLabel().setCharArrayValue(keyLabel.toCharArray());
    Object[] objects;
    try {
        session.findObjectsInit(key);
        objects = session.findObjects(1);
        if (objects.length > 0) {
            return true;
        }
    } catch (TokenException ex) {
        throw new P11TokenException(ex.getMessage(), ex);
    } finally {
        try {
            session.findObjectsFinal();
        } catch (TokenException ex) {
            LogUtil.error(LOG, ex, "session.findObjectsFinal() failed");
        }
    }
    X509PublicKeyCertificate cert = new X509PublicKeyCertificate();
    cert.getLabel().setCharArrayValue(keyLabel.toCharArray());
    try {
        session.findObjectsInit(cert);
        objects = session.findObjects(1);
    } catch (TokenException ex) {
        throw new P11TokenException(ex.getMessage(), ex);
    } finally {
        try {
            session.findObjectsFinal();
        } catch (TokenException ex) {
            LogUtil.error(LOG, ex, "session.findObjectsFinal() failed");
        }
    }
    return objects.length > 0;
}
Also used : P11TokenException(org.xipki.security.exception.P11TokenException) TokenException(iaik.pkcs.pkcs11.TokenException) P11TokenException(org.xipki.security.exception.P11TokenException) PKCS11Object(iaik.pkcs.pkcs11.objects.PKCS11Object) X509PublicKeyCertificate(iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate) RSAPrivateKey(iaik.pkcs.pkcs11.objects.RSAPrivateKey) ECPrivateKey(iaik.pkcs.pkcs11.objects.ECPrivateKey) SM2PrivateKey(iaik.pkcs.pkcs11.objects.SM2PrivateKey) ValuedSecretKey(iaik.pkcs.pkcs11.objects.ValuedSecretKey) Key(iaik.pkcs.pkcs11.objects.Key) DSAPublicKey(iaik.pkcs.pkcs11.objects.DSAPublicKey) RSAPublicKey(iaik.pkcs.pkcs11.objects.RSAPublicKey) SM2PublicKey(iaik.pkcs.pkcs11.objects.SM2PublicKey) ECPublicKey(iaik.pkcs.pkcs11.objects.ECPublicKey) PrivateKey(iaik.pkcs.pkcs11.objects.PrivateKey) DSAPrivateKey(iaik.pkcs.pkcs11.objects.DSAPrivateKey) PublicKey(iaik.pkcs.pkcs11.objects.PublicKey) SecretKey(iaik.pkcs.pkcs11.objects.SecretKey)

Example 8 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method removeObjects.

@Override
public int removeObjects(byte[] id, String label) throws P11TokenException {
    if ((id == null || id.length == 0) && StringUtil.isBlank(label)) {
        throw new IllegalArgumentException("at least one of id and label must not be null");
    }
    Key keyTemplate = new Key();
    if (id != null && id.length > 0) {
        keyTemplate.getId().setByteArrayValue(id);
    }
    if (StringUtil.isNotBlank(label)) {
        keyTemplate.getLabel().setCharArrayValue(label.toCharArray());
    }
    String objIdDesc = getDescription(id, label);
    int num = removeObjects(keyTemplate, "keys " + objIdDesc);
    X509PublicKeyCertificate certTemplate = new X509PublicKeyCertificate();
    if (id != null && id.length > 0) {
        certTemplate.getId().setByteArrayValue(id);
    }
    if (StringUtil.isNotBlank(label)) {
        certTemplate.getLabel().setCharArrayValue(label.toCharArray());
    }
    num += removeObjects(certTemplate, "certificates" + objIdDesc);
    return num;
}
Also used : X509PublicKeyCertificate(iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate) DEROctetString(org.bouncycastle.asn1.DEROctetString) RSAPrivateKey(iaik.pkcs.pkcs11.objects.RSAPrivateKey) ECPrivateKey(iaik.pkcs.pkcs11.objects.ECPrivateKey) SM2PrivateKey(iaik.pkcs.pkcs11.objects.SM2PrivateKey) ValuedSecretKey(iaik.pkcs.pkcs11.objects.ValuedSecretKey) Key(iaik.pkcs.pkcs11.objects.Key) DSAPublicKey(iaik.pkcs.pkcs11.objects.DSAPublicKey) RSAPublicKey(iaik.pkcs.pkcs11.objects.RSAPublicKey) SM2PublicKey(iaik.pkcs.pkcs11.objects.SM2PublicKey) ECPublicKey(iaik.pkcs.pkcs11.objects.ECPublicKey) PrivateKey(iaik.pkcs.pkcs11.objects.PrivateKey) DSAPrivateKey(iaik.pkcs.pkcs11.objects.DSAPrivateKey) PublicKey(iaik.pkcs.pkcs11.objects.PublicKey) SecretKey(iaik.pkcs.pkcs11.objects.SecretKey)

Example 9 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method idExists.

private static boolean idExists(Session session, byte[] keyId) throws P11TokenException {
    Key key = new Key();
    key.getId().setByteArrayValue(keyId);
    Object[] objects;
    try {
        session.findObjectsInit(key);
        objects = session.findObjects(1);
        if (objects.length > 0) {
            return true;
        }
    } catch (TokenException ex) {
        throw new P11TokenException(ex.getMessage(), ex);
    } finally {
        try {
            session.findObjectsFinal();
        } catch (TokenException ex) {
            LogUtil.error(LOG, ex, "session.findObjectsFinal() failed");
        }
    }
    X509PublicKeyCertificate cert = new X509PublicKeyCertificate();
    cert.getId().setByteArrayValue(keyId);
    try {
        session.findObjectsInit(cert);
        objects = session.findObjects(1);
    } catch (TokenException ex) {
        throw new P11TokenException(ex.getMessage(), ex);
    } finally {
        try {
            session.findObjectsFinal();
        } catch (TokenException ex) {
            LogUtil.error(LOG, ex, "session.findObjectsFinal() failed");
        }
    }
    return objects.length > 0;
}
Also used : P11TokenException(org.xipki.security.exception.P11TokenException) TokenException(iaik.pkcs.pkcs11.TokenException) P11TokenException(org.xipki.security.exception.P11TokenException) PKCS11Object(iaik.pkcs.pkcs11.objects.PKCS11Object) X509PublicKeyCertificate(iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate) RSAPrivateKey(iaik.pkcs.pkcs11.objects.RSAPrivateKey) ECPrivateKey(iaik.pkcs.pkcs11.objects.ECPrivateKey) SM2PrivateKey(iaik.pkcs.pkcs11.objects.SM2PrivateKey) ValuedSecretKey(iaik.pkcs.pkcs11.objects.ValuedSecretKey) Key(iaik.pkcs.pkcs11.objects.Key) DSAPublicKey(iaik.pkcs.pkcs11.objects.DSAPublicKey) RSAPublicKey(iaik.pkcs.pkcs11.objects.RSAPublicKey) SM2PublicKey(iaik.pkcs.pkcs11.objects.SM2PublicKey) ECPublicKey(iaik.pkcs.pkcs11.objects.ECPublicKey) PrivateKey(iaik.pkcs.pkcs11.objects.PrivateKey) DSAPrivateKey(iaik.pkcs.pkcs11.objects.DSAPrivateKey) PublicKey(iaik.pkcs.pkcs11.objects.PublicKey) SecretKey(iaik.pkcs.pkcs11.objects.SecretKey)

Example 10 with X509PublicKeyCertificate

use of iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate in project xipki by xipki.

the class IaikP11Slot method getAllCertificateObjects.

private List<X509PublicKeyCertificate> getAllCertificateObjects(Session session) throws P11TokenException {
    X509PublicKeyCertificate template = new X509PublicKeyCertificate();
    List<Storage> tmpObjects = getObjects(session, template);
    List<X509PublicKeyCertificate> certs = new ArrayList<>(tmpObjects.size());
    for (PKCS11Object tmpObject : tmpObjects) {
        X509PublicKeyCertificate cert = (X509PublicKeyCertificate) tmpObject;
        certs.add(cert);
    }
    return certs;
}
Also used : Storage(iaik.pkcs.pkcs11.objects.Storage) PKCS11Object(iaik.pkcs.pkcs11.objects.PKCS11Object) ArrayList(java.util.ArrayList) X509PublicKeyCertificate(iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate)

Aggregations

X509PublicKeyCertificate (iaik.pkcs.pkcs11.objects.X509PublicKeyCertificate)10 TokenException (iaik.pkcs.pkcs11.TokenException)6 P11TokenException (org.xipki.security.exception.P11TokenException)6 DSAPrivateKey (iaik.pkcs.pkcs11.objects.DSAPrivateKey)5 ECPrivateKey (iaik.pkcs.pkcs11.objects.ECPrivateKey)5 PrivateKey (iaik.pkcs.pkcs11.objects.PrivateKey)5 RSAPrivateKey (iaik.pkcs.pkcs11.objects.RSAPrivateKey)5 SM2PrivateKey (iaik.pkcs.pkcs11.objects.SM2PrivateKey)5 SecretKey (iaik.pkcs.pkcs11.objects.SecretKey)5 ValuedSecretKey (iaik.pkcs.pkcs11.objects.ValuedSecretKey)5 Session (iaik.pkcs.pkcs11.Session)4 DSAPublicKey (iaik.pkcs.pkcs11.objects.DSAPublicKey)4 ECPublicKey (iaik.pkcs.pkcs11.objects.ECPublicKey)4 PublicKey (iaik.pkcs.pkcs11.objects.PublicKey)4 RSAPublicKey (iaik.pkcs.pkcs11.objects.RSAPublicKey)4 SM2PublicKey (iaik.pkcs.pkcs11.objects.SM2PublicKey)4 Key (iaik.pkcs.pkcs11.objects.Key)3 PKCS11Object (iaik.pkcs.pkcs11.objects.PKCS11Object)3 DEROctetString (org.bouncycastle.asn1.DEROctetString)3 Storage (iaik.pkcs.pkcs11.objects.Storage)2