Class SunPkcs11CertificatesAccessor
java.lang.Object
se.swedenconnect.security.credential.pkcs11.SunPkcs11CertificatesAccessor
- All Implemented Interfaces:
Pkcs11CertificatesAccessor
,Pkcs11ObjectAccessor<X509Certificate[]>
An implementation of the
Pkcs11CertificatesAccessor
interface for the SunPKCS11 security provider and other
providers that implement the Java KeyStoreSpi
.- Author:
- Martin Lindström
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionGets the certificates from the PKCS#11 keystore at the given alias/slot.Gets the certificate chain for the alias.
-
Constructor Details
-
SunPkcs11CertificatesAccessor
public SunPkcs11CertificatesAccessor()
-
-
Method Details
-
get
@Nullable public X509Certificate[] get(@Nonnull Provider provider, @Nonnull String alias, @Nonnull char[] pin) throws SecurityException Gets the certificate chain for the alias. The entity certificate must be placed first in the resulting array.For PKCS#11 devices where no certificate is present (it may be held outside of the device),
null
should be returned.- Specified by:
get
in interfacePkcs11CertificatesAccessor
- Specified by:
get
in interfacePkcs11ObjectAccessor<X509Certificate[]>
- Parameters:
provider
- the security provider to usealias
- the alias to the entry holding the objectpin
- the PIN needed to access the entry- Returns:
- an object reference or
null
if the object is not available - Throws:
SecurityException
- if the operation is not successful
-
get
@Nullable public X509Certificate[] get(@Nonnull KeyStore keyStore, @Nonnull String alias) throws KeyStoreException Gets the certificates from the PKCS#11 keystore at the given alias/slot.- Parameters:
keyStore
- the keystorealias
- the alias- Returns:
- a certificate chain for the alias, where the entity certificate must be placed first in the resulting
array, or
null
if no certificates are present - Throws:
KeyStoreException
- for errors accessing the entry
-