Class Certificate


  • public class Certificate
    extends java.lang.Object
    Parsing and encoding of a Certificate struct from RFC 4346.
     opaque ASN.1Cert<2^24-1>;
    
     struct {
         ASN.1Cert certificate_list<0..2^24-1>;
     } Certificate;
     
    See Also:
    Certificate
    • Field Detail

      • EMPTY_CHAIN

        public static final Certificate EMPTY_CHAIN
      • EMPTY_CHAIN_TLS13

        public static final Certificate EMPTY_CHAIN_TLS13
      • certificateRequestContext

        protected final byte[] certificateRequestContext
    • Constructor Detail

      • Certificate

        public Certificate​(TlsCertificate[] certificateList)
      • Certificate

        public Certificate​(byte[] certificateRequestContext,
                           CertificateEntry[] certificateEntryList)
    • Method Detail

      • getCertificateRequestContext

        public byte[] getCertificateRequestContext()
      • getCertificateList

        public TlsCertificate[] getCertificateList()
        Returns:
        an array of Certificate representing a certificate chain.
      • getCertificateAt

        public TlsCertificate getCertificateAt​(int index)
      • getCertificateEntryAt

        public CertificateEntry getCertificateEntryAt​(int index)
      • getCertificateType

        public short getCertificateType()
      • getLength

        public int getLength()
      • isEmpty

        public boolean isEmpty()
        Returns:
        true if this certificate chain contains no certificates, or false otherwise.
      • encode

        public void encode​(TlsContext context,
                           java.io.OutputStream messageOutput,
                           java.io.OutputStream endPointHashOutput)
                    throws java.io.IOException
        Encode this Certificate to an OutputStream, and optionally calculate the "end point hash" (per RFC 5929's tls-server-end-point binding).
        Parameters:
        messageOutput - the OutputStream to encode to.
        endPointHashOutput - the OutputStream to write the "end point hash" (or null).
        Throws:
        java.io.IOException
      • parse

        public static Certificate parse​(TlsContext context,
                                        java.io.InputStream messageInput,
                                        java.io.OutputStream endPointHashOutput)
                                 throws java.io.IOException
        Deprecated.
        Use version taking a Certificate.ParseOptions argument instead.
        Parse a Certificate from an InputStream.
        Parameters:
        context - the TlsContext of the current connection.
        messageInput - the InputStream to parse from.
        endPointHashOutput - the OutputStream to write the "end point hash" (or null).
        Returns:
        a Certificate object.
        Throws:
        java.io.IOException
      • parse

        public static Certificate parse​(Certificate.ParseOptions options,
                                        TlsContext context,
                                        java.io.InputStream messageInput,
                                        java.io.OutputStream endPointHashOutput)
                                 throws java.io.IOException
        Parse a Certificate from an InputStream.
        Parameters:
        options - the Certificate.ParseOptions to apply during parsing.
        context - the TlsContext of the current connection.
        messageInput - the InputStream to parse from.
        endPointHashOutput - the OutputStream to write the "end point hash" (or null).
        Returns:
        a Certificate object.
        Throws:
        java.io.IOException
      • calculateEndPointHash

        protected static void calculateEndPointHash​(TlsContext context,
                                                    TlsCertificate cert,
                                                    byte[] encoding,
                                                    java.io.OutputStream output)
                                             throws java.io.IOException
        Throws:
        java.io.IOException
      • cloneCertificateList

        protected TlsCertificate[] cloneCertificateList()
      • cloneCertificateEntryList

        protected CertificateEntry[] cloneCertificateEntryList()