private X509Certificate getIssuerForCert(final X509Certificate cert) { try { if (X509Util.isSelfSigned(cert)) { return null; } for (X509Cert cert2 : certificates.values()) { if (cert2.cert() == cert) { continue; } if (X509Util.issues(cert2.cert(), cert)) { return cert2.cert(); } } } catch (CertificateEncodingException ex) { LOG.warn("invalid encoding of certificate {}", ex.getMessage()); } return null; }
sb.append("\tCert-").append(i + 1).append(". ").append(objectId.label()); sb.append(" (").append("id: ").append(objectId.label()).append(")\n"); formatString(null, verbose, sb, certificates.get(objectId).cert());
@Override public X509Certificate exportCert(final P11ObjectIdentifier objectId) throws P11TokenException, CertificateException { ParamUtil.requireNonNull("objectId", objectId); try { return getIdentity(objectId).certificate(); } catch (P11UnknownEntityException ex) { // CHECKSTYLE:SKIP } X509Cert cert = certificates.get(objectId); if (cert == null) { throw new P11UnknownEntityException(slotId, objectId); } return cert.cert(); }
private static X509PublicKeyCertificate createPkcs11Template(final X509Cert cert, final byte[] keyId, final char[] label) { if (label == null || label.length == 0) { throw new IllegalArgumentException("label must not be null or empty"); } X509PublicKeyCertificate newCertTemp = new X509PublicKeyCertificate(); newCertTemp.getId().setByteArrayValue(keyId); newCertTemp.getLabel().setCharArrayValue(label); newCertTemp.getToken().setBooleanValue(true); newCertTemp.getCertificateType().setLongValue(CertificateType.X_509_PUBLIC_KEY); newCertTemp.getSubject().setByteArrayValue( cert.cert().getSubjectX500Principal().getEncoded()); newCertTemp.getIssuer().setByteArrayValue( cert.cert().getIssuerX500Principal().getEncoded()); newCertTemp.getSerialNumber().setByteArrayValue( cert.cert().getSerialNumber().toByteArray()); newCertTemp.getValue().setByteArrayValue(cert.encodedCert()); return newCertTemp; }
private void analyseSingleKey(final PrivateKey privKey, final P11SlotRefreshResult refreshResult) throws P11TokenException, XiSecurityException { byte[] id = privKey.getId().getByteArrayValue(); java.security.PublicKey pubKey = null; X509Cert cert = refreshResult.getCertForId(id); if (cert != null) { pubKey = cert.cert().getPublicKey(); } else { PublicKey p11PublicKey = getPublicKeyObject(id, null); if (p11PublicKey == null) { LOG.info("neither certificate nor public key for the key (" + Hex.toHexString(id) + " is available"); return; } pubKey = generatePublicKey(p11PublicKey); } P11ObjectIdentifier objectId = new P11ObjectIdentifier(id, toString(privKey.getLabel())); X509Certificate[] certs = (cert == null) ? null : new X509Certificate[]{cert.cert()}; IaikP11Identity identity = new IaikP11Identity(this, new P11EntityIdentifier(slotId, objectId), privKey, pubKey, certs); refreshResult.addIdentity(identity); }