use of org.xipki.security.exception.P11TokenException in project xipki by xipki.
the class IaikP11Slot method addCert0.
@Override
protected void addCert0(P11ObjectIdentifier objectId, X509Certificate cert) throws P11TokenException {
X509PublicKeyCertificate newCaCertTemp = createPkcs11Template(new X509Cert(cert), objectId.getId(), objectId.getLabelChars());
Session session = borrowWritableSession();
try {
session.createObject(newCaCertTemp);
} catch (TokenException ex) {
throw new P11TokenException(ex.getMessage(), ex);
} finally {
returnWritableSession(session);
}
}
use of org.xipki.security.exception.P11TokenException in project xipki by xipki.
the class IaikP11Slot method importSecretKey0.
@Override
protected P11Identity importSecretKey0(long keyType, byte[] keyValue, String label, P11NewKeyControl control) throws P11TokenException {
ValuedSecretKey template = new ValuedSecretKey(keyType);
template.getToken().setBooleanValue(true);
template.getLabel().setCharArrayValue(label.toCharArray());
template.getSign().setBooleanValue(true);
template.getSensitive().setBooleanValue(true);
template.getExtractable().setBooleanValue(control.isExtractable());
template.getValue().setByteArrayValue(keyValue);
SecretKey key;
Session session = borrowWritableSession();
try {
if (labelExists(session, label)) {
throw new IllegalArgumentException("label " + label + " exists, please specify another one");
}
byte[] id = generateKeyId(session);
template.getId().setByteArrayValue(id);
try {
key = (SecretKey) session.createObject(template);
} catch (TokenException ex) {
throw new P11TokenException("could not create secret key", ex);
}
P11ObjectIdentifier objId = new P11ObjectIdentifier(id, label);
P11EntityIdentifier entityId = new P11EntityIdentifier(slotId, objId);
return new IaikP11Identity(this, entityId, key);
} finally {
returnWritableSession(session);
}
}
use of org.xipki.security.exception.P11TokenException in project xipki by xipki.
the class IaikP11Slot method checkSessionLoggedIn.
private static boolean checkSessionLoggedIn(Session session) throws P11TokenException {
SessionInfo info;
try {
info = session.getSessionInfo();
} catch (TokenException ex) {
throw new P11TokenException(ex.getMessage(), ex);
}
if (LOG.isTraceEnabled()) {
LOG.debug("SessionInfo: {}", info);
}
State state = info.getState();
long deviceError = info.getDeviceError();
LOG.debug("to be verified PKCS11Module: state = {}, deviceError: {}", state, deviceError);
boolean isRwSessionLoggedIn = state.equals(State.RW_USER_FUNCTIONS);
boolean isRoSessionLoggedIn = state.equals(State.RO_USER_FUNCTIONS);
boolean sessionLoggedIn = ((isRoSessionLoggedIn || isRwSessionLoggedIn) && deviceError == 0);
LOG.debug("sessionLoggedIn: {}", sessionLoggedIn);
return sessionLoggedIn;
}
use of org.xipki.security.exception.P11TokenException in project xipki by xipki.
the class ProxyP11Identity method sign0.
@Override
protected byte[] sign0(long mechanism, P11Params parameters, byte[] content) throws P11TokenException {
Asn1P11EntityIdentifier asn1EntityId = new Asn1P11EntityIdentifier(identityId);
Asn1P11Params p11Param = null;
if (parameters != null) {
if (parameters instanceof P11RSAPkcsPssParams) {
p11Param = new Asn1P11Params(Asn1P11Params.TAG_RSA_PKCS_PSS, new Asn1RSAPkcsPssParams((P11RSAPkcsPssParams) parameters));
} else if (parameters instanceof P11ByteArrayParams) {
byte[] bytes = ((P11ByteArrayParams) parameters).getBytes();
p11Param = new Asn1P11Params(Asn1P11Params.TAG_OPAQUE, new DEROctetString(bytes));
} else if (parameters instanceof P11IVParams) {
p11Param = new Asn1P11Params(Asn1P11Params.TAG_IV, new DEROctetString(((P11IVParams) parameters).getIV()));
} else {
throw new IllegalArgumentException("unkown parameter 'parameters'");
}
}
Asn1SignTemplate signTemplate = new Asn1SignTemplate(asn1EntityId, mechanism, p11Param, content);
byte[] result = ((ProxyP11Slot) slot).getModule().send(P11ProxyConstants.ACTION_SIGN, signTemplate);
ASN1OctetString octetString;
try {
octetString = DEROctetString.getInstance(result);
} catch (IllegalArgumentException ex) {
throw new P11TokenException("the returned result is not OCTET STRING");
}
return (octetString == null) ? null : octetString.getOctets();
}
use of org.xipki.security.exception.P11TokenException in project xipki by xipki.
the class ProxyP11Identity method digestSecretKey0.
@Override
protected byte[] digestSecretKey0(long mechanism) throws P11TokenException {
Asn1P11EntityIdentifier asn1EntityId = new Asn1P11EntityIdentifier(identityId);
Asn1DigestSecretKeyTemplate template = new Asn1DigestSecretKeyTemplate(asn1EntityId, mechanism);
byte[] result = ((ProxyP11Slot) slot).getModule().send(P11ProxyConstants.ACTION_DIGEST_SECRETKEY, template);
ASN1OctetString octetString;
try {
octetString = DEROctetString.getInstance(result);
} catch (IllegalArgumentException ex) {
throw new P11TokenException("the returned result is not OCTET STRING");
}
return (octetString == null) ? null : octetString.getOctets();
}
Aggregations