use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.
the class ProxyP11Slot method refresh0.
@Override
protected P11SlotRefreshResult refresh0() throws P11TokenException {
P11SlotRefreshResult refreshResult = new P11SlotRefreshResult();
// mechanisms
List<Long> mechs = getMechanismsFromServer();
for (Long mech : mechs) {
refreshResult.addMechanism(mech);
}
// certificates
List<P11ObjectIdentifier> certIds = getObjectIdsFromServer(P11ProxyConstants.ACTION_GET_CERT_IDS);
for (P11ObjectIdentifier certId : certIds) {
X509Cert cert = getCertificate(certId);
if (cert != null) {
refreshResult.addCertificate(certId, cert);
}
}
List<P11ObjectIdentifier> keyIds = getObjectIdsFromServer(P11ProxyConstants.ACTION_GET_IDENTITY_IDS);
for (P11ObjectIdentifier keyId : keyIds) {
byte[] id = keyId.getId();
java.security.PublicKey pubKey = null;
X509Cert cert = refreshResult.getCertForId(id);
if (cert != null) {
pubKey = cert.getCert().getPublicKey();
} else {
pubKey = getPublicKey(keyId);
}
P11EntityIdentifier entityId = new P11EntityIdentifier(slotId, keyId);
ProxyP11Identity identity;
if (pubKey == null) {
identity = new ProxyP11Identity(this, entityId);
} else {
X509Certificate[] certs = (cert == null) ? null : new X509Certificate[] { cert.getCert() };
identity = new ProxyP11Identity(this, entityId, pubKey, certs);
}
refreshResult.addIdentity(identity);
}
return refreshResult;
}
use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.
the class ProxyP11Slot method addCert0.
@Override
protected void addCert0(P11ObjectIdentifier objectId, X509Certificate cert) throws P11TokenException, CertificateException {
Asn1EntityIdAndCert asn1 = new Asn1EntityIdAndCert(new P11EntityIdentifier(slotId, objectId), cert);
module.send(P11ProxyConstants.ACTION_ADD_CERT, asn1);
}
use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.
the class ProxyP11Slot method getObjectIdsFromServer.
private List<P11ObjectIdentifier> getObjectIdsFromServer(short action) throws P11TokenException {
Asn1P11SlotIdentifier asn1SlotId = new Asn1P11SlotIdentifier(slotId);
byte[] resp = module.send(action, asn1SlotId);
List<Asn1P11ObjectIdentifier> asn1ObjectIds;
try {
asn1ObjectIds = Asn1P11ObjectIdentifiers.getInstance(resp).getObjectIds();
} catch (BadAsn1ObjectException ex) {
throw new P11TokenException("bad ASN1 object: " + ex.getMessage(), ex);
}
List<P11ObjectIdentifier> objectIds = new ArrayList<>(asn1ObjectIds.size());
for (Asn1P11ObjectIdentifier asn1Id : asn1ObjectIds) {
objectIds.add(asn1Id.getObjectId());
}
return objectIds;
}
use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.
the class EmulatorP11Slot method saveP11Entity.
private P11Identity saveP11Entity(KeyPair keypair, String label) throws P11TokenException {
byte[] id = generateId();
savePkcs11PrivateKey(id, label, keypair.getPrivate());
savePkcs11PublicKey(id, label, keypair.getPublic());
P11EntityIdentifier identityId = new P11EntityIdentifier(slotId, new P11ObjectIdentifier(id, label));
try {
return new EmulatorP11Identity(this, identityId, keypair.getPrivate(), keypair.getPublic(), null, maxSessions, random);
} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException ex) {
throw new P11TokenException("could not construct KeyStoreP11Identity: " + ex.getMessage(), ex);
}
}
use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.
the class EmulatorP11Slot method saveP11Entity.
private P11Identity saveP11Entity(SecretKey key, String label) throws P11TokenException {
byte[] id = generateId();
savePkcs11SecretKey(id, label, key);
P11EntityIdentifier identityId = new P11EntityIdentifier(slotId, new P11ObjectIdentifier(id, label));
return new EmulatorP11Identity(this, identityId, key, maxSessions, random);
}
Aggregations