Class JcaTlsCertificate
java.lang.Object
org.bouncycastle.tls.crypto.impl.jcajce.JcaTlsCertificate
- All Implemented Interfaces:
TlsCertificate
Implementation class for a single X.509 certificate based on the JCA.
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected final X509Certificateprotected final JcaTlsCryptoprotected static final intprotected static final intprotected static final intprotected static final intprotected static final intprotected static final intprotected static final intprotected static final intprotected static final intprotected DHPublicKeyprotected ECPublicKeyprotected PublicKey -
Constructor Summary
ConstructorsConstructorDescriptionJcaTlsCertificate(JcaTlsCrypto crypto, byte[] encoding) JcaTlsCertificate(JcaTlsCrypto crypto, X509Certificate certificate) -
Method Summary
Modifier and TypeMethodDescriptioncheckUsageInRole(int tlsCertificateRole) static JcaTlsCertificateconvert(JcaTlsCrypto crypto, TlsCertificate certificate) createEncryptor(int tlsCertificateRole) Return an encryptor based on the public key in this certificate.createVerifier(int signatureScheme) createVerifier(short signatureAlgorithm) byte[]byte[]getExtension(org.bouncycastle.asn1.ASN1ObjectIdentifier extensionOID) shortprotected PublicKeyorg.bouncycastle.asn1.ASN1Encodableprotected org.bouncycastle.asn1.x509.SubjectPublicKeyInfoprotected booleanimplSupportsSignatureAlgorithm(short signatureAlgorithm) static X509CertificateparseCertificate(org.bouncycastle.jcajce.util.JcaJceHelper helper, byte[] encoding) protected booleansupportsKeyUsageBit(int keyUsageBit) protected booleanprotected booleansupportsRSA_PSS_PSS(short signatureAlgorithm) protected booleanbooleansupportsSignatureAlgorithm(short signatureAlgorithm) booleansupportsSignatureAlgorithmCA(short signatureAlgorithm) protected voidvalidateKeyUsageBit(int keyUsageBit) protected voidprotected voidvalidateRSA_PSS_PSS(short signatureAlgorithm) protected void
-
Field Details
-
KU_DIGITAL_SIGNATURE
protected static final int KU_DIGITAL_SIGNATURE- See Also:
-
KU_NON_REPUDIATION
protected static final int KU_NON_REPUDIATION- See Also:
-
KU_KEY_ENCIPHERMENT
protected static final int KU_KEY_ENCIPHERMENT- See Also:
-
KU_DATA_ENCIPHERMENT
protected static final int KU_DATA_ENCIPHERMENT- See Also:
-
KU_KEY_AGREEMENT
protected static final int KU_KEY_AGREEMENT- See Also:
-
KU_KEY_CERT_SIGN
protected static final int KU_KEY_CERT_SIGN- See Also:
-
KU_CRL_SIGN
protected static final int KU_CRL_SIGN- See Also:
-
KU_ENCIPHER_ONLY
protected static final int KU_ENCIPHER_ONLY- See Also:
-
KU_DECIPHER_ONLY
protected static final int KU_DECIPHER_ONLY- See Also:
-
crypto
-
certificate
-
pubKeyDH
-
pubKeyEC
-
pubKeyRSA
-
-
Constructor Details
-
JcaTlsCertificate
- Throws:
IOException
-
JcaTlsCertificate
-
-
Method Details
-
convert
public static JcaTlsCertificate convert(JcaTlsCrypto crypto, TlsCertificate certificate) throws IOException - Throws:
IOException
-
parseCertificate
public static X509Certificate parseCertificate(org.bouncycastle.jcajce.util.JcaJceHelper helper, byte[] encoding) throws IOException - Throws:
IOException
-
createEncryptor
Description copied from interface:TlsCertificateReturn an encryptor based on the public key in this certificate.- Specified by:
createEncryptorin interfaceTlsCertificate- Parameters:
tlsCertificateRole-TlsCertificateRole- Returns:
- a TlsEncryptor based on this certificate's public key.
- Throws:
IOException
-
createVerifier
- Specified by:
createVerifierin interfaceTlsCertificate- Parameters:
signatureAlgorithm-SignatureAlgorithm- Throws:
IOException
-
createVerifier
- Specified by:
createVerifierin interfaceTlsCertificate- Parameters:
signatureScheme-SignatureScheme- Throws:
IOException
-
getEncoded
- Specified by:
getEncodedin interfaceTlsCertificate- Throws:
IOException
-
getExtension
public byte[] getExtension(org.bouncycastle.asn1.ASN1ObjectIdentifier extensionOID) throws IOException - Specified by:
getExtensionin interfaceTlsCertificate- Throws:
IOException
-
getSerialNumber
- Specified by:
getSerialNumberin interfaceTlsCertificate
-
getSigAlgOID
- Specified by:
getSigAlgOIDin interfaceTlsCertificate- Returns:
- the OID of this certificate's 'signatureAlgorithm', as a String.
-
getSigAlgParams
- Specified by:
getSigAlgParamsin interfaceTlsCertificate- Throws:
IOException
-
getLegacySignatureAlgorithm
- Specified by:
getLegacySignatureAlgorithmin interfaceTlsCertificate- Returns:
SignatureAlgorithm- Throws:
IOException
-
supportsSignatureAlgorithm
- Specified by:
supportsSignatureAlgorithmin interfaceTlsCertificate- Parameters:
signatureAlgorithm-SignatureAlgorithm- Returns:
- true if (and only if) this certificate can be used to verify the given signature algorithm.
- Throws:
IOException
-
supportsSignatureAlgorithmCA
- Specified by:
supportsSignatureAlgorithmCAin interfaceTlsCertificate- Throws:
IOException
-
checkUsageInRole
- Specified by:
checkUsageInRolein interfaceTlsCertificate- Parameters:
tlsCertificateRole-TlsCertificateRole- Throws:
IOException
-
implSupportsSignatureAlgorithm
- Throws:
IOException
-
getPublicKey
- Throws:
IOException
-
getSubjectPublicKeyInfo
protected org.bouncycastle.asn1.x509.SubjectPublicKeyInfo getSubjectPublicKeyInfo() throws IOException- Throws:
IOException
-
getX509Certificate
-
supportsKeyUsageBit
protected boolean supportsKeyUsageBit(int keyUsageBit) -
supportsRSA_PKCS1
- Throws:
IOException
-
supportsRSA_PSS_PSS
- Throws:
IOException
-
supportsRSA_PSS_RSAE
- Throws:
IOException
-
validateKeyUsageBit
- Throws:
IOException
-
validateRSA_PKCS1
- Throws:
IOException
-
validateRSA_PSS_PSS
- Throws:
IOException
-
validateRSA_PSS_RSAE
- Throws:
IOException
-