Example 6 with P11Identity
use of org.xipki.security.pkcs11.P11Identity in project xipki by xipki.
the class ProxyP11Slot method parseGenerateSecretKeyResult.
private P11Identity parseGenerateSecretKeyResult(byte[] resp) throws P11TokenException {
if (resp == null) {
throw new P11TokenException("server returned no result");
}
Asn1P11EntityIdentifier ei;
try {
ei = Asn1P11EntityIdentifier.getInstance(resp);
} catch (BadAsn1ObjectException ex) {
throw new P11TokenException("invalid ASN1 object Asn1P11EntityIdentifier: " + ex.getMessage(), ex);
}
if (!slotId.equals(ei.getSlotId().getSlotId())) {
throw new P11TokenException("");
}
P11EntityIdentifier entityId = ei.getEntityId();
return new ProxyP11Identity(this, entityId);
}
Also used :
Asn1P11EntityIdentifier(org.xipki.p11proxy.msg.Asn1P11EntityIdentifier)
P11TokenException(org.xipki.security.exception.P11TokenException)
Asn1P11EntityIdentifier(org.xipki.p11proxy.msg.Asn1P11EntityIdentifier)
P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier)
BadAsn1ObjectException(org.xipki.security.exception.BadAsn1ObjectException)
Example 7 with P11Identity
use of org.xipki.security.pkcs11.P11Identity in project xipki by xipki.
the class EmulatorP11Slot method saveP11Entity.
private P11Identity saveP11Entity(KeyPair keypair, String label) throws P11TokenException {
byte[] id = generateId();
savePkcs11PrivateKey(id, label, keypair.getPrivate());
savePkcs11PublicKey(id, label, keypair.getPublic());
P11EntityIdentifier identityId = new P11EntityIdentifier(slotId, new P11ObjectIdentifier(id, label));
try {
return new EmulatorP11Identity(this, identityId, keypair.getPrivate(), keypair.getPublic(), null, maxSessions, random);
} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException ex) {
throw new P11TokenException("could not construct KeyStoreP11Identity: " + ex.getMessage(), ex);
}
}
Also used :
P11TokenException(org.xipki.security.exception.P11TokenException)
P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
NoSuchProviderException(java.security.NoSuchProviderException)
P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)
Example 8 with P11Identity
use of org.xipki.security.pkcs11.P11Identity in project xipki by xipki.
the class EmulatorP11Slot method saveP11Entity.
private P11Identity saveP11Entity(SecretKey key, String label) throws P11TokenException {
byte[] id = generateId();
savePkcs11SecretKey(id, label, key);
P11EntityIdentifier identityId = new P11EntityIdentifier(slotId, new P11ObjectIdentifier(id, label));
return new EmulatorP11Identity(this, identityId, key, maxSessions, random);
}
Also used :
P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier)
P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)
Example 9 with P11Identity
use of org.xipki.security.pkcs11.P11Identity in project xipki by xipki.
the class IaikP11Slot method generateSecretKey0.
@Override
protected P11Identity generateSecretKey0(long keyType, int keysize, String label, P11NewKeyControl control) throws P11TokenException {
if (keysize % 8 != 0) {
throw new IllegalArgumentException("keysize is not multiple of 8: " + keysize);
}
long mech;
if (PKCS11Constants.CKK_AES == keyType) {
mech = PKCS11Constants.CKM_AES_KEY_GEN;
} else if (PKCS11Constants.CKK_DES3 == keyType) {
mech = PKCS11Constants.CKM_DES3_KEY_GEN;
} else if (PKCS11Constants.CKK_GENERIC_SECRET == keyType) {
mech = PKCS11Constants.CKM_GENERIC_SECRET_KEY_GEN;
} else if (PKCS11Constants.CKK_SHA_1_HMAC == keyType || PKCS11Constants.CKK_SHA224_HMAC == keyType || PKCS11Constants.CKK_SHA256_HMAC == keyType || PKCS11Constants.CKK_SHA384_HMAC == keyType || PKCS11Constants.CKK_SHA512_HMAC == keyType || PKCS11Constants.CKK_SHA3_224_HMAC == keyType || PKCS11Constants.CKK_SHA3_256_HMAC == keyType || PKCS11Constants.CKK_SHA3_384_HMAC == keyType || PKCS11Constants.CKK_SHA3_512_HMAC == keyType) {
mech = PKCS11Constants.CKM_GENERIC_SECRET_KEY_GEN;
} else {
throw new IllegalArgumentException("unsupported key type 0x" + Functions.toFullHex((int) keyType));
}
assertMechanismSupported(mech);
ValuedSecretKey template = new ValuedSecretKey(keyType);
template.getToken().setBooleanValue(true);
template.getLabel().setCharArrayValue(label.toCharArray());
template.getSign().setBooleanValue(true);
template.getSensitive().setBooleanValue(true);
template.getExtractable().setBooleanValue(control.isExtractable());
template.getValueLen().setLongValue((long) (keysize / 8));
Mechanism mechanism = Mechanism.get(mech);
SecretKey key;
Session session = borrowWritableSession();
try {
if (labelExists(session, label)) {
throw new IllegalArgumentException("label " + label + " exists, please specify another one");
}
byte[] id = generateKeyId(session);
template.getId().setByteArrayValue(id);
try {
key = (SecretKey) session.generateKey(mechanism, template);
} catch (TokenException ex) {
throw new P11TokenException("could not generate generic secret key using " + mechanism.getName(), ex);
}
P11ObjectIdentifier objId = new P11ObjectIdentifier(id, label);
P11EntityIdentifier entityId = new P11EntityIdentifier(slotId, objId);
return new IaikP11Identity(this, entityId, key);
} finally {
returnWritableSession(session);
}
}
Also used :
ValuedSecretKey(iaik.pkcs.pkcs11.objects.ValuedSecretKey)
ValuedSecretKey(iaik.pkcs.pkcs11.objects.ValuedSecretKey)
SecretKey(iaik.pkcs.pkcs11.objects.SecretKey)
P11TokenException(org.xipki.security.exception.P11TokenException)
TokenException(iaik.pkcs.pkcs11.TokenException)
P11TokenException(org.xipki.security.exception.P11TokenException)
P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier)
P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)
Mechanism(iaik.pkcs.pkcs11.Mechanism)
Session(iaik.pkcs.pkcs11.Session)
Aggregations
P11EntityIdentifier (org.xipki.security.pkcs11.P11EntityIdentifier)8
P11TokenException (org.xipki.security.exception.P11TokenException)7
P11ObjectIdentifier (org.xipki.security.pkcs11.P11ObjectIdentifier)7
Session (iaik.pkcs.pkcs11.Session)3
TokenException (iaik.pkcs.pkcs11.TokenException)3
Asn1P11EntityIdentifier (org.xipki.p11proxy.msg.Asn1P11EntityIdentifier)3
BadAsn1ObjectException (org.xipki.security.exception.BadAsn1ObjectException)3
SecretKey (iaik.pkcs.pkcs11.objects.SecretKey)2
ValuedSecretKey (iaik.pkcs.pkcs11.objects.ValuedSecretKey)2
InvalidKeyException (java.security.InvalidKeyException)2
PublicKey (java.security.PublicKey)2
X509Certificate (java.security.cert.X509Certificate)2
DEROctetString (org.bouncycastle.asn1.DEROctetString)2
XiSecurityException (org.xipki.security.exception.XiSecurityException)2
P11CryptService (org.xipki.security.pkcs11.P11CryptService)2
P11Identity (org.xipki.security.pkcs11.P11Identity)2
P11Slot (org.xipki.security.pkcs11.P11Slot)2
P11SlotIdentifier (org.xipki.security.pkcs11.P11SlotIdentifier)2
Mechanism (iaik.pkcs.pkcs11.Mechanism)1
DSAPrivateKey (iaik.pkcs.pkcs11.objects.DSAPrivateKey)1
