Class JcaTlsCertificate
- java.lang.Object
-
- org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCertificate
-
- All Implemented Interfaces:
TlsCertificate
public class JcaTlsCertificate extends java.lang.Object implements TlsCertificate
Implementation class for a single X.509 certificate based on the JCA.
-
-
Field Summary
Fields Modifier and Type Field Description protected java.security.cert.X509Certificatecertificateprotected JcaTlsCryptocryptoprotected static intKU_CRL_SIGNprotected static intKU_DATA_ENCIPHERMENTprotected static intKU_DECIPHER_ONLYprotected static intKU_DIGITAL_SIGNATUREprotected static intKU_ENCIPHER_ONLYprotected static intKU_KEY_AGREEMENTprotected static intKU_KEY_CERT_SIGNprotected static intKU_KEY_ENCIPHERMENTprotected static intKU_NON_REPUDIATIONprotected javax.crypto.interfaces.DHPublicKeypubKeyDHprotected java.security.interfaces.ECPublicKeypubKeyECprotected java.security.PublicKeypubKeyRSA
-
Constructor Summary
Constructors Constructor Description JcaTlsCertificate(JcaTlsCrypto crypto, byte[] encoding)JcaTlsCertificate(JcaTlsCrypto crypto, java.security.cert.X509Certificate certificate)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description TlsCertificatecheckUsageInRole(int tlsCertificateRole)static JcaTlsCertificateconvert(JcaTlsCrypto crypto, TlsCertificate certificate)TlsEncryptorcreateEncryptor(int tlsCertificateRole)Return an encryptor based on the public key in this certificate.TlsVerifiercreateVerifier(int signatureScheme)TlsVerifiercreateVerifier(short signatureAlgorithm)byte[]getEncoded()byte[]getExtension(org.bouncycastle.asn1.ASN1ObjectIdentifier extensionOID)shortgetLegacySignatureAlgorithm()protected java.security.PublicKeygetPublicKey()java.math.BigIntegergetSerialNumber()java.lang.StringgetSigAlgOID()org.bouncycastle.asn1.ASN1EncodablegetSigAlgParams()protected org.bouncycastle.asn1.x509.SubjectPublicKeyInfogetSubjectPublicKeyInfo()java.security.cert.X509CertificategetX509Certificate()protected booleanimplSupportsSignatureAlgorithm(short signatureAlgorithm)static java.security.cert.X509CertificateparseCertificate(org.bouncycastle.jcajce.util.JcaJceHelper helper, byte[] encoding)protected booleansupportsKeyUsageBit(int keyUsageBit)protected booleansupportsRSA_PKCS1()protected booleansupportsRSA_PSS_PSS(short signatureAlgorithm)protected booleansupportsRSA_PSS_RSAE()booleansupportsSignatureAlgorithm(short signatureAlgorithm)booleansupportsSignatureAlgorithmCA(short signatureAlgorithm)protected voidvalidateKeyUsageBit(int keyUsageBit)protected voidvalidateRSA_PKCS1()protected voidvalidateRSA_PSS_PSS(short signatureAlgorithm)protected voidvalidateRSA_PSS_RSAE()
-
-
-
Field Detail
-
KU_DIGITAL_SIGNATURE
protected static final int KU_DIGITAL_SIGNATURE
- See Also:
- Constant Field Values
-
KU_NON_REPUDIATION
protected static final int KU_NON_REPUDIATION
- See Also:
- Constant Field Values
-
KU_KEY_ENCIPHERMENT
protected static final int KU_KEY_ENCIPHERMENT
- See Also:
- Constant Field Values
-
KU_DATA_ENCIPHERMENT
protected static final int KU_DATA_ENCIPHERMENT
- See Also:
- Constant Field Values
-
KU_KEY_AGREEMENT
protected static final int KU_KEY_AGREEMENT
- See Also:
- Constant Field Values
-
KU_KEY_CERT_SIGN
protected static final int KU_KEY_CERT_SIGN
- See Also:
- Constant Field Values
-
KU_CRL_SIGN
protected static final int KU_CRL_SIGN
- See Also:
- Constant Field Values
-
KU_ENCIPHER_ONLY
protected static final int KU_ENCIPHER_ONLY
- See Also:
- Constant Field Values
-
KU_DECIPHER_ONLY
protected static final int KU_DECIPHER_ONLY
- See Also:
- Constant Field Values
-
crypto
protected final JcaTlsCrypto crypto
-
certificate
protected final java.security.cert.X509Certificate certificate
-
pubKeyDH
protected javax.crypto.interfaces.DHPublicKey pubKeyDH
-
pubKeyEC
protected java.security.interfaces.ECPublicKey pubKeyEC
-
pubKeyRSA
protected java.security.PublicKey pubKeyRSA
-
-
Constructor Detail
-
JcaTlsCertificate
public JcaTlsCertificate(JcaTlsCrypto crypto, byte[] encoding) throws java.io.IOException
- Throws:
java.io.IOException
-
JcaTlsCertificate
public JcaTlsCertificate(JcaTlsCrypto crypto, java.security.cert.X509Certificate certificate)
-
-
Method Detail
-
convert
public static JcaTlsCertificate convert(JcaTlsCrypto crypto, TlsCertificate certificate) throws java.io.IOException
- Throws:
java.io.IOException
-
parseCertificate
public static java.security.cert.X509Certificate parseCertificate(org.bouncycastle.jcajce.util.JcaJceHelper helper, byte[] encoding) throws java.io.IOException- Throws:
java.io.IOException
-
createEncryptor
public TlsEncryptor createEncryptor(int tlsCertificateRole) throws java.io.IOException
Description copied from interface:TlsCertificateReturn an encryptor based on the public key in this certificate.- Specified by:
createEncryptorin interfaceTlsCertificate- Parameters:
tlsCertificateRole-TlsCertificateRole- Returns:
- a TlsEncryptor based on this certificate's public key.
- Throws:
java.io.IOException
-
createVerifier
public TlsVerifier createVerifier(short signatureAlgorithm) throws java.io.IOException
- Specified by:
createVerifierin interfaceTlsCertificate- Parameters:
signatureAlgorithm-SignatureAlgorithm- Throws:
java.io.IOException
-
createVerifier
public TlsVerifier createVerifier(int signatureScheme) throws java.io.IOException
- Specified by:
createVerifierin interfaceTlsCertificate- Parameters:
signatureScheme-SignatureScheme- Throws:
java.io.IOException
-
getEncoded
public byte[] getEncoded() throws java.io.IOException- Specified by:
getEncodedin interfaceTlsCertificate- Throws:
java.io.IOException
-
getExtension
public byte[] getExtension(org.bouncycastle.asn1.ASN1ObjectIdentifier extensionOID) throws java.io.IOException- Specified by:
getExtensionin interfaceTlsCertificate- Throws:
java.io.IOException
-
getSerialNumber
public java.math.BigInteger getSerialNumber()
- Specified by:
getSerialNumberin interfaceTlsCertificate
-
getSigAlgOID
public java.lang.String getSigAlgOID()
- Specified by:
getSigAlgOIDin interfaceTlsCertificate- Returns:
- the OID of this certificate's 'signatureAlgorithm', as a String.
-
getSigAlgParams
public org.bouncycastle.asn1.ASN1Encodable getSigAlgParams() throws java.io.IOException- Specified by:
getSigAlgParamsin interfaceTlsCertificate- Throws:
java.io.IOException
-
getLegacySignatureAlgorithm
public short getLegacySignatureAlgorithm() throws java.io.IOException- Specified by:
getLegacySignatureAlgorithmin interfaceTlsCertificate- Returns:
SignatureAlgorithm- Throws:
java.io.IOException
-
supportsSignatureAlgorithm
public boolean supportsSignatureAlgorithm(short signatureAlgorithm) throws java.io.IOException- Specified by:
supportsSignatureAlgorithmin interfaceTlsCertificate- Parameters:
signatureAlgorithm-SignatureAlgorithm- Returns:
- true if (and only if) this certificate can be used to verify the given signature algorithm.
- Throws:
java.io.IOException
-
supportsSignatureAlgorithmCA
public boolean supportsSignatureAlgorithmCA(short signatureAlgorithm) throws java.io.IOException- Specified by:
supportsSignatureAlgorithmCAin interfaceTlsCertificate- Throws:
java.io.IOException
-
checkUsageInRole
public TlsCertificate checkUsageInRole(int tlsCertificateRole) throws java.io.IOException
- Specified by:
checkUsageInRolein interfaceTlsCertificate- Parameters:
tlsCertificateRole-TlsCertificateRole- Throws:
java.io.IOException
-
implSupportsSignatureAlgorithm
protected boolean implSupportsSignatureAlgorithm(short signatureAlgorithm) throws java.io.IOException- Throws:
java.io.IOException
-
getPublicKey
protected java.security.PublicKey getPublicKey() throws java.io.IOException- Throws:
java.io.IOException
-
getSubjectPublicKeyInfo
protected org.bouncycastle.asn1.x509.SubjectPublicKeyInfo getSubjectPublicKeyInfo() throws java.io.IOException- Throws:
java.io.IOException
-
getX509Certificate
public java.security.cert.X509Certificate getX509Certificate()
-
supportsKeyUsageBit
protected boolean supportsKeyUsageBit(int keyUsageBit)
-
supportsRSA_PKCS1
protected boolean supportsRSA_PKCS1() throws java.io.IOException- Throws:
java.io.IOException
-
supportsRSA_PSS_PSS
protected boolean supportsRSA_PSS_PSS(short signatureAlgorithm) throws java.io.IOException- Throws:
java.io.IOException
-
supportsRSA_PSS_RSAE
protected boolean supportsRSA_PSS_RSAE() throws java.io.IOException- Throws:
java.io.IOException
-
validateKeyUsageBit
protected void validateKeyUsageBit(int keyUsageBit) throws java.io.IOException- Throws:
java.io.IOException
-
validateRSA_PKCS1
protected void validateRSA_PKCS1() throws java.io.IOException- Throws:
java.io.IOException
-
validateRSA_PSS_PSS
protected void validateRSA_PSS_PSS(short signatureAlgorithm) throws java.io.IOException- Throws:
java.io.IOException
-
validateRSA_PSS_RSAE
protected void validateRSA_PSS_RSAE() throws java.io.IOException- Throws:
java.io.IOException
-
-