@Override public P11ObjectIdentifier addCert(final X509Certificate cert) throws P11TokenException, CertificateException { ParamUtil.requireNonNull("cert", cert); assertWritable("addCert"); byte[] encodedCert = cert.getEncoded(); for (P11ObjectIdentifier objectId : certificates.keySet()) { X509Cert tmpCert = certificates.get(objectId); if (Arrays.equals(encodedCert, tmpCert.encodedCert())) { return objectId; } } byte[] id = generateId(); String cn = X509Util.getCommonName(cert.getSubjectX500Principal()); String label = generateLabel(cn); P11ObjectIdentifier objectId = new P11ObjectIdentifier(id, label); addCert(objectId, cert); return objectId; }
private static X509PublicKeyCertificate createPkcs11Template(final X509Cert cert, final byte[] keyId, final char[] label) { if (label == null || label.length == 0) { throw new IllegalArgumentException("label must not be null or empty"); } X509PublicKeyCertificate newCertTemp = new X509PublicKeyCertificate(); newCertTemp.getId().setByteArrayValue(keyId); newCertTemp.getLabel().setCharArrayValue(label); newCertTemp.getToken().setBooleanValue(true); newCertTemp.getCertificateType().setLongValue(CertificateType.X_509_PUBLIC_KEY); newCertTemp.getSubject().setByteArrayValue( cert.cert().getSubjectX500Principal().getEncoded()); newCertTemp.getIssuer().setByteArrayValue( cert.cert().getIssuerX500Principal().getEncoded()); newCertTemp.getSerialNumber().setByteArrayValue( cert.cert().getSerialNumber().toByteArray()); newCertTemp.getValue().setByteArrayValue(cert.encodedCert()); return newCertTemp; }