Example 1 with P11NewKeyControl
use of org.xipki.security.pkcs11.P11NewKeyControl in project xipki by xipki.
the class P11SignLoadTest method getNewKeyControl.
protected static P11NewKeyControl getNewKeyControl() {
P11NewKeyControl control = new P11NewKeyControl();
control.setExtractable(true);
return control;
}
Also used :
P11NewKeyControl(org.xipki.security.pkcs11.P11NewKeyControl)
Example 2 with P11NewKeyControl
use of org.xipki.security.pkcs11.P11NewKeyControl in project xipki by xipki.
the class P11KeyGenAction method getControl.
protected P11NewKeyControl getControl() {
P11NewKeyControl control = new P11NewKeyControl();
control.setExtractable((extractable == null) ? getDefaultExtractable() : extractable.booleanValue());
return control;
}
Also used :
P11NewKeyControl(org.xipki.security.pkcs11.P11NewKeyControl)
Example 3 with P11NewKeyControl
use of org.xipki.security.pkcs11.P11NewKeyControl in project xipki by xipki.
the class IaikP11Slot method importSecretKey0.
@Override
protected P11Identity importSecretKey0(long keyType, byte[] keyValue, String label, P11NewKeyControl control) throws P11TokenException {
ValuedSecretKey template = new ValuedSecretKey(keyType);
template.getToken().setBooleanValue(true);
template.getLabel().setCharArrayValue(label.toCharArray());
template.getSign().setBooleanValue(true);
template.getSensitive().setBooleanValue(true);
template.getExtractable().setBooleanValue(control.isExtractable());
template.getValue().setByteArrayValue(keyValue);
SecretKey key;
Session session = borrowWritableSession();
try {
if (labelExists(session, label)) {
throw new IllegalArgumentException("label " + label + " exists, please specify another one");
}
byte[] id = generateKeyId(session);
template.getId().setByteArrayValue(id);
try {
key = (SecretKey) session.createObject(template);
} catch (TokenException ex) {
throw new P11TokenException("could not create secret key", ex);
}
P11ObjectIdentifier objId = new P11ObjectIdentifier(id, label);
P11EntityIdentifier entityId = new P11EntityIdentifier(slotId, objId);
return new IaikP11Identity(this, entityId, key);
} finally {
returnWritableSession(session);
}
}
Also used :
ValuedSecretKey(iaik.pkcs.pkcs11.objects.ValuedSecretKey)
ValuedSecretKey(iaik.pkcs.pkcs11.objects.ValuedSecretKey)
SecretKey(iaik.pkcs.pkcs11.objects.SecretKey)
P11TokenException(org.xipki.security.exception.P11TokenException)
TokenException(iaik.pkcs.pkcs11.TokenException)
P11TokenException(org.xipki.security.exception.P11TokenException)
P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier)
P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)
Session(iaik.pkcs.pkcs11.Session)
Example 4 with P11NewKeyControl
use of org.xipki.security.pkcs11.P11NewKeyControl in project xipki by xipki.
the class P11SecretKeyGenCmd method execute0.
@Override
protected Object execute0() throws Exception {
if (keysize % 8 != 0) {
throw new IllegalCmdParamException("keysize is not multiple of 8: " + keysize);
}
long p11KeyType;
if ("AES".equalsIgnoreCase(keyType)) {
p11KeyType = PKCS11Constants.CKK_AES;
} else if ("DES3".equalsIgnoreCase(keyType)) {
p11KeyType = PKCS11Constants.CKK_DES3;
} else if ("GENERIC".equalsIgnoreCase(keyType)) {
p11KeyType = PKCS11Constants.CKK_GENERIC_SECRET;
} else {
throw new IllegalCmdParamException("invalid keyType " + keyType);
}
P11Slot slot = getSlot();
P11NewKeyControl control = getControl();
P11ObjectIdentifier objId = null;
try {
objId = slot.generateSecretKey(p11KeyType, keysize, label, control);
finalize(keyType, objId);
} catch (P11UnsupportedMechanismException ex) {
if (!createExternIfGenUnsupported) {
throw ex;
}
if (LOG.isInfoEnabled()) {
LOG.info("could not generate secret key {}: ", label, ex.getMessage());
}
if (LOG.isDebugEnabled()) {
LOG.debug("could not generate secret key " + label, ex);
}
byte[] keyValue = new byte[keysize / 8];
securityFactory.getRandom4Key().nextBytes(keyValue);
objId = slot.importSecretKey(p11KeyType, keyValue, label, control);
// clear the memory
Arrays.fill(keyValue, (byte) 0);
println("generated in memory and imported " + keyType + " key " + objId);
}
return null;
}
Also used :
P11NewKeyControl(org.xipki.security.pkcs11.P11NewKeyControl)
P11Slot(org.xipki.security.pkcs11.P11Slot)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
P11UnsupportedMechanismException(org.xipki.security.exception.P11UnsupportedMechanismException)
P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)
Example 5 with P11NewKeyControl
use of org.xipki.security.pkcs11.P11NewKeyControl in project xipki by xipki.
the class P11KeyGenLoadTest method getControl.
protected P11NewKeyControl getControl() {
P11NewKeyControl control = new P11NewKeyControl();
control.setExtractable(true);
return control;
}
Also used :
P11NewKeyControl(org.xipki.security.pkcs11.P11NewKeyControl)
Aggregations
P11NewKeyControl (org.xipki.security.pkcs11.P11NewKeyControl)4
P11ObjectIdentifier (org.xipki.security.pkcs11.P11ObjectIdentifier)3
Session (iaik.pkcs.pkcs11.Session)2
TokenException (iaik.pkcs.pkcs11.TokenException)2
SecretKey (iaik.pkcs.pkcs11.objects.SecretKey)2
ValuedSecretKey (iaik.pkcs.pkcs11.objects.ValuedSecretKey)2
P11TokenException (org.xipki.security.exception.P11TokenException)2
P11EntityIdentifier (org.xipki.security.pkcs11.P11EntityIdentifier)2
Mechanism (iaik.pkcs.pkcs11.Mechanism)1
IllegalCmdParamException (org.xipki.console.karaf.IllegalCmdParamException)1
P11UnsupportedMechanismException (org.xipki.security.exception.P11UnsupportedMechanismException)1
P11Slot (org.xipki.security.pkcs11.P11Slot)1
