I'm implementing a PKCS#11 JCE provider for Android and there's a method from java.security.KeyStoreSpi
which I don't understand:
public void engineSetKeyEntry(String name, Key key, char[] pin, Certificate[] certificateChain)
How can I bind private key with certificate chain? By CKA_ID attribute?
I'm not sure to fully understand the question, but as far as I know, the PKCS#11 standard does not fully define how a Private Key / Public Key and a Certificate are linked all together. Rather, the standard (v3.01) does recommend to share the same CKA_ID between the 3 objects. If you want to make a link between several obejct this is what I would also recommend. If we speak only about Asymetric keys, then you can find other means to link a public key to other related crypto materials (such as comparing the public Modulus for RSA world)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.