Package org.bouncycastle.tls

Class CertificateRequest

  • public class CertificateRequest
extends java.lang.Object
    Parsing and encoding of a CertificateRequest struct from RFC 4346: 
     struct {
     ClientCertificateType certificate_types<1..2^8-1>;
     DistinguishedName certificate_authorities<3..2^16-1>;
 } CertificateRequest;
    Updated for RFC 5246: 
     struct {
     ClientCertificateType certificate_types<1..2^8-1>;
     SignatureAndHashAlgorithm supported_signature_algorithms<2^16-1>;
     DistinguishedName certificate_authorities<0..2^16-1>;
 } CertificateRequest;
    Revised for RFC 8446: 
     struct {
     opaque certificate_request_context<0..2^8-1>;
     Extension extensions<2..2^16-1>;
 } CertificateRequest;
    See Also:
    ClientCertificateType, X500Name

    • Field Detail

      • certificateRequestContext

        protected final byte[] certificateRequestContext

      • certificateTypes

        protected final short[] certificateTypes

      • supportedSignatureAlgorithms

        protected final java.util.Vector supportedSignatureAlgorithms

      • supportedSignatureAlgorithmsCert

        protected final java.util.Vector supportedSignatureAlgorithmsCert

      • certificateAuthorities

        protected final java.util.Vector certificateAuthorities

    • Constructor Detail

      • CertificateRequest

        public CertificateRequest​(short[] certificateTypes,
                          java.util.Vector supportedSignatureAlgorithms,
                          java.util.Vector certificateAuthorities)
        Parameters:
        certificateTypes - see ClientCertificateType for valid constants.
        certificateAuthorities - a Vector of X500Name.

      • CertificateRequest

        public CertificateRequest​(byte[] certificateRequestContext,
                          java.util.Vector supportedSignatureAlgorithms,
                          java.util.Vector supportedSignatureAlgorithmsCert,
                          java.util.Vector certificateAuthorities)
                   throws java.io.IOException
        Throws:
        java.io.IOException

    • Method Detail

      • getCertificateRequestContext

        public byte[] getCertificateRequestContext()

      • getCertificateTypes

        public short[] getCertificateTypes()
        Returns:
        an array of certificate types
        See Also:
        ClientCertificateType

      • getSupportedSignatureAlgorithms

        public java.util.Vector getSupportedSignatureAlgorithms()
        Returns:
        a Vector of SignatureAndHashAlgorithm (or null before TLS 1.2).

      • getSupportedSignatureAlgorithmsCert

        public java.util.Vector getSupportedSignatureAlgorithmsCert()
        Returns:
        an optional Vector of SignatureAndHashAlgorithm. May be non-null from TLS 1.3 onwards.

      • getCertificateAuthorities

        public java.util.Vector getCertificateAuthorities()
        Returns:
        a Vector of X500Name

      • hasCertificateRequestContext

        public boolean hasCertificateRequestContext​(byte[] certificateRequestContext)

      • encode

        public void encode​(TlsContext context,
                   java.io.OutputStream output)
            throws java.io.IOException
        Encode this CertificateRequest to an OutputStream.
        Parameters:
        context - the TlsContext of the current connection.
        output - the OutputStream to encode to.
        Throws:
        java.io.IOException