use of org.mozilla.jss.pkcs11.PK11Cert in project jss by dogtagpki.
the class PKCS12Util method setTrustFlags.
/**
* @deprecated Use PK11Cert.setTrustFlags() instead.
*/
@Deprecated
public void setTrustFlags(X509Certificate cert, String trustFlags) throws Exception {
PK11Cert pk11Cert = (PK11Cert) cert;
pk11Cert.setTrustFlags(trustFlags);
}
use of org.mozilla.jss.pkcs11.PK11Cert in project jss by dogtagpki.
the class JSSKeyStoreSpi method engineGetCertificateChain.
@Override
public Certificate[] engineGetCertificateChain(String alias) {
logger.debug("JSSKeyStoreSpi: engineGetCertificateChain(" + alias + ")");
try {
logger.debug("JSSKeyStoreSpi: searching for leaf cert");
CryptoManager cm = CryptoManager.getInstance();
X509Certificate leaf = cm.findCertByNickname(alias);
logger.debug("JSSKeyStoreSpi: building cert chain");
X509Certificate[] certs = cm.buildCertificateChain(leaf);
Certificate[] chain = new Certificate[certs.length];
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
for (int i = 0; i < certs.length; i++) {
X509Certificate cert = certs[i];
logger.debug("JSSKeyStoreSpi: - " + cert.getSubjectDN());
if (cert instanceof PK11Cert) {
chain[i] = (PK11Cert) cert;
continue;
}
byte[] bytes = cert.getEncoded();
InputStream is = new ByteArrayInputStream(bytes);
chain[i] = certFactory.generateCertificate(is);
}
return chain;
} catch (ObjectNotFoundException e) {
logger.debug("leaf cert not found: " + alias);
return null;
} catch (NotInitializedException e) {
throw new RuntimeException(e);
} catch (TokenException e) {
throw new RuntimeException(e);
} catch (CertificateException e) {
throw new RuntimeException(e);
}
}
use of org.mozilla.jss.pkcs11.PK11Cert in project jss by dogtagpki.
the class JSSKeyStoreSpi method engineGetCertificate.
@Override
public Certificate engineGetCertificate(String alias) {
logger.debug("JSSKeyStoreSpi: engineGetCertificate(" + alias + ")");
try {
CryptoManager cm = CryptoManager.getInstance();
X509Certificate cert = cm.findCertByNickname(alias);
logger.debug("JSSKeyStoreSpi: cert found: " + alias);
if (cert instanceof PK11Cert) {
return (PK11Cert) cert;
}
byte[] bytes = cert.getEncoded();
InputStream is = new ByteArrayInputStream(bytes);
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
return certFactory.generateCertificate(is);
} catch (ObjectNotFoundException e) {
logger.debug("JSSKeyStoreSpi: cert not found: " + alias);
return null;
} catch (NotInitializedException e) {
throw new RuntimeException(e);
} catch (TokenException e) {
throw new RuntimeException(e);
} catch (CertificateEncodingException e) {
throw new RuntimeException(e);
} catch (CertificateException e) {
throw new RuntimeException(e);
}
}
Aggregations