Package se.swedenconnect.security.credential.pkcs11

Interface Pkcs11CertificatesAccessor

All Superinterfaces:

Pkcs11ObjectAccessor<X509Certificate[]>

All Known Implementing Classes:

SunPkcs11CertificatesAccessor

public interface Pkcs11CertificatesAccessor
extends Pkcs11ObjectAccessor<X509Certificate[]>

A functional interface for getting a reference to a certificate chain residing on a PKCS#11 device.

Author:

Martin Lindström

Method Summary

Modifier and Type	Method	Description
X509Certificate[]	get(Provider provider, String alias, char[] pin)	Gets the certificate chain for the alias.

Method Details

get

@Nullable
X509Certificate[] get(@Nonnull
 Provider provider,
 @Nonnull
 String alias,
 @Nonnull
 char[] pin)
               throws SecurityException

Gets the certificate chain for the alias. The entity certificate must be placed first in the resulting array.

For PKCS#11 devices where no certificate is present (it may be held outside of the device), null should be returned.

Specified by:

get in interface Pkcs11ObjectAccessor<X509Certificate[]>

Parameters:

provider - the security provider to use

alias - the alias to the entry holding the object

pin - the PIN needed to access the entry

Returns:

an object reference or null if the object is not available

Throws:

SecurityException - if the operation is not successful