Example 21 with IllegalCmdParamException
use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.
the class P11RefreshSlotCmd method execute0.
@Override
protected Object execute0() throws Exception {
P11CryptService p11Service = p11CryptServiceFactory.getP11CryptService(moduleName);
if (p11Service == null) {
throw new IllegalCmdParamException("undefined module " + moduleName);
}
p11Service.refresh();
println("refreshed module " + moduleName);
return null;
}
Also used :
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
P11CryptService(org.xipki.security.pkcs11.P11CryptService)
Example 22 with IllegalCmdParamException
use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.
the class P11SecretKeyGenCmd method execute0.
@Override
protected Object execute0() throws Exception {
if (keysize % 8 != 0) {
throw new IllegalCmdParamException("keysize is not multiple of 8: " + keysize);
}
long p11KeyType;
if ("AES".equalsIgnoreCase(keyType)) {
p11KeyType = PKCS11Constants.CKK_AES;
} else if ("DES3".equalsIgnoreCase(keyType)) {
p11KeyType = PKCS11Constants.CKK_DES3;
} else if ("GENERIC".equalsIgnoreCase(keyType)) {
p11KeyType = PKCS11Constants.CKK_GENERIC_SECRET;
} else {
throw new IllegalCmdParamException("invalid keyType " + keyType);
}
P11Slot slot = getSlot();
P11NewKeyControl control = getControl();
P11ObjectIdentifier objId = null;
try {
objId = slot.generateSecretKey(p11KeyType, keysize, label, control);
finalize(keyType, objId);
} catch (P11UnsupportedMechanismException ex) {
if (!createExternIfGenUnsupported) {
throw ex;
}
if (LOG.isInfoEnabled()) {
LOG.info("could not generate secret key {}: ", label, ex.getMessage());
}
if (LOG.isDebugEnabled()) {
LOG.debug("could not generate secret key " + label, ex);
}
byte[] keyValue = new byte[keysize / 8];
securityFactory.getRandom4Key().nextBytes(keyValue);
objId = slot.importSecretKey(p11KeyType, keyValue, label, control);
// clear the memory
Arrays.fill(keyValue, (byte) 0);
println("generated in memory and imported " + keyType + " key " + objId);
}
return null;
}
Also used :
P11NewKeyControl(org.xipki.security.pkcs11.P11NewKeyControl)
P11Slot(org.xipki.security.pkcs11.P11Slot)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
P11UnsupportedMechanismException(org.xipki.security.exception.P11UnsupportedMechanismException)
P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)
Example 23 with IllegalCmdParamException
use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.
the class P11SecurityAction method getObjectIdentifier.
public P11ObjectIdentifier getObjectIdentifier() throws IllegalCmdParamException, XiSecurityException, P11TokenException {
P11Slot slot = getSlot();
P11ObjectIdentifier objIdentifier;
if (id != null && label == null) {
objIdentifier = slot.getObjectIdForId(Hex.decode(id));
} else if (id == null && label != null) {
objIdentifier = slot.getObjectIdForLabel(label);
} else {
throw new IllegalCmdParamException("exactly one of keyId or keyLabel should be specified");
}
return objIdentifier;
}
Also used :
P11Slot(org.xipki.security.pkcs11.P11Slot)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)
Example 24 with IllegalCmdParamException
use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.
the class P12DSAKeyGenCmd method execute0.
@Override
protected Object execute0() throws Exception {
if (plen % 1024 != 0) {
throw new IllegalCmdParamException("plen is not multiple of 1024: " + plen);
}
if (qlen == null) {
if (plen <= 1024) {
qlen = 160;
} else if (plen <= 2048) {
qlen = 224;
} else {
qlen = 256;
}
}
P12KeyGenerationResult keypair = new P12KeyGenerator().generateDSAKeypair(plen, qlen, getKeyGenParameters(), subject);
saveKey(keypair);
return null;
}
Also used :
P12KeyGenerator(org.xipki.security.pkcs12.P12KeyGenerator)
P12KeyGenerationResult(org.xipki.security.pkcs12.P12KeyGenerationResult)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
Example 25 with IllegalCmdParamException
use of org.xipki.console.karaf.IllegalCmdParamException in project xipki by xipki.
the class BSpeedP11DSASignCmd method nextTester.
@Override
protected LoadExecutor nextTester() throws Exception {
DSAControl control = queue.poll();
if (control == null) {
return null;
}
P11Slot slot = getSlot();
if (control.plen() == 1024) {
if (!"SHA1withDSA".equalsIgnoreCase(sigAlgo)) {
throw new IllegalCmdParamException("only SHA1withDSA is permitted for DSA with 1024 bit");
}
}
return new P11DSASignLoadTest(securityFactory, slot, sigAlgo, control.plen(), control.qlen());
}
Also used :
DSAControl(org.xipki.security.speed.cmd.DSAControl)
P11DSASignLoadTest(org.xipki.security.speed.p11.P11DSASignLoadTest)
P11Slot(org.xipki.security.pkcs11.P11Slot)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
Aggregations
IllegalCmdParamException (org.xipki.console.karaf.IllegalCmdParamException)42
CmdFailure (org.xipki.console.karaf.CmdFailure)15
File (java.io.File)8
X509Certificate (java.security.cert.X509Certificate)6
CaMgmtException (org.xipki.ca.server.mgmt.api.CaMgmtException)6
P11Slot (org.xipki.security.pkcs11.P11Slot)6
BigInteger (java.math.BigInteger)5
RequestResponseDebug (org.xipki.common.RequestResponseDebug)5
P11ObjectIdentifier (org.xipki.security.pkcs11.P11ObjectIdentifier)5
FileInputStream (java.io.FileInputStream)4
NameId (org.xipki.ca.api.NameId)4
X509CRL (java.security.cert.X509CRL)3
Date (java.util.Date)3
LinkedList (java.util.LinkedList)3
Certificate (org.bouncycastle.asn1.x509.Certificate)3
CertIdOrError (org.xipki.ca.client.api.CertIdOrError)3
ByteArrayOutputStream (java.io.ByteArrayOutputStream)2
InputStream (java.io.InputStream)2
URL (java.net.URL)2
Key (java.security.Key)2
