Search in sources :

Example 21 with P11TokenException

use of org.xipki.security.exception.P11TokenException in project xipki by xipki.

the class ProxyP11Slot method removeObjects.

@Override
public int removeObjects(byte[] id, String label) throws P11TokenException {
    if ((id == null || id.length == 0) && StringUtil.isBlank(label)) {
        throw new IllegalArgumentException("at least one of id and label must not be null");
    }
    Asn1RemoveObjectsParams params = new Asn1RemoveObjectsParams(slotId, id, label);
    byte[] resp = module.send(P11ProxyConstants.ACTION_REMOVE_OBJECTS, params);
    try {
        return ASN1Integer.getInstance(resp).getValue().intValue();
    } catch (IllegalArgumentException ex) {
        throw new P11TokenException(ex.getMessage(), ex);
    }
}
Also used : P11TokenException(org.xipki.security.exception.P11TokenException) Asn1RemoveObjectsParams(org.xipki.p11proxy.msg.Asn1RemoveObjectsParams)

Example 22 with P11TokenException

use of org.xipki.security.exception.P11TokenException in project xipki by xipki.

the class EmulatorP11Slot method loadProperties.

private Properties loadProperties(File file) throws P11TokenException {
    try {
        try (InputStream stream = new FileInputStream(file)) {
            Properties props = new Properties();
            props.load(stream);
            return props;
        }
    } catch (IOException ex) {
        throw new P11TokenException("could not load properties from the file " + file.getPath(), ex);
    }
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) P11TokenException(org.xipki.security.exception.P11TokenException) IOException(java.io.IOException) Properties(java.util.Properties) FileInputStream(java.io.FileInputStream)

Example 23 with P11TokenException

use of org.xipki.security.exception.P11TokenException in project xipki by xipki.

the class EmulatorP11Slot method savePkcs11SecretKey.

private void savePkcs11SecretKey(byte[] id, String label, SecretKey secretKey) throws P11TokenException {
    byte[] encrytedValue;
    try {
        KeyStore ks = KeyStore.getInstance("JCEKS");
        ks.load(null, password);
        ks.setKeyEntry("main", secretKey, password, null);
        ByteArrayOutputStream outStream = new ByteArrayOutputStream();
        ks.store(outStream, password);
        outStream.flush();
        encrytedValue = outStream.toByteArray();
    } catch (NoSuchAlgorithmException | KeyStoreException | CertificateException | IOException ex) {
        throw new P11TokenException(ex.getClass().getName() + ": " + ex.getMessage(), ex);
    }
    savePkcs11Entry(secKeyDir, id, label, encrytedValue);
}
Also used : P11TokenException(org.xipki.security.exception.P11TokenException) CertificateException(java.security.cert.CertificateException) ByteArrayOutputStream(java.io.ByteArrayOutputStream) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) KeyStoreException(java.security.KeyStoreException) IOException(java.io.IOException) KeyStore(java.security.KeyStore)

Example 24 with P11TokenException

use of org.xipki.security.exception.P11TokenException in project xipki by xipki.

the class EmulatorP11Slot method generateECKeypair0.

@Override
protected P11Identity generateECKeypair0(ASN1ObjectIdentifier curveId, String label, P11NewKeyControl control) throws P11TokenException {
    assertMechanismSupported(PKCS11Constants.CKM_EC_KEY_PAIR_GEN);
    KeyPair keypair;
    try {
        keypair = KeyUtil.generateECKeypairForCurveNameOrOid(curveId.getId(), random);
    } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidAlgorithmParameterException ex) {
        throw new P11TokenException(ex.getMessage(), ex);
    }
    return saveP11Entity(keypair, label);
}
Also used : KeyPair(java.security.KeyPair) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) P11TokenException(org.xipki.security.exception.P11TokenException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) NoSuchProviderException(java.security.NoSuchProviderException)

Example 25 with P11TokenException

use of org.xipki.security.exception.P11TokenException in project xipki by xipki.

the class LocalP11CryptServicePool method init.

public void init() throws P11TokenException, XiSecurityException {
    LOG.info("initializing ...");
    if (initialized.get()) {
        LOG.info("already initialized, skipping ...");
        return;
    }
    if (p11CryptServiceFactory == null) {
        throw new IllegalStateException("securityFactory is not configured");
    }
    Set<String> moduleNames = p11CryptServiceFactory.getModuleNames();
    for (String moduleName : moduleNames) {
        P11CryptService p11Service = p11CryptServiceFactory.getP11CryptService(moduleName);
        if (p11Service != null) {
            short moduleId = deriveModuleId(moduleName);
            String hexModuleId = "0x" + Integer.toHexString(moduleId);
            if (p11CryptServices.containsKey(moduleId)) {
                throw new P11TokenException("module Id " + moduleId + " for name " + moduleName + " already used, use another module name");
            }
            p11CryptServices.put(moduleId, p11Service);
            LOG.info("map module name '{}' to ID {}({}), access path: " + "'proxy:url=https://<host>:<port>/p11proxy,module={}'", moduleName, moduleId, hexModuleId, hexModuleId);
        }
    }
    initialized.set(true);
    LOG.info("initialized");
}
Also used : P11TokenException(org.xipki.security.exception.P11TokenException) P11CryptService(org.xipki.security.pkcs11.P11CryptService)

Aggregations

P11TokenException (org.xipki.security.exception.P11TokenException)57 TokenException (iaik.pkcs.pkcs11.TokenException)16 XiSecurityException (org.xipki.security.exception.XiSecurityException)16 IOException (java.io.IOException)11 Session (iaik.pkcs.pkcs11.Session)10 P11EntityIdentifier (org.xipki.security.pkcs11.P11EntityIdentifier)10 ECPrivateKey (iaik.pkcs.pkcs11.objects.ECPrivateKey)9 SecretKey (iaik.pkcs.pkcs11.objects.SecretKey)9 ValuedSecretKey (iaik.pkcs.pkcs11.objects.ValuedSecretKey)9 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)9 DSAPrivateKey (iaik.pkcs.pkcs11.objects.DSAPrivateKey)8 PrivateKey (iaik.pkcs.pkcs11.objects.PrivateKey)8 RSAPrivateKey (iaik.pkcs.pkcs11.objects.RSAPrivateKey)8 SM2PrivateKey (iaik.pkcs.pkcs11.objects.SM2PrivateKey)8 DEROctetString (org.bouncycastle.asn1.DEROctetString)8 P11ObjectIdentifier (org.xipki.security.pkcs11.P11ObjectIdentifier)8 ECPublicKey (iaik.pkcs.pkcs11.objects.ECPublicKey)7 DSAPublicKey (iaik.pkcs.pkcs11.objects.DSAPublicKey)6 PublicKey (iaik.pkcs.pkcs11.objects.PublicKey)6 RSAPublicKey (iaik.pkcs.pkcs11.objects.RSAPublicKey)6