• Home
• com.github.unbound-tech
• unbound-java-provider
• 2.0.2007.46455
• source code
• PKCS11Cert.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.unbound.client.pkcs11.PKCS11Cert Maven / Gradle / Ivy

package com.unbound.client.pkcs11;

import com.dyadicsec.cryptoki.CK;
import com.dyadicsec.cryptoki.CKR_Exception;
import com.dyadicsec.cryptoki.CK_ATTRIBUTE;
import com.dyadicsec.cryptoki.Library;
import com.unbound.client.CertObject;
import com.unbound.client.ObjectType;
import com.unbound.common.crypto.X509;

import java.security.ProviderException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;

import static com.dyadicsec.cryptoki.CK.*;

public final class PKCS11Cert extends PKCS11Object implements CertObject
{
  private X509Certificate cert = null;
  PKCS11Cert(PKCS11Session session, int handle)
  {
    super(ObjectType.Certificate, handle);
    read(session);
  }

  @Override
  public X509Certificate getCert()
  {
    return cert;
  }

  @Override
  protected void getReadTemplate(ArrayList t)
  {
    super.getReadTemplate(t);
    t.add(new CK_ATTRIBUTE(CK.CKA_VALUE));
  }

  @Override
  protected int acceptReadTempate(CK_ATTRIBUTE[] attrs) throws CKR_Exception
  {
    int index = super.acceptReadTempate(attrs);
    try { cert = X509.get((byte[])(attrs[index+0].pValue)); }
    catch (CertificateException e) { throw new ProviderException(e); }
    return index+1;
  }

  static PKCS11Cert importCert(PKCS11Session session, String name, X509Certificate cert)
  {
    try
    {
      ArrayList t = new ArrayList();
      t.add(new CK_ATTRIBUTE(CK.CKA_TOKEN, true));
      t.add(new CK_ATTRIBUTE(CK.CKA_CLASS, CK.CKO_CERTIFICATE));
      t.add(new CK_ATTRIBUTE(CK.CKA_CERTIFICATE_TYPE, 0));
      t.add(new CK_ATTRIBUTE(CKA_VALUE, cert.getEncoded()));
      if (name!=null) t.add(new CK_ATTRIBUTE(CKA_ID, strToId(name)));

      int handle = Library.C_CreateObject(session.getHandle(), getAttrs(t));
      return new PKCS11Cert(session, handle);
    }
    catch (CKR_Exception | CertificateEncodingException e) { throw new ProviderException(e); }
  }
}