use of org.xipki.security.exception.P11TokenException in project xipki by xipki.
the class EmulatorP11Slot method generateDSAKeypair0.
@Override
protected // CHECKSTYLE:SKIP
P11Identity generateDSAKeypair0(BigInteger p, BigInteger q, BigInteger g, String label, P11NewKeyControl control) throws P11TokenException {
assertMechanismSupported(PKCS11Constants.CKM_DSA_KEY_PAIR_GEN);
DSAParameters dsaParams = new DSAParameters(p, q, g);
KeyPair keypair;
try {
keypair = KeyUtil.generateDSAKeypair(dsaParams, random);
} catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidAlgorithmParameterException ex) {
throw new P11TokenException(ex.getMessage(), ex);
}
return saveP11Entity(keypair, label);
}
use of org.xipki.security.exception.P11TokenException in project xipki by xipki.
the class EmulatorP11Slot method savePkcs11PublicKey.
private void savePkcs11PublicKey(byte[] id, String label, PublicKey publicKey) throws P11TokenException {
String hexId = hex(id);
StringBuilder sb = new StringBuilder(100);
sb.append(PROP_ID).append('=').append(hexId).append('\n');
sb.append(PROP_LABEL).append('=').append(label).append('\n');
if (publicKey instanceof RSAPublicKey) {
sb.append(PROP_ALGORITHM).append('=').append(PKCSObjectIdentifiers.rsaEncryption.getId()).append('\n');
RSAPublicKey rsaKey = (RSAPublicKey) publicKey;
sb.append(PROP_RSA_MODUS).append('=').append(hex(rsaKey.getModulus().toByteArray())).append('\n');
sb.append(PROP_RSA_PUBLIC_EXPONENT).append('=').append(hex(rsaKey.getPublicExponent().toByteArray())).append('\n');
} else if (publicKey instanceof DSAPublicKey) {
sb.append(PROP_ALGORITHM).append('=').append(X9ObjectIdentifiers.id_dsa.getId()).append('\n');
DSAPublicKey dsaKey = (DSAPublicKey) publicKey;
sb.append(PROP_DSA_PRIME).append('=').append(hex(dsaKey.getParams().getP().toByteArray())).append('\n');
sb.append(PROP_DSA_SUBPRIME).append('=').append(hex(dsaKey.getParams().getQ().toByteArray())).append('\n');
sb.append(PROP_DSA_BASE).append('=').append(hex(dsaKey.getParams().getG().toByteArray())).append('\n');
sb.append(PROP_DSA_VALUE).append('=').append(hex(dsaKey.getY().toByteArray())).append('\n');
} else if (publicKey instanceof ECPublicKey) {
sb.append(PROP_ALGORITHM).append('=').append(X9ObjectIdentifiers.id_ecPublicKey.getId()).append('\n');
ECPublicKey ecKey = (ECPublicKey) publicKey;
ECParameterSpec paramSpec = ecKey.getParams();
// ecdsaParams
org.bouncycastle.jce.spec.ECParameterSpec bcParamSpec = EC5Util.convertSpec(paramSpec, false);
ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(bcParamSpec);
if (curveOid == null) {
throw new P11TokenException("EC public key is not of namedCurve");
}
byte[] encodedParams;
try {
if (namedCurveSupported) {
encodedParams = curveOid.getEncoded();
} else {
encodedParams = ECNamedCurveTable.getByOID(curveOid).getEncoded();
}
} catch (IOException | NullPointerException ex) {
throw new P11TokenException(ex.getMessage(), ex);
}
sb.append(PROP_EC_ECDSA_PARAMS).append('=').append(hex(encodedParams)).append('\n');
// EC point
java.security.spec.ECPoint pointW = ecKey.getW();
int keysize = (paramSpec.getOrder().bitLength() + 7) / 8;
byte[] ecPoint = new byte[1 + keysize * 2];
// uncompressed
ecPoint[0] = 4;
bigIntToBytes("Wx", pointW.getAffineX(), ecPoint, 1, keysize);
bigIntToBytes("Wy", pointW.getAffineY(), ecPoint, 1 + keysize, keysize);
byte[] encodedEcPoint;
try {
encodedEcPoint = new DEROctetString(ecPoint).getEncoded();
} catch (IOException ex) {
throw new P11TokenException("could not ASN.1 encode the ECPoint");
}
sb.append(PROP_EC_EC_POINT).append('=').append(hex(encodedEcPoint)).append('\n');
} else {
throw new IllegalArgumentException("unsupported public key " + publicKey.getClass().getName());
}
try {
IoUtil.save(new File(pubKeyDir, hexId + INFO_FILE_SUFFIX), sb.toString().getBytes());
} catch (IOException ex) {
throw new P11TokenException(ex.getMessage(), ex);
}
}
use of org.xipki.security.exception.P11TokenException in project xipki by xipki.
the class EmulatorP11Slot method saveP11Entity.
private P11Identity saveP11Entity(KeyPair keypair, String label) throws P11TokenException {
byte[] id = generateId();
savePkcs11PrivateKey(id, label, keypair.getPrivate());
savePkcs11PublicKey(id, label, keypair.getPublic());
P11EntityIdentifier identityId = new P11EntityIdentifier(slotId, new P11ObjectIdentifier(id, label));
try {
return new EmulatorP11Identity(this, identityId, keypair.getPrivate(), keypair.getPublic(), null, maxSessions, random);
} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException ex) {
throw new P11TokenException("could not construct KeyStoreP11Identity: " + ex.getMessage(), ex);
}
}
use of org.xipki.security.exception.P11TokenException in project xipki by xipki.
the class EmulatorP11Slot method generateRSAKeypair0.
@Override
protected P11Identity generateRSAKeypair0(int keysize, BigInteger publicExponent, String label, P11NewKeyControl control) throws P11TokenException {
assertMechanismSupported(PKCS11Constants.CKM_RSA_PKCS_KEY_PAIR_GEN);
KeyPair keypair;
try {
keypair = KeyUtil.generateRSAKeypair(keysize, publicExponent, random);
} catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidAlgorithmParameterException ex) {
throw new P11TokenException(ex.getMessage(), ex);
}
return saveP11Entity(keypair, label);
}
use of org.xipki.security.exception.P11TokenException in project xipki by xipki.
the class EmulatorP11Slot method readPublicKey.
private PublicKey readPublicKey(byte[] keyId) throws P11TokenException {
String hexKeyId = hex(keyId);
File pubKeyFile = new File(pubKeyDir, hexKeyId + INFO_FILE_SUFFIX);
Properties props = loadProperties(pubKeyFile);
String algorithm = props.getProperty(PROP_ALGORITHM);
if (PKCSObjectIdentifiers.rsaEncryption.getId().equals(algorithm)) {
BigInteger exp = new BigInteger(1, decodeHex(props.getProperty(PROP_RSA_PUBLIC_EXPONENT)));
BigInteger mod = new BigInteger(1, decodeHex(props.getProperty(PROP_RSA_MODUS)));
RSAPublicKeySpec keySpec = new RSAPublicKeySpec(mod, exp);
try {
return KeyUtil.generateRSAPublicKey(keySpec);
} catch (InvalidKeySpecException ex) {
throw new P11TokenException(ex.getMessage(), ex);
}
} else if (X9ObjectIdentifiers.id_dsa.getId().equals(algorithm)) {
// p
BigInteger prime = new BigInteger(1, decodeHex(props.getProperty(PROP_DSA_PRIME)));
// q
BigInteger subPrime = new BigInteger(1, decodeHex(props.getProperty(PROP_DSA_SUBPRIME)));
// g
BigInteger base = new BigInteger(1, decodeHex(props.getProperty(PROP_DSA_BASE)));
// y
BigInteger value = new BigInteger(1, decodeHex(props.getProperty(PROP_DSA_VALUE)));
DSAPublicKeySpec keySpec = new DSAPublicKeySpec(value, prime, subPrime, base);
try {
return KeyUtil.generateDSAPublicKey(keySpec);
} catch (InvalidKeySpecException ex) {
throw new P11TokenException(ex.getMessage(), ex);
}
} else if (X9ObjectIdentifiers.id_ecPublicKey.getId().equals(algorithm)) {
byte[] ecdsaParams = decodeHex(props.getProperty(PROP_EC_ECDSA_PARAMS));
byte[] asn1EncodedPoint = decodeHex(props.getProperty(PROP_EC_EC_POINT));
byte[] ecPoint = DEROctetString.getInstance(asn1EncodedPoint).getOctets();
try {
return KeyUtil.createECPublicKey(ecdsaParams, ecPoint);
} catch (InvalidKeySpecException ex) {
throw new P11TokenException(ex.getMessage(), ex);
}
} else {
throw new P11TokenException("unknown key algorithm " + algorithm);
}
}
Aggregations