Example 16 with P11ObjectIdentifier
use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.
the class ProxyP11Slot method refresh0.
@Override
protected P11SlotRefreshResult refresh0() throws P11TokenException {
P11SlotRefreshResult refreshResult = new P11SlotRefreshResult();
// mechanisms
List<Long> mechs = getMechanismsFromServer();
for (Long mech : mechs) {
refreshResult.addMechanism(mech);
}
// certificates
List<P11ObjectIdentifier> certIds = getObjectIdsFromServer(P11ProxyConstants.ACTION_GET_CERT_IDS);
for (P11ObjectIdentifier certId : certIds) {
X509Cert cert = getCertificate(certId);
if (cert != null) {
refreshResult.addCertificate(certId, cert);
}
}
List<P11ObjectIdentifier> keyIds = getObjectIdsFromServer(P11ProxyConstants.ACTION_GET_IDENTITY_IDS);
for (P11ObjectIdentifier keyId : keyIds) {
byte[] id = keyId.getId();
java.security.PublicKey pubKey = null;
X509Cert cert = refreshResult.getCertForId(id);
if (cert != null) {
pubKey = cert.getCert().getPublicKey();
} else {
pubKey = getPublicKey(keyId);
}
P11EntityIdentifier entityId = new P11EntityIdentifier(slotId, keyId);
ProxyP11Identity identity;
if (pubKey == null) {
identity = new ProxyP11Identity(this, entityId);
} else {
X509Certificate[] certs = (cert == null) ? null : new X509Certificate[] { cert.getCert() };
identity = new ProxyP11Identity(this, entityId, pubKey, certs);
}
refreshResult.addIdentity(identity);
}
return refreshResult;
}
Also used :
Asn1P11EntityIdentifier(org.xipki.p11proxy.msg.Asn1P11EntityIdentifier)
P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier)
PublicKey(java.security.PublicKey)
X509Certificate(java.security.cert.X509Certificate)
P11SlotRefreshResult(org.xipki.security.pkcs11.P11SlotRefreshResult)
X509Cert(org.xipki.security.X509Cert)
P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)
Asn1P11ObjectIdentifier(org.xipki.p11proxy.msg.Asn1P11ObjectIdentifier)
Example 17 with P11ObjectIdentifier
use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.
the class ProxyP11Slot method addCert0.
@Override
protected void addCert0(P11ObjectIdentifier objectId, X509Certificate cert) throws P11TokenException, CertificateException {
Asn1EntityIdAndCert asn1 = new Asn1EntityIdAndCert(new P11EntityIdentifier(slotId, objectId), cert);
module.send(P11ProxyConstants.ACTION_ADD_CERT, asn1);
}
Also used :
Asn1EntityIdAndCert(org.xipki.p11proxy.msg.Asn1EntityIdAndCert)
Asn1P11EntityIdentifier(org.xipki.p11proxy.msg.Asn1P11EntityIdentifier)
P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier)
Example 18 with P11ObjectIdentifier
use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.
the class ProxyP11Slot method getObjectIdsFromServer.
private List<P11ObjectIdentifier> getObjectIdsFromServer(short action) throws P11TokenException {
Asn1P11SlotIdentifier asn1SlotId = new Asn1P11SlotIdentifier(slotId);
byte[] resp = module.send(action, asn1SlotId);
List<Asn1P11ObjectIdentifier> asn1ObjectIds;
try {
asn1ObjectIds = Asn1P11ObjectIdentifiers.getInstance(resp).getObjectIds();
} catch (BadAsn1ObjectException ex) {
throw new P11TokenException("bad ASN1 object: " + ex.getMessage(), ex);
}
List<P11ObjectIdentifier> objectIds = new ArrayList<>(asn1ObjectIds.size());
for (Asn1P11ObjectIdentifier asn1Id : asn1ObjectIds) {
objectIds.add(asn1Id.getObjectId());
}
return objectIds;
}
Also used :
Asn1P11ObjectIdentifier(org.xipki.p11proxy.msg.Asn1P11ObjectIdentifier)
P11TokenException(org.xipki.security.exception.P11TokenException)
ArrayList(java.util.ArrayList)
P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)
Asn1P11ObjectIdentifier(org.xipki.p11proxy.msg.Asn1P11ObjectIdentifier)
Asn1P11SlotIdentifier(org.xipki.p11proxy.msg.Asn1P11SlotIdentifier)
BadAsn1ObjectException(org.xipki.security.exception.BadAsn1ObjectException)
Example 19 with P11ObjectIdentifier
use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.
the class EmulatorP11Slot method saveP11Entity.
private P11Identity saveP11Entity(KeyPair keypair, String label) throws P11TokenException {
byte[] id = generateId();
savePkcs11PrivateKey(id, label, keypair.getPrivate());
savePkcs11PublicKey(id, label, keypair.getPublic());
P11EntityIdentifier identityId = new P11EntityIdentifier(slotId, new P11ObjectIdentifier(id, label));
try {
return new EmulatorP11Identity(this, identityId, keypair.getPrivate(), keypair.getPublic(), null, maxSessions, random);
} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException ex) {
throw new P11TokenException("could not construct KeyStoreP11Identity: " + ex.getMessage(), ex);
}
}
Also used :
P11TokenException(org.xipki.security.exception.P11TokenException)
P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
NoSuchProviderException(java.security.NoSuchProviderException)
P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)
Example 20 with P11ObjectIdentifier
use of org.xipki.security.pkcs11.P11ObjectIdentifier in project xipki by xipki.
the class EmulatorP11Slot method saveP11Entity.
private P11Identity saveP11Entity(SecretKey key, String label) throws P11TokenException {
byte[] id = generateId();
savePkcs11SecretKey(id, label, key);
P11EntityIdentifier identityId = new P11EntityIdentifier(slotId, new P11ObjectIdentifier(id, label));
return new EmulatorP11Identity(this, identityId, key, maxSessions, random);
}
Also used :
P11EntityIdentifier(org.xipki.security.pkcs11.P11EntityIdentifier)
P11ObjectIdentifier(org.xipki.security.pkcs11.P11ObjectIdentifier)
Aggregations
P11ObjectIdentifier (org.xipki.security.pkcs11.P11ObjectIdentifier)30
P11EntityIdentifier (org.xipki.security.pkcs11.P11EntityIdentifier)15
P11Slot (org.xipki.security.pkcs11.P11Slot)15
P11TokenException (org.xipki.security.exception.P11TokenException)10
X509Certificate (java.security.cert.X509Certificate)8
Asn1P11EntityIdentifier (org.xipki.p11proxy.msg.Asn1P11EntityIdentifier)6
IllegalCmdParamException (org.xipki.console.karaf.IllegalCmdParamException)5
Session (iaik.pkcs.pkcs11.Session)4
TokenException (iaik.pkcs.pkcs11.TokenException)4
PublicKey (java.security.PublicKey)4
DEROctetString (org.bouncycastle.asn1.DEROctetString)4
X509Cert (org.xipki.security.X509Cert)4
XiSecurityException (org.xipki.security.exception.XiSecurityException)4
SecretKey (iaik.pkcs.pkcs11.objects.SecretKey)3
ValuedSecretKey (iaik.pkcs.pkcs11.objects.ValuedSecretKey)3
InvalidKeyException (java.security.InvalidKeyException)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3
CertificateException (java.security.cert.CertificateException)3
P11SlotRefreshResult (org.xipki.security.pkcs11.P11SlotRefreshResult)3
Mechanism (iaik.pkcs.pkcs11.Mechanism)2
