Search in sources :

Example 16 with P11ObjectIdentifier

use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.

the class ProxyP11Slot method refresh0.

@Override
protected P11SlotRefreshResult refresh0() throws P11TokenException {
    P11SlotRefreshResult refreshResult = new P11SlotRefreshResult();
    // mechanisms
    List<Long> mechs = getMechanismsFromServer();
    for (Long mech : mechs) {
        refreshResult.addMechanism(mech);
    }
    // certificates
    List<P11ObjectIdentifier> certIds = getObjectIdsFromServer(P11ProxyConstants.ACTION_GET_CERT_IDS);
    for (P11ObjectIdentifier certId : certIds) {
        X509Cert cert = getCertificate(certId);
        if (cert != null) {
            refreshResult.addCertificate(certId, cert);
        }
    }
    List<P11ObjectIdentifier> keyIds = getObjectIdsFromServer(P11ProxyConstants.ACTION_GET_IDENTITY_IDS);
    for (P11ObjectIdentifier keyId : keyIds) {
        byte[] id = keyId.getId();
        java.security.PublicKey pubKey = null;
        X509Cert cert = refreshResult.getCertForId(id);
        if (cert != null) {
            pubKey = cert.getCert().getPublicKey();
        } else {
            pubKey = getPublicKey(keyId);
        }
        P11EntityIdentifier entityId = new P11EntityIdentifier(slotId, keyId);
        ProxyP11Identity identity;
        if (pubKey == null) {
            identity = new ProxyP11Identity(this, entityId);
        } else {
            X509Certificate[] certs = (cert == null) ? null : new X509Certificate[] { cert.getCert() };
            identity = new ProxyP11Identity(this, entityId, pubKey, certs);
        }
        refreshResult.addIdentity(identity);
    }
    return refreshResult;
}
Also used : Asn1P11EntityIdentifier(org.xipki.p11proxy.msg.Asn1P11EntityIdentifier) P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier) PublicKey(java.security.PublicKey) X509Certificate(java.security.cert.X509Certificate) P11SlotRefreshResult(org.xipki.security.pkcs11.P11SlotRefreshResult) X509Cert(org.xipki.security.X509Cert) P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier) Asn1P11ObjectIdentifier(org.xipki.p11proxy.msg.Asn1P11ObjectIdentifier)

Example 17 with P11ObjectIdentifier

use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.

the class ProxyP11Slot method addCert0.

@Override
protected void addCert0(P11ObjectIdentifier objectId, X509Certificate cert) throws P11TokenException, CertificateException {
    Asn1EntityIdAndCert asn1 = new Asn1EntityIdAndCert(new P11EntityIdentifier(slotId, objectId), cert);
    module.send(P11ProxyConstants.ACTION_ADD_CERT, asn1);
}
Also used : Asn1EntityIdAndCert(org.xipki.p11proxy.msg.Asn1EntityIdAndCert) Asn1P11EntityIdentifier(org.xipki.p11proxy.msg.Asn1P11EntityIdentifier) P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier)

Example 18 with P11ObjectIdentifier

use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.

the class ProxyP11Slot method getObjectIdsFromServer.

private List<P11ObjectIdentifier> getObjectIdsFromServer(short action) throws P11TokenException {
    Asn1P11SlotIdentifier asn1SlotId = new Asn1P11SlotIdentifier(slotId);
    byte[] resp = module.send(action, asn1SlotId);
    List<Asn1P11ObjectIdentifier> asn1ObjectIds;
    try {
        asn1ObjectIds = Asn1P11ObjectIdentifiers.getInstance(resp).getObjectIds();
    } catch (BadAsn1ObjectException ex) {
        throw new P11TokenException("bad ASN1 object: " + ex.getMessage(), ex);
    }
    List<P11ObjectIdentifier> objectIds = new ArrayList<>(asn1ObjectIds.size());
    for (Asn1P11ObjectIdentifier asn1Id : asn1ObjectIds) {
        objectIds.add(asn1Id.getObjectId());
    }
    return objectIds;
}
Also used : Asn1P11ObjectIdentifier(org.xipki.p11proxy.msg.Asn1P11ObjectIdentifier) P11TokenException(org.xipki.security.exception.P11TokenException) ArrayList(java.util.ArrayList) P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier) Asn1P11ObjectIdentifier(org.xipki.p11proxy.msg.Asn1P11ObjectIdentifier) Asn1P11SlotIdentifier(org.xipki.p11proxy.msg.Asn1P11SlotIdentifier) BadAsn1ObjectException(org.xipki.security.exception.BadAsn1ObjectException)

Example 19 with P11ObjectIdentifier

use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.

the class EmulatorP11Slot method saveP11Entity.

private P11Identity saveP11Entity(KeyPair keypair, String label) throws P11TokenException {
    byte[] id = generateId();
    savePkcs11PrivateKey(id, label, keypair.getPrivate());
    savePkcs11PublicKey(id, label, keypair.getPublic());
    P11EntityIdentifier identityId = new P11EntityIdentifier(slotId, new P11ObjectIdentifier(id, label));
    try {
        return new EmulatorP11Identity(this, identityId, keypair.getPrivate(), keypair.getPublic(), null, maxSessions, random);
    } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException ex) {
        throw new P11TokenException("could not construct KeyStoreP11Identity: " + ex.getMessage(), ex);
    }
}
Also used : P11TokenException(org.xipki.security.exception.P11TokenException) P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) NoSuchProviderException(java.security.NoSuchProviderException) P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)

Example 20 with P11ObjectIdentifier

use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.

the class EmulatorP11Slot method saveP11Entity.

private P11Identity saveP11Entity(SecretKey key, String label) throws P11TokenException {
    byte[] id = generateId();
    savePkcs11SecretKey(id, label, key);
    P11EntityIdentifier identityId = new P11EntityIdentifier(slotId, new P11ObjectIdentifier(id, label));
    return new EmulatorP11Identity(this, identityId, key, maxSessions, random);
}
Also used : P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier) P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)

Aggregations

P11ObjectIdentifier (org.xipki.security.pkcs11.P11ObjectIdentifier)30 P11EntityIdentifier (org.xipki.security.pkcs11.P11EntityIdentifier)15 P11Slot (org.xipki.security.pkcs11.P11Slot)15 P11TokenException (org.xipki.security.exception.P11TokenException)10 X509Certificate (java.security.cert.X509Certificate)8 Asn1P11EntityIdentifier (org.xipki.p11proxy.msg.Asn1P11EntityIdentifier)6 IllegalCmdParamException (org.xipki.console.karaf.IllegalCmdParamException)5 Session (iaik.pkcs.pkcs11.Session)4 TokenException (iaik.pkcs.pkcs11.TokenException)4 PublicKey (java.security.PublicKey)4 DEROctetString (org.bouncycastle.asn1.DEROctetString)4 X509Cert (org.xipki.security.X509Cert)4 XiSecurityException (org.xipki.security.exception.XiSecurityException)4 SecretKey (iaik.pkcs.pkcs11.objects.SecretKey)3 ValuedSecretKey (iaik.pkcs.pkcs11.objects.ValuedSecretKey)3 InvalidKeyException (java.security.InvalidKeyException)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3 CertificateException (java.security.cert.CertificateException)3 P11SlotRefreshResult (org.xipki.security.pkcs11.P11SlotRefreshResult)3 Mechanism (iaik.pkcs.pkcs11.Mechanism)2