org.mozilla.jss.crypto

Interface TokenCertificate

All Superinterfaces:
X509Certificate
Known Implementing Classes:
PK11InternalTokenCert, PK11TokenCert

public interface TokenCertificate
extends X509Certificate

An X509 Certificate that lives on a PKCS #11 token. Many of the X509Certificates returned by JSS calls are actually TokenCertificates. To find out if an X509Certificate is a TokenCertificate, use instanceof.

Method Summary

abstract CryptoToken
getOwningToken()
Returns the CryptoToken that owns this certificate.
abstract byte[]
getUniqueID()
Deprecated. This ID is based on an implementation that might change.

Methods inherited from interface org.mozilla.jss.crypto.X509Certificate

getEncoded, getIssuerDN, getNickname, getPublicKey, getSerialNumber, getSubjectDN, getVersion

Method Details

getOwningToken

public abstract CryptoToken getOwningToken()
Returns the CryptoToken that owns this certificate. Cryptographic operations with this key may only be performed on the token that owns the key.

getUniqueID

public abstract byte[] getUniqueID()

Deprecated. This ID is based on an implementation that might change. If this functionality is required, it should be provided in another way, such as a function that directly matches a cert and key.

Returns the unique ID of this key. Unique IDs can be used to match certificates to keys.