public void loadPfx(InputStream is, String password) throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException, UnrecoverableEntryException { char[] pwd = password.toCharArray(); KeyStore keyStore = KeyStore.getInstance("pkcs12"); keyStore.load(is, pwd); PasswordProtection passwordProtection = new KeyStore.PasswordProtection(pwd); for (Enumeration<String> aliases = keyStore.aliases(); aliases.hasMoreElements();) { String alias = aliases.nextElement(); KeyStore.PrivateKeyEntry entry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(alias, passwordProtection); Certificate cert = entry.getCertificate(); if (cert.getType().equals("X.509")) { this.certificate = (X509Certificate) cert; this.privateKey = entry.getPrivateKey(); return; } } throw new RuntimeException("Certificate of type X.509 was not found."); }
public void printAliasesList(String keyPasswd) { try { System.out.println("trustStoreType=" + trustStore.getType()); System.out.println("size=" + trustStore.size()); // --- Get All TrustStore's Certificates Alias ----------- Enumeration<String> enumeration = trustStore.aliases(); while (enumeration.hasMoreElements()) { String alias = enumeration.nextElement(); System.out.println("alias=" + alias); // Entry entry = trustStore.getEntry(alias, null); Entry entry = trustStore.getEntry(alias, new PasswordProtection(keyPasswd.toCharArray())); System.out.println("entryClass=" + entry.getClass()); } } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e) { e.printStackTrace(); } }
public void addSelfSignedCertificate(String certificateAlias, String dn, String password) { try { KeyPair keys = generateKeyPair(); Calendar start = Calendar.getInstance(); Calendar expiry = Calendar.getInstance(); expiry.add(Calendar.YEAR, 1); X500Name name = new X500Name(dn); X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(name, BigInteger.ONE, start.getTime(), expiry.getTime(), name, SubjectPublicKeyInfo.getInstance(keys.getPublic().getEncoded())); ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSA").setProvider(new BouncyCastleProvider()).build(keys.getPrivate()); X509CertificateHolder holder = certificateBuilder.build(signer); Certificate cert = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate(holder); Entry entry = new PrivateKeyEntry(keys.getPrivate(), new Certificate[]{ cert }); keystore.setEntry(certificateAlias, entry, new PasswordProtection(password.toCharArray())); } catch (GeneralSecurityException | OperatorCreationException ex) { throw new RuntimeException("Unable to generate self-signed certificate", ex); } }
/** * Asymmetric cryptography - only the private key from generated pair is used. * Pre-condition: #certificateAlias refers to existing certificate * * @throws {@link NullPointerException} when #certificateAlias is @code{null} */ public void addPrivateKey(String keyAlias, String certificateAlias, String password) { keyAlias = String.format("%s (%s)", keyAlias, certificateAlias); try { Certificate[] certChain = keystore.getCertificateChain(certificateAlias); if (certChain == null) { LoggerFactory.getLogger(getClass()).warn("Could not find certificate"); certChain = new Certificate[0]; } Entry entry = new PrivateKeyEntry(generateKeyPair().getPrivate(), certChain); ProtectionParameter protParam = new KeyStore.PasswordProtection(password.toCharArray()); keystore.setEntry(keyAlias, entry, protParam); } catch (KeyStoreException | NoSuchAlgorithmException ex) { throw new RuntimeException("Unable to add new private key", ex); } }
/** {@inheritDoc} */ @Override public KeyStore.Entry engineGetEntry(final String alias, final ProtectionParameter protParam) { if (protParam instanceof KeyStore.PasswordProtection) { final PasswordCallback pwc = new CachePasswordCallback(((KeyStore.PasswordProtection)protParam).getPassword()); this.cryptoCard.setPasswordCallback(pwc); } if (!engineContainsAlias(alias)) { return null; } final PrivateKey key = (PrivateKey) engineGetKey( alias, null // Le pasamos null porque ya hemos establecido el PasswordCallback o el CallbackHander antes ); return new PrivateKeyEntry(key, engineGetCertificateChain(alias)); }
private static void setKey(KeyStore keyStore, String keyName, String keyPassword, String keyValue) { if (StringUtils.isBlank(keyName)) { keyName = DEFAULT_KEY_NAME; } if (keyPassword == null) { keyPassword = DEFAULT_KEY_PASSWORD; } try { SecretKey secretKey = new SecretKeySpec(keyValue.getBytes(KEY_VALUE_ENCODING), KEY_TYPE); KeyStore.SecretKeyEntry keyStoreEntry = new KeyStore.SecretKeyEntry(secretKey); PasswordProtection _keyPassword = new PasswordProtection(keyPassword.toCharArray()); keyStore.setEntry(keyName, keyStoreEntry, _keyPassword); } catch (Exception e) { throw new PaxmlRuntimeException(e); } }
@Override public void engineLoad(LoadStoreParameter param) throws IOException, NoSuchAlgorithmException, CertificateException { if (param == null) { engineLoad(null, null); return; } ProtectionParameter pParam = param.getProtectionParameter(); if (pParam == null) { throw new NoSuchAlgorithmException(); } if (pParam instanceof PasswordProtection) { char[] password = ((PasswordProtection) pParam).getPassword(); if (password == null) { throw new NoSuchAlgorithmException(); } else { return; } } throw new CertificateException(); }
@Override public void engineStore(LoadStoreParameter param) throws IOException, NoSuchAlgorithmException, CertificateException { if (param == null) { throw new IOException(); } ProtectionParameter pParam = param.getProtectionParameter(); if (pParam instanceof PasswordProtection) { char[] password = ((PasswordProtection) pParam).getPassword(); if (password == null) { throw new NoSuchAlgorithmException(); } else if (password.length == 0) { throw new CertificateException(); } return; } throw new UnsupportedOperationException(); }
public void test_getKeyStore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException { String alias = "BKS"; char[] pwd = new char[] { '1', '2', '3', '4', '5', '6' }; InputStream fis = KeyStore2Test.class .getResourceAsStream("builderimpl.ks"); KeyStore ks = KeyStore.getInstance(alias); ks.load(fis, pwd); Builder b = Builder.newInstance(ks, new PasswordProtection(pwd)); KeyStore firstKeyStore = b.getKeyStore(); ProtectionParameter firstProtParameter = b .getProtectionParameter(alias); assertSame(firstKeyStore, b.getKeyStore()); assertSame(firstProtParameter, b.getProtectionParameter(alias)); b = Builder.newInstance(alias, ks.getProvider(), new KeyStore.PasswordProtection(pwd)); firstKeyStore = b.getKeyStore(); firstProtParameter = b.getProtectionParameter(alias); assertNotSame(firstKeyStore, b.getKeyStore()); assertSame(firstProtParameter, b.getProtectionParameter(alias)); }
private PrivateKeyEntry loadCAKeyEntry() throws IOException, GeneralSecurityException { final KeyStore keystore = loadKeyStore(); final Entry entry = keystore.getEntry(this.alias, new PasswordProtection(this.password.toCharArray())); return (PrivateKeyEntry) entry; }
private void loadPrivateKeyEntry() throws GeneralSecurityException { rootPrivateKeyEntry = (PrivateKeyEntry) rootCaKeystore.getEntry( rootCaAlias, new PasswordProtection(rootCaPassword.toCharArray())); if (rootPrivateKeyEntry == null) { throw new RuntimeException( "Could not read private key entry from rootca keystore with alias " + rootCaAlias); } }
public void addSignedCertificate(final XTFKeyStore signerKeyStore, final String signerAlias, final String signerPassword, final String dn, final String certificateAlias, final String password) { try { final X509Certificate caCert = (X509Certificate) signerKeyStore.keystore.getCertificate(signerAlias); final PrivateKey caKey = (PrivateKey) signerKeyStore.keystore.getKey(signerAlias, signerPassword.toCharArray()); final Calendar start = Calendar.getInstance(); final Calendar expiry = Calendar.getInstance(); expiry.add(Calendar.YEAR, 1); final KeyPair keyPair = generateKeyPair(); final X500Name certName = new X500Name(dn); final X500Name issuerName = new X500Name(caCert.getSubjectDN().getName()); X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder( issuerName, BigInteger.valueOf(System.nanoTime()), start.getTime(), expiry.getTime(), certName, SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded())); final JcaX509ExtensionUtils u = new JcaX509ExtensionUtils(); certificateBuilder.addExtension(Extension.authorityKeyIdentifier, false, u.createAuthorityKeyIdentifier(caCert)); certificateBuilder.addExtension(Extension.subjectKeyIdentifier, false, u.createSubjectKeyIdentifier(keyPair.getPublic())); ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSA").setProvider(new BouncyCastleProvider()).build(caKey); X509CertificateHolder holder = certificateBuilder.build(signer); Certificate cert = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate(holder); Entry entry = new PrivateKeyEntry(keyPair.getPrivate(), new Certificate[] {cert, caCert}); keystore.setEntry(certificateAlias, entry, new PasswordProtection(password.toCharArray())); } catch (GeneralSecurityException | OperatorCreationException | CertIOException ex) { throw new RuntimeException("Unable to generate signed certificate", ex); } }
/** Callback para solicitar la constrasena. * @param pp PasswordProtection para solicitar la constrasena. */ CeresPasswordCallback(final PasswordProtection pp) { super("Por favor, introduzca el PIN de la tarjeta CERES", false); //$NON-NLS-1$ if (pp == null) { throw new IllegalArgumentException( "El PasswordProtection no puede ser nulo" //$NON-NLS-1$ ); } this.passp = pp; }
/** {@inheritDoc} */ @Override public void engineLoad(final KeyStore.LoadStoreParameter param) throws IOException { if (param != null) { final ProtectionParameter pp = param.getProtectionParameter(); if (pp instanceof KeyStore.CallbackHandlerProtection) { if (((KeyStore.CallbackHandlerProtection) pp).getCallbackHandler() == null) { throw new IllegalArgumentException("El CallbackHandler no puede ser nulo"); //$NON-NLS-1$ } this.cryptoCard = new Ceres( CeresProvider.getDefaultApduConnection(), new JseCryptoHelper() ); this.cryptoCard.setCallbackHandler(((KeyStore.CallbackHandlerProtection) pp).getCallbackHandler()); } else if (pp instanceof KeyStore.PasswordProtection) { final PasswordCallback pwc = new CeresPasswordCallback((PasswordProtection) pp); this.cryptoCard = new Ceres( CeresProvider.getDefaultApduConnection(), new JseCryptoHelper() ); this.cryptoCard.setPasswordCallback(pwc); } else { Logger.getLogger("es.gob.jmulticard").warning( //$NON-NLS-1$ "Se ha proporcionado un LoadStoreParameter de tipo no soportado, se ignorara: " + (pp != null ? pp.getClass().getName() : "NULO") //$NON-NLS-1$ //$NON-NLS-2$ ); } } else { this.cryptoCard = new Ceres( CeresProvider.getDefaultApduConnection(), new JseCryptoHelper() ); } userCertAliases = Arrays.asList(this.cryptoCard.getAliases()); }
/** * @param pp PasswordProtection para solicitar la contraseña */ DniePasswordCallback(final PasswordProtection pp) { super("Por favor, introduzca el PIN del DNIe", false); //$NON-NLS-1$ if (pp == null) { throw new IllegalArgumentException( "El PasswordProtection no puede ser nulo" //$NON-NLS-1$ ); } this.passp = pp; }
/** {@inheritDoc} */ @Override public KeyStore.Entry engineGetEntry(final String alias, final ProtectionParameter protParam) { if(protParam instanceof KeyStore.CallbackHandlerProtection) { // Establecemos el CallbackHandler final CallbackHandler chp = ((KeyStore.CallbackHandlerProtection) protParam).getCallbackHandler(); if(chp != null) { this.cryptoCard.setCallbackHandler(chp); } } else if (protParam instanceof KeyStore.PasswordProtection) { // Establecemos el PasswordCallback final PasswordCallback pwc = new CachePasswordCallback(((KeyStore.PasswordProtection)protParam).getPassword()); this.cryptoCard.setPasswordCallback(pwc); } else { LOGGER.warning( "Se ha proporcionado un ProtectionParameter de tipo no soportado, se ignorara: " + (protParam != null ? protParam.getClass().getName() : "NULO") //$NON-NLS-1$ //$NON-NLS-2$ ); } if (!engineContainsAlias(alias)) { return null; } final PrivateKey key = (PrivateKey) engineGetKey( alias, null // Le pasamos null porque ya hemos establecido el PasswordCallback o el CallbackHander antes ); return new PrivateKeyEntry(key, engineGetCertificateChain(alias)); }
@Test public void test_init_Builder() { TestKeyStore testKeyStore = TestKeyStore.getClient(); Builder builder = Builder.newInstance( testKeyStore.keyStore, new PasswordProtection(testKeyStore.storePassword)); KeyStoreBuilderParameters ksbp = new KeyStoreBuilderParameters(builder); assertNotNull(ksbp); assertNotNull(ksbp.getParameters()); assertEquals(1, ksbp.getParameters().size()); assertSame(builder, ksbp.getParameters().get(0)); }
@Test public void test_init_List() { TestKeyStore testKeyStore1 = TestKeyStore.getClient(); TestKeyStore testKeyStore2 = TestKeyStore.getServer(); Builder builder1 = Builder.newInstance( testKeyStore1.keyStore, new PasswordProtection(testKeyStore1.storePassword)); Builder builder2 = Builder.newInstance( testKeyStore2.keyStore, new PasswordProtection(testKeyStore2.storePassword)); List<Builder> list = Arrays.asList(builder1, builder2); KeyStoreBuilderParameters ksbp = new KeyStoreBuilderParameters(list); assertNotNull(ksbp); assertNotNull(ksbp.getParameters()); assertNotSame(list, ksbp.getParameters()); assertEquals(2, ksbp.getParameters().size()); assertSame(builder1, ksbp.getParameters().get(0)); assertSame(builder2, ksbp.getParameters().get(1)); // confirm result is not modifiable try { ksbp.getParameters().set(0, builder2); fail(); } catch (UnsupportedOperationException expected) { // Ignored. } // confirm result is a copy of original list.set(0, builder2); assertSame(builder1, ksbp.getParameters().get(0)); }
private void initKeystore(final InputStream ksStream, final String ksType, final String ksPassword) { try { keyStore = KeyStore.getInstance(ksType); final char[] password = (ksPassword == null) ? null : ksPassword.toCharArray(); keyStore.load(ksStream, password); passwordProtection = new PasswordProtection(password); } catch (GeneralSecurityException | IOException e) { throw new DSSException("Unable to initialize the keystore", e); } finally { Utils.closeQuietly(ksStream); } }
@Override public void engineLoad(InputStream file, char[] pin) throws IOException, NoSuchAlgorithmException, CertificateException { if (file != null) throw new IOException ("PKCS11 Key Store requires a null InputStream a the first argument."); PKCS11LoadStoreParameter param = new PKCS11LoadStoreParameter(); param.setProtectionParameter(new PasswordProtection(pin)); engineLoad(param); }
/** * Initialize the secure secret key * * @return * @throws Exception */ private static SecretKey initKey() throws Exception { KeyStore keyStore = null; // create the keystore if it doesn't exist File keyStoreFile = new File(KEYSTORE_LOCATION); keyStore = loadKeyStore(keyStoreFile, SECRET_KEY); PasswordProtection keyPassword = new PasswordProtection( SECRET_KEY.toCharArray()); if (!keyStore.containsAlias(SystemConstants.APP_NAME)) { // create new key, store in the keystore keyGenerator = KeyGenerator.getInstance("AES"); Logger.debug("SecureEncrypter init: Crypto Provider [" + keyGenerator.getProvider().getName() + "] creating new key for app: " + SystemConstants.APP_NAME); keyGenerator.init(KEY_SIZE); secretKey = keyGenerator.generateKey(); // store the secret key KeyStore.SecretKeyEntry keyStoreEntry = new KeyStore.SecretKeyEntry( secretKey); keyStore.setEntry(SystemConstants.APP_NAME, keyStoreEntry, keyPassword); keyStore.store(new FileOutputStream(keyStoreFile), SECRET_KEY.toCharArray()); } Entry entry = keyStore.getEntry(SystemConstants.APP_NAME, keyPassword); SecretKey key = ((KeyStore.SecretKeyEntry) entry).getSecretKey(); return key; }
public static void newPrivateKey(KeyStore keystore, TypedCertificate certificate) throws UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException { String path = typeToPath(certificate.getType()) + certificate.getCert().getSubjectX500Principal().getName(); PrivateKeyEntry keyEntry = new PrivateKeyEntry(certificate.getPrivateKey(), getCertificateChain( keystore, certificate).certsToArray()); if (!keystore.containsAlias(path)) { ProtectionParameter pp = new PasswordProtection(PRIVATE_KEY_PASSWORD.toCharArray()); keystore.setEntry(path, keyEntry, pp); } }
public static void newEntity(KeyStore keystore, TypedCertificate certificate) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException { PrivateKeyEntry keyEntry = new PrivateKeyEntry(certificate.getPrivateKey(), getCertificateChain( keystore, certificate).certsToArray()); if (keystore.containsAlias(KEYSTORE_ENTITY_KEY_PATH)) { keystore.deleteEntry(KEYSTORE_ENTITY_KEY_PATH); } ProtectionParameter pp = new PasswordProtection(PRIVATE_KEY_PASSWORD.toCharArray()); keystore.setEntry(KEYSTORE_ENTITY_KEY_PATH, keyEntry, pp); }
public static void newApplicationPrivateKey(KeyStore keystore, TypedCertificate certificate) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException { PrivateKeyEntry keyEntry = new PrivateKeyEntry(certificate.getPrivateKey(), getCertificateChain( keystore, certificate).certsToArray()); if (keystore.containsAlias(KEYSTORE_ENTITY_KEY_PATH)) { keystore.deleteEntry(KEYSTORE_ENTITY_KEY_PATH); } ProtectionParameter pp = new PasswordProtection(PRIVATE_KEY_PASSWORD.toCharArray()); keystore.setEntry(KEYSTORE_APPLICATION_KEY_PATH, keyEntry, pp); }
private ProtectionParameter createProtection(final EntryDescriptor descr) { return new PasswordProtection(descr.getPassword().toCharArray()); }
/** {@inheritDoc} */ @Override public void engineLoad(final KeyStore.LoadStoreParameter param) throws IOException { if (param != null) { final ProtectionParameter pp = param.getProtectionParameter(); if (pp instanceof KeyStore.CallbackHandlerProtection) { if (((KeyStore.CallbackHandlerProtection) pp).getCallbackHandler() == null) { throw new IllegalArgumentException("El CallbackHandler no puede ser nulo"); //$NON-NLS-1$ } this.cryptoCard = DnieFactory.getDnie( DnieProvider.getDefaultApduConnection(), null, new JseCryptoHelper(), ((KeyStore.CallbackHandlerProtection) pp).getCallbackHandler() ); } else if (pp instanceof KeyStore.PasswordProtection) { final PasswordCallback pwc = new DniePasswordCallback((PasswordProtection) pp); this.cryptoCard = DnieFactory.getDnie( DnieProvider.getDefaultApduConnection(), pwc, new JseCryptoHelper(), null ); } else { LOGGER.warning( "Se ha proporcionado un LoadStoreParameter de tipo no soportado, se ignorara: " + (pp != null ? pp.getClass().getName() : "NULO") //$NON-NLS-1$ //$NON-NLS-2$ ); } } else { this.cryptoCard = DnieFactory.getDnie( DnieProvider.getDefaultApduConnection(), null, new JseCryptoHelper(), null ); } this.aliases = Arrays.asList(this.cryptoCard.getAliases()); }
protected ProtectionParameter createProtectionParameter(String password) { ProtectionParameter protection = (password == null) ? null : new PasswordProtection(password.toCharArray()); return protection; }
/** * This method allows you to authenticate you against the token, if the initial call to * {@link #open(LoadStoreParameter)} did not contain a * ProtectionParameter. This may be use in order to search for a certificate on a token * without entering a PIN. * * @param param The protection parameters used to do normal (user) authentication. * * @see PKCS11LoadStoreParameter#getProtectionParameter() */ public void authenticate(ProtectionParameter param) throws IOException { this.protectionParameter = param; try { if (this.protectionParameter instanceof PasswordProtection) { changeEvent(PKCS11EventCallback.PIN_AUTHENTICATION_IN_PROGRESS); PasswordProtection pp = (PasswordProtection)this.protectionParameter; this.session.loginUser(pp.getPassword()); changeEvent(PKCS11EventCallback.AUHENTICATION_SUCEEDED); } else if (this.protectionParameter instanceof CallbackHandlerProtection) { CallbackHandlerProtection cbhp = (CallbackHandlerProtection)this.protectionParameter; char [] pin = null; // do authenticate with the protected auth method of the token, // if this is possible, otherwise use the callback to authenticate. if (this.slot.hasTokenProtectedAuthPath()) { changeEvent(PKCS11EventCallback.HW_AUTHENTICATION_IN_PROGRESS); } else { changeEvent(PKCS11EventCallback.WAITING_FOR_SW_PIN); CallbackHandler cbh = cbhp.getCallbackHandler(); PasswordCallback pcb = new PasswordCallback("Please enter the user pin:",false); cbh.handle(new Callback[] { pcb }); pin = pcb.getPassword(); changeEvent(PKCS11EventCallback.PIN_AUTHENTICATION_IN_PROGRESS); } this.session.loginUser(pin); changeEvent(PKCS11EventCallback.AUHENTICATION_SUCEEDED); } } catch (UnsupportedCallbackException e) { throw new PKCS11Exception("PasswordCallback is not supported",e); } }
/** * This method allows you to authenticate you against the token as the security officer * for read/write access to the token, if the initial call to * {@link #open(LoadStoreParameter)} did not contain a SO * ProtectionParameter. * * @param param The protection parameters used to do SO (security officer) authentication. * * @see PKCS11LoadStoreParameter#getSOProtectionParameter() */ public void authenticateSO(ProtectionParameter param) throws IOException { try { if (param instanceof PasswordProtection) { PasswordProtection pp=(PasswordProtection)param; changeEvent(PKCS11EventCallback.SO_PIN_AUTHENTICATION_IN_PROGRESS); this.session.loginSO(pp.getPassword()); changeEvent(PKCS11EventCallback.SO_AUHENTICATION_SUCEEDED); } else if (param instanceof CallbackHandlerProtection) { CallbackHandlerProtection cbhp=(CallbackHandlerProtection)param; char [] pin = null; // do authenticate with the protected auth method of the token, // if this is possible, otherwise use the callback to authenticate. if (this.slot.hasTokenProtectedAuthPath()) { changeEvent(PKCS11EventCallback.SO_HW_AUTHENTICATION_IN_PROGRESS); } else { changeEvent(PKCS11EventCallback.WAITING_FOR_SW_SO_PIN); CallbackHandler cbh = cbhp.getCallbackHandler(); PasswordCallback pcb = new PasswordCallback("Please enter the SO pin:",false); cbh.handle(new Callback[] { pcb }); pin = pcb.getPassword(); changeEvent(PKCS11EventCallback.SO_PIN_AUTHENTICATION_IN_PROGRESS); } this.session.loginSO(pin); changeEvent(PKCS11EventCallback.SO_AUHENTICATION_SUCEEDED); } } catch(UnsupportedCallbackException e) { throw new PKCS11Exception("PasswordCallback is not supported",e); } }
/** * This is a convenience function for setting a password protection * to the protection parameter. * * Equivalent to calling * <code>this.setProtectionParameter(new PasswordProtection(pin))</code>. * * @param pin The pin to present to the token. * * @see PKCS11LoadStoreParameter#setProtectionParameter(ProtectionParameter) */ public void setProtectionPIN(char[] pin) { this.setProtectionParameter(new PasswordProtection(pin)); }
/** * This is a convenience function for setting a password protection * to the SO protection parameter. * * Equivalent to calling * <code>this.setSOProtectionParameter(new PasswordProtection(pin))</code>. * * @param pin The SO pin to present to the token. * * @see PKCS11LoadStoreParameter#setSOProtectionParameter(ProtectionParameter) */ public void setSOProtectionPIN(char[] pin) { this.setSOProtectionParameter(new PasswordProtection(pin)); }
