public static String getPkcs11SignerConf(
final String pkcs11ModuleName,
final P11SlotIdentifier slotId,
final P11KeyIdentifier keyId,
final String signatureAlgorithm,
final int parallelism) {
ParamChecker.assertNotNull("algo", signatureAlgorithm);
ParamChecker.assertNotNull("keyId", keyId);
CmpUtf8Pairs conf = new CmpUtf8Pairs("algo", signatureAlgorithm);
conf.putUtf8Pair("parallelism", Integer.toString(parallelism));
if (pkcs11ModuleName != null && pkcs11ModuleName.length() > 0) {
conf.putUtf8Pair("module", pkcs11ModuleName);
}
if (slotId.getSlotId() != null) {
conf.putUtf8Pair("slot-id", slotId.getSlotId().toString());
} else {
conf.putUtf8Pair("slot", slotId.getSlotIndex().toString());
}
if (keyId.getKeyId() != null) {
conf.putUtf8Pair("key-id", Hex.toHexString(keyId.getKeyId()));
}
if (keyId.getKeyLabel() != null) {
conf.putUtf8Pair("key-label", keyId.getKeyLabel());
}
return conf.getEncoded();
}
public static String getKeystoreSignerConfWithoutAlgo(
final String keystoreFile,
final String password,
final int parallelism,
final String keyLabel) {
ParamChecker.assertNotBlank("keystoreFile", keystoreFile);
ParamChecker.assertNotBlank("password", password);
CmpUtf8Pairs conf = new CmpUtf8Pairs("password", password);
conf.putUtf8Pair("parallelism", Integer.toString(parallelism));
if (keyLabel != null) {
conf.putUtf8Pair("key-label", keyLabel);
}
conf.putUtf8Pair("keystore", "file:" + keystoreFile);
return conf.getEncoded();
}
public X509IssuerInfo(
final List<String> caIssuerURLs,
final List<String> ocspURLs,
final List<String> crlURLs,
final List<String> deltaCrlURLs,
final byte[] certBytes)
throws CertificateException {
ParamChecker.assertNotNull("certBytes", certBytes);
if (CollectionUtil.isEmpty(caIssuerURLs)) {
this.caIssuerURLs = null;
} else {
Set<String> set = new HashSet<>();
set.addAll(caIssuerURLs);
this.caIssuerURLs = Collections.unmodifiableSet(set);
}
if (CollectionUtil.isEmpty(ocspURLs)) {
this.ocspURLs = null;
} else {
Set<String> set = new HashSet<>();
set.addAll(ocspURLs);
this.ocspURLs = Collections.unmodifiableSet(set);
}
if (CollectionUtil.isEmpty(crlURLs)) {
this.crlURLs = null;
} else {
Set<String> set = new HashSet<>();
set.addAll(crlURLs);
this.crlURLs = Collections.unmodifiableSet(set);
}
if (CollectionUtil.isEmpty(deltaCrlURLs)) {
this.deltaCrlURLs = null;
} else {
Set<String> set = new HashSet<>();
set.addAll(deltaCrlURLs);
this.deltaCrlURLs = Collections.unmodifiableSet(set);
}
try {
this.cert = X509Util.parseCert(certBytes);
} catch (IOException e) {
throw new CertificateException(e.getMessage(), e);
}
this.bcCert = Certificate.getInstance(certBytes);
this.ski = X509Util.extractSKI(cert);
}
public BiometricInfoOption(final BiometricInfo jaxb) throws NoSuchAlgorithmException {
ParamChecker.assertNotNull("jaxb", jaxb);
this.sourceDataUriOccurrence = jaxb.getIncludeSourceDataUri();
this.hashAlgorithms = XmlX509CertprofileUtil.toOIDSet(jaxb.getHashAlgorithm());
for (ASN1ObjectIdentifier m : hashAlgorithms) {
AlgorithmUtil.getHashOutputSizeInOctets(m);
}
this.predefinedTypes = new HashSet<>();
this.idTypes = new HashSet<>();
for (BiometricTypeType m : jaxb.getType()) {
if (m.getPredefined() != null) {
predefinedTypes.add(m.getPredefined().getValue());
} else if (m.getOid() != null) {
idTypes.add(new ASN1ObjectIdentifier(m.getOid().getValue()));
} else {
throw new RuntimeException("should not reach here, invalid biometricType");
}
}
}
