@Override public void addCert(final P11ObjectIdentifier objectId, final X509Certificate cert) throws P11TokenException, CertificateException { addCert0(objectId, cert); certificates.put(objectId, new X509Cert(cert)); updateCaCertsOfIdentities(); LOG.info("added certificate {}", objectId); }
private X509Cert readCertificate(final byte[] keyId) throws CertificateException, IOException { byte[] encoded = IoUtil.read(new File(certDir, Hex.toHexString(keyId) + VALUE_FILE_SUFFIX)); X509Certificate cert = X509Util.parseCert(encoded); return new X509Cert(cert, encoded); }
private X509Cert readCertificate(byte[] keyId) throws CertificateException, IOException { byte[] encoded = IoUtil.read(new File(certDir, hex(keyId) + VALUE_FILE_SUFFIX)); X509Certificate cert = X509Util.parseCert(encoded); return new X509Cert(cert, encoded); }
private static X509Cert parseCert(final X509PublicKeyCertificate p11Cert) throws P11TokenException { try { byte[] encoded = p11Cert.getValue().getByteArrayValue(); return new X509Cert(X509Util.parseCert(encoded), encoded); } catch (CertificateException ex) { throw new P11TokenException("could not parse certificate: " + ex.getMessage(), ex); } }
private static X509Cert parseCert(X509PublicKeyCertificate p11Cert) throws P11TokenException { try { byte[] encoded = p11Cert.getValue().getByteArrayValue(); return new X509Cert(X509Util.parseCert(encoded), encoded); } catch (CertificateException ex) { throw new P11TokenException("could not parse certificate: " + ex.getMessage(), ex); } }
private X509Cert getCertificate(final P11ObjectIdentifier certId) throws P11TokenException { P11EntityIdentifier entityId = new P11EntityIdentifier(slotId, certId); byte[] resp = module.send(P11ProxyConstants.ACTION_GET_CERT, new Asn1P11EntityIdentifier(entityId)); if (resp == null) { return null; } try { return new X509Cert(X509Util.parseCert(resp), resp); } catch (CertificateException ex) { throw new P11TokenException("could not parse certificate:" + ex.getMessage(), ex); } }
certificates.put(keyId, new X509Cert(newCert));
/** * Adds the certificate to the PKCS#11 token under the given identifier {@code objectId}. * * @param cert * Certificate to be added. Must not be {@code null}. * @param control * Control of the object creation process. Must not be {@code null}. * @throws CertificateException * if process with certificate fails. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public P11ObjectIdentifier addCert(X509Certificate cert, P11NewObjectControl control) throws P11TokenException, CertificateException { ParamUtil.requireNonNull("cert", cert); ParamUtil.requireNonNull("control", control); assertWritable("addCert"); if (control.getLabel() == null) { String cn = X509Util.getCommonName(cert.getSubjectX500Principal()); control = new P11NewObjectControl(control.getId(), generateLabel(cn)); } P11ObjectIdentifier objectId = addCert0(cert, control); certificates.put(objectId, new X509Cert(cert)); updateCaCertsOfIdentities(); LOG.info("added certificate {}", objectId); return objectId; }
/** * Adds the certificate to the PKCS#11 token under the given identifier {@code objectId}. * * @param cert * Certificate to be added. Must not be {@code null}. * @param control * Control of the object creation process. Must not be {@code null}. * @throws CertificateException * if process with certificate fails. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public P11ObjectIdentifier addCert(X509Certificate cert, P11NewObjectControl control) throws P11TokenException, CertificateException { Args.notNull(cert, "cert"); Args.notNull(control, "control"); assertWritable("addCert"); if (control.getLabel() == null) { String cn = X509Util.getCommonName(cert.getSubjectX500Principal()); control = new P11NewObjectControl(control.getId(), generateLabel(cn)); } P11ObjectIdentifier objectId = addCert0(cert, control); certificates.put(objectId, new X509Cert(cert)); updateCaCertsOfIdentities(); LOG.info("added certificate {}", objectId); return objectId; }
private X509Cert getCertificate(P11ObjectIdentifier objectId) throws P11TokenException { ASN1Object req = new ProxyMessage.SlotIdAndObjectId(asn1SlotId, new ProxyMessage.ObjectIdentifier(objectId)); byte[] resp = module.send(P11ProxyConstants.ACTION_GET_CERT, req); if (resp == null) { return null; } try { return new X509Cert(X509Util.parseCert(resp), resp); } catch (CertificateException ex) { throw new P11TokenException("could not parse certificate:" + ex.getMessage(), ex); } }
@Override protected P11ObjectIdentifier addCert0(X509Certificate cert, P11NewObjectControl control) throws P11TokenException { ConcurrentBagEntry<Session> bagEntry = borrowSession(); try { Session session = bagEntry.value(); X509PublicKeyCertificate newCertTemp = createPkcs11Template(session, new X509Cert(cert), control); X509PublicKeyCertificate newCert = (X509PublicKeyCertificate) session.createObject(newCertTemp); return new P11ObjectIdentifier(newCert.getId().getByteArrayValue(), new String(newCert.getLabel().getCharArrayValue())); } catch (TokenException ex) { throw new P11TokenException(ex.getMessage(), ex); } finally { sessions.requite(bagEntry); } }
@Override protected void updateCertificate0(final P11ObjectIdentifier objectId, final X509Certificate newCert) throws P11TokenException { removeCerts(objectId); try { Thread.sleep(1000); } catch (InterruptedException ex) { // CHECKSTYLE:SKIP } X509PublicKeyCertificate newCertTemp = createPkcs11Template(new X509Cert(newCert), objectId.id(), objectId.labelChars()); Session session = borrowWritableSession(); try { session.createObject(newCertTemp); } catch (TokenException ex) { throw new P11TokenException("could not createObject: " + ex.getMessage(), ex); } finally { returnWritableSession(session); } }
@Override protected void addCert0(final P11ObjectIdentifier objectId, final X509Certificate cert) throws P11TokenException { X509PublicKeyCertificate newCaCertTemp = createPkcs11Template( new X509Cert(cert), objectId.id(), objectId.labelChars()); Session session = borrowWritableSession(); try { session.createObject(newCaCertTemp); } catch (TokenException ex) { throw new P11TokenException(ex.getMessage(), ex); } finally { returnWritableSession(session); } }
public PublicCaInfo(X509Certificate caCert, CaUris caUris, ConfPairs extraControl) throws OperationException { Args.notNull(caCert, "caCert"); this.caUris = (caUris == null) ? CaUris.EMPTY_INSTANCE : caUris; this.caCert = new X509Cert(caCert); this.serialNumber = caCert.getSerialNumber(); this.subject = caCert.getSubjectX500Principal(); this.x500Subject = X500Name.getInstance(subject.getEncoded()); this.c14nSubject = X509Util.canonicalizName(x500Subject); try { this.subjectKeyIdentifier = X509Util.extractSki(caCert); } catch (CertificateEncodingException ex) { throw new OperationException(ErrorCode.INVALID_EXTENSION, ex); } this.extraControl = extraControl; byte[] encodedSubjectAltName = caCert.getExtensionValue( Extension.subjectAlternativeName.getId()); if (encodedSubjectAltName == null) { subjectAltName = null; } else { try { subjectAltName = GeneralNames.getInstance( JcaX509ExtensionUtils.parseExtensionValue(encodedSubjectAltName)); } catch (IOException ex) { throw new OperationException(ErrorCode.INVALID_EXTENSION, "invalid SubjectAltName extension in CA certificate"); } } } // constructor
@Override protected void updateCertificate0(P11ObjectIdentifier keyId, X509Certificate newCert) throws P11TokenException { try { removeCerts(keyId); } catch (P11UnknownEntityException ex) { // CHECKSTYLE: certificates do not exist, do nothing } try { Thread.sleep(1000); } catch (InterruptedException ex) { // CHECKSTYLE:SKIP } P11NewObjectControl control = new P11NewObjectControl(keyId.getId(), keyId.getLabel()); ConcurrentBagEntry<Session> bagEntry = borrowSession(); try { Session session = bagEntry.value(); X509PublicKeyCertificate newCertTemp = createPkcs11Template(session, new X509Cert(newCert), control); session.createObject(newCertTemp); } catch (TokenException ex) { throw new P11TokenException("could not createObject: " + ex.getMessage(), ex); } finally { sessions.requite(bagEntry); } }