private static X509PublicKeyCertificate createPkcs11Template(final X509Cert cert, final byte[] keyId, final char[] label) { if (label == null || label.length == 0) { throw new IllegalArgumentException("label must not be null or empty"); } X509PublicKeyCertificate newCertTemp = new X509PublicKeyCertificate(); newCertTemp.getId().setByteArrayValue(keyId); newCertTemp.getLabel().setCharArrayValue(label); newCertTemp.getToken().setBooleanValue(true); newCertTemp.getCertificateType().setLongValue(CertificateType.X_509_PUBLIC_KEY); newCertTemp.getSubject().setByteArrayValue( cert.cert().getSubjectX500Principal().getEncoded()); newCertTemp.getIssuer().setByteArrayValue( cert.cert().getIssuerX500Principal().getEncoded()); newCertTemp.getSerialNumber().setByteArrayValue( cert.cert().getSerialNumber().toByteArray()); newCertTemp.getValue().setByteArrayValue(cert.encodedCert()); return newCertTemp; }
private X509PublicKeyCertificate[] getCertificateObjects(Session session, byte[] keyId, char[] keyLabel) throws P11TokenException { X509PublicKeyCertificate template = new X509PublicKeyCertificate(); if (keyId != null) { template.getId().setByteArrayValue(keyId); } if (keyLabel != null) { template.getLabel().setCharArrayValue(keyLabel); } List<Storage> tmpObjects = getObjects(session, template); if (CollectionUtil.isEmpty(tmpObjects)) { LOG.info("found no certificate identified by {}", getDescription(keyId, keyLabel)); return null; } int size = tmpObjects.size(); X509PublicKeyCertificate[] certs = new X509PublicKeyCertificate[size]; for (int i = 0; i < size; i++) { certs[i] = (X509PublicKeyCertificate) tmpObjects.get(i); } return certs; }
private static boolean idExists(final Session session, final byte[] keyId) throws P11TokenException { Key key = new Key(); key.getId().setByteArrayValue(keyId); Object[] objects; try { session.findObjectsInit(key); objects = session.findObjects(1); session.findObjectsFinal(); if (objects.length > 0) { return true; } X509PublicKeyCertificate cert = new X509PublicKeyCertificate(); cert.getId().setByteArrayValue(keyId); session.findObjectsInit(cert); objects = session.findObjects(1); session.findObjectsFinal(); } catch (TokenException ex) { throw new P11TokenException(ex.getMessage(), ex); } return objects.length > 0; }
private static boolean labelExists(final Session session, final String keyLabel) throws P11TokenException { ParamUtil.requireNonBlank("keyLabel", keyLabel); Key key = new Key(); key.getLabel().setCharArrayValue(keyLabel.toCharArray()); Object[] objects; try { session.findObjectsInit(key); objects = session.findObjects(1); session.findObjectsFinal(); if (objects.length > 0) { return true; } X509PublicKeyCertificate cert = new X509PublicKeyCertificate(); cert.getLabel().setCharArrayValue(keyLabel.toCharArray()); session.findObjectsInit(cert); objects = session.findObjects(1); session.findObjectsFinal(); } catch (TokenException ex) { throw new P11TokenException(ex.getMessage(), ex); } return objects.length > 0; }
@Override protected P11ObjectIdentifier addCert0(X509Certificate cert, P11NewObjectControl control) throws P11TokenException { ConcurrentBagEntry<Session> bagEntry = borrowSession(); try { Session session = bagEntry.value(); X509PublicKeyCertificate newCertTemp = createPkcs11Template(session, new X509Cert(cert), control); X509PublicKeyCertificate newCert = (X509PublicKeyCertificate) session.createObject(newCertTemp); return new P11ObjectIdentifier(newCert.getId().getByteArrayValue(), new String(newCert.getLabel().getCharArrayValue())); } catch (TokenException ex) { throw new P11TokenException(ex.getMessage(), ex); } finally { sessions.requite(bagEntry); } }
X509Certificate[] certs = null; if (cert2 != null) { certLabel = new String(cert2.getLabel().getCharArrayValue()); certs = new X509Certificate[1]; try { certs[0] = X509Util.parseCert(cert2.getValue().getByteArrayValue()); } catch (CertificateException ex) { throw new P11TokenException("coult not parse certifcate", ex);
/** * The getInstance method of the Certificate class uses this method to * create an instance of a PKCS#11 X.509 public key certificate. * * @param session * The session to use for reading attributes. This session must * have the appropriate rights; i.e. it must be a user-session, if * it is a private object. * @param objectHandle * The object handle as given from the PKCS#111 module. * @return The object representing the PKCS#11 object. The returned object * can be casted to the according sub-class. * @exception TokenException * If getting the attributes failed. * @preconditions (session <> null) * @postconditions (result <> null) */ public static PKCS11Object getInstance(Session session, long objectHandle) throws TokenException { return new X509PublicKeyCertificate(session, objectHandle); }
private static X509Cert parseCert(final X509PublicKeyCertificate p11Cert) throws P11TokenException { try { byte[] encoded = p11Cert.getValue().getByteArrayValue(); return new X509Cert(X509Util.parseCert(encoded), encoded); } catch (CertificateException ex) { throw new P11TokenException("could not parse certificate: " + ex.getMessage(), ex); } }
private X509PublicKeyCertificate getCertificateObject(Session session, byte[] keyId, char[] keyLabel) throws P11TokenException { X509PublicKeyCertificate template = new X509PublicKeyCertificate(); if (keyId != null) { template.getId().setByteArrayValue(keyId); } if (keyLabel != null) { template.getLabel().setCharArrayValue(keyLabel); } List<Storage> tmpObjects = getObjects(session, template, 2); if (CollectionUtil.isEmpty(tmpObjects)) { LOG.info("found no certificate identified by {}", getDescription(keyId, keyLabel)); return null; } int size = tmpObjects.size(); if (size > 1) { LOG.warn("found {} public key identified by {}, use the first one", size, getDescription(keyId, keyLabel)); } return (X509PublicKeyCertificate) tmpObjects.get(0); }
X509PublicKeyCertificate cert = new X509PublicKeyCertificate(); cert.getId().setByteArrayValue(id);
X509PublicKeyCertificate cert = new X509PublicKeyCertificate(); cert.getLabel().setCharArrayValue(keyLabel);
private List<X509PublicKeyCertificate> getAllCertificateObjects(Session session) throws P11TokenException { X509PublicKeyCertificate template = new X509PublicKeyCertificate(); List<Storage> tmpObjects = getObjects(session, template); List<X509PublicKeyCertificate> certs = new ArrayList<>(tmpObjects.size()); for (PKCS11Object tmpObject : tmpObjects) { X509PublicKeyCertificate cert = (X509PublicKeyCertificate) tmpObject; certs.add(cert); } return certs; }
private static X509Cert parseCert(X509PublicKeyCertificate p11Cert) throws P11TokenException { try { byte[] encoded = p11Cert.getValue().getByteArrayValue(); return new X509Cert(X509Util.parseCert(encoded), encoded); } catch (CertificateException ex) { throw new P11TokenException("could not parse certificate: " + ex.getMessage(), ex); } }
private X509PublicKeyCertificate createPkcs11Template(Session session, X509Cert cert, P11NewObjectControl control) throws P11TokenException { X509PublicKeyCertificate newCertTemp = new X509PublicKeyCertificate(); byte[] id = control.getId(); if (id == null) { newCertTemp.getId().setByteArrayValue(id); newCertTemp.getLabel().setCharArrayValue(control.getLabel().toCharArray()); newCertTemp.getToken().setBooleanValue(true); newCertTemp.getCertificateType().setLongValue(CertificateType.X_509_PUBLIC_KEY); newCertTemp.getSubject().setByteArrayValue( cert.getCert().getSubjectX500Principal().getEncoded()); newCertTemp.getIssuer().setByteArrayValue( cert.getCert().getIssuerX500Principal().getEncoded()); newCertTemp.getSerialNumber().setByteArrayValue( cert.getCert().getSerialNumber().toByteArray()); newCertTemp.getStartDate().setDateValue(cert.getCert().getNotBefore()); newCertTemp.getStartDate().setDateValue(cert.getCert().getNotAfter()); newCertTemp.getValue().setByteArrayValue(cert.getEncodedCert()); return newCertTemp;
private X509PublicKeyCertificate[] getCertificateObjects(final byte[] keyId, final char[] keyLabel) throws P11TokenException { X509PublicKeyCertificate template = new X509PublicKeyCertificate(); if (keyId != null) { template.getId().setByteArrayValue(keyId); } if (keyLabel != null) { template.getLabel().setCharArrayValue(keyLabel); } List<Storage> tmpObjects; ConcurrentBagEntry<Session> session = borrowSession(); try { tmpObjects = getObjects(session.value(), template); } finally { sessions.requite(session); } if (CollectionUtil.isEmpty(tmpObjects)) { LOG.info("found no certificate identified by {}", getDescription(keyId, keyLabel)); return null; } int size = tmpObjects.size(); X509PublicKeyCertificate[] certs = new X509PublicKeyCertificate[size]; for (int i = 0; i < size; i++) { certs[i] = (X509PublicKeyCertificate) tmpObjects.get(i); } return certs; }
private List<X509PublicKeyCertificate> getAllCertificateObjects() throws P11TokenException { X509PublicKeyCertificate template = new X509PublicKeyCertificate(); ConcurrentBagEntry<Session> session = borrowSession(); List<Storage> tmpObjects; try { tmpObjects = getObjects(session.value(), template); } finally { sessions.requite(session); } List<X509PublicKeyCertificate> certs = new ArrayList<>(tmpObjects.size()); for (iaik.pkcs.pkcs11.objects.Object tmpObject : tmpObjects) { X509PublicKeyCertificate cert = (X509PublicKeyCertificate) tmpObject; certs.add(cert); } return certs; }
private int removeObjects(byte[] id, char[] label) throws P11TokenException { boolean labelNotBlank = (label != null && label.length != 0); if ((id == null || id.length == 0) && !labelNotBlank) { throw new IllegalArgumentException("at least one of id and label may not be null"); } Key keyTemplate = new Key(); if (id != null && id.length > 0) { keyTemplate.getId().setByteArrayValue(id); } if (labelNotBlank) { keyTemplate.getLabel().setCharArrayValue(label); } String objIdDesc = getDescription(id, label); int num = removeObjects(keyTemplate, "keys " + objIdDesc); X509PublicKeyCertificate certTemplate = new X509PublicKeyCertificate(); if (id != null && id.length > 0) { certTemplate.getId().setByteArrayValue(id); } if (labelNotBlank) { certTemplate.getLabel().setCharArrayValue(label); } num += removeObjects(certTemplate, "certificates" + objIdDesc); return num; }
@Override public int removeObjects(final byte[] id, final String label) throws P11TokenException { if ((id == null || id.length == 0) && StringUtil.isBlank(label)) { throw new IllegalArgumentException("at least one of id and label must not be null"); } Key keyTemplate = new Key(); if (id != null && id.length > 0) { keyTemplate.getId().setByteArrayValue(id); } if (StringUtil.isNotBlank(label)) { keyTemplate.getLabel().setCharArrayValue(label.toCharArray()); } String objIdDesc = getDescription(id, label); int num = removeObjects(keyTemplate, "keys " + objIdDesc); X509PublicKeyCertificate certTemplate = new X509PublicKeyCertificate(); if (id != null && id.length > 0) { certTemplate.getId().setByteArrayValue(id); } if (StringUtil.isNotBlank(label)) { certTemplate.getLabel().setCharArrayValue(label.toCharArray()); } num += removeObjects(certTemplate, "certificates" + objIdDesc); return num; }