/** * Removes the key (private key, public key, secret key, and certificates) associated with * the given identifier {@code objectId}. * * @param keyId * Key identifier. Must not be {@code null}. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public void removeIdentityByKeyId(P11ObjectIdentifier keyId) throws P11TokenException { ParamUtil.requireNonNull("keyId", keyId); assertWritable("removeIdentityByKeyId"); P11IdentityId entityId = null; if (identities.containsKey(keyId)) { entityId = identities.get(keyId).getId(); if (entityId.getCertId() != null) { certificates.remove(entityId.getCertId()); } identities.get(keyId).setCertificates(null); identities.remove(keyId); updateCaCertsOfIdentities(); removeIdentity0(entityId); } }
/** * Removes the key (private key, public key, secret key, and certificates) associated with * the given identifier {@code objectId}. * * @param keyId * Key identifier. Must not be {@code null}. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public void removeIdentityByKeyId(P11ObjectIdentifier keyId) throws P11TokenException { Args.notNull(keyId, "keyId"); assertWritable("removeIdentityByKeyId"); P11IdentityId entityId = null; if (identities.containsKey(keyId)) { entityId = identities.get(keyId).getId(); if (entityId.getCertId() != null) { certificates.remove(entityId.getCertId()); } identities.get(keyId).setCertificates(null); identities.remove(keyId); updateCaCertsOfIdentities(); removeIdentity0(entityId); } }
/** * Removes the key (private key, public key, secret key, and certificates) associated with * the given identifier {@code objectId}. * * @param identityId * Identity identifier. Must not be {@code null}. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public void removeIdentity(P11IdentityId identityId) throws P11TokenException { Args.notNull(identityId, "identityId"); assertWritable("removeIdentity"); P11ObjectIdentifier keyId = identityId.getKeyId(); if (identities.containsKey(keyId)) { if (identityId.getCertId() != null) { certificates.remove(identityId.getCertId()); } identities.get(keyId).setCertificates(null); identities.remove(keyId); updateCaCertsOfIdentities(); } removeIdentity0(identityId); }
/** * Removes the key (private key, public key, secret key, and certificates) associated with * the given identifier {@code objectId}. * * @param identityId * Identity identifier. Must not be {@code null}. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public void removeIdentity(P11IdentityId identityId) throws P11TokenException { ParamUtil.requireNonNull("identityId", identityId); assertWritable("removeIdentity"); P11ObjectIdentifier keyId = identityId.getKeyId(); if (identities.containsKey(keyId)) { if (identityId.getCertId() != null) { certificates.remove(identityId.getCertId()); } identities.get(keyId).setCertificates(null); identities.remove(keyId); updateCaCertsOfIdentities(); } removeIdentity0(identityId); }
/** * TODO. * @param objectId * Object identifier. Must not be {@code null}. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public void removeCerts(P11ObjectIdentifier objectId) throws P11TokenException { Args.notNull(objectId, "objectId"); assertWritable("removeCerts"); P11ObjectIdentifier keyId = null; for (P11ObjectIdentifier m : identities.keySet()) { P11Identity identity = identities.get(m); if (objectId.equals(identity.getId().getCertId())) { keyId = m; break; } } if (keyId != null) { certificates.remove(objectId); identities.get(keyId).setCertificates(null); } else if (certificates.containsKey(objectId)) { certificates.remove(objectId); } else { throw new P11UnknownEntityException(slotId, objectId); } updateCaCertsOfIdentities(); removeCerts0(objectId); }
/** * TODO. * @param objectId * Object identifier. Must not be {@code null}. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public void removeCerts(P11ObjectIdentifier objectId) throws P11TokenException { ParamUtil.requireNonNull("objectId", objectId); assertWritable("removeCerts"); P11ObjectIdentifier keyId = null; for (P11ObjectIdentifier m : identities.keySet()) { P11Identity identity = identities.get(m); if (objectId.equals(identity.getId().getCertId())) { keyId = m; break; } } if (keyId != null) { certificates.remove(objectId); identities.get(keyId).setCertificates(null); } else if (certificates.containsKey(objectId)) { certificates.remove(objectId); } else { throw new P11UnknownEntityException(slotId, objectId); } updateCaCertsOfIdentities(); removeCerts0(objectId); }
private void assertCanGenKeypair(String methodName, long mechanism, P11NewKeyControl control) throws P11UnsupportedMechanismException, P11PermissionException, P11DuplicateEntityException { ParamUtil.requireNonNull("control", control); assertWritable(methodName); assertMechanismSupported(mechanism); assertNoIdentityAndCert(control.getId(), control.getLabel()); }
private void assertCanGenKeypair(String methodName, long mechanism, P11NewKeyControl control) throws P11UnsupportedMechanismException, P11PermissionException, P11DuplicateEntityException { Args.notNull(control, "control"); assertWritable(methodName); assertMechanismSupported(mechanism); assertNoIdentityAndCert(control.getId(), control.getLabel()); }
ParamUtil.requireNonNull("keyId", keyId); ParamUtil.requireNonNull("newCert", newCert); assertWritable("updateCertificate");
/** * Generates a secret key in the PKCS#11 token. * * @param keyType * Key type * @param keysize * Key size in bit * @param control * Control of the key generation process. Must not be {@code null}. * @return the identifier of the identity within the PKCS#11 token. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public P11IdentityId generateSecretKey(long keyType, int keysize, P11NewKeyControl control) throws P11TokenException { assertWritable("generateSecretKey"); ParamUtil.requireNonNull("control", control); assertNoIdentityAndCert(control.getId(), control.getLabel()); P11Identity identity = generateSecretKey0(keyType, keysize, control); addIdentity(identity); P11IdentityId id = identity.getId(); LOG.info("generated secret key {}", id); return id; }
Args.notNull(keyId, "keyId"); Args.notNull(newCert, "newCert"); assertWritable("updateCertificate");
/** * Adds the certificate to the PKCS#11 token under the given identifier {@code objectId}. * * @param cert * Certificate to be added. Must not be {@code null}. * @param control * Control of the object creation process. Must not be {@code null}. * @throws CertificateException * if process with certificate fails. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public P11ObjectIdentifier addCert(X509Certificate cert, P11NewObjectControl control) throws P11TokenException, CertificateException { ParamUtil.requireNonNull("cert", cert); ParamUtil.requireNonNull("control", control); assertWritable("addCert"); if (control.getLabel() == null) { String cn = X509Util.getCommonName(cert.getSubjectX500Principal()); control = new P11NewObjectControl(control.getId(), generateLabel(cn)); } P11ObjectIdentifier objectId = addCert0(cert, control); certificates.put(objectId, new X509Cert(cert)); updateCaCertsOfIdentities(); LOG.info("added certificate {}", objectId); return objectId; }
/** * Adds the certificate to the PKCS#11 token under the given identifier {@code objectId}. * * @param cert * Certificate to be added. Must not be {@code null}. * @param control * Control of the object creation process. Must not be {@code null}. * @throws CertificateException * if process with certificate fails. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public P11ObjectIdentifier addCert(X509Certificate cert, P11NewObjectControl control) throws P11TokenException, CertificateException { Args.notNull(cert, "cert"); Args.notNull(control, "control"); assertWritable("addCert"); if (control.getLabel() == null) { String cn = X509Util.getCommonName(cert.getSubjectX500Principal()); control = new P11NewObjectControl(control.getId(), generateLabel(cn)); } P11ObjectIdentifier objectId = addCert0(cert, control); certificates.put(objectId, new X509Cert(cert)); updateCaCertsOfIdentities(); LOG.info("added certificate {}", objectId); return objectId; }
/** * Generates a secret key in the PKCS#11 token. * * @param keyType * Key type * @param keysize * Key size in bit * @param control * Control of the key generation process. Must not be {@code null}. * @return the identifier of the identity within the PKCS#11 token. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public P11IdentityId generateSecretKey(long keyType, int keysize, P11NewKeyControl control) throws P11TokenException { assertWritable("generateSecretKey"); Args.notNull(control, "control"); assertNoIdentityAndCert(control.getId(), control.getLabel()); P11Identity identity = generateSecretKey0(keyType, keysize, control); addIdentity(identity); P11IdentityId id = identity.getId(); LOG.info("generated secret key {}", id); return id; }
/** * Imports secret key object in the PKCS#11 token. The key itself will not be generated * within the PKCS#11 token. * * @param keyType * Key type * @param keyValue * Key value. Must not be {@code null}. * @param control * Control of the key generation process. Must not be {@code null}. * @return the identifier of the key within the PKCS#11 token. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public P11ObjectIdentifier importSecretKey(long keyType, byte[] keyValue, P11NewKeyControl control) throws P11TokenException { ParamUtil.requireNonNull("control", control); assertWritable("createSecretKey"); assertNoIdentityAndCert(control.getId(), control.getLabel()); P11Identity identity = importSecretKey0(keyType, keyValue, control); addIdentity(identity); P11ObjectIdentifier objId = identity.getId().getKeyId(); LOG.info("created secret key {}", objId); return objId; }
/** * Imports secret key object in the PKCS#11 token. The key itself will not be generated * within the PKCS#11 token. * * @param keyType * Key type * @param keyValue * Key value. Must not be {@code null}. * @param control * Control of the key generation process. Must not be {@code null}. * @return the identifier of the key within the PKCS#11 token. * @throws P11TokenException * if PKCS#11 token exception occurs. */ public P11ObjectIdentifier importSecretKey(long keyType, byte[] keyValue, P11NewKeyControl control) throws P11TokenException { Args.notNull(control, "control"); assertWritable("createSecretKey"); assertNoIdentityAndCert(control.getId(), control.getLabel()); P11Identity identity = importSecretKey0(keyType, keyValue, control); addIdentity(identity); P11ObjectIdentifier objId = identity.getId().getKeyId(); LOG.info("created secret key {}", objId); return objId; }