use of org.xipki.security.pkcs12.SoftTokenContentSignerBuilder in project xipki by xipki.
the class Pkcs12RSATest method getSigner.
private ConcurrentContentSigner getSigner() throws Exception {
if (signer != null) {
return signer;
}
String certFile = getCertificateFile();
X509Certificate cert = X509Util.parseCert(certFile);
InputStream ks = new FileInputStream(getPkcs12File());
char[] password = getPassword().toCharArray();
SoftTokenContentSignerBuilder builder = new SoftTokenContentSignerBuilder("PKCS12", ks, password, null, password, new X509Certificate[] { cert });
signer = builder.createSigner(getSignatureAlgorithm(), 1, new SecureRandom());
return signer;
}
use of org.xipki.security.pkcs12.SoftTokenContentSignerBuilder in project xipki by xipki.
the class SignerFactoryRegisterImpl method newKeystoreSigner.
private ConcurrentContentSigner newKeystoreSigner(SecurityFactory securityFactory, String type, SignerConf conf, X509Certificate[] certificateChain) throws ObjectCreationException {
String str = conf.getConfValue("parallelism");
int parallelism = securityFactory.getDefaultSignerParallelism();
if (str != null) {
try {
parallelism = Integer.parseInt(str);
} catch (NumberFormatException ex) {
throw new ObjectCreationException("invalid parallelism " + str);
}
if (parallelism < 1) {
throw new ObjectCreationException("invalid parallelism " + str);
}
}
String passwordHint = conf.getConfValue("password");
char[] password;
if (passwordHint == null) {
password = null;
} else {
PasswordResolver passwordResolver = securityFactory.getPasswordResolver();
if (passwordResolver == null) {
password = passwordHint.toCharArray();
} else {
try {
password = passwordResolver.resolvePassword(passwordHint);
} catch (PasswordResolverException ex) {
throw new ObjectCreationException("could not resolve password. Message: " + ex.getMessage());
}
}
}
str = conf.getConfValue("keystore");
String keyLabel = conf.getConfValue("key-label");
InputStream keystoreStream;
if (StringUtil.startsWithIgnoreCase(str, "base64:")) {
keystoreStream = new ByteArrayInputStream(Base64.decode(str.substring("base64:".length())));
} else if (StringUtil.startsWithIgnoreCase(str, "file:")) {
String fn = str.substring("file:".length());
try {
keystoreStream = new FileInputStream(IoUtil.expandFilepath(fn));
} catch (FileNotFoundException ex) {
throw new ObjectCreationException("file not found: " + fn);
}
} else {
throw new ObjectCreationException("unknown keystore content format");
}
try {
AlgorithmIdentifier macAlgId = null;
String algoName = conf.getConfValue("algo");
if (algoName != null) {
try {
macAlgId = AlgorithmUtil.getMacAlgId(algoName);
} catch (NoSuchAlgorithmException ex) {
// do nothing
}
}
if (macAlgId != null) {
SoftTokenMacContentSignerBuilder signerBuilder = new SoftTokenMacContentSignerBuilder(type, keystoreStream, password, keyLabel, password);
return signerBuilder.createSigner(macAlgId, parallelism, securityFactory.getRandom4Sign());
} else {
SoftTokenContentSignerBuilder signerBuilder = new SoftTokenContentSignerBuilder(type, keystoreStream, password, keyLabel, password, certificateChain);
AlgorithmIdentifier signatureAlgId;
if (conf.getHashAlgo() == null) {
signatureAlgId = AlgorithmUtil.getSigAlgId(null, conf);
} else {
PublicKey pubKey = signerBuilder.getCertificate().getPublicKey();
signatureAlgId = AlgorithmUtil.getSigAlgId(pubKey, conf);
}
return signerBuilder.createSigner(signatureAlgId, parallelism, securityFactory.getRandom4Sign());
}
} catch (NoSuchAlgorithmException | NoSuchPaddingException | XiSecurityException ex) {
throw new ObjectCreationException(String.format("%s: %s", ex.getClass().getName(), ex.getMessage()));
}
}
Aggregations