private void constructMetadata() throws KeyczarException {
if (purpose == KeyPurpose.ENCRYPT && key.getType() == KeyType.DSA_PUB) {
throw new KeyczarException(Messages.getString("Keyczartool.InvalidUseOfDsaKey"));
}
meta = new KeyMetadata("imported from certificate", purpose, key.getType());
meta.addVersion(new KeyVersion(1, KeyStatus.PRIMARY, true /* exportable */));
}
private void ensureCertificateRead() throws KeyczarException {
if (key == null) {
try {
parseCertificate();
constructMetadata();
} catch (CertificateException e) {
throw new KeyczarException(Messages.getString("KeyczarTool.InvalidCertificate"));
}
}
}
private void parseCertificate() throws CertificateException, KeyczarException {
Certificate certificate =
CertificateFactory.getInstance("X.509").generateCertificate(certificateStream);
PublicKey publicKey = certificate.getPublicKey();
if (publicKey instanceof RSAPublicKey) {
key = readRsaX509Certificate(publicKey, padding);
} else if (publicKey instanceof DSAPublicKey) {
if (padding != null) {
throw new KeyczarException(Messages.getString("InvalidPadding", padding.name()));
}
key = readDsaX509Certificate(publicKey);
} else {
throw new KeyczarException(
"Unrecognized key type " + publicKey.getAlgorithm() + " in certificate");
}
}
