Examples with P11Slot org.xipki.security.pkcs11.P11Slot used on opensource projects

Example 16 with P11Slot

use of org.xipki.security.pkcs11.P11Slot in project xipki by xipki.

the class SecurityAction method getSlot.

protected P11Slot getSlot(String moduleName, int slotIndex) throws XiSecurityException, P11TokenException, IllegalCmdParamException {
    P11Module module = getP11Module(moduleName);
    P11SlotIdentifier slotId = module.getSlotIdForIndex(slotIndex);
    return module.getSlot(slotId);
}

Example 17 with P11Slot

use of org.xipki.security.pkcs11.P11Slot in project xipki by xipki.

the class P11ObjectsDeleteCmd method execute0.

@Override
protected Object execute0() throws Exception {
    P11Slot slot = getSlot(moduleName, slotIndex);
    byte[] idBytes = null;
    if (id != null) {
        idBytes = Hex.decode(id);
    }
    int num = slot.removeObjects(idBytes, label);
    println("deleted " + num + " objects");
    return null;
}

Example 18 with P11Slot

use of org.xipki.security.pkcs11.P11Slot in project xipki by xipki.

the class P11SecretKeyGenCmd method execute0.

@Override
protected Object execute0() throws Exception {
    if (keysize % 8 != 0) {
        throw new IllegalCmdParamException("keysize is not multiple of 8: " + keysize);
    }
    long p11KeyType;
    if ("AES".equalsIgnoreCase(keyType)) {
        p11KeyType = PKCS11Constants.CKK_AES;
    } else if ("DES3".equalsIgnoreCase(keyType)) {
        p11KeyType = PKCS11Constants.CKK_DES3;
    } else if ("GENERIC".equalsIgnoreCase(keyType)) {
        p11KeyType = PKCS11Constants.CKK_GENERIC_SECRET;
    } else {
        throw new IllegalCmdParamException("invalid keyType " + keyType);
    }
    P11Slot slot = getSlot();
    P11NewKeyControl control = getControl();
    P11ObjectIdentifier objId = null;
    try {
        objId = slot.generateSecretKey(p11KeyType, keysize, label, control);
        finalize(keyType, objId);
    } catch (P11UnsupportedMechanismException ex) {
        if (!createExternIfGenUnsupported) {
            throw ex;
        }
        if (LOG.isInfoEnabled()) {
            LOG.info("could not generate secret key {}: ", label, ex.getMessage());
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("could not generate secret key " + label, ex);
        }
        byte[] keyValue = new byte[keysize / 8];
        securityFactory.getRandom4Key().nextBytes(keyValue);
        objId = slot.importSecretKey(p11KeyType, keyValue, label, control);
        // clear the memory
        Arrays.fill(keyValue, (byte) 0);
        println("generated in memory and imported " + keyType + " key " + objId);
    }
    return null;
}

Example 19 with P11Slot

use of org.xipki.security.pkcs11.P11Slot in project xipki by xipki.

the class P11SecurityAction method getObjectIdentifier.

public P11ObjectIdentifier getObjectIdentifier() throws IllegalCmdParamException, XiSecurityException, P11TokenException {
    P11Slot slot = getSlot();
    P11ObjectIdentifier objIdentifier;
    if (id != null && label == null) {
        objIdentifier = slot.getObjectIdForId(Hex.decode(id));
    } else if (id == null && label != null) {
        objIdentifier = slot.getObjectIdForLabel(label);
    } else {
        throw new IllegalCmdParamException("exactly one of keyId or keyLabel should be specified");
    }
    return objIdentifier;
}

Example 20 with P11Slot

use of org.xipki.security.pkcs11.P11Slot in project xipki by xipki.

the class BSpeedP11DSASignCmd method nextTester.

@Override
protected LoadExecutor nextTester() throws Exception {
    DSAControl control = queue.poll();
    if (control == null) {
        return null;
    }
    P11Slot slot = getSlot();
    if (control.plen() == 1024) {
        if (!"SHA1withDSA".equalsIgnoreCase(sigAlgo)) {
            throw new IllegalCmdParamException("only SHA1withDSA is permitted for DSA with 1024 bit");
        }
    }
    return new P11DSASignLoadTest(securityFactory, slot, sigAlgo, control.plen(), control.qlen());
}