public boolean supportsMechanism(long mechanism) { try { return p11CryptService.getSlot(identityId.getSlotId()).supportsMechanism(mechanism); } catch (P11TokenException ex) { return false; } }
public boolean supportsMechanism(long mechanism) { try { return p11CryptService.getSlot(identityId.getSlotId()).supportsMechanism(mechanism); } catch (P11TokenException ex) { return false; } }
public P11Identity getIdentity(P11IdentityId identityId) throws P11TokenException { return getIdentity(identityId.getSlotId(), identityId.getKeyId()); }
public P11Identity getIdentity(P11IdentityId identityId) throws P11TokenException { return getIdentity(identityId.getSlotId(), identityId.getKeyId()); }
protected void addIdentity(P11Identity identity) throws P11DuplicateEntityException { if (!slotId.equals(identity.getId().getSlotId())) { throw new IllegalArgumentException("invalid identity"); } P11ObjectIdentifier keyId = identity.getId().getKeyId(); if (hasIdentity(keyId)) { throw new P11DuplicateEntityException(slotId, keyId); } identities.put(keyId, identity); updateCaCertsOfIdentity(identity); }
protected void addIdentity(P11Identity identity) throws P11DuplicateEntityException { if (!slotId.equals(identity.getId().getSlotId())) { throw new IllegalArgumentException("invalid identity"); } P11ObjectIdentifier keyId = identity.getId().getKeyId(); if (hasIdentity(keyId)) { throw new P11DuplicateEntityException(slotId, keyId); } identities.put(keyId, identity); updateCaCertsOfIdentity(identity); }
ECDSA(P11CryptService cryptService, P11IdentityId identityId, AlgorithmIdentifier signatureAlgId, boolean plain) throws XiSecurityException, P11TokenException { super(cryptService, identityId, signatureAlgId); this.plain = plain; String algOid = signatureAlgId.getAlgorithm().getId(); HashAlgo hashAlgo = sigAlgHashMap.get(algOid); if (hashAlgo == null) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } P11Slot slot = cryptService.getSlot(identityId.getSlotId()); if (slot.supportsMechanism(PKCS11Constants.CKM_ECDSA)) { this.mechanism = PKCS11Constants.CKM_ECDSA; Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else { this.mechanism = hashMechMap.get(hashAlgo).longValue(); if (!slot.supportsMechanism(this.mechanism)) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } this.outputStream = new ByteArrayOutputStream(); } }
DSA(P11CryptService cryptService, P11IdentityId identityId, AlgorithmIdentifier signatureAlgId, boolean plain) throws XiSecurityException, P11TokenException { super(cryptService, identityId, signatureAlgId); this.plain = plain; String algOid = signatureAlgId.getAlgorithm().getId(); HashAlgo hashAlgo = sigAlgHashMap.get(algOid); if (hashAlgo == null) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } P11SlotIdentifier slotId = identityId.getSlotId(); P11Slot slot = cryptService.getSlot(slotId); if (slot.supportsMechanism(PKCS11Constants.CKM_DSA)) { this.mechanism = PKCS11Constants.CKM_DSA; Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else { this.mechanism = hashMechMap.get(hashAlgo).longValue(); if (!slot.supportsMechanism(this.mechanism)) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } this.outputStream = new ByteArrayOutputStream(); } }
P11SlotIdentifier slotId = identityId.getSlotId(); P11Slot slot = cryptService.getSlot(slotId); if (slot.supportsMechanism(PKCS11Constants.CKM_RSA_PKCS)) {
SM2(P11CryptService cryptService, P11IdentityId identityId, AlgorithmIdentifier signatureAlgId, ASN1ObjectIdentifier curveOid, BigInteger pubPointX, BigInteger pubPointY) throws XiSecurityException, P11TokenException { super(cryptService, identityId, signatureAlgId); String algOid = signatureAlgId.getAlgorithm().getId(); HashAlgo hashAlgo = sigAlgHashMap.get(algOid); if (hashAlgo == null) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } P11Slot slot = cryptService.getSlot(identityId.getSlotId()); if (slot.supportsMechanism(PKCS11Constants.CKM_VENDOR_SM2)) { this.z = GMUtil.getSM2Z(curveOid, pubPointX, pubPointY); this.mechanism = PKCS11Constants.CKM_VENDOR_SM2; Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else { this.z = null; // not required Long ll = hashMechMap.get(hashAlgo); if (ll == null) { throw new XiSecurityException("hash algorithm " + hashAlgo + " is not suitable for SM2"); } this.mechanism = ll.longValue(); if (!slot.supportsMechanism(this.mechanism)) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } this.outputStream = new ByteArrayOutputStream(); } }
P11ECDSAContentSigner(P11CryptService cryptService, P11IdentityId identityId, AlgorithmIdentifier signatureAlgId, boolean plain) throws XiSecurityException, P11TokenException { this.cryptService = ParamUtil.requireNonNull("cryptService", cryptService); this.identityId = ParamUtil.requireNonNull("identityId", identityId); this.algorithmIdentifier = ParamUtil.requireNonNull("signatureAlgId", signatureAlgId); try { this.encodedAlgorithmIdentifier = algorithmIdentifier.getEncoded(); } catch (IOException ex) { throw new XiSecurityException("could not encode AlgorithmIdentifier", ex); } this.plain = plain; String algOid = signatureAlgId.getAlgorithm().getId(); HashAlgo hashAlgo = sigAlgHashMap.get(algOid); if (hashAlgo == null) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } P11Slot slot = cryptService.getSlot(identityId.getSlotId()); if (slot.supportsMechanism(PKCS11Constants.CKM_ECDSA)) { this.mechanism = PKCS11Constants.CKM_ECDSA; Digest digest = hashAlgo.createDigest(); this.outputStream = new DigestOutputStream(digest); } else { this.mechanism = hashMechMap.get(hashAlgo).longValue(); if (!slot.supportsMechanism(this.mechanism)) { throw new XiSecurityException("unsupported signature algorithm " + algOid); } this.outputStream = new ByteArrayOutputStream(); } }
P11SlotIdentifier slotId = identityId.getSlotId(); P11Slot slot = cryptService.getSlot(slotId); if (slot.supportsMechanism(PKCS11Constants.CKM_RSA_PKCS)) {
P11SlotIdentifier slotId = identityId.getSlotId(); P11Slot slot = cryptService.getSlot(slotId); if (slot.supportsMechanism(PKCS11Constants.CKM_DSA)) {
P11Slot slot = cryptService.getSlot(identityId.getSlotId()); if (slot.supportsMechanism(PKCS11Constants.CKM_VENDOR_SM2)) { this.z = GMUtil.getSM2Z(curveOid, pubPointX, pubPointY);
private P11Identity parseGenerateKeyResult(byte[] resp, boolean needsPublicKey) throws P11TokenException { if (resp == null) { throw new P11TokenException("server returned no result"); } ProxyMessage.IdentityId ei; try { ei = ProxyMessage.IdentityId.getInstance(resp); } catch (BadAsn1ObjectException ex) { throw new P11TokenException( "invalid ASN1 object Asn1P11EntityIdentifier: " + ex.getMessage(), ex); } if (!slotId.equals(ei.getValue().getSlotId())) { throw new P11TokenException("returned identity has different slodId"); } P11IdentityId identityId = ei.getValue(); if (needsPublicKey) { PublicKey publicKey = getPublicKey(identityId.getPublicKeyId()); return new ProxyP11Identity(this, identityId, publicKey, null); } else { return new ProxyP11Identity(this, identityId); } }
P11SlotIdentifier slotId = identityId.getSlotId(); P11Slot slot = cryptService.getSlot(slotId); if (slot.supportsMechanism(PKCS11Constants.CKM_RSA_PKCS_PSS)) {
P11SlotIdentifier slotId = identityId.getSlotId(); P11Slot slot = cryptService.getSlot(slotId); if (slot.supportsMechanism(PKCS11Constants.CKM_RSA_PKCS_PSS)) {
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new SlotIdentifier(value.getSlotId())); vector.add(new ObjectIdentifier(value.getKeyId())); if (value.getPublicKeyId() != null) { String label = value.getPublicKeyId().getLabel(); vector.add(new DERTaggedObject(true, 1, new DERUTF8String(label))); } if (value.getCertId() != null) { String label = value.getCertId().getLabel(); vector.add(new DERTaggedObject(true, 2, new DERUTF8String(label))); } return new DERSequence(vector); }
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new Asn1P11SlotIdentifier(value.getSlotId())); vector.add(new Asn1P11ObjectIdentifier(value.getKeyId())); if (value.getPublicKeyId() != null) { String label = value.getPublicKeyId().getLabel(); vector.add(new DERTaggedObject(true, 1, new DERUTF8String(label))); } if (value.getCertId() != null) { String label = value.getCertId().getLabel(); vector.add(new DERTaggedObject(true, 2, new DERUTF8String(label))); } return new DERSequence(vector); }