private void assertCanGenKeypair(String methodName, long mechanism, P11NewKeyControl control) throws P11UnsupportedMechanismException, P11PermissionException, P11DuplicateEntityException { ParamUtil.requireNonNull("control", control); assertWritable(methodName); assertMechanismSupported(mechanism); assertNoIdentityAndCert(control.getId(), control.getLabel()); }
/** * Generates a secret key in the PKCS#11 token. * * @param keyType * Key type * @param keysize * Key size in bit * @param control * Control of the key generation process. Must not be {@code null}. * @return the identifier of the identity within the PKCS#11 token. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public P11IdentityId generateSecretKey(long keyType, int keysize, P11NewKeyControl control) throws P11TokenException { assertWritable("generateSecretKey"); ParamUtil.requireNonNull("control", control); assertNoIdentityAndCert(control.getId(), control.getLabel()); P11Identity identity = generateSecretKey0(keyType, keysize, control); addIdentity(identity); P11IdentityId id = identity.getId(); LOG.info("generated secret key {}", id); return id; }
/** * Imports secret key object in the PKCS#11 token. The key itself will not be generated * within the PKCS#11 token. * * @param keyType * Key type * @param keyValue * Key value. Must not be {@code null}. * @param control * Control of the key generation process. Must not be {@code null}. * @return the identifier of the key within the PKCS#11 token. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public P11ObjectIdentifier importSecretKey(long keyType, byte[] keyValue, P11NewKeyControl control) throws P11TokenException { ParamUtil.requireNonNull("control", control); assertWritable("createSecretKey"); assertNoIdentityAndCert(control.getId(), control.getLabel()); P11Identity identity = importSecretKey0(keyType, keyValue, control); addIdentity(identity); P11ObjectIdentifier objId = identity.getId().getKeyId(); LOG.info("created secret key {}", objId); return objId; }
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(new DERUTF8String(control.getLabel())); byte[] id = control.getId(); if (id != null) { vector.add(new DERTaggedObject(0, new DEROctetString(id))); } Set<KeyUsage> usages = control.getUsages(); if (CollectionUtil.isNonEmpty(usages)) { ASN1EncodableVector asn1Usages = new ASN1EncodableVector(); for (KeyUsage usage : usages) { int value = usageToValueMap.get(usage); asn1Usages.add(new ASN1Enumerated(value)); } vector.add(new DERTaggedObject(1, new DERSequence(asn1Usages))); } if (control.getExtractable() != null) { vector.add(new DERTaggedObject(2, ASN1Boolean.getInstance(control.getExtractable()))); } return new DERSequence(vector); }