public static String getPkcs11SignerConf( final String pkcs11ModuleName, final P11SlotIdentifier slotId, final P11KeyIdentifier keyId, final String signatureAlgorithm, final int parallelism) { ParamChecker.assertNotNull("algo", signatureAlgorithm); ParamChecker.assertNotNull("keyId", keyId); CmpUtf8Pairs conf = new CmpUtf8Pairs("algo", signatureAlgorithm); conf.putUtf8Pair("parallelism", Integer.toString(parallelism)); if (pkcs11ModuleName != null && pkcs11ModuleName.length() > 0) { conf.putUtf8Pair("module", pkcs11ModuleName); } if (slotId.getSlotId() != null) { conf.putUtf8Pair("slot-id", slotId.getSlotId().toString()); } else { conf.putUtf8Pair("slot", slotId.getSlotIndex().toString()); } if (keyId.getKeyId() != null) { conf.putUtf8Pair("key-id", Hex.toHexString(keyId.getKeyId())); } if (keyId.getKeyLabel() != null) { conf.putUtf8Pair("key-label", keyId.getKeyLabel()); } return conf.getEncoded(); }
public X509IssuerInfo( final List<String> caIssuerURLs, final List<String> ocspURLs, final List<String> crlURLs, final List<String> deltaCrlURLs, final byte[] certBytes) throws CertificateException { ParamChecker.assertNotNull("certBytes", certBytes); if (CollectionUtil.isEmpty(caIssuerURLs)) { this.caIssuerURLs = null; } else { Set<String> set = new HashSet<>(); set.addAll(caIssuerURLs); this.caIssuerURLs = Collections.unmodifiableSet(set); } if (CollectionUtil.isEmpty(ocspURLs)) { this.ocspURLs = null; } else { Set<String> set = new HashSet<>(); set.addAll(ocspURLs); this.ocspURLs = Collections.unmodifiableSet(set); } if (CollectionUtil.isEmpty(crlURLs)) { this.crlURLs = null; } else { Set<String> set = new HashSet<>(); set.addAll(crlURLs); this.crlURLs = Collections.unmodifiableSet(set); } if (CollectionUtil.isEmpty(deltaCrlURLs)) { this.deltaCrlURLs = null; } else { Set<String> set = new HashSet<>(); set.addAll(deltaCrlURLs); this.deltaCrlURLs = Collections.unmodifiableSet(set); } try { this.cert = X509Util.parseCert(certBytes); } catch (IOException e) { throw new CertificateException(e.getMessage(), e); } this.bcCert = Certificate.getInstance(certBytes); this.ski = X509Util.extractSKI(cert); }
public static String getKeystoreSignerConf( final String keystoreFile, final String password, final String signatureAlgorithm, final int parallelism, final String keyLabel) { ParamChecker.assertNotBlank("keystoreFile", keystoreFile); ParamChecker.assertNotBlank("password", password); ParamChecker.assertNotNull("signatureAlgorithm", signatureAlgorithm); CmpUtf8Pairs conf = new CmpUtf8Pairs("password", password); conf.putUtf8Pair("algo", signatureAlgorithm); conf.putUtf8Pair("parallelism", Integer.toString(parallelism)); if (keyLabel != null) { conf.putUtf8Pair("key-label", keyLabel); } conf.putUtf8Pair("keystore", "file:" + keystoreFile); return conf.getEncoded(); }
public BiometricInfoOption(final BiometricInfo jaxb) throws NoSuchAlgorithmException { ParamChecker.assertNotNull("jaxb", jaxb); this.sourceDataUriOccurrence = jaxb.getIncludeSourceDataUri(); this.hashAlgorithms = XmlX509CertprofileUtil.toOIDSet(jaxb.getHashAlgorithm()); for (ASN1ObjectIdentifier m : hashAlgorithms) { AlgorithmUtil.getHashOutputSizeInOctets(m); } this.predefinedTypes = new HashSet<>(); this.idTypes = new HashSet<>(); for (BiometricTypeType m : jaxb.getType()) { if (m.getPredefined() != null) { predefinedTypes.add(m.getPredefined().getValue()); } else if (m.getOid() != null) { idTypes.add(new ASN1ObjectIdentifier(m.getOid().getValue())); } else { throw new RuntimeException("should not reach here, invalid biometricType"); } } }