Download - Svetlin Nakov
Download - Svetlin Nakov
Download - Svetlin Nakov
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Provider pkcs11Provider = (Provider) pkcs11Con.newInstance(confStream);<br />
Security.addProvider(pkcs11Provider);<br />
} catch (Exception e) {<br />
throw new KeyStoreException("Can initialize Sun PKCS#11 security " +<br />
"provider. Reason: " + e.getCause().getMessage());<br />
}<br />
}<br />
// Read the keystore form the smart card<br />
char[] pin = aSmartCardPIN.toCharArray();<br />
KeyStore keyStore = KeyStore.getInstance(PKCS11_KEYSTORE_TYPE);<br />
keyStore.load(null, pin);<br />
return keyStore;<br />
/**<br />
* @return private key and certification chain corresponding to it, extracted<br />
* from given keystore. The keystore is considered to have only one entry that<br />
* contains both certification chain and its corresponding private key. If the<br />
* keystore has no entries, an exception is thrown.<br />
*/<br />
private PrivateKeyAndCertChain getPrivateKeyAndCertChain(<br />
KeyStore aKeyStore)<br />
throws GeneralSecurityException {<br />
Enumeration aliasesEnum = aKeyStore.aliases();<br />
if (aliasesEnum.hasMoreElements()) {<br />
String alias = (String)aliasesEnum.nextElement();<br />
Certificate[] certificationChain = aKeyStore.getCertificateChain(alias);<br />
PrivateKey privateKey = (PrivateKey) aKeyStore.getKey(alias, null);<br />
PrivateKeyAndCertChain result = new PrivateKeyAndCertChain();<br />
result.mPrivateKey = privateKey;<br />
result.mCertificationChain = certificationChain;<br />
return result;<br />
} else {<br />
throw new KeyStoreException("The keystore is empty!");<br />
}<br />
}<br />
/**<br />
* @return Base64-encoded ASN.1 DER representation of given X.509 certification<br />
* chain.<br />
*/<br />
private String encodeX509CertChainToBase64(Certificate[] aCertificationChain)<br />
throws CertificateException {<br />
List certList = Arrays.asList(aCertificationChain);<br />
CertificateFactory certFactory =<br />
CertificateFactory.getInstance(X509_CERTIFICATE_TYPE);<br />
CertPath certPath = certFactory.generateCertPath(certList);<br />
byte[] certPathEncoded = certPath.getEncoded(CERTIFICATION_CHAIN_ENCODING);<br />
String base64encodedCertChain = Base64Utils.base64Encode(certPathEncoded);<br />
return base64encodedCertChain;<br />
}<br />
/**<br />
* Reads the specified file into a byte array.<br />
*/<br />
private byte[] readFileInByteArray(String aFileName)<br />
throws IOException {<br />
File file = new File(aFileName);<br />
FileInputStream fileStream = new FileInputStream(file);<br />
try {<br />
int fileSize = (int) file.length();<br />
byte[] data = new byte[fileSize];<br />
int bytesRead = 0;<br />
while (bytesRead < fileSize) {<br />
100