private Asn1NewKeyControl(final ASN1Sequence seq) throws BadAsn1ObjectException { control = new P11NewKeyControl(); final int size = seq.size(); for (int i = 0; i < size; i++) { ASN1Encodable obj = seq.getObjectAt(i); if (obj instanceof ASN1TaggedObject) { continue; } ASN1TaggedObject tagObj = (ASN1TaggedObject) obj; int tagNo = tagObj.getTagNo(); if (tagNo == 0) { boolean bv = ((ASN1Boolean) tagObj.getObject()).isTrue(); control.setExtractable(bv); } } }
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new DERUTF8String(control.getLabel())); byte[] id = control.getId(); if (id != null) { vector.add(new DERTaggedObject(0, new DEROctetString(id))); } Set<KeyUsage> usages = control.getUsages(); if (CollectionUtil.isNonEmpty(usages)) { ASN1EncodableVector asn1Usages = new ASN1EncodableVector(); for (KeyUsage usage : usages) { int value = usageToValueMap.get(usage); asn1Usages.add(new ASN1Enumerated(value)); } vector.add(new DERTaggedObject(1, new DERSequence(asn1Usages))); } if (control.getExtractable() != null) { vector.add(new DERTaggedObject(2, ASN1Boolean.getInstance(control.getExtractable()))); } return new DERSequence(vector); }
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new DERTaggedObject(0, ASN1Boolean.getInstance(control.isExtractable()))); return new DERSequence(vector); }
private void assertCanGenKeypair(String methodName, long mechanism, P11NewKeyControl control) throws P11UnsupportedMechanismException, P11PermissionException, P11DuplicateEntityException { ParamUtil.requireNonNull("control", control); assertWritable(methodName); assertMechanismSupported(mechanism); assertNoIdentityAndCert(control.getId(), control.getLabel()); }
this.control = new P11NewKeyControl(id, label); this.control.setUsages(usages); this.control.setExtractable(extractable);
private Asn1NewObjectControl(ASN1Sequence seq) throws BadAsn1ObjectException { final int size = seq.size(); ParamUtil.requireMin("seq.size", size, 1); String label = DERUTF8String.getInstance(seq.getObjectAt(0)).getString(); byte[] id = null; for (int i = 1; i < size; i++) { ASN1Encodable obj = seq.getObjectAt(i); if (obj instanceof ASN1TaggedObject) { continue; } ASN1TaggedObject tagObj = (ASN1TaggedObject) obj; int tagNo = tagObj.getTagNo(); if (tagNo == 0) { id = DEROctetString.getInstance(tagObj.getObject()).getOctets(); } } this.control = new P11NewKeyControl(id, label); }
/** * Generates a secret key in the PKCS#11 token. * * @param keyType * Key type * @param keysize * Key size in bit * @param control * Control of the key generation process. Must not be {@code null}. * @return the identifier of the identity within the PKCS#11 token. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public P11IdentityId generateSecretKey(long keyType, int keysize, P11NewKeyControl control) throws P11TokenException { assertWritable("generateSecretKey"); ParamUtil.requireNonNull("control", control); assertNoIdentityAndCert(control.getId(), control.getLabel()); P11Identity identity = generateSecretKey0(keyType, keysize, control); addIdentity(identity); P11IdentityId id = identity.getId(); LOG.info("generated secret key {}", id); return id; }
/** * Imports secret key object in the PKCS#11 token. The key itself will not be generated * within the PKCS#11 token. * * @param keyType * Key type * @param keyValue * Key value. Must not be {@code null}. * @param control * Control of the key generation process. Must not be {@code null}. * @return the identifier of the key within the PKCS#11 token. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public P11ObjectIdentifier importSecretKey(long keyType, byte[] keyValue, P11NewKeyControl control) throws P11TokenException { ParamUtil.requireNonNull("control", control); assertWritable("createSecretKey"); assertNoIdentityAndCert(control.getId(), control.getLabel()); P11Identity identity = importSecretKey0(keyType, keyValue, control); addIdentity(identity); P11ObjectIdentifier objId = identity.getId().getKeyId(); LOG.info("created secret key {}", objId); return objId; }
private static void setKeyAttributes(final String label, final long keyType, final P11NewKeyControl control, final PublicKey publicKey, final PrivateKey privateKey) { if (privateKey != null) { privateKey.getToken().setBooleanValue(true); privateKey.getLabel().setCharArrayValue(label.toCharArray()); privateKey.getKeyType().setLongValue(keyType); privateKey.getSign().setBooleanValue(true); privateKey.getPrivate().setBooleanValue(true); privateKey.getSensitive().setBooleanValue(true); privateKey.getExtractable().setBooleanValue(control.isExtractable()); } if (publicKey != null) { publicKey.getToken().setBooleanValue(true); publicKey.getLabel().setCharArrayValue(label.toCharArray()); publicKey.getKeyType().setLongValue(keyType); publicKey.getVerify().setBooleanValue(true); publicKey.getModifiable().setBooleanValue(Boolean.TRUE); } }
template.getSign().setBooleanValue(true); template.getSensitive().setBooleanValue(true); template.getExtractable().setBooleanValue(control.isExtractable()); template.getValueLen().setLongValue((long) (keysize / 8));
template.getSign().setBooleanValue(true); template.getSensitive().setBooleanValue(true); template.getExtractable().setBooleanValue(control.isExtractable()); template.getValue().setByteArrayValue(keyValue);