public class BcTlsCrypto extends AbstractTlsCrypto
This class provides default implementations for everything. If you need to customise it, extend the class and override the appropriate methods.
Modifier and Type | Class and Description |
---|---|
class |
BcTlsCrypto.AeadOperator |
class |
BcTlsCrypto.CombinedPRF |
Constructor and Description |
---|
BcTlsCrypto(java.security.SecureRandom entropySource) |
Modifier and Type | Method and Description |
---|---|
static org.bouncycastle.crypto.Digest |
cloneDigest(short hashAlgorithm,
org.bouncycastle.crypto.Digest hash) |
protected org.bouncycastle.crypto.modes.AEADBlockCipher |
createAEADBlockCipher_AES_CCM() |
protected org.bouncycastle.crypto.modes.AEADBlockCipher |
createAEADBlockCipher_AES_GCM() |
protected org.bouncycastle.crypto.modes.AEADBlockCipher |
createAEADBlockCipher_AES_OCB() |
protected org.bouncycastle.crypto.modes.AEADBlockCipher |
createAEADBlockCipher_ARIA_GCM() |
protected org.bouncycastle.crypto.modes.AEADBlockCipher |
createAEADBlockCipher_Camellia_GCM() |
protected org.bouncycastle.crypto.BlockCipher |
createAESBlockCipher() |
protected TlsCipher |
createAESCipher(TlsCryptoParameters cryptoParams,
int cipherKeySize,
int macAlgorithm) |
protected org.bouncycastle.crypto.BlockCipher |
createAESEngine() |
protected org.bouncycastle.crypto.BlockCipher |
createARIABlockCipher() |
protected TlsCipher |
createARIACipher(TlsCryptoParameters cryptoParams,
int cipherKeySize,
int macAlgorithm) |
protected org.bouncycastle.crypto.BlockCipher |
createARIAEngine() |
protected org.bouncycastle.crypto.BlockCipher |
createCamelliaBlockCipher() |
protected TlsCipher |
createCamelliaCipher(TlsCryptoParameters cryptoParams,
int cipherKeySize,
int macAlgorithm) |
protected org.bouncycastle.crypto.BlockCipher |
createCamelliaEngine() |
TlsCertificate |
createCertificate(byte[] encoding)
Create a TlsCertificate from a ASN.1 binary encoding of an X.509 certificate.
|
protected TlsCipher |
createChaCha20Poly1305(TlsCryptoParameters cryptoParams) |
protected TlsAEADCipher |
createCipher_AES_CCM(TlsCryptoParameters cryptoParams,
int cipherKeySize,
int macSize) |
protected TlsAEADCipher |
createCipher_AES_GCM(TlsCryptoParameters cryptoParams,
int cipherKeySize,
int macSize) |
protected TlsAEADCipher |
createCipher_AES_OCB(TlsCryptoParameters cryptoParams,
int cipherKeySize,
int macSize) |
protected TlsAEADCipher |
createCipher_ARIA_GCM(TlsCryptoParameters cryptoParams,
int cipherKeySize,
int macSize) |
protected TlsAEADCipher |
createCipher_Camellia_GCM(TlsCryptoParameters cryptoParams,
int cipherKeySize,
int macSize) |
protected TlsCipher |
createCipher(TlsCryptoParameters cryptoParams,
int encryptionAlgorithm,
int macAlgorithm)
Create a cipher for the specified encryption and MAC algorithms.
|
protected org.bouncycastle.crypto.BlockCipher |
createDESedeBlockCipher() |
protected TlsBlockCipher |
createDESedeCipher(TlsCryptoParameters cryptoParams,
int macAlgorithm) |
TlsDHDomain |
createDHDomain(TlsDHConfig dhConfig)
Create an domain object supporting the domain parameters described in dhConfig.
|
TlsECDomain |
createECDomain(TlsECConfig ecConfig)
Create an domain object supporting the domain parameters described in ecConfig.
|
protected TlsEncryptor |
createEncryptor(TlsCertificate certificate)
Return an encryptor based on the public key in certificate.
|
TlsHash |
createHash(short algorithm)
Create a suitable hash for the hash algorithm identifier passed in.
|
TlsHash |
createHash(SignatureAndHashAlgorithm signatureAndHashAlgorithm)
Create a suitable hash for the signature algorithm identifier passed in.
|
TlsHMAC |
createHMAC(int hashAlgorithm)
Create a suitable HMAC for the MAC algorithm identifier passed in.
|
protected org.bouncycastle.crypto.Digest |
createHMACDigest(int macAlgorithm) |
byte[] |
createNonce(int size)
Create a nonce byte[] string.
|
protected TlsNullCipher |
createNullCipher(TlsCryptoParameters cryptoParams,
int macAlgorithm) |
org.bouncycastle.crypto.Digest |
createPRFHash(int prfAlgorithm) |
protected TlsStreamCipher |
createRC4Cipher(TlsCryptoParameters cryptoParams,
int cipherKeySize,
int macAlgorithm) |
protected org.bouncycastle.crypto.StreamCipher |
createRC4StreamCipher() |
TlsSecret |
createSecret(byte[] data)
Create a TlsSecret object based provided data.
|
protected org.bouncycastle.crypto.BlockCipher |
createSEEDBlockCipher() |
protected TlsBlockCipher |
createSEEDCipher(TlsCryptoParameters cryptoParams,
int macAlgorithm) |
TlsSRP6Client |
createSRP6Client(TlsSRPConfig srpConfig)
Create an SRP-6 client.
|
TlsSRP6Server |
createSRP6Server(TlsSRPConfig srpConfig,
java.math.BigInteger srpVerifier)
Create an SRP-6 server.
|
TlsSRP6VerifierGenerator |
createSRP6VerifierGenerator(TlsSRPConfig srpConfig)
Create an SRP-6 verifier generator.
|
protected TlsHMAC |
createSSl3HMAC(int macAlgorithm) |
TlsSecret |
generateRSAPreMasterSecret(ProtocolVersion version)
Create a TlsSecret object containing a randomly-generated RSA PreMasterSecret
|
java.security.SecureRandom |
getSecureRandom()
Return the primary (safest) SecureRandom for this crypto.
|
boolean |
hasAllRawSignatureAlgorithms()
Return true if this TlsCrypto can perform raw signatures and verifications for all supported algorithms.
|
boolean |
hasDHAgreement()
Return true if this TlsCrypto can support DH key agreement.
|
boolean |
hasECDHAgreement()
Return true if this TlsCrypto can support ECDH key agreement.
|
boolean |
hasEncryptionAlgorithm(int encryptionAlgorithm)
Return true if this TlsCrypto can support the passed in block/stream encryption algorithm.
|
boolean |
hasHashAlgorithm(short hashAlgorithm)
Return true if this TlsCrypto can support the passed in hash algorithm.
|
boolean |
hasMacAlgorithm(int macAlgorithm)
Return true if this TlsCrypto can support the passed in MAC algorithm.
|
boolean |
hasNamedCurve(int curveID)
Return true if this TlsCrypto supports the passed in curveID.
|
boolean |
hasRSAEncryption()
Return true if this TlsCrypto can support RSA encryption/decryption.
|
boolean |
hasSignatureAlgorithm(int signatureAlgorithm)
Return true if this TlsCrypto can support the passed in signature algorithm
(not necessarily in combination with EVERY hash algorithm).
|
boolean |
hasSignatureAndHashAlgorithm(SignatureAndHashAlgorithm sigAndHashAlgorithm)
Return true if this TlsCrypto can support the passed in signature algorithm.
|
boolean |
hasSRPAuthentication()
Return true if this TlsCrypto can support SRP authentication.
|
adoptSecret
public byte[] createNonce(int size)
TlsCrypto
size
- the length, in bytes, of the nonce to generate.public java.security.SecureRandom getSecureRandom()
TlsCrypto
public TlsCertificate createCertificate(byte[] encoding) throws java.io.IOException
TlsCrypto
encoding
- DER/BER encoding of the certificate of interest.java.io.IOException
- if there is an issue on decoding or constructing the certificate.protected TlsCipher createCipher(TlsCryptoParameters cryptoParams, int encryptionAlgorithm, int macAlgorithm) throws java.io.IOException
AbstractTlsCrypto
See enumeration classes EncryptionAlgorithm
, MACAlgorithm
for appropriate argument values.
createCipher
in class AbstractTlsCrypto
cryptoParams
- context specific parameters.encryptionAlgorithm
- the encryption algorithm to be employed by the cipher.macAlgorithm
- the MAC algorithm to be employed by the cipher.TlsCipher
implementing the encryption and MAC algorithm.java.io.IOException
public TlsDHDomain createDHDomain(TlsDHConfig dhConfig)
TlsCrypto
dhConfig
- the config describing the DH parameters to use.public TlsECDomain createECDomain(TlsECConfig ecConfig)
TlsCrypto
ecConfig
- the config describing the EC parameters to use.protected TlsEncryptor createEncryptor(TlsCertificate certificate) throws java.io.IOException
AbstractTlsCrypto
createEncryptor
in class AbstractTlsCrypto
certificate
- the certificate carrying the public key.java.io.IOException
public boolean hasAllRawSignatureAlgorithms()
TlsCrypto
public boolean hasDHAgreement()
TlsCrypto
public boolean hasECDHAgreement()
TlsCrypto
public boolean hasEncryptionAlgorithm(int encryptionAlgorithm)
TlsCrypto
encryptionAlgorithm
- the algorithm of interest.public boolean hasHashAlgorithm(short hashAlgorithm)
TlsCrypto
hashAlgorithm
- the algorithm of interest.public boolean hasMacAlgorithm(int macAlgorithm)
TlsCrypto
macAlgorithm
- the algorithm of interest.public boolean hasNamedCurve(int curveID)
TlsCrypto
public boolean hasRSAEncryption()
TlsCrypto
public boolean hasSignatureAlgorithm(int signatureAlgorithm)
TlsCrypto
signatureAlgorithm
- the algorithm of interest.public boolean hasSignatureAndHashAlgorithm(SignatureAndHashAlgorithm sigAndHashAlgorithm)
TlsCrypto
sigAndHashAlgorithm
- the algorithm of interest.public boolean hasSRPAuthentication()
TlsCrypto
public TlsSecret createSecret(byte[] data)
TlsCrypto
data
- the data to base the TlsSecret on.public TlsSecret generateRSAPreMasterSecret(ProtocolVersion version)
TlsCrypto
version
- the client version to place in the first 2 bytespublic TlsHash createHash(SignatureAndHashAlgorithm signatureAndHashAlgorithm)
TlsCrypto
signatureAndHashAlgorithm
- the signature algorithm the hash needs to match.public TlsHash createHash(short algorithm)
TlsCrypto
algorithm
- the hash algorithm the hash needs to implement.public static org.bouncycastle.crypto.Digest cloneDigest(short hashAlgorithm, org.bouncycastle.crypto.Digest hash)
public org.bouncycastle.crypto.Digest createPRFHash(int prfAlgorithm)
protected TlsCipher createAESCipher(TlsCryptoParameters cryptoParams, int cipherKeySize, int macAlgorithm) throws java.io.IOException
java.io.IOException
protected TlsCipher createARIACipher(TlsCryptoParameters cryptoParams, int cipherKeySize, int macAlgorithm) throws java.io.IOException
java.io.IOException
protected TlsCipher createCamelliaCipher(TlsCryptoParameters cryptoParams, int cipherKeySize, int macAlgorithm) throws java.io.IOException
java.io.IOException
protected TlsCipher createChaCha20Poly1305(TlsCryptoParameters cryptoParams) throws java.io.IOException
java.io.IOException
protected TlsAEADCipher createCipher_AES_CCM(TlsCryptoParameters cryptoParams, int cipherKeySize, int macSize) throws java.io.IOException
java.io.IOException
protected TlsAEADCipher createCipher_AES_GCM(TlsCryptoParameters cryptoParams, int cipherKeySize, int macSize) throws java.io.IOException
java.io.IOException
protected TlsAEADCipher createCipher_AES_OCB(TlsCryptoParameters cryptoParams, int cipherKeySize, int macSize) throws java.io.IOException
java.io.IOException
protected TlsAEADCipher createCipher_ARIA_GCM(TlsCryptoParameters cryptoParams, int cipherKeySize, int macSize) throws java.io.IOException
java.io.IOException
protected TlsAEADCipher createCipher_Camellia_GCM(TlsCryptoParameters cryptoParams, int cipherKeySize, int macSize) throws java.io.IOException
java.io.IOException
protected TlsBlockCipher createDESedeCipher(TlsCryptoParameters cryptoParams, int macAlgorithm) throws java.io.IOException
java.io.IOException
protected TlsNullCipher createNullCipher(TlsCryptoParameters cryptoParams, int macAlgorithm) throws java.io.IOException
java.io.IOException
protected TlsStreamCipher createRC4Cipher(TlsCryptoParameters cryptoParams, int cipherKeySize, int macAlgorithm) throws java.io.IOException
java.io.IOException
protected TlsBlockCipher createSEEDCipher(TlsCryptoParameters cryptoParams, int macAlgorithm) throws java.io.IOException
java.io.IOException
protected org.bouncycastle.crypto.BlockCipher createAESEngine()
protected org.bouncycastle.crypto.BlockCipher createARIAEngine()
protected org.bouncycastle.crypto.BlockCipher createCamelliaEngine()
protected org.bouncycastle.crypto.BlockCipher createAESBlockCipher()
protected org.bouncycastle.crypto.BlockCipher createARIABlockCipher()
protected org.bouncycastle.crypto.modes.AEADBlockCipher createAEADBlockCipher_AES_CCM()
protected org.bouncycastle.crypto.modes.AEADBlockCipher createAEADBlockCipher_AES_GCM()
protected org.bouncycastle.crypto.modes.AEADBlockCipher createAEADBlockCipher_AES_OCB()
protected org.bouncycastle.crypto.modes.AEADBlockCipher createAEADBlockCipher_ARIA_GCM()
protected org.bouncycastle.crypto.modes.AEADBlockCipher createAEADBlockCipher_Camellia_GCM()
protected org.bouncycastle.crypto.BlockCipher createCamelliaBlockCipher()
protected org.bouncycastle.crypto.BlockCipher createDESedeBlockCipher()
protected org.bouncycastle.crypto.StreamCipher createRC4StreamCipher()
protected org.bouncycastle.crypto.BlockCipher createSEEDBlockCipher()
protected org.bouncycastle.crypto.Digest createHMACDigest(int macAlgorithm) throws java.io.IOException
java.io.IOException
public TlsHMAC createHMAC(int hashAlgorithm)
TlsCrypto
See enumeration class MACAlgorithm
for appropriate argument values.
hashAlgorithm
- the MAC algorithm the HMAC needs to match.public TlsSRP6Client createSRP6Client(TlsSRPConfig srpConfig)
TlsCrypto
srpConfig
- client config.public TlsSRP6Server createSRP6Server(TlsSRPConfig srpConfig, java.math.BigInteger srpVerifier)
TlsCrypto
srpConfig
- server config.srpVerifier
- the SRP6 verifier value.public TlsSRP6VerifierGenerator createSRP6VerifierGenerator(TlsSRPConfig srpConfig)
TlsCrypto
srpConfig
- generator config.protected TlsHMAC createSSl3HMAC(int macAlgorithm) throws java.io.IOException
java.io.IOException