@Override protected void removeIdentity0(P11IdentityId identityId) throws P11TokenException { P11ObjectIdentifier keyId = identityId.getKeyId(); boolean b1 = true; if (identityId.getCertId() != null) { removePkcs11Entry(certDir, identityId.getCertId()); } boolean b2 = removePkcs11Entry(privKeyDir, keyId); boolean b3 = true; if (identityId.getPublicKeyId() != null) { b3 = removePkcs11Entry(pubKeyDir, identityId.getPublicKeyId()); } boolean b4 = removePkcs11Entry(secKeyDir, keyId); if (! (b1 || b2 || b3 || b4)) { throw new P11UnknownEntityException(slotId, keyId); } }
@Override public int compareTo(P11Identity obj) { return id.compareTo(obj.id); }
/** * Removes the key (private key, public key, secret key, and certificates) associated with * the given identifier {@code objectId}. * * @param identityId * Identity identifier. Must not be {@code null}. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public void removeIdentity(P11IdentityId identityId) throws P11TokenException { Args.notNull(identityId, "identityId"); assertWritable("removeIdentity"); P11ObjectIdentifier keyId = identityId.getKeyId(); if (identities.containsKey(keyId)) { if (identityId.getCertId() != null) { certificates.remove(identityId.getCertId()); } identities.get(keyId).setCertificates(null); identities.remove(keyId); updateCaCertsOfIdentities(); } removeIdentity0(identityId); }
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new SlotIdentifier(value.getSlotId())); vector.add(new ObjectIdentifier(value.getKeyId())); if (value.getPublicKeyId() != null) { String label = value.getPublicKeyId().getLabel(); vector.add(new DERTaggedObject(true, 1, new DERUTF8String(label))); } if (value.getCertId() != null) { String label = value.getCertId().getLabel(); vector.add(new DERTaggedObject(true, 2, new DERUTF8String(label))); } return new DERSequence(vector); }
for (P11ObjectIdentifier objectId : identities.keySet()) { P11IdentityId identityId = identities.get(objectId).getId(); P11ObjectIdentifier pubKeyId = identityId.getPublicKeyId(); P11ObjectIdentifier certId = identityId.getCertId();
public boolean supportsMechanism(long mechanism) { try { return p11CryptService.getSlot(identityId.getSlotId()).supportsMechanism(mechanism); } catch (P11TokenException ex) { return false; } }
ProxyP11Identity(ProxyP11Slot slot, P11IdentityId identityId, PublicKey publicKey, X509Certificate[] certificateChain) { super(slot, identityId, publicKey, certificateChain); this.asn1KeyId = new ProxyMessage.ObjectIdentifier(identityId.getKeyId()); }
private P11Identity parseGenerateKeyResult(byte[] resp, boolean needsPublicKey) throws P11TokenException { if (resp == null) { throw new P11TokenException("server returned no result"); } ProxyMessage.IdentityId ei; try { ei = ProxyMessage.IdentityId.getInstance(resp); } catch (BadAsn1ObjectException ex) { throw new P11TokenException( "invalid ASN1 object Asn1P11EntityIdentifier: " + ex.getMessage(), ex); } if (!slotId.equals(ei.getValue().getSlotId())) { throw new P11TokenException("returned identity has different slodId"); } P11IdentityId identityId = ei.getValue(); if (needsPublicKey) { PublicKey publicKey = getPublicKey(identityId.getPublicKeyId()); return new ProxyP11Identity(this, identityId, publicKey, null); } else { return new ProxyP11Identity(this, identityId); } }
private void analyseSingleKey(SecretKey secretKey, P11SlotRefreshResult refreshResult) { byte[] id = secretKey.getId().getByteArrayValue(); char[] label = secretKey.getLabel().getCharArrayValue(); if (id == null || label == null) { return; } P11ObjectIdentifier objectId = new P11ObjectIdentifier(id, new String(label)); IaikP11Identity identity = new IaikP11Identity(this, new P11IdentityId(slotId, objectId, null, null), secretKey); refreshResult.addIdentity(identity); }
/** * Removes the key (private key, public key, secret key, and certificates) associated with * the given identifier {@code objectId}. * * @param keyId * Key identifier. Must not be {@code null}. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public void removeIdentityByKeyId(P11ObjectIdentifier keyId) throws P11TokenException { ParamUtil.requireNonNull("keyId", keyId); assertWritable("removeIdentityByKeyId"); P11IdentityId entityId = null; if (identities.containsKey(keyId)) { entityId = identities.get(keyId).getId(); if (entityId.getCertId() != null) { certificates.remove(entityId.getCertId()); } identities.get(keyId).setCertificates(null); identities.remove(keyId); updateCaCertsOfIdentities(); removeIdentity0(entityId); } }
public boolean match(P11SlotIdentifier slotId, String keyLabel) { return id.match(slotId, keyLabel); }
public boolean match(P11IdentityId id) { return this.id.equals(id); }
identityId.setCertLabel(keyId.getLabel()); identity.setCertificates(new X509Certificate[]{newCert}); updateCaCertsOfIdentities();
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new Asn1P11SlotIdentifier(value.getSlotId())); vector.add(new Asn1P11ObjectIdentifier(value.getKeyId())); if (value.getPublicKeyId() != null) { String label = value.getPublicKeyId().getLabel(); vector.add(new DERTaggedObject(true, 1, new DERUTF8String(label))); } if (value.getCertId() != null) { String label = value.getCertId().getLabel(); vector.add(new DERTaggedObject(true, 2, new DERUTF8String(label))); } return new DERSequence(vector); }
for (P11ObjectIdentifier objectId : identities.keySet()) { P11IdentityId identityId = identities.get(objectId).getId(); P11ObjectIdentifier pubKeyId = identityId.getPublicKeyId(); P11ObjectIdentifier certId = identityId.getCertId();
public boolean supportsMechanism(long mechanism) { try { return p11CryptService.getSlot(identityId.getSlotId()).supportsMechanism(mechanism); } catch (P11TokenException ex) { return false; } }
ProxyP11Identity(ProxyP11Slot slot, P11IdentityId identityId) { super(slot, identityId, 0); this.asn1KeyId = new ProxyMessage.ObjectIdentifier(identityId.getKeyId()); }
/** * Removes the key (private key, public key, secret key, and certificates) associated with * the given identifier {@code objectId}. * * @param identityId * Identity identifier. Must not be {@code null}. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public void removeIdentity(P11IdentityId identityId) throws P11TokenException { ParamUtil.requireNonNull("identityId", identityId); assertWritable("removeIdentity"); P11ObjectIdentifier keyId = identityId.getKeyId(); if (identities.containsKey(keyId)) { if (identityId.getCertId() != null) { certificates.remove(identityId.getCertId()); } identities.get(keyId).setCertificates(null); identities.remove(keyId); updateCaCertsOfIdentities(); } removeIdentity0(identityId); }
new P11IdentityId(slotId, p11ObjId, null, null), key, maxSessions, random); LOG.info("added PKCS#11 secret key {}", p11ObjId); ret.addIdentity(identity); new P11IdentityId(slotId, p11ObjId, label, label), privateKey, publicKey, certs, maxSessions, random); LOG.info("added PKCS#11 key {}", p11ObjId);