Class BcTlsCertificate
java.lang.Object
org.bouncycastle.tls.crypto.impl.bc.BcTlsCertificate
- All Implemented Interfaces:
TlsCertificate
Implementation class for a single X.509 certificate based on the BC light-weight API.
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected final org.bouncycastle.asn1.x509.Certificate
protected final BcTlsCrypto
protected org.bouncycastle.crypto.params.DHPublicKeyParameters
protected org.bouncycastle.crypto.params.ECPublicKeyParameters
protected org.bouncycastle.crypto.params.Ed25519PublicKeyParameters
protected org.bouncycastle.crypto.params.Ed448PublicKeyParameters
protected org.bouncycastle.crypto.params.RSAKeyParameters
-
Constructor Summary
ConstructorsConstructorDescriptionBcTlsCertificate
(BcTlsCrypto crypto, byte[] encoding) BcTlsCertificate
(BcTlsCrypto crypto, org.bouncycastle.asn1.x509.Certificate certificate) -
Method Summary
Modifier and TypeMethodDescriptioncheckUsageInRole
(int tlsCertificateRole) static BcTlsCertificate
convert
(BcTlsCrypto crypto, TlsCertificate certificate) createEncryptor
(int tlsCertificateRole) Return an encryptor based on the public key in this certificate.createVerifier
(int signatureScheme) createVerifier
(short signatureAlgorithm) byte[]
byte[]
getExtension
(org.bouncycastle.asn1.ASN1ObjectIdentifier extensionOID) short
org.bouncycastle.crypto.params.DHPublicKeyParameters
org.bouncycastle.crypto.params.DSAPublicKeyParameters
org.bouncycastle.crypto.params.ECPublicKeyParameters
org.bouncycastle.crypto.params.Ed25519PublicKeyParameters
org.bouncycastle.crypto.params.Ed448PublicKeyParameters
org.bouncycastle.crypto.params.RSAKeyParameters
protected org.bouncycastle.crypto.params.AsymmetricKeyParameter
org.bouncycastle.asn1.ASN1Encodable
static org.bouncycastle.asn1.x509.Certificate
parseCertificate
(byte[] encoding) protected boolean
supportsKeyUsage
(int keyUsageBits) protected boolean
protected boolean
supportsRSA_PSS_PSS
(short signatureAlgorithm) protected boolean
boolean
supportsSignatureAlgorithm
(short signatureAlgorithm) protected boolean
supportsSignatureAlgorithm
(short signatureAlgorithm, int keyUsage) boolean
supportsSignatureAlgorithmCA
(short signatureAlgorithm) void
validateKeyUsage
(int keyUsageBits) protected void
protected void
validateRSA_PSS_PSS
(short signatureAlgorithm) protected void
-
Field Details
-
crypto
-
certificate
protected final org.bouncycastle.asn1.x509.Certificate certificate -
pubKeyDH
protected org.bouncycastle.crypto.params.DHPublicKeyParameters pubKeyDH -
pubKeyEC
protected org.bouncycastle.crypto.params.ECPublicKeyParameters pubKeyEC -
pubKeyEd25519
protected org.bouncycastle.crypto.params.Ed25519PublicKeyParameters pubKeyEd25519 -
pubKeyEd448
protected org.bouncycastle.crypto.params.Ed448PublicKeyParameters pubKeyEd448 -
pubKeyRSA
protected org.bouncycastle.crypto.params.RSAKeyParameters pubKeyRSA
-
-
Constructor Details
-
BcTlsCertificate
- Throws:
IOException
-
BcTlsCertificate
-
-
Method Details
-
convert
public static BcTlsCertificate convert(BcTlsCrypto crypto, TlsCertificate certificate) throws IOException - Throws:
IOException
-
parseCertificate
public static org.bouncycastle.asn1.x509.Certificate parseCertificate(byte[] encoding) throws IOException - Throws:
IOException
-
createEncryptor
Description copied from interface:TlsCertificate
Return an encryptor based on the public key in this certificate.- Specified by:
createEncryptor
in interfaceTlsCertificate
- Parameters:
tlsCertificateRole
-TlsCertificateRole
- Returns:
- a TlsEncryptor based on this certificate's public key.
- Throws:
IOException
-
createVerifier
- Specified by:
createVerifier
in interfaceTlsCertificate
- Parameters:
signatureAlgorithm
-SignatureAlgorithm
- Throws:
IOException
-
createVerifier
- Specified by:
createVerifier
in interfaceTlsCertificate
- Parameters:
signatureScheme
-SignatureScheme
- Throws:
IOException
-
getEncoded
- Specified by:
getEncoded
in interfaceTlsCertificate
- Throws:
IOException
-
getExtension
public byte[] getExtension(org.bouncycastle.asn1.ASN1ObjectIdentifier extensionOID) throws IOException - Specified by:
getExtension
in interfaceTlsCertificate
- Throws:
IOException
-
getSerialNumber
- Specified by:
getSerialNumber
in interfaceTlsCertificate
-
getSigAlgOID
- Specified by:
getSigAlgOID
in interfaceTlsCertificate
- Returns:
- the OID of this certificate's 'signatureAlgorithm', as a String.
-
getSigAlgParams
public org.bouncycastle.asn1.ASN1Encodable getSigAlgParams()- Specified by:
getSigAlgParams
in interfaceTlsCertificate
-
getLegacySignatureAlgorithm
- Specified by:
getLegacySignatureAlgorithm
in interfaceTlsCertificate
- Returns:
SignatureAlgorithm
- Throws:
IOException
-
getPubKeyDH
- Throws:
IOException
-
getPubKeyDSS
- Throws:
IOException
-
getPubKeyEC
- Throws:
IOException
-
getPubKeyEd25519
public org.bouncycastle.crypto.params.Ed25519PublicKeyParameters getPubKeyEd25519() throws IOException- Throws:
IOException
-
getPubKeyEd448
- Throws:
IOException
-
getPubKeyRSA
- Throws:
IOException
-
supportsSignatureAlgorithm
- Specified by:
supportsSignatureAlgorithm
in interfaceTlsCertificate
- Parameters:
signatureAlgorithm
-SignatureAlgorithm
- Returns:
- true if (and only if) this certificate can be used to verify the given signature algorithm.
- Throws:
IOException
-
supportsSignatureAlgorithmCA
- Specified by:
supportsSignatureAlgorithmCA
in interfaceTlsCertificate
- Throws:
IOException
-
checkUsageInRole
- Specified by:
checkUsageInRole
in interfaceTlsCertificate
- Parameters:
tlsCertificateRole
-TlsCertificateRole
- Throws:
IOException
-
getPublicKey
- Throws:
IOException
-
supportsKeyUsage
protected boolean supportsKeyUsage(int keyUsageBits) -
supportsRSA_PKCS1
protected boolean supportsRSA_PKCS1() -
supportsRSA_PSS_PSS
protected boolean supportsRSA_PSS_PSS(short signatureAlgorithm) -
supportsRSA_PSS_RSAE
protected boolean supportsRSA_PSS_RSAE() -
supportsSignatureAlgorithm
protected boolean supportsSignatureAlgorithm(short signatureAlgorithm, int keyUsage) throws IOException - Throws:
IOException
-
validateKeyUsage
- Throws:
IOException
-
validateRSA_PKCS1
- Throws:
IOException
-
validateRSA_PSS_PSS
- Throws:
IOException
-
validateRSA_PSS_RSAE
- Throws:
IOException
-