private X509PublicKeyCertificate getCertificateObject(Session session, byte[] keyId, char[] keyLabel) throws P11TokenException { X509PublicKeyCertificate template = new X509PublicKeyCertificate(); if (keyId != null) { template.getId().setByteArrayValue(keyId); } if (keyLabel != null) { template.getLabel().setCharArrayValue(keyLabel); } List<Storage> tmpObjects = getObjects(session, template, 2); if (CollectionUtil.isEmpty(tmpObjects)) { LOG.info("found no certificate identified by {}", getDescription(keyId, keyLabel)); return null; } int size = tmpObjects.size(); if (size > 1) { LOG.warn("found {} public key identified by {}, use the first one", size, getDescription(keyId, keyLabel)); } return (X509PublicKeyCertificate) tmpObjects.get(0); }
private X509PublicKeyCertificate[] getCertificateObjects(Session session, byte[] keyId, char[] keyLabel) throws P11TokenException { X509PublicKeyCertificate template = new X509PublicKeyCertificate(); if (keyId != null) { template.getId().setByteArrayValue(keyId); } if (keyLabel != null) { template.getLabel().setCharArrayValue(keyLabel); } List<Storage> tmpObjects = getObjects(session, template); if (CollectionUtil.isEmpty(tmpObjects)) { LOG.info("found no certificate identified by {}", getDescription(keyId, keyLabel)); return null; } int size = tmpObjects.size(); X509PublicKeyCertificate[] certs = new X509PublicKeyCertificate[size]; for (int i = 0; i < size; i++) { certs[i] = (X509PublicKeyCertificate) tmpObjects.get(i); } return certs; }
private X509PublicKeyCertificate[] getCertificateObjects(final byte[] keyId, final char[] keyLabel) throws P11TokenException { X509PublicKeyCertificate template = new X509PublicKeyCertificate(); if (keyId != null) { template.getId().setByteArrayValue(keyId); } if (keyLabel != null) { template.getLabel().setCharArrayValue(keyLabel); } List<Storage> tmpObjects; ConcurrentBagEntry<Session> session = borrowSession(); try { tmpObjects = getObjects(session.value(), template); } finally { sessions.requite(session); } if (CollectionUtil.isEmpty(tmpObjects)) { LOG.info("found no certificate identified by {}", getDescription(keyId, keyLabel)); return null; } int size = tmpObjects.size(); X509PublicKeyCertificate[] certs = new X509PublicKeyCertificate[size]; for (int i = 0; i < size; i++) { certs[i] = (X509PublicKeyCertificate) tmpObjects.get(i); } return certs; }
@Override protected P11ObjectIdentifier addCert0(X509Certificate cert, P11NewObjectControl control) throws P11TokenException { ConcurrentBagEntry<Session> bagEntry = borrowSession(); try { Session session = bagEntry.value(); X509PublicKeyCertificate newCertTemp = createPkcs11Template(session, new X509Cert(cert), control); X509PublicKeyCertificate newCert = (X509PublicKeyCertificate) session.createObject(newCertTemp); return new P11ObjectIdentifier(newCert.getId().getByteArrayValue(), new String(newCert.getLabel().getCharArrayValue())); } catch (TokenException ex) { throw new P11TokenException(ex.getMessage(), ex); } finally { sessions.requite(bagEntry); } }
newCertTemp.getId().setByteArrayValue(id);
private static X509PublicKeyCertificate createPkcs11Template(final X509Cert cert, final byte[] keyId, final char[] label) { if (label == null || label.length == 0) { throw new IllegalArgumentException("label must not be null or empty"); } X509PublicKeyCertificate newCertTemp = new X509PublicKeyCertificate(); newCertTemp.getId().setByteArrayValue(keyId); newCertTemp.getLabel().setCharArrayValue(label); newCertTemp.getToken().setBooleanValue(true); newCertTemp.getCertificateType().setLongValue(CertificateType.X_509_PUBLIC_KEY); newCertTemp.getSubject().setByteArrayValue( cert.cert().getSubjectX500Principal().getEncoded()); newCertTemp.getIssuer().setByteArrayValue( cert.cert().getIssuerX500Principal().getEncoded()); newCertTemp.getSerialNumber().setByteArrayValue( cert.cert().getSerialNumber().toByteArray()); newCertTemp.getValue().setByteArrayValue(cert.encodedCert()); return newCertTemp; }
@Override public int removeObjects(final byte[] id, final String label) throws P11TokenException { if ((id == null || id.length == 0) && StringUtil.isBlank(label)) { throw new IllegalArgumentException("at least one of id and label must not be null"); } Key keyTemplate = new Key(); if (id != null && id.length > 0) { keyTemplate.getId().setByteArrayValue(id); } if (StringUtil.isNotBlank(label)) { keyTemplate.getLabel().setCharArrayValue(label.toCharArray()); } String objIdDesc = getDescription(id, label); int num = removeObjects(keyTemplate, "keys " + objIdDesc); X509PublicKeyCertificate certTemplate = new X509PublicKeyCertificate(); if (id != null && id.length > 0) { certTemplate.getId().setByteArrayValue(id); } if (StringUtil.isNotBlank(label)) { certTemplate.getLabel().setCharArrayValue(label.toCharArray()); } num += removeObjects(certTemplate, "certificates" + objIdDesc); return num; }
private int removeObjects(byte[] id, char[] label) throws P11TokenException { boolean labelNotBlank = (label != null && label.length != 0); if ((id == null || id.length == 0) && !labelNotBlank) { throw new IllegalArgumentException("at least one of id and label may not be null"); } Key keyTemplate = new Key(); if (id != null && id.length > 0) { keyTemplate.getId().setByteArrayValue(id); } if (labelNotBlank) { keyTemplate.getLabel().setCharArrayValue(label); } String objIdDesc = getDescription(id, label); int num = removeObjects(keyTemplate, "keys " + objIdDesc); X509PublicKeyCertificate certTemplate = new X509PublicKeyCertificate(); if (id != null && id.length > 0) { certTemplate.getId().setByteArrayValue(id); } if (labelNotBlank) { certTemplate.getLabel().setCharArrayValue(label); } num += removeObjects(certTemplate, "certificates" + objIdDesc); return num; }
private static boolean idExists(final Session session, final byte[] keyId) throws P11TokenException { Key key = new Key(); key.getId().setByteArrayValue(keyId); Object[] objects; try { session.findObjectsInit(key); objects = session.findObjects(1); session.findObjectsFinal(); if (objects.length > 0) { return true; } X509PublicKeyCertificate cert = new X509PublicKeyCertificate(); cert.getId().setByteArrayValue(keyId); session.findObjectsInit(cert); objects = session.findObjects(1); session.findObjectsFinal(); } catch (TokenException ex) { throw new P11TokenException(ex.getMessage(), ex); } return objects.length > 0; }
byte[] id = p11Cert.getId().getByteArrayValue(); char[] label = p11Cert.getLabel().getCharArrayValue(); if (id != null && label != null) {
P11ObjectIdentifier objId = new P11ObjectIdentifier(p11Cert.getId().getByteArrayValue(), toString(p11Cert.getLabel())); ret.addCertificate(objId, parseCert(p11Cert));
cert.getId().setByteArrayValue(id);