Class JcaTlsCertificate
- java.lang.Object
-
- org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCertificate
-
- All Implemented Interfaces:
TlsCertificate
public class JcaTlsCertificate extends java.lang.Object implements TlsCertificate
Implementation class for a single X.509 certificate based on the JCA.
-
-
Field Summary
Fields Modifier and Type Field Description protected java.security.cert.X509Certificatecertificateprotected JcaTlsCryptocryptoprotected static intKU_CRL_SIGNprotected static intKU_DATA_ENCIPHERMENTprotected static intKU_DECIPHER_ONLYprotected static intKU_DIGITAL_SIGNATUREprotected static intKU_ENCIPHER_ONLYprotected static intKU_KEY_AGREEMENTprotected static intKU_KEY_CERT_SIGNprotected static intKU_KEY_ENCIPHERMENTprotected static intKU_NON_REPUDIATIONprotected javax.crypto.interfaces.DHPublicKeypubKeyDHprotected java.security.interfaces.ECPublicKeypubKeyECprotected java.security.PublicKeypubKeyRSA
-
Constructor Summary
Constructors Constructor Description JcaTlsCertificate(JcaTlsCrypto crypto, byte[] encoding)JcaTlsCertificate(JcaTlsCrypto crypto, java.security.cert.X509Certificate certificate)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static JcaTlsCertificateconvert(JcaTlsCrypto crypto, TlsCertificate certificate)TlsVerifiercreateVerifier(short signatureAlgorithm)byte[]getEncoded()byte[]getExtension(org.bouncycastle.asn1.ASN1ObjectIdentifier extensionOID)shortgetLegacySignatureAlgorithm()protected java.security.PublicKeygetPublicKey()java.math.BigIntegergetSerialNumber()java.lang.StringgetSigAlgOID()org.bouncycastle.asn1.ASN1EncodablegetSigAlgParams()protected org.bouncycastle.asn1.x509.SubjectPublicKeyInfogetSubjectPublicKeyInfo()java.security.cert.X509CertificategetX509Certificate()protected booleanimplSupportsSignatureAlgorithm(short signatureAlgorithm)static java.security.cert.X509CertificateparseCertificate(org.bouncycastle.jcajce.util.JcaJceHelper helper, byte[] encoding)protected booleansupportsKeyUsageBit(int keyUsageBit)protected booleansupportsRSA_PKCS1()protected booleansupportsRSA_PSS_PSS(short signatureAlgorithm)protected booleansupportsRSA_PSS_RSAE()booleansupportsSignatureAlgorithm(short signatureAlgorithm)booleansupportsSignatureAlgorithmCA(short signatureAlgorithm)TlsCertificateuseInRole(int connectionEnd, int keyExchangeAlgorithm)protected voidvalidateKeyUsageBit(int keyUsageBit)protected voidvalidateRSA_PKCS1()protected voidvalidateRSA_PSS_PSS(short signatureAlgorithm)protected voidvalidateRSA_PSS_RSAE()
-
-
-
Field Detail
-
KU_DIGITAL_SIGNATURE
protected static final int KU_DIGITAL_SIGNATURE
- See Also:
- Constant Field Values
-
KU_NON_REPUDIATION
protected static final int KU_NON_REPUDIATION
- See Also:
- Constant Field Values
-
KU_KEY_ENCIPHERMENT
protected static final int KU_KEY_ENCIPHERMENT
- See Also:
- Constant Field Values
-
KU_DATA_ENCIPHERMENT
protected static final int KU_DATA_ENCIPHERMENT
- See Also:
- Constant Field Values
-
KU_KEY_AGREEMENT
protected static final int KU_KEY_AGREEMENT
- See Also:
- Constant Field Values
-
KU_KEY_CERT_SIGN
protected static final int KU_KEY_CERT_SIGN
- See Also:
- Constant Field Values
-
KU_CRL_SIGN
protected static final int KU_CRL_SIGN
- See Also:
- Constant Field Values
-
KU_ENCIPHER_ONLY
protected static final int KU_ENCIPHER_ONLY
- See Also:
- Constant Field Values
-
KU_DECIPHER_ONLY
protected static final int KU_DECIPHER_ONLY
- See Also:
- Constant Field Values
-
crypto
protected final JcaTlsCrypto crypto
-
certificate
protected final java.security.cert.X509Certificate certificate
-
pubKeyDH
protected javax.crypto.interfaces.DHPublicKey pubKeyDH
-
pubKeyEC
protected java.security.interfaces.ECPublicKey pubKeyEC
-
pubKeyRSA
protected java.security.PublicKey pubKeyRSA
-
-
Constructor Detail
-
JcaTlsCertificate
public JcaTlsCertificate(JcaTlsCrypto crypto, byte[] encoding) throws java.io.IOException
- Throws:
java.io.IOException
-
JcaTlsCertificate
public JcaTlsCertificate(JcaTlsCrypto crypto, java.security.cert.X509Certificate certificate)
-
-
Method Detail
-
convert
public static JcaTlsCertificate convert(JcaTlsCrypto crypto, TlsCertificate certificate) throws java.io.IOException
- Throws:
java.io.IOException
-
parseCertificate
public static java.security.cert.X509Certificate parseCertificate(org.bouncycastle.jcajce.util.JcaJceHelper helper, byte[] encoding) throws java.io.IOException- Throws:
java.io.IOException
-
createVerifier
public TlsVerifier createVerifier(short signatureAlgorithm) throws java.io.IOException
- Specified by:
createVerifierin interfaceTlsCertificate- Parameters:
signatureAlgorithm-SignatureAlgorithm- Throws:
java.io.IOException
-
getEncoded
public byte[] getEncoded() throws java.io.IOException- Specified by:
getEncodedin interfaceTlsCertificate- Throws:
java.io.IOException
-
getExtension
public byte[] getExtension(org.bouncycastle.asn1.ASN1ObjectIdentifier extensionOID) throws java.io.IOException- Specified by:
getExtensionin interfaceTlsCertificate- Throws:
java.io.IOException
-
getSerialNumber
public java.math.BigInteger getSerialNumber()
- Specified by:
getSerialNumberin interfaceTlsCertificate
-
getSigAlgOID
public java.lang.String getSigAlgOID()
- Specified by:
getSigAlgOIDin interfaceTlsCertificate- Returns:
- the OID of this certificate's 'signatureAlgorithm', as a String.
-
getSigAlgParams
public org.bouncycastle.asn1.ASN1Encodable getSigAlgParams() throws java.io.IOException- Specified by:
getSigAlgParamsin interfaceTlsCertificate- Throws:
java.io.IOException
-
getLegacySignatureAlgorithm
public short getLegacySignatureAlgorithm() throws java.io.IOException- Specified by:
getLegacySignatureAlgorithmin interfaceTlsCertificate- Returns:
SignatureAlgorithm- Throws:
java.io.IOException
-
supportsSignatureAlgorithm
public boolean supportsSignatureAlgorithm(short signatureAlgorithm) throws java.io.IOException- Specified by:
supportsSignatureAlgorithmin interfaceTlsCertificate- Parameters:
signatureAlgorithm-SignatureAlgorithm- Returns:
- true if (and only if) this certificate can be used to verify the given signature algorithm.
- Throws:
java.io.IOException
-
supportsSignatureAlgorithmCA
public boolean supportsSignatureAlgorithmCA(short signatureAlgorithm) throws java.io.IOException- Specified by:
supportsSignatureAlgorithmCAin interfaceTlsCertificate- Throws:
java.io.IOException
-
useInRole
public TlsCertificate useInRole(int connectionEnd, int keyExchangeAlgorithm) throws java.io.IOException
- Specified by:
useInRolein interfaceTlsCertificate- Parameters:
connectionEnd-ConnectionEndkeyExchangeAlgorithm-KeyExchangeAlgorithm- Throws:
java.io.IOException
-
implSupportsSignatureAlgorithm
protected boolean implSupportsSignatureAlgorithm(short signatureAlgorithm) throws java.io.IOException- Throws:
java.io.IOException
-
getPublicKey
protected java.security.PublicKey getPublicKey() throws java.io.IOException- Throws:
java.io.IOException
-
getSubjectPublicKeyInfo
protected org.bouncycastle.asn1.x509.SubjectPublicKeyInfo getSubjectPublicKeyInfo() throws java.io.IOException- Throws:
java.io.IOException
-
getX509Certificate
public java.security.cert.X509Certificate getX509Certificate()
-
supportsKeyUsageBit
protected boolean supportsKeyUsageBit(int keyUsageBit)
-
supportsRSA_PKCS1
protected boolean supportsRSA_PKCS1() throws java.io.IOException- Throws:
java.io.IOException
-
supportsRSA_PSS_PSS
protected boolean supportsRSA_PSS_PSS(short signatureAlgorithm) throws java.io.IOException- Throws:
java.io.IOException
-
supportsRSA_PSS_RSAE
protected boolean supportsRSA_PSS_RSAE() throws java.io.IOException- Throws:
java.io.IOException
-
validateKeyUsageBit
protected void validateKeyUsageBit(int keyUsageBit) throws java.io.IOException- Throws:
java.io.IOException
-
validateRSA_PKCS1
protected void validateRSA_PKCS1() throws java.io.IOException- Throws:
java.io.IOException
-
validateRSA_PSS_PSS
protected void validateRSA_PSS_PSS(short signatureAlgorithm) throws java.io.IOException- Throws:
java.io.IOException
-
validateRSA_PSS_RSAE
protected void validateRSA_PSS_RSAE() throws java.io.IOException- Throws:
java.io.IOException
-
-