Class SunPkcs11CertificatesAccessor

java.lang.Object
se.swedenconnect.security.credential.pkcs11.SunPkcs11CertificatesAccessor
All Implemented Interfaces:
Pkcs11CertificatesAccessor, Pkcs11ObjectAccessor<X509Certificate[]>

public class SunPkcs11CertificatesAccessor extends Object implements Pkcs11CertificatesAccessor
An implementation of the Pkcs11CertificatesAccessor interface for the SunPKCS11 security provider and other providers that implement the Java KeyStoreSpi.
Author:
Martin Lindström
  • Constructor Details

    • SunPkcs11CertificatesAccessor

      public SunPkcs11CertificatesAccessor()
  • Method Details

    • get

      @Nullable public X509Certificate[] get(@Nonnull Provider provider, @Nonnull String alias, @Nonnull char[] pin) throws SecurityException
      Gets the certificate chain for the alias. The entity certificate must be placed first in the resulting array.

      For PKCS#11 devices where no certificate is present (it may be held outside of the device), null should be returned.

      Specified by:
      get in interface Pkcs11CertificatesAccessor
      Specified by:
      get in interface Pkcs11ObjectAccessor<X509Certificate[]>
      Parameters:
      provider - the security provider to use
      alias - the alias to the entry holding the object
      pin - the PIN needed to access the entry
      Returns:
      an object reference or null if the object is not available
      Throws:
      SecurityException - if the operation is not successful
    • get

      @Nullable public X509Certificate[] get(@Nonnull KeyStore keyStore, @Nonnull String alias) throws KeyStoreException
      Gets the certificates from the PKCS#11 keystore at the given alias/slot.
      Parameters:
      keyStore - the keystore
      alias - the alias
      Returns:
      a certificate chain for the alias, where the entity certificate must be placed first in the resulting array, or null if no certificates are present
      Throws:
      KeyStoreException - for errors accessing the entry