📄 pkcs11signer.java
字号:
* * @throws Throwable */ public void libFinalize() throws Throwable { log.println("\nfinalizing PKCS11 module..."); getPkcs11().finalize(); log.println("finalized.\n"); } /** * Logs in to the current session; login is usually necessary to see and use * private key objects on the token. This method converts the given * <code>String</code> as a <code>char[]</code> and calls * {@link #login(char[])}. * * @param pwd * password as a String. * @throws PKCS11Exception */ public void login(String pwd) throws PKCS11Exception { login(pwd.toCharArray()); } /** * Logs in to the current session; login is usually necessary to see and use * private key objects on the token. * * @param pwd * password as a char[]. * @throws PKCS11Exception */ public void login(char[] pwd) throws PKCS11Exception { if (getSession() < 0) return; // log in as the normal user... pkcs11Module.C_Login(getSession(), PKCS11Constants.CKU_USER, pwd); log.println("\nUser logged into session."); } /** * Logs out the current user. * * @throws PKCS11Exception */ public void logout() throws PKCS11Exception { if (getSession() < 0) return; // log in as the normal user... pkcs11Module.C_Logout(getSession()); log.println("\nUser logged out.\n"); } /** * Gets currently loaded cryptoky description. * * @throws PKCS11Exception */ private void getModuleInfo() throws PKCS11Exception { log.println("getting PKCS#11 module info"); CK_INFO moduleInfo = pkcs11Module.C_GetInfo(); log.println(moduleInfo); } /** * Gets current reader infos. * * @throws PKCS11Exception */ private long[] getSlotList() throws PKCS11Exception { log.println("getting slot list"); long[] slotIDs = null; //get all slots slotIDs = pkcs11Module.C_GetSlotList(false); CK_SLOT_INFO slotInfo; for (int i = 0; i < slotIDs.length; i++) { log.println("Slot Info: "); slotInfo = pkcs11Module.C_GetSlotInfo(slotIDs[i]); log.println(slotInfo); } return slotIDs; } /** * Lists currently inserted tokens and relative infos. * * @throws PKCS11Exception */ private long[] getTokenList() throws PKCS11Exception { log.println("\ngetting token list"); long[] tokenIDs = null; //get only slots with a token present tokenIDs = pkcs11Module.C_GetSlotList(true); CK_TOKEN_INFO tokenInfo; log.println(tokenIDs.length + " tokens found."); for (int i = 0; i < tokenIDs.length; i++) { log.println(i + ") Info for token with handle: " + tokenIDs[i]); tokenInfo = pkcs11Module.C_GetTokenInfo(tokenIDs[i]); log.println(tokenInfo); } return tokenIDs; } /** * Gets informations on cryptographic operations supported by the tokens. * * @throws PKCS11Exception */ public void getMechanismInfo() throws PKCS11Exception { CK_MECHANISM_INFO mechanismInfo; log.println("\ngetting mechanism list..."); long[] slotIDs = getTokenList(); for (int i = 0; i < slotIDs.length; i++) { log.println("getting mechanism list for slot " + slotIDs[i]); long[] mechanismIDs = pkcs11Module.C_GetMechanismList(slotIDs[i]); for (int j = 0; j < mechanismIDs.length; j++) { log.println("mechanism info for mechanism id " + mechanismIDs[j] + "->" + Functions.mechanismCodeToString(mechanismIDs[j]) + ": "); mechanismInfo = pkcs11Module.C_GetMechanismInfo(slotIDs[i], mechanismIDs[j]); log.println(mechanismInfo); } } } public long findSuitableToken(long mechanismCode) throws PKCS11Exception { long token = -1L; ArrayList tokenList = findTokensSupportingMechanism(mechanismCode); String mechanismString = Functions.mechanismCodeToString(mechanismCode); if (tokenList == null){ log.println("\nSorry, no Token supports the required mechanism " + mechanismString + "!"); return -1L; } Iterator i = tokenList.iterator(); long currToken = -1L; while (i.hasNext() && (token == -1L)) { currToken = ((Long) i.next()).longValue(); log.println("\nToken with handle " + currToken + " supports required mechanism " + mechanismString + "."); try { if (findCertificateWithNonRepudiationCritical(currToken) != -1L) token = currToken; } catch (CertificateException e) { log.println(e); } catch (TokenException e) { log.println(e); } } return token; } public ArrayList findTokensSupportingMechanism(long mechanismCode) throws PKCS11Exception { ArrayList tokenList = null; String mechanismString = Functions.mechanismCodeToString(mechanismCode); long[] tokenIDs = getTokenList(); for (int i = 0; i < tokenIDs.length; i++) if (isMechanismSupportedByToken(mechanismCode, tokenIDs[i])) { if (tokenList == null) tokenList = new ArrayList(); tokenList.add(new Long(tokenIDs[i])); } return tokenList; } /** * Queries if there is a token that supporting a given cryptographic * operation. * * @param mechanismCode * the ID of the required mechanism. * @return the handle if the token supporting the given mechanism, -1 * otherwise. * @throws PKCS11Exception */ public long getTokenSupportingMechanism(long mechanismCode) throws PKCS11Exception { long token = -1L; String mechanismString = Functions.mechanismCodeToString(mechanismCode); long[] tokenIDs = getTokenList(); for (int i = 0; (i < tokenIDs.length) && (token < 0); i++) if (isMechanismSupportedByToken(mechanismCode, tokenIDs[i])) token = tokenIDs[i]; log.println((token >= 0) ? "\nToken with handle " + token + " supports required mechanism " + mechanismString + "." : "\nSorry, no Token supports the required mechanism " + mechanismString + "!"); return token; } /** * Tells if a given token supports a given cryptographic operation. Also * lists all supported mechanisms. * * @param mechanismCode * the mechanism ID. * @param tokenID * the token handla. * @return <code>true</code> if the token supports the mechanism. * @throws PKCS11Exception */ public boolean isMechanismSupportedByToken(long mechanismCode, long tokenID) throws PKCS11Exception { boolean isSupported = false; long[] mechanismIDs = pkcs11Module.C_GetMechanismList(tokenID); log.println("listing mechanisms:"); for (int i = 0; i < mechanismIDs.length; i++) log.println(mechanismIDs[i] + ": " + Functions.mechanismCodeToString(mechanismIDs[i])); Arrays.sort(mechanismIDs); isSupported = Arrays.binarySearch(mechanismIDs, mechanismCode) >= 0; return isSupported; } /** * Opens a session on a specific token. * * @param aTokenHandle * the token ID. * * @throws TokenException */ public long openSession(long aTokenHandle) throws TokenException { long sessionHandle = -1L; sessionHandle = pkcs11Module.C_OpenSession(aTokenHandle, PKCS11Constants.CKF_SERIAL_SESSION, null, null); log.println("\nSession with handle: " + sessionHandle + " opened on token with handle: " + aTokenHandle + " ."); return sessionHandle; } /** * Opens a session on the default token. * * @throws TokenException */ public void openSession() throws TokenException { long sessionHandle = -1L; if (getTokenHandle() >= 0) { sessionHandle = pkcs11Module.C_OpenSession(getTokenHandle(), PKCS11Constants.CKF_SERIAL_SESSION, null, null); setSession(sessionHandle); log.println("\nSession opened."); } else { log.println("No token found!"); } } /** * Opens a session on the token, logging in the user. * * @throws TokenException */ public void openSession(char[] password) throws TokenException { openSession(); login(password); } /** * Sets the cryptoky library * * @param newCryptokiLibrary * the cryptoki name. */ public void setCryptokiLibrary(java.lang.String newCryptokiLibrary) { cryptokiLibrary = newCryptokiLibrary; } /** * Sets the session handle. * * @param newSession */ private void setSession(long newSession) { this.sessionHandle = newSession; } /** * Gets the current token. * * @return Returns the token handle */ public long getTokenHandle() { return tokenHandle; } /** * Sets the current token handle. * * @param token * the token handle to set. */ public void setTokenHandle(long token) { this.tokenHandle = token; }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -