Class BcTlsCertificate
- java.lang.Object
-
- org.bouncycastle.tls.crypto.impl.bc.BcTlsCertificate
-
- All Implemented Interfaces:
TlsCertificate
public class BcTlsCertificate extends java.lang.Object implements TlsCertificate
Implementation class for a single X.509 certificate based on the BC light-weight API.
-
-
Field Summary
Fields Modifier and Type Field Description protected org.bouncycastle.asn1.x509.Certificate
certificate
protected BcTlsCrypto
crypto
protected org.bouncycastle.crypto.params.DHPublicKeyParameters
pubKeyDH
protected org.bouncycastle.crypto.params.ECPublicKeyParameters
pubKeyEC
protected org.bouncycastle.crypto.params.Ed25519PublicKeyParameters
pubKeyEd25519
protected org.bouncycastle.crypto.params.Ed448PublicKeyParameters
pubKeyEd448
protected org.bouncycastle.crypto.params.RSAKeyParameters
pubKeyRSA
-
Constructor Summary
Constructors Constructor Description BcTlsCertificate(BcTlsCrypto crypto, byte[] encoding)
BcTlsCertificate(BcTlsCrypto crypto, org.bouncycastle.asn1.x509.Certificate certificate)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description TlsCertificate
checkUsageInRole(int tlsCertificateRole)
static BcTlsCertificate
convert(BcTlsCrypto crypto, TlsCertificate certificate)
TlsEncryptor
createEncryptor(int tlsCertificateRole)
Return an encryptor based on the public key in this certificate.TlsVerifier
createVerifier(int signatureScheme)
TlsVerifier
createVerifier(short signatureAlgorithm)
byte[]
getEncoded()
byte[]
getExtension(org.bouncycastle.asn1.ASN1ObjectIdentifier extensionOID)
short
getLegacySignatureAlgorithm()
org.bouncycastle.crypto.params.DHPublicKeyParameters
getPubKeyDH()
org.bouncycastle.crypto.params.DSAPublicKeyParameters
getPubKeyDSS()
org.bouncycastle.crypto.params.ECPublicKeyParameters
getPubKeyEC()
org.bouncycastle.crypto.params.Ed25519PublicKeyParameters
getPubKeyEd25519()
org.bouncycastle.crypto.params.Ed448PublicKeyParameters
getPubKeyEd448()
org.bouncycastle.crypto.params.RSAKeyParameters
getPubKeyRSA()
protected org.bouncycastle.crypto.params.AsymmetricKeyParameter
getPublicKey()
java.math.BigInteger
getSerialNumber()
java.lang.String
getSigAlgOID()
org.bouncycastle.asn1.ASN1Encodable
getSigAlgParams()
static org.bouncycastle.asn1.x509.Certificate
parseCertificate(byte[] encoding)
protected boolean
supportsKeyUsage(int keyUsageBits)
protected boolean
supportsRSA_PKCS1()
protected boolean
supportsRSA_PSS_PSS(short signatureAlgorithm)
protected boolean
supportsRSA_PSS_RSAE()
boolean
supportsSignatureAlgorithm(short signatureAlgorithm)
protected boolean
supportsSignatureAlgorithm(short signatureAlgorithm, int keyUsage)
boolean
supportsSignatureAlgorithmCA(short signatureAlgorithm)
void
validateKeyUsage(int keyUsageBits)
protected void
validateRSA_PKCS1()
protected void
validateRSA_PSS_PSS(short signatureAlgorithm)
protected void
validateRSA_PSS_RSAE()
-
-
-
Field Detail
-
crypto
protected final BcTlsCrypto crypto
-
certificate
protected final org.bouncycastle.asn1.x509.Certificate certificate
-
pubKeyDH
protected org.bouncycastle.crypto.params.DHPublicKeyParameters pubKeyDH
-
pubKeyEC
protected org.bouncycastle.crypto.params.ECPublicKeyParameters pubKeyEC
-
pubKeyEd25519
protected org.bouncycastle.crypto.params.Ed25519PublicKeyParameters pubKeyEd25519
-
pubKeyEd448
protected org.bouncycastle.crypto.params.Ed448PublicKeyParameters pubKeyEd448
-
pubKeyRSA
protected org.bouncycastle.crypto.params.RSAKeyParameters pubKeyRSA
-
-
Constructor Detail
-
BcTlsCertificate
public BcTlsCertificate(BcTlsCrypto crypto, byte[] encoding) throws java.io.IOException
- Throws:
java.io.IOException
-
BcTlsCertificate
public BcTlsCertificate(BcTlsCrypto crypto, org.bouncycastle.asn1.x509.Certificate certificate)
-
-
Method Detail
-
convert
public static BcTlsCertificate convert(BcTlsCrypto crypto, TlsCertificate certificate) throws java.io.IOException
- Throws:
java.io.IOException
-
parseCertificate
public static org.bouncycastle.asn1.x509.Certificate parseCertificate(byte[] encoding) throws java.io.IOException
- Throws:
java.io.IOException
-
createEncryptor
public TlsEncryptor createEncryptor(int tlsCertificateRole) throws java.io.IOException
Description copied from interface:TlsCertificate
Return an encryptor based on the public key in this certificate.- Specified by:
createEncryptor
in interfaceTlsCertificate
- Parameters:
tlsCertificateRole
-TlsCertificateRole
- Returns:
- a TlsEncryptor based on this certificate's public key.
- Throws:
java.io.IOException
-
createVerifier
public TlsVerifier createVerifier(short signatureAlgorithm) throws java.io.IOException
- Specified by:
createVerifier
in interfaceTlsCertificate
- Parameters:
signatureAlgorithm
-SignatureAlgorithm
- Throws:
java.io.IOException
-
createVerifier
public TlsVerifier createVerifier(int signatureScheme) throws java.io.IOException
- Specified by:
createVerifier
in interfaceTlsCertificate
- Parameters:
signatureScheme
-SignatureScheme
- Throws:
java.io.IOException
-
getEncoded
public byte[] getEncoded() throws java.io.IOException
- Specified by:
getEncoded
in interfaceTlsCertificate
- Throws:
java.io.IOException
-
getExtension
public byte[] getExtension(org.bouncycastle.asn1.ASN1ObjectIdentifier extensionOID) throws java.io.IOException
- Specified by:
getExtension
in interfaceTlsCertificate
- Throws:
java.io.IOException
-
getSerialNumber
public java.math.BigInteger getSerialNumber()
- Specified by:
getSerialNumber
in interfaceTlsCertificate
-
getSigAlgOID
public java.lang.String getSigAlgOID()
- Specified by:
getSigAlgOID
in interfaceTlsCertificate
- Returns:
- the OID of this certificate's 'signatureAlgorithm', as a String.
-
getSigAlgParams
public org.bouncycastle.asn1.ASN1Encodable getSigAlgParams()
- Specified by:
getSigAlgParams
in interfaceTlsCertificate
-
getLegacySignatureAlgorithm
public short getLegacySignatureAlgorithm() throws java.io.IOException
- Specified by:
getLegacySignatureAlgorithm
in interfaceTlsCertificate
- Returns:
SignatureAlgorithm
- Throws:
java.io.IOException
-
getPubKeyDH
public org.bouncycastle.crypto.params.DHPublicKeyParameters getPubKeyDH() throws java.io.IOException
- Throws:
java.io.IOException
-
getPubKeyDSS
public org.bouncycastle.crypto.params.DSAPublicKeyParameters getPubKeyDSS() throws java.io.IOException
- Throws:
java.io.IOException
-
getPubKeyEC
public org.bouncycastle.crypto.params.ECPublicKeyParameters getPubKeyEC() throws java.io.IOException
- Throws:
java.io.IOException
-
getPubKeyEd25519
public org.bouncycastle.crypto.params.Ed25519PublicKeyParameters getPubKeyEd25519() throws java.io.IOException
- Throws:
java.io.IOException
-
getPubKeyEd448
public org.bouncycastle.crypto.params.Ed448PublicKeyParameters getPubKeyEd448() throws java.io.IOException
- Throws:
java.io.IOException
-
getPubKeyRSA
public org.bouncycastle.crypto.params.RSAKeyParameters getPubKeyRSA() throws java.io.IOException
- Throws:
java.io.IOException
-
supportsSignatureAlgorithm
public boolean supportsSignatureAlgorithm(short signatureAlgorithm) throws java.io.IOException
- Specified by:
supportsSignatureAlgorithm
in interfaceTlsCertificate
- Parameters:
signatureAlgorithm
-SignatureAlgorithm
- Returns:
- true if (and only if) this certificate can be used to verify the given signature algorithm.
- Throws:
java.io.IOException
-
supportsSignatureAlgorithmCA
public boolean supportsSignatureAlgorithmCA(short signatureAlgorithm) throws java.io.IOException
- Specified by:
supportsSignatureAlgorithmCA
in interfaceTlsCertificate
- Throws:
java.io.IOException
-
checkUsageInRole
public TlsCertificate checkUsageInRole(int tlsCertificateRole) throws java.io.IOException
- Specified by:
checkUsageInRole
in interfaceTlsCertificate
- Parameters:
tlsCertificateRole
-TlsCertificateRole
- Throws:
java.io.IOException
-
getPublicKey
protected org.bouncycastle.crypto.params.AsymmetricKeyParameter getPublicKey() throws java.io.IOException
- Throws:
java.io.IOException
-
supportsKeyUsage
protected boolean supportsKeyUsage(int keyUsageBits)
-
supportsRSA_PKCS1
protected boolean supportsRSA_PKCS1()
-
supportsRSA_PSS_PSS
protected boolean supportsRSA_PSS_PSS(short signatureAlgorithm)
-
supportsRSA_PSS_RSAE
protected boolean supportsRSA_PSS_RSAE()
-
supportsSignatureAlgorithm
protected boolean supportsSignatureAlgorithm(short signatureAlgorithm, int keyUsage) throws java.io.IOException
- Throws:
java.io.IOException
-
validateKeyUsage
public void validateKeyUsage(int keyUsageBits) throws java.io.IOException
- Throws:
java.io.IOException
-
validateRSA_PKCS1
protected void validateRSA_PKCS1() throws java.io.IOException
- Throws:
java.io.IOException
-
validateRSA_PSS_PSS
protected void validateRSA_PSS_PSS(short signatureAlgorithm) throws java.io.IOException
- Throws:
java.io.IOException
-
validateRSA_PSS_RSAE
protected void validateRSA_PSS_RSAE() throws java.io.IOException
- Throws:
java.io.IOException
-
-