Class SunPkcs11CertificatesAccessor
java.lang.Object
se.swedenconnect.security.credential.pkcs11.SunPkcs11CertificatesAccessor
- All Implemented Interfaces:
Pkcs11CertificatesAccessor,Pkcs11ObjectAccessor<X509Certificate[]>
An implementation of the
Pkcs11CertificatesAccessor interface for the SunPKCS11 security provider and other
providers that implement the Java KeyStoreSpi.- Author:
- Martin Lindström
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionGets the certificates from the PKCS#11 keystore at the given alias/slot.Gets the certificate chain for the alias.
-
Constructor Details
-
SunPkcs11CertificatesAccessor
public SunPkcs11CertificatesAccessor()
-
-
Method Details
-
get
@Nullable public X509Certificate[] get(@Nonnull Provider provider, @Nonnull String alias, @Nonnull char[] pin) throws SecurityException Gets the certificate chain for the alias. The entity certificate must be placed first in the resulting array.For PKCS#11 devices where no certificate is present (it may be held outside of the device),
nullshould be returned.- Specified by:
getin interfacePkcs11CertificatesAccessor- Specified by:
getin interfacePkcs11ObjectAccessor<X509Certificate[]>- Parameters:
provider- the security provider to usealias- the alias to the entry holding the objectpin- the PIN needed to access the entry- Returns:
- an object reference or
nullif the object is not available - Throws:
SecurityException- if the operation is not successful
-
get
@Nullable public X509Certificate[] get(@Nonnull KeyStore keyStore, @Nonnull String alias) throws KeyStoreException Gets the certificates from the PKCS#11 keystore at the given alias/slot.- Parameters:
keyStore- the keystorealias- the alias- Returns:
- a certificate chain for the alias, where the entity certificate must be placed first in the resulting
array, or
nullif no certificates are present - Throws:
KeyStoreException- for errors accessing the entry
-