Class Pkcs11AliasResolver

java.lang.Object

paccor.crypto.Pkcs11AliasResolver

public class Pkcs11AliasResolver
extends Object

Utility methods for resolving key aliases within a KeyStore when working with PKCS#11 tokens.

Constructor Summary

Constructors

Constructor	Description
Pkcs11AliasResolver()

Method Summary

Modifier and Type	Method	Description
static String	handleCKA_IDLookup(KeyStore ks, String keyIdHex)	Attempts to look up a key alias using the given CKA_ID.
static String	selectAlias(KeyStore ks, String keyAlias, String keyIdHex)	Selects a key alias from the provided KeyStore based on the given parameters.

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

Pkcs11AliasResolver

public Pkcs11AliasResolver()

Method Details

selectAlias

public static String selectAlias(KeyStore ks,
 String keyAlias,
 String keyIdHex)
                          throws KeyStoreException

Selects a key alias from the provided KeyStore based on the given parameters. First checks for a specified alias. Next looks for a key matching the hex key ID. Otherwise, it attempts to select the first private key entry in the KeyStore.

Parameters:

ks - the KeyStore

keyAlias - the alias to use directly

keyIdHex - the hex key ID, used for lookup if no alias is specified

Returns:

the resolved alias

Throws:

KeyStoreException - if no matching alias is found or if KeyStore operations fail

handleCKA_IDLookup

public static String handleCKA_IDLookup(KeyStore ks,
 String keyIdHex)
                                 throws KeyStoreException

Attempts to look up a key alias using the given CKA_ID. Uses several possible variations of the id to account for format differences with sample_testgen1 PKCS#11 providers.

Parameters:

ks - the KeyStore

keyIdHex - the hex CKA_ID to look up

Returns:

the key alias

Throws:

KeyStoreException - if no matching alias is found or if KeyStore operations fail