@Override public ConcurrentBagEntrySigner borrowContentSigner() throws NoIdleSignerException { return borrowContentSigner(defaultSignServiceTimeout); }
@Override public void setCertificateChain(final X509Certificate[] certificateChain) { if (certificateChain == null || certificateChain.length == 0) { this.certificateChain = null; this.certificateChainAsBcObjects = null; return; } this.certificateChain = certificateChain; setPublicKey(certificateChain[0].getPublicKey()); final int n = certificateChain.length; this.certificateChainAsBcObjects = new X509CertificateHolder[n]; for (int i = 0; i < n; i++) { X509Certificate cert = this.certificateChain[i]; try { this.certificateChainAsBcObjects[i] = new X509CertificateHolder(cert.getEncoded()); } catch (CertificateEncodingException | IOException ex) { throw new IllegalArgumentException( String.format("%s occurred while parsing certificate at index %d: %s", ex.getClass().getName(), i, ex.getMessage()), ex); } } }
DefaultConcurrentContentSigner concurrentSigner; try { concurrentSigner = new DefaultConcurrentContentSigner(mac, signers, privateKey); } catch (NoSuchAlgorithmException ex) { throw new XiSecurityException(ex.getMessage(), ex); concurrentSigner.setCertificateChain(certificateChain); } else { concurrentSigner.setPublicKey(publicKey);
@Override public byte[] sign(final byte[] data) throws NoIdleSignerException, SignatureException { ConcurrentBagEntrySigner contentSigner = borrowContentSigner(); try { OutputStream signatureStream = contentSigner.value().getOutputStream(); try { signatureStream.write(data); } catch (IOException ex) { throw new SignatureException( "could not write data to SignatureStream: " + ex.getMessage(), ex); } return contentSigner.value().getSignature(); } finally { requiteContentSigner(contentSigner); } }
public ConcurrentContentSigner createSigner(final AlgorithmIdentifier signatureAlgId, final int parallelism) throws XiSecurityException, P11TokenException { ParamUtil.requireMin("parallelism", parallelism, 1); List<XiContentSigner> signers = new ArrayList<>(parallelism); for (int i = 0; i < parallelism; i++) { XiContentSigner signer = new P11MacContentSigner( cryptService, identityId, signatureAlgId); signers.add(signer); } // end for final boolean mac = true; DefaultConcurrentContentSigner concurrentSigner; try { concurrentSigner = new DefaultConcurrentContentSigner(mac, signers, null); } catch (NoSuchAlgorithmException ex) { throw new XiSecurityException(ex.getMessage(), ex); } try { byte[] sha1HashOfKey = cryptService.getIdentity(identityId).digestSecretKey( PKCS11Constants.CKM_SHA_1); concurrentSigner.setSha1DigestOfMacKey(sha1HashOfKey); } catch (P11TokenException | XiSecurityException ex) { LogUtil.warn(LOG, ex, "could not compute the digest of secret key " + identityId); } return concurrentSigner; } // method createSigner
ConcurrentContentSigner concurrentSigner; try { concurrentSigner = new DefaultConcurrentContentSigner(mac, signers, key); } catch (NoSuchAlgorithmException ex) { throw new XiSecurityException(ex.getMessage(), ex);
@Override public boolean isHealthy() { ConcurrentBagEntrySigner signer = null; try { signer = borrowContentSigner(); OutputStream stream = signer.value().getOutputStream(); stream.write(new byte[]{1, 2, 3, 4}); byte[] signature = signer.value().getSignature(); return signature != null && signature.length > 0; } catch (Exception ex) { LogUtil.error(LOG, ex); return false; } finally { if (signer != null) { requiteContentSigner(signer); } } }
DefaultConcurrentContentSigner concurrentSigner; try { concurrentSigner = new DefaultConcurrentContentSigner(mac, signers, key); } catch (NoSuchAlgorithmException ex) { throw new XiSecurityException(ex.getMessage(), ex); concurrentSigner.setSha1DigestOfMacKey(HashAlgoType.SHA1.hash(key.getEncoded()));