Package org.bouncycastle.tls

Class Certificate

java.lang.Object

org.bouncycastle.tls.Certificate

public class Certificate
extends Object

Parsing and encoding of a Certificate struct from RFC 4346.

 opaque ASN.1Cert<2^24-1>;

 struct {
     ASN.1Cert certificate_list<0..2^24-1>;
 } Certificate;
 

See Also:

• Certificate

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	Certificate.ParseOptions

Field Summary

Fields

Modifier and Type	Field	Description
protected final CertificateEntry[]	certificateEntryList
protected final byte[]	certificateRequestContext
protected final short	certificateType
static final Certificate	EMPTY_CHAIN
static final Certificate	EMPTY_CHAIN_TLS13

Constructor Summary

Constructors

Constructor	Description
Certificate(byte[] certificateRequestContext, CertificateEntry[] certificateEntryList)
Certificate(short certificateType, byte[] certificateRequestContext, CertificateEntry[] certificateEntryList)
Certificate(TlsCertificate[] certificateList)

Method Summary

Modifier and Type	Method	Description
protected static void	calculateEndPointHash(TlsContext context, TlsCertificate cert, byte[] encoding, OutputStream output)
protected CertificateEntry[]	cloneCertificateEntryList()
protected TlsCertificate[]	cloneCertificateList()
void	encode(TlsContext context, OutputStream messageOutput, OutputStream endPointHashOutput)	Encode this Certificate to an OutputStream, and optionally calculate the "end point hash" (per RFC 5929's tls-server-end-point binding).
TlsCertificate	getCertificateAt(int index)
CertificateEntry	getCertificateEntryAt(int index)
CertificateEntry[]	getCertificateEntryList()
TlsCertificate[]	getCertificateList()
byte[]	getCertificateRequestContext()
short	getCertificateType()
int	getLength()
boolean	isEmpty()
static Certificate	parse(Certificate.ParseOptions options, TlsContext context, InputStream messageInput, OutputStream endPointHashOutput)	Parse a Certificate from an InputStream.
static Certificate	parse(TlsContext context, InputStream messageInput, OutputStream endPointHashOutput)	Deprecated. Use version taking a Certificate.ParseOptions argument instead.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

EMPTY_CHAIN

public static final Certificate EMPTY_CHAIN

EMPTY_CHAIN_TLS13

public static final Certificate EMPTY_CHAIN_TLS13

certificateRequestContext

protected final byte[] certificateRequestContext

certificateEntryList

protected final CertificateEntry[] certificateEntryList

certificateType

protected final short certificateType

Constructor Details

Certificate

public Certificate(TlsCertificate[] certificateList)

Certificate

public Certificate(byte[] certificateRequestContext,
 CertificateEntry[] certificateEntryList)

Certificate

public Certificate(short certificateType,
 byte[] certificateRequestContext,
 CertificateEntry[] certificateEntryList)

Method Details

getCertificateRequestContext

public byte[] getCertificateRequestContext()

getCertificateList

public TlsCertificate[] getCertificateList()

Returns:

an array of Certificate representing a certificate chain.

getCertificateAt

public TlsCertificate getCertificateAt(int index)

getCertificateEntryAt

public CertificateEntry getCertificateEntryAt(int index)

getCertificateEntryList

public CertificateEntry[] getCertificateEntryList()

getCertificateType

public short getCertificateType()

getLength

public int getLength()

isEmpty

public boolean isEmpty()

Returns:

true if this certificate chain contains no certificates, or false otherwise.

encode

public void encode(TlsContext context,
 OutputStream messageOutput,
 OutputStream endPointHashOutput)
            throws IOException

Encode this Certificate to an OutputStream, and optionally calculate the "end point hash" (per RFC 5929's tls-server-end-point binding).

Parameters:

messageOutput - the OutputStream to encode to.

endPointHashOutput - the OutputStream to write the "end point hash" (or null).

Throws:

IOException

parse

public static Certificate parse(TlsContext context,
 InputStream messageInput,
 OutputStream endPointHashOutput)
                         throws IOException

Deprecated.

Use version taking a Certificate.ParseOptions argument instead.

Parse a Certificate from an InputStream.

Parameters:

context - the TlsContext of the current connection.

messageInput - the InputStream to parse from.

endPointHashOutput - the OutputStream to write the "end point hash" (or null).

Returns:

a Certificate object.

Throws:

IOException

parse

public static Certificate parse(Certificate.ParseOptions options,
 TlsContext context,
 InputStream messageInput,
 OutputStream endPointHashOutput)
                         throws IOException

Parse a Certificate from an InputStream.

Parameters:

options - the Certificate.ParseOptions to apply during parsing.

context - the TlsContext of the current connection.

messageInput - the InputStream to parse from.

endPointHashOutput - the OutputStream to write the "end point hash" (or null).

Returns:

a Certificate object.

Throws:

IOException

calculateEndPointHash

protected static void calculateEndPointHash(TlsContext context,
 TlsCertificate cert,
 byte[] encoding,
 OutputStream output)
                                     throws IOException

Throws:

IOException

cloneCertificateList

protected TlsCertificate[] cloneCertificateList()

cloneCertificateEntryList

protected CertificateEntry[] cloneCertificateEntryList()