Example 1 with SoftTokenContentSignerBuilder
use of org.xipki.security.pkcs12.SoftTokenContentSignerBuilder in project xipki by xipki.
the class Pkcs12RSATest method getSigner.
private ConcurrentContentSigner getSigner() throws Exception {
if (signer != null) {
return signer;
}
String certFile = getCertificateFile();
X509Certificate cert = X509Util.parseCert(certFile);
InputStream ks = new FileInputStream(getPkcs12File());
char[] password = getPassword().toCharArray();
SoftTokenContentSignerBuilder builder = new SoftTokenContentSignerBuilder("PKCS12", ks, password, null, password, new X509Certificate[] { cert });
signer = builder.createSigner(getSignatureAlgorithm(), 1, new SecureRandom());
return signer;
}
Also used :
FileInputStream(java.io.FileInputStream)
InputStream(java.io.InputStream)
SoftTokenContentSignerBuilder(org.xipki.security.pkcs12.SoftTokenContentSignerBuilder)
SecureRandom(java.security.SecureRandom)
X509Certificate(java.security.cert.X509Certificate)
FileInputStream(java.io.FileInputStream)
Example 2 with SoftTokenContentSignerBuilder
use of org.xipki.security.pkcs12.SoftTokenContentSignerBuilder in project xipki by xipki.
the class SignerFactoryRegisterImpl method newKeystoreSigner.
private ConcurrentContentSigner newKeystoreSigner(SecurityFactory securityFactory, String type, SignerConf conf, X509Certificate[] certificateChain) throws ObjectCreationException {
String str = conf.getConfValue("parallelism");
int parallelism = securityFactory.getDefaultSignerParallelism();
if (str != null) {
try {
parallelism = Integer.parseInt(str);
} catch (NumberFormatException ex) {
throw new ObjectCreationException("invalid parallelism " + str);
}
if (parallelism < 1) {
throw new ObjectCreationException("invalid parallelism " + str);
}
}
String passwordHint = conf.getConfValue("password");
char[] password;
if (passwordHint == null) {
password = null;
} else {
PasswordResolver passwordResolver = securityFactory.getPasswordResolver();
if (passwordResolver == null) {
password = passwordHint.toCharArray();
} else {
try {
password = passwordResolver.resolvePassword(passwordHint);
} catch (PasswordResolverException ex) {
throw new ObjectCreationException("could not resolve password. Message: " + ex.getMessage());
}
}
}
str = conf.getConfValue("keystore");
String keyLabel = conf.getConfValue("key-label");
InputStream keystoreStream;
if (StringUtil.startsWithIgnoreCase(str, "base64:")) {
keystoreStream = new ByteArrayInputStream(Base64.decode(str.substring("base64:".length())));
} else if (StringUtil.startsWithIgnoreCase(str, "file:")) {
String fn = str.substring("file:".length());
try {
keystoreStream = new FileInputStream(IoUtil.expandFilepath(fn));
} catch (FileNotFoundException ex) {
throw new ObjectCreationException("file not found: " + fn);
}
} else {
throw new ObjectCreationException("unknown keystore content format");
}
try {
AlgorithmIdentifier macAlgId = null;
String algoName = conf.getConfValue("algo");
if (algoName != null) {
try {
macAlgId = AlgorithmUtil.getMacAlgId(algoName);
} catch (NoSuchAlgorithmException ex) {
// do nothing
}
}
if (macAlgId != null) {
SoftTokenMacContentSignerBuilder signerBuilder = new SoftTokenMacContentSignerBuilder(type, keystoreStream, password, keyLabel, password);
return signerBuilder.createSigner(macAlgId, parallelism, securityFactory.getRandom4Sign());
} else {
SoftTokenContentSignerBuilder signerBuilder = new SoftTokenContentSignerBuilder(type, keystoreStream, password, keyLabel, password, certificateChain);
AlgorithmIdentifier signatureAlgId;
if (conf.getHashAlgo() == null) {
signatureAlgId = AlgorithmUtil.getSigAlgId(null, conf);
} else {
PublicKey pubKey = signerBuilder.getCertificate().getPublicKey();
signatureAlgId = AlgorithmUtil.getSigAlgId(pubKey, conf);
}
return signerBuilder.createSigner(signatureAlgId, parallelism, securityFactory.getRandom4Sign());
}
} catch (NoSuchAlgorithmException | NoSuchPaddingException | XiSecurityException ex) {
throw new ObjectCreationException(String.format("%s: %s", ex.getClass().getName(), ex.getMessage()));
}
}
Also used :
PasswordResolver(org.xipki.password.PasswordResolver)
ByteArrayInputStream(java.io.ByteArrayInputStream)
FileInputStream(java.io.FileInputStream)
InputStream(java.io.InputStream)
PublicKey(java.security.PublicKey)
FileNotFoundException(java.io.FileNotFoundException)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
FileInputStream(java.io.FileInputStream)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
XiSecurityException(org.xipki.security.exception.XiSecurityException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ObjectCreationException(org.xipki.common.ObjectCreationException)
SoftTokenContentSignerBuilder(org.xipki.security.pkcs12.SoftTokenContentSignerBuilder)
PasswordResolverException(org.xipki.password.PasswordResolverException)
SoftTokenMacContentSignerBuilder(org.xipki.security.pkcs12.SoftTokenMacContentSignerBuilder)
Aggregations
FileInputStream (java.io.FileInputStream)2
InputStream (java.io.InputStream)2
SoftTokenContentSignerBuilder (org.xipki.security.pkcs12.SoftTokenContentSignerBuilder)2
ByteArrayInputStream (java.io.ByteArrayInputStream)1
FileNotFoundException (java.io.FileNotFoundException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
PublicKey (java.security.PublicKey)1
SecureRandom (java.security.SecureRandom)1
X509Certificate (java.security.cert.X509Certificate)1
NoSuchPaddingException (javax.crypto.NoSuchPaddingException)1
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)1
ObjectCreationException (org.xipki.common.ObjectCreationException)1
PasswordResolver (org.xipki.password.PasswordResolver)1
PasswordResolverException (org.xipki.password.PasswordResolverException)1
XiSecurityException (org.xipki.security.exception.XiSecurityException)1
SoftTokenMacContentSignerBuilder (org.xipki.security.pkcs12.SoftTokenMacContentSignerBuilder)1
