Class KeyCertUtil


  • public class KeyCertUtil
    extends java.lang.Object
    This class provides all the base methods to generate the key for different kinds of certificates.
    Version:
    $Revision$, $Date$
    Author:
    Christine Ho
    • Constructor Summary

      Constructors 
      Constructor Description
      KeyCertUtil()  
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static void addCertToDB​(netscape.ldap.LDAPConnection conn, java.lang.String dn, org.mozilla.jss.netscape.security.x509.X509CertImpl cert)  
      static java.lang.String base64Encode​(byte[] bytes)  
      static void checkCertificateExt​(java.lang.String ext)  
      static byte[] convertB64EToByteArray​(java.lang.String b64E)  
      static org.mozilla.jss.netscape.security.x509.KeyIdentifier createKeyIdentifier​(java.security.KeyPair keypair)  
      static java.security.KeyPair generateKeyPair​(java.lang.String tokenName, java.lang.String alg, int keySize, org.mozilla.jss.crypto.PQGParams pqg)  
      static java.security.KeyPair generateKeyPair​(org.mozilla.jss.crypto.CryptoToken token, org.mozilla.jss.crypto.KeyPairAlgorithm kpAlg, int keySize, org.mozilla.jss.crypto.PQGParams pqg)  
      static org.mozilla.jss.netscape.security.x509.AlgorithmId getAlgorithmId​(java.lang.String algname, IConfigStore store)  
      static org.mozilla.jss.crypto.PQGParams getCAPQG​(int keysize, IConfigStore store)  
      static org.mozilla.jss.crypto.X509Certificate getCertificate​(java.lang.String tokenname, java.lang.String nickname)  
      static org.mozilla.jss.netscape.security.pkcs.PKCS10 getCertRequest​(java.lang.String subjectName, java.security.KeyPair keyPair)  
      static org.mozilla.jss.netscape.security.pkcs.PKCS10 getCertRequest​(java.lang.String subjectName, java.security.KeyPair keyPair, org.mozilla.jss.netscape.security.x509.Extensions exts)  
      static java.lang.String getCertSubjectName​(java.lang.String tokenname, java.lang.String nickname)  
      static org.mozilla.jss.netscape.security.x509.CertificateExtensions getExtensions​(java.lang.String tokenname, java.lang.String nickname)  
      static org.mozilla.jss.crypto.X509Certificate getInternalCertificate​(byte[] b, java.lang.String nickname, java.lang.String certType)  
      static java.security.KeyPair getKeyPair​(java.lang.String tokenname, java.lang.String nickname)  
      static org.mozilla.jss.crypto.PQGParams getPQG​(int keysize)  
      static java.security.PrivateKey getPrivateKey​(java.lang.String tokenname, java.lang.String nickname)  
      static java.math.BigInteger getSerialNumber​(netscape.ldap.LDAPConnection conn, java.lang.String baseDN)  
      static org.mozilla.jss.crypto.SignatureAlgorithm getSigningAlgorithm​(java.lang.String keyType)  
      static org.mozilla.jss.crypto.SignatureAlgorithm getSigningAlgorithm​(java.lang.String keyType, java.lang.String hashtype)  
      static java.lang.String getTokenNames​(org.mozilla.jss.CryptoManager manager)  
      static org.mozilla.jss.crypto.X509Certificate importCert​(byte[] b, java.lang.String nickname, java.lang.String certType)  
      static org.mozilla.jss.crypto.X509Certificate importCert​(java.lang.String b64E, java.lang.String nickname, java.lang.String certType)  
      static org.mozilla.jss.crypto.X509Certificate importCert​(org.mozilla.jss.netscape.security.x509.X509CertImpl signedCert, java.lang.String nickname, java.lang.String certType)  
      static boolean isBadDSAKeyPair​(java.security.KeyPair pair)
      Test for a DSA key pair that will trigger a bug in NSS.
      static byte[] makeDSSParms​(java.math.BigInteger P, java.math.BigInteger Q, java.math.BigInteger G)  
      static void setAuthInfoAccess​(java.security.KeyPair keypair, org.mozilla.jss.netscape.security.x509.CertificateExtensions ext, KeyCertData properties)  
      static void setAuthorityKeyIdentifier​(java.security.KeyPair keypair, org.mozilla.jss.netscape.security.x509.CertificateExtensions ext, KeyCertData properties)  
      static void setBasicConstraintsExtension​(org.mozilla.jss.netscape.security.x509.CertificateExtensions ext, KeyCertData properties)  
      static void setDERExtension​(org.mozilla.jss.netscape.security.x509.CertificateExtensions ext, KeyCertData properties)
      ASN.1 structure: 0 30 142: SEQUENCE { 3 30 69: SEQUENCE { 5 06 3: OBJECT IDENTIFIER issuerAltName (2 5 29 18) 10 04 62: OCTET STRING : 30 3C 82 01 61 82 01 61 A4 10 30 0E 31 0C 30 0A : 06 03 55 04 03 13 03 64 73 61 87 04 01 01 01 01 : 86 01 61 81 14 74 68 6F 6D 61 73 6B 40 6E 65 74 : 73 63 61 70 65 2E 63 6F 6D 88 03 29 01 01 : } 74 30 69: SEQUENCE { 76 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 81 04 62: OCTET STRING : 30 3C 82 01 61 82 01 61 A4 10 30 0E 31 0C 30 0A : 06 03 55 04 03 13 03 64 73 61 87 04 01 01 01 01 : 86 01 61 81 14 74 68 6F 6D 61 73 6B 40 6E 65 74 : 73 63 61 70 65 2E 63 6F 6D 88 03 29 01 01 : } : } Uses the following to test with configuration wizard: MIGOMEUGA1UdEQQ+MDyCAWGCAWGkEDAOMQwwCgYDVQQDEwNkc2GHBAEBAQGGAWGB FHRob21hc2tAbmV0c2NhcGUuY29tiAMpAQEwRQYDVR0SBD4wPIIBYYIBYaQQMA4x DDAKBgNVBAMTA2RzYYcEAQEBAYYBYYEUdGhvbWFza0BuZXRzY2FwZS5jb22IAykB AQ==
      static void setExtendedKeyUsageExtension​(org.mozilla.jss.netscape.security.x509.CertificateExtensions ext, KeyCertData properties)  
      static void setKeyUsageExtension​(org.mozilla.jss.netscape.security.x509.CertificateExtensions ext, org.mozilla.jss.netscape.security.x509.KeyUsageExtension keyUsage)  
      static void setNetscapeCertificateExtension​(org.mozilla.jss.netscape.security.x509.CertificateExtensions ext, KeyCertData properties)  
      static void setOCSPNoCheck​(java.security.KeyPair keypair, org.mozilla.jss.netscape.security.x509.CertificateExtensions ext, KeyCertData properties)  
      static void setOCSPSigning​(java.security.KeyPair keypair, org.mozilla.jss.netscape.security.x509.CertificateExtensions ext, KeyCertData properties)  
      static void setSerialNumber​(netscape.ldap.LDAPConnection conn, java.lang.String baseDN, java.math.BigInteger serial)  
      static void setSubjectKeyIdentifier​(java.security.KeyPair keypair, org.mozilla.jss.netscape.security.x509.CertificateExtensions ext, KeyCertData properties)  
      static void setTrust​(java.lang.String certType, org.mozilla.jss.crypto.InternalCertificate inCert)  
      static org.mozilla.jss.netscape.security.x509.X509CertImpl signCert​(java.security.PrivateKey privateKey, org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo, org.mozilla.jss.crypto.SignatureAlgorithm sigAlg)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • logger

        public static org.slf4j.Logger logger
      • CA_SIGNINGCERT_NICKNAME

        public static final java.lang.String CA_SIGNINGCERT_NICKNAME
        See Also:
        Constant Field Values
    • Constructor Detail

      • KeyCertUtil

        public KeyCertUtil()
    • Method Detail

      • getTokenNames

        public static java.lang.String getTokenNames​(org.mozilla.jss.CryptoManager manager)
                                              throws org.mozilla.jss.crypto.TokenException
        Throws:
        org.mozilla.jss.crypto.TokenException
      • base64Encode

        public static java.lang.String base64Encode​(byte[] bytes)
                                             throws java.io.IOException
        Throws:
        java.io.IOException
      • makeDSSParms

        public static byte[] makeDSSParms​(java.math.BigInteger P,
                                          java.math.BigInteger Q,
                                          java.math.BigInteger G)
                                   throws java.io.IOException
        Throws:
        java.io.IOException
      • getPrivateKey

        public static java.security.PrivateKey getPrivateKey​(java.lang.String tokenname,
                                                             java.lang.String nickname)
                                                      throws org.mozilla.jss.crypto.TokenException,
                                                             EBaseException,
                                                             org.mozilla.jss.NoSuchTokenException,
                                                             org.mozilla.jss.NotInitializedException,
                                                             java.security.cert.CertificateException,
                                                             java.security.cert.CertificateEncodingException,
                                                             EBaseException,
                                                             org.mozilla.jss.crypto.ObjectNotFoundException
        Throws:
        org.mozilla.jss.crypto.TokenException
        EBaseException
        org.mozilla.jss.NoSuchTokenException
        org.mozilla.jss.NotInitializedException
        java.security.cert.CertificateException
        java.security.cert.CertificateEncodingException
        org.mozilla.jss.crypto.ObjectNotFoundException
      • getCertSubjectName

        public static java.lang.String getCertSubjectName​(java.lang.String tokenname,
                                                          java.lang.String nickname)
                                                   throws org.mozilla.jss.crypto.TokenException,
                                                          EBaseException,
                                                          org.mozilla.jss.NoSuchTokenException,
                                                          org.mozilla.jss.NotInitializedException,
                                                          java.security.cert.CertificateException,
                                                          java.security.cert.CertificateEncodingException,
                                                          EBaseException
        Throws:
        org.mozilla.jss.crypto.TokenException
        EBaseException
        org.mozilla.jss.NoSuchTokenException
        org.mozilla.jss.NotInitializedException
        java.security.cert.CertificateException
        java.security.cert.CertificateEncodingException
      • signCert

        public static org.mozilla.jss.netscape.security.x509.X509CertImpl signCert​(java.security.PrivateKey privateKey,
                                                                                   org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo,
                                                                                   org.mozilla.jss.crypto.SignatureAlgorithm sigAlg)
                                                                            throws org.mozilla.jss.NoSuchTokenException,
                                                                                   EBaseException,
                                                                                   org.mozilla.jss.NotInitializedException
        Throws:
        org.mozilla.jss.NoSuchTokenException
        EBaseException
        org.mozilla.jss.NotInitializedException
      • getSigningAlgorithm

        public static org.mozilla.jss.crypto.SignatureAlgorithm getSigningAlgorithm​(java.lang.String keyType)
      • getSigningAlgorithm

        public static org.mozilla.jss.crypto.SignatureAlgorithm getSigningAlgorithm​(java.lang.String keyType,
                                                                                    java.lang.String hashtype)
      • getCertificate

        public static org.mozilla.jss.crypto.X509Certificate getCertificate​(java.lang.String tokenname,
                                                                            java.lang.String nickname)
                                                                     throws org.mozilla.jss.NotInitializedException,
                                                                            org.mozilla.jss.NoSuchTokenException,
                                                                            EBaseException,
                                                                            org.mozilla.jss.crypto.TokenException
        Throws:
        org.mozilla.jss.NotInitializedException
        org.mozilla.jss.NoSuchTokenException
        EBaseException
        org.mozilla.jss.crypto.TokenException
      • getKeyPair

        public static java.security.KeyPair getKeyPair​(java.lang.String tokenname,
                                                       java.lang.String nickname)
                                                throws org.mozilla.jss.NotInitializedException,
                                                       org.mozilla.jss.NoSuchTokenException,
                                                       org.mozilla.jss.crypto.TokenException,
                                                       org.mozilla.jss.crypto.ObjectNotFoundException,
                                                       EBaseException
        Throws:
        org.mozilla.jss.NotInitializedException
        org.mozilla.jss.NoSuchTokenException
        org.mozilla.jss.crypto.TokenException
        org.mozilla.jss.crypto.ObjectNotFoundException
        EBaseException
      • getPQG

        public static org.mozilla.jss.crypto.PQGParams getPQG​(int keysize)
      • generateKeyPair

        public static java.security.KeyPair generateKeyPair​(org.mozilla.jss.crypto.CryptoToken token,
                                                            org.mozilla.jss.crypto.KeyPairAlgorithm kpAlg,
                                                            int keySize,
                                                            org.mozilla.jss.crypto.PQGParams pqg)
                                                     throws java.security.NoSuchAlgorithmException,
                                                            org.mozilla.jss.crypto.TokenException,
                                                            java.security.InvalidAlgorithmParameterException,
                                                            java.security.InvalidParameterException,
                                                            org.mozilla.jss.crypto.PQGParamGenException
        Throws:
        java.security.NoSuchAlgorithmException
        org.mozilla.jss.crypto.TokenException
        java.security.InvalidAlgorithmParameterException
        java.security.InvalidParameterException
        org.mozilla.jss.crypto.PQGParamGenException
      • isBadDSAKeyPair

        public static boolean isBadDSAKeyPair​(java.security.KeyPair pair)
        Test for a DSA key pair that will trigger a bug in NSS. The problem occurs when the first byte of the key is 0. This happens when the value otherwise would have been negative, and a zero byte is prepended to force it to be positive. This is blackflag bug 602548.
      • generateKeyPair

        public static java.security.KeyPair generateKeyPair​(java.lang.String tokenName,
                                                            java.lang.String alg,
                                                            int keySize,
                                                            org.mozilla.jss.crypto.PQGParams pqg)
                                                     throws EBaseException
        Throws:
        EBaseException
      • getCertRequest

        public static org.mozilla.jss.netscape.security.pkcs.PKCS10 getCertRequest​(java.lang.String subjectName,
                                                                                   java.security.KeyPair keyPair)
                                                                            throws java.security.NoSuchAlgorithmException,
                                                                                   java.security.NoSuchProviderException,
                                                                                   java.security.InvalidKeyException,
                                                                                   java.io.IOException,
                                                                                   java.security.cert.CertificateException,
                                                                                   java.security.SignatureException
        Throws:
        java.security.NoSuchAlgorithmException
        java.security.NoSuchProviderException
        java.security.InvalidKeyException
        java.io.IOException
        java.security.cert.CertificateException
        java.security.SignatureException
      • getCertRequest

        public static org.mozilla.jss.netscape.security.pkcs.PKCS10 getCertRequest​(java.lang.String subjectName,
                                                                                   java.security.KeyPair keyPair,
                                                                                   org.mozilla.jss.netscape.security.x509.Extensions exts)
                                                                            throws java.security.NoSuchAlgorithmException,
                                                                                   java.security.NoSuchProviderException,
                                                                                   java.security.InvalidKeyException,
                                                                                   java.io.IOException,
                                                                                   java.security.cert.CertificateException,
                                                                                   java.security.SignatureException
        Throws:
        java.security.NoSuchAlgorithmException
        java.security.NoSuchProviderException
        java.security.InvalidKeyException
        java.io.IOException
        java.security.cert.CertificateException
        java.security.SignatureException
      • importCert

        public static org.mozilla.jss.crypto.X509Certificate importCert​(org.mozilla.jss.netscape.security.x509.X509CertImpl signedCert,
                                                                        java.lang.String nickname,
                                                                        java.lang.String certType)
                                                                 throws org.mozilla.jss.NotInitializedException,
                                                                        org.mozilla.jss.crypto.TokenException,
                                                                        java.security.cert.CertificateEncodingException,
                                                                        org.mozilla.jss.UserCertConflictException,
                                                                        org.mozilla.jss.NicknameConflictException,
                                                                        org.mozilla.jss.crypto.NoSuchItemOnTokenException,
                                                                        java.security.cert.CertificateException
        Throws:
        org.mozilla.jss.NotInitializedException
        org.mozilla.jss.crypto.TokenException
        java.security.cert.CertificateEncodingException
        org.mozilla.jss.UserCertConflictException
        org.mozilla.jss.NicknameConflictException
        org.mozilla.jss.crypto.NoSuchItemOnTokenException
        java.security.cert.CertificateException
      • importCert

        public static org.mozilla.jss.crypto.X509Certificate importCert​(java.lang.String b64E,
                                                                        java.lang.String nickname,
                                                                        java.lang.String certType)
                                                                 throws org.mozilla.jss.NotInitializedException,
                                                                        org.mozilla.jss.crypto.TokenException,
                                                                        java.security.cert.CertificateEncodingException,
                                                                        org.mozilla.jss.UserCertConflictException,
                                                                        org.mozilla.jss.NicknameConflictException,
                                                                        org.mozilla.jss.crypto.NoSuchItemOnTokenException,
                                                                        java.security.cert.CertificateException
        Throws:
        org.mozilla.jss.NotInitializedException
        org.mozilla.jss.crypto.TokenException
        java.security.cert.CertificateEncodingException
        org.mozilla.jss.UserCertConflictException
        org.mozilla.jss.NicknameConflictException
        org.mozilla.jss.crypto.NoSuchItemOnTokenException
        java.security.cert.CertificateException
      • importCert

        public static org.mozilla.jss.crypto.X509Certificate importCert​(byte[] b,
                                                                        java.lang.String nickname,
                                                                        java.lang.String certType)
                                                                 throws org.mozilla.jss.NotInitializedException,
                                                                        org.mozilla.jss.crypto.TokenException,
                                                                        java.security.cert.CertificateEncodingException,
                                                                        org.mozilla.jss.UserCertConflictException,
                                                                        org.mozilla.jss.NicknameConflictException,
                                                                        org.mozilla.jss.crypto.NoSuchItemOnTokenException,
                                                                        java.security.cert.CertificateException
        Throws:
        org.mozilla.jss.NotInitializedException
        org.mozilla.jss.crypto.TokenException
        java.security.cert.CertificateEncodingException
        org.mozilla.jss.UserCertConflictException
        org.mozilla.jss.NicknameConflictException
        org.mozilla.jss.crypto.NoSuchItemOnTokenException
        java.security.cert.CertificateException
      • getInternalCertificate

        public static org.mozilla.jss.crypto.X509Certificate getInternalCertificate​(byte[] b,
                                                                                    java.lang.String nickname,
                                                                                    java.lang.String certType)
                                                                             throws org.mozilla.jss.NotInitializedException,
                                                                                    org.mozilla.jss.crypto.TokenException,
                                                                                    java.security.cert.CertificateEncodingException,
                                                                                    org.mozilla.jss.UserCertConflictException,
                                                                                    org.mozilla.jss.NicknameConflictException,
                                                                                    org.mozilla.jss.crypto.NoSuchItemOnTokenException,
                                                                                    java.security.cert.CertificateException
        Throws:
        org.mozilla.jss.NotInitializedException
        org.mozilla.jss.crypto.TokenException
        java.security.cert.CertificateEncodingException
        org.mozilla.jss.UserCertConflictException
        org.mozilla.jss.NicknameConflictException
        org.mozilla.jss.crypto.NoSuchItemOnTokenException
        java.security.cert.CertificateException
      • setTrust

        public static void setTrust​(java.lang.String certType,
                                    org.mozilla.jss.crypto.InternalCertificate inCert)
      • convertB64EToByteArray

        public static byte[] convertB64EToByteArray​(java.lang.String b64E)
                                             throws java.security.cert.CertificateException,
                                                    java.io.IOException
        Throws:
        java.security.cert.CertificateException
        java.io.IOException
      • setDERExtension

        public static void setDERExtension​(org.mozilla.jss.netscape.security.x509.CertificateExtensions ext,
                                           KeyCertData properties)
                                    throws java.io.IOException
        ASN.1 structure: 0 30 142: SEQUENCE { 3 30 69: SEQUENCE { 5 06 3: OBJECT IDENTIFIER issuerAltName (2 5 29 18) 10 04 62: OCTET STRING : 30 3C 82 01 61 82 01 61 A4 10 30 0E 31 0C 30 0A : 06 03 55 04 03 13 03 64 73 61 87 04 01 01 01 01 : 86 01 61 81 14 74 68 6F 6D 61 73 6B 40 6E 65 74 : 73 63 61 70 65 2E 63 6F 6D 88 03 29 01 01 : } 74 30 69: SEQUENCE { 76 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) 81 04 62: OCTET STRING : 30 3C 82 01 61 82 01 61 A4 10 30 0E 31 0C 30 0A : 06 03 55 04 03 13 03 64 73 61 87 04 01 01 01 01 : 86 01 61 81 14 74 68 6F 6D 61 73 6B 40 6E 65 74 : 73 63 61 70 65 2E 63 6F 6D 88 03 29 01 01 : } : } Uses the following to test with configuration wizard: MIGOMEUGA1UdEQQ+MDyCAWGCAWGkEDAOMQwwCgYDVQQDEwNkc2GHBAEBAQGGAWGB FHRob21hc2tAbmV0c2NhcGUuY29tiAMpAQEwRQYDVR0SBD4wPIIBYYIBYaQQMA4x DDAKBgNVBAMTA2RzYYcEAQEBAYYBYYEUdGhvbWFza0BuZXRzY2FwZS5jb22IAykB AQ==
        Throws:
        java.io.IOException
      • setBasicConstraintsExtension

        public static void setBasicConstraintsExtension​(org.mozilla.jss.netscape.security.x509.CertificateExtensions ext,
                                                        KeyCertData properties)
                                                 throws java.io.IOException
        Throws:
        java.io.IOException
      • setExtendedKeyUsageExtension

        public static void setExtendedKeyUsageExtension​(org.mozilla.jss.netscape.security.x509.CertificateExtensions ext,
                                                        KeyCertData properties)
                                                 throws java.io.IOException,
                                                        java.security.cert.CertificateException
        Throws:
        java.io.IOException
        java.security.cert.CertificateException
      • setNetscapeCertificateExtension

        public static void setNetscapeCertificateExtension​(org.mozilla.jss.netscape.security.x509.CertificateExtensions ext,
                                                           KeyCertData properties)
                                                    throws java.io.IOException,
                                                           java.security.cert.CertificateException
        Throws:
        java.io.IOException
        java.security.cert.CertificateException
      • setOCSPNoCheck

        public static void setOCSPNoCheck​(java.security.KeyPair keypair,
                                          org.mozilla.jss.netscape.security.x509.CertificateExtensions ext,
                                          KeyCertData properties)
                                   throws java.io.IOException,
                                          java.security.NoSuchAlgorithmException,
                                          java.security.InvalidKeyException
        Throws:
        java.io.IOException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
      • setOCSPSigning

        public static void setOCSPSigning​(java.security.KeyPair keypair,
                                          org.mozilla.jss.netscape.security.x509.CertificateExtensions ext,
                                          KeyCertData properties)
                                   throws java.io.IOException,
                                          java.security.NoSuchAlgorithmException,
                                          java.security.InvalidKeyException
        Throws:
        java.io.IOException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
      • setAuthInfoAccess

        public static void setAuthInfoAccess​(java.security.KeyPair keypair,
                                             org.mozilla.jss.netscape.security.x509.CertificateExtensions ext,
                                             KeyCertData properties)
                                      throws java.io.IOException,
                                             java.security.NoSuchAlgorithmException,
                                             java.security.InvalidKeyException
        Throws:
        java.io.IOException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
      • setAuthorityKeyIdentifier

        public static void setAuthorityKeyIdentifier​(java.security.KeyPair keypair,
                                                     org.mozilla.jss.netscape.security.x509.CertificateExtensions ext,
                                                     KeyCertData properties)
                                              throws java.io.IOException,
                                                     java.security.NoSuchAlgorithmException,
                                                     java.security.InvalidKeyException
        Throws:
        java.io.IOException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
      • setSubjectKeyIdentifier

        public static void setSubjectKeyIdentifier​(java.security.KeyPair keypair,
                                                   org.mozilla.jss.netscape.security.x509.CertificateExtensions ext,
                                                   KeyCertData properties)
                                            throws java.io.IOException,
                                                   java.security.NoSuchAlgorithmException,
                                                   java.security.InvalidKeyException
        Throws:
        java.io.IOException
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
      • setKeyUsageExtension

        public static void setKeyUsageExtension​(org.mozilla.jss.netscape.security.x509.CertificateExtensions ext,
                                                org.mozilla.jss.netscape.security.x509.KeyUsageExtension keyUsage)
                                         throws java.io.IOException
        Throws:
        java.io.IOException
      • createKeyIdentifier

        public static org.mozilla.jss.netscape.security.x509.KeyIdentifier createKeyIdentifier​(java.security.KeyPair keypair)
                                                                                        throws java.security.NoSuchAlgorithmException,
                                                                                               java.security.InvalidKeyException
        Throws:
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
      • getSerialNumber

        public static java.math.BigInteger getSerialNumber​(netscape.ldap.LDAPConnection conn,
                                                           java.lang.String baseDN)
                                                    throws netscape.ldap.LDAPException,
                                                           EBaseException
        Throws:
        netscape.ldap.LDAPException
        EBaseException
      • setSerialNumber

        public static void setSerialNumber​(netscape.ldap.LDAPConnection conn,
                                           java.lang.String baseDN,
                                           java.math.BigInteger serial)
                                    throws netscape.ldap.LDAPException,
                                           EBaseException
        Throws:
        netscape.ldap.LDAPException
        EBaseException
      • addCertToDB

        public static void addCertToDB​(netscape.ldap.LDAPConnection conn,
                                       java.lang.String dn,
                                       org.mozilla.jss.netscape.security.x509.X509CertImpl cert)
                                throws netscape.ldap.LDAPException,
                                       EBaseException
        Throws:
        netscape.ldap.LDAPException
        EBaseException
      • getExtensions

        public static org.mozilla.jss.netscape.security.x509.CertificateExtensions getExtensions​(java.lang.String tokenname,
                                                                                                 java.lang.String nickname)
                                                                                          throws org.mozilla.jss.NotInitializedException,
                                                                                                 org.mozilla.jss.crypto.TokenException,
                                                                                                 org.mozilla.jss.crypto.ObjectNotFoundException,
                                                                                                 java.io.IOException,
                                                                                                 java.security.cert.CertificateException
        Throws:
        org.mozilla.jss.NotInitializedException
        org.mozilla.jss.crypto.TokenException
        org.mozilla.jss.crypto.ObjectNotFoundException
        java.io.IOException
        java.security.cert.CertificateException