org.xipki.security.pkcs11.proxy

Class ProxyP11Slot

java.lang.Object

org.xipki.security.pkcs11.P11Slot

org.xipki.security.pkcs11.proxy.ProxyP11Slot

All Implemented Interfaces:

Closeable, AutoCloseable

public class ProxyP11Slot
extends P11Slot

TODO.

Since:

2.0.0

Author:

Lijun Liao

Nested Class Summary

Nested classes/interfaces inherited from class org.xipki.security.pkcs11.P11Slot

P11Slot.P11KeyUsage, P11Slot.P11NewKeyControl, P11Slot.P11NewObjectControl, P11Slot.P11SlotRefreshResult

Field Summary

Fields inherited from class org.xipki.security.pkcs11.P11Slot

moduleName

Method Summary

Modifier and Type	Method and Description
protected P11ObjectIdentifier	addCert0(X509Certificate cert, P11Slot.P11NewObjectControl control) Adds the certificate to the PKCS#11 token under the given identifier objectId.
void	close()
protected P11Identity	generateDSAKeypair0(BigInteger p, BigInteger q, BigInteger g, P11Slot.P11NewKeyControl control) Generates a DSA keypair.
protected P11Identity	generateECKeypair0(org.bouncycastle.asn1.ASN1ObjectIdentifier curveId, P11Slot.P11NewKeyControl control) Generates an EC keypair.
protected P11Identity	generateRSAKeypair0(int keysize, BigInteger publicExponent, P11Slot.P11NewKeyControl control) Generates an RSA keypair.
protected P11Identity	generateSecretKey0(long keyType, int keysize, P11Slot.P11NewKeyControl control) Generates a secret key in the PKCS#11 token.
protected P11Identity	generateSM2Keypair0(P11Slot.P11NewKeyControl control) Generates an SM2p256v1 keypair.
protected P11Identity	importSecretKey0(long keyType, byte[] keyValue, P11Slot.P11NewKeyControl control) Imports secret key object in the PKCS#11 token.
protected P11Slot.P11SlotRefreshResult	refresh0()
protected void	removeCerts0(P11ObjectIdentifier objectId)
protected void	removeIdentity0(P11IdentityId identityId) Removes the key (private key, public key, secret key, and certificates) associated with the given identifier objectId.
int	removeObjects(byte[] id, String label) TODO.
protected void	updateCertificate0(P11ObjectIdentifier objectId, X509Certificate newCert) Updates the certificate associated with the given objectId with the given certificate newCert.

Methods inherited from class org.xipki.security.pkcs11.P11Slot

addCert, addIdentity, assertMechanismSupported, assertNoIdentityAndCert, assertWritable, decodeHex, existsCertForId, existsIdentityForId, exportCert, generateDSAKeypair, generateDSAKeypair, generateECKeypair, generateLabel, generateRSAKeypair, generateSecretKey, generateSM2Keypair, getCert, getCertForId, getCertIds, getDescription, getDescription, getIdentity, getIdentityId, getIdentityKeyIds, getMechanisms, getModuleName, getObjectId, getSlotId, hasIdentity, hex, importSecretKey, isReadOnly, refresh, removeCerts, removeIdentity, removeIdentityByKeyId, showDetails, supportsMechanism, updateCertificate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

refresh0

protected P11Slot.P11SlotRefreshResult refresh0()
                                         throws P11TokenException

Specified by:

refresh0 in class P11Slot

Throws:

P11TokenException

close

public void close()

Specified by:

close in interface Closeable

Specified by:

close in interface AutoCloseable

Specified by:

close in class P11Slot

removeObjects

public int removeObjects(byte[] id,
                         String label)
                  throws P11TokenException

Description copied from class: P11Slot

TODO.

Specified by:

removeObjects in class P11Slot

Parameters:

id - Id of the objects to be deleted. At least one of id and label may not be null.

label - Label of the objects to be deleted

Returns:

how many objects have been deleted

Throws:

P11TokenException - If PKCS#11 error happens.

removeIdentity0

protected void removeIdentity0(P11IdentityId identityId)
                        throws P11TokenException

Description copied from class: P11Slot

Removes the key (private key, public key, secret key, and certificates) associated with the given identifier objectId.

Specified by:

removeIdentity0 in class P11Slot

Parameters:

identityId - Identity identifier. Must not be null.

Throws:

P11TokenException - if PKCS#11 token exception occurs.

addCert0

protected P11ObjectIdentifier addCert0(X509Certificate cert,
                                       P11Slot.P11NewObjectControl control)
                                throws P11TokenException,
                                       CertificateException

Description copied from class: P11Slot

Adds the certificate to the PKCS#11 token under the given identifier objectId.

Specified by:

addCert0 in class P11Slot

Parameters:

cert - Certificate to be added. Must not be null.

control - Control of the object creation process. Must not be null.

Returns:

the PKCS#11 identifier of the added certificate.

Throws:

P11TokenException - if PKCS#11 token exception occurs.

CertificateException - if process with certificate fails.

removeCerts0

protected void removeCerts0(P11ObjectIdentifier objectId)
                     throws P11TokenException

Specified by:

removeCerts0 in class P11Slot

Throws:

P11TokenException

generateSecretKey0

protected P11Identity generateSecretKey0(long keyType,
                                         int keysize,
                                         P11Slot.P11NewKeyControl control)
                                  throws P11TokenException

Description copied from class: P11Slot

Generates a secret key in the PKCS#11 token.

Specified by:

generateSecretKey0 in class P11Slot

Parameters:

keyType - key type

keysize - key size

control - Control of the key generation process. Must not be null.

Returns:

the identifier of the key within the PKCS#11 token.

Throws:

P11TokenException - if PKCS#11 token exception occurs.

importSecretKey0

protected P11Identity importSecretKey0(long keyType,
                                       byte[] keyValue,
                                       P11Slot.P11NewKeyControl control)
                                throws P11TokenException

Description copied from class: P11Slot

Imports secret key object in the PKCS#11 token. The key itself will not be generated within the PKCS#11 token.

Specified by:

importSecretKey0 in class P11Slot

Parameters:

keyType - key type.

keyValue - Key value. Must not be null.

control - Control of the key generation process. Must not be null.

Returns:

the identifier of the key within the PKCS#P11 token.

Throws:

P11TokenException - if PKCS#11 token exception occurs.

generateRSAKeypair0

protected P11Identity generateRSAKeypair0(int keysize,
                                          BigInteger publicExponent,
                                          P11Slot.P11NewKeyControl control)
                                   throws P11TokenException

Description copied from class: P11Slot

Generates an RSA keypair.

Specified by:

generateRSAKeypair0 in class P11Slot

Parameters:

keysize - key size in bit

publicExponent - RSA public exponent. Could be null.

control - Control of the key generation process. Must not be null.

Returns:

the identifier of the key within the PKCS#P11 token.

Throws:

P11TokenException - if PKCS#11 token exception occurs.

generateDSAKeypair0

protected P11Identity generateDSAKeypair0(BigInteger p,
                                          BigInteger q,
                                          BigInteger g,
                                          P11Slot.P11NewKeyControl control)
                                   throws P11TokenException

Description copied from class: P11Slot

Generates a DSA keypair.

Specified by:

generateDSAKeypair0 in class P11Slot

Parameters:

p - p of DSA. Must not be null.

q - q of DSA. Must not be null.

g - g of DSA. Must not be null.

control - Control of the key generation process. Must not be null.

Returns:

the identifier of the key within the PKCS#P11 token.

Throws:

P11TokenException - if PKCS#11 token exception occurs.

generateECKeypair0

protected P11Identity generateECKeypair0(org.bouncycastle.asn1.ASN1ObjectIdentifier curveId,
                                         P11Slot.P11NewKeyControl control)
                                  throws P11TokenException

Description copied from class: P11Slot

Generates an EC keypair.

Specified by:

generateECKeypair0 in class P11Slot

Parameters:

curveId - Object identifier of the EC curve. Must not be null.

control - Control of the key generation process. Must not be null.

Returns:

the identifier of the key within the PKCS#P11 token.

Throws:

P11TokenException - if PKCS#11 token exception occurs.

generateSM2Keypair0

protected P11Identity generateSM2Keypair0(P11Slot.P11NewKeyControl control)
                                   throws P11TokenException

Description copied from class: P11Slot

Generates an SM2p256v1 keypair.

Specified by:

generateSM2Keypair0 in class P11Slot

Parameters:

control - Control of the key generation process. Must not be null.

Returns:

the identifier of the key within the PKCS#P11 token.

Throws:

P11TokenException - if PKCS#11 token exception occurs.

updateCertificate0

protected void updateCertificate0(P11ObjectIdentifier objectId,
                                  X509Certificate newCert)
                           throws P11TokenException,
                                  CertificateException

Description copied from class: P11Slot

Updates the certificate associated with the given objectId with the given certificate newCert.

Specified by:

updateCertificate0 in class P11Slot

Parameters:

objectId - Object identifier of the private key. Must not be null.

newCert - Certificate to be added. Must not be null.

Throws:

P11TokenException - if PKCS#11 token exception occurs.

CertificateException - if process with certificate fails.