本文整理汇总了Java中org.bouncycastle.crypto.params.AsymmetricKeyParameter.isPrivate方法的典型用法代码示例。如果您正苦于以下问题:Java AsymmetricKeyParameter.isPrivate方法的具体用法?Java AsymmetricKeyParameter.isPrivate怎么用?Java AsymmetricKeyParameter.isPrivate使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.bouncycastle.crypto.params.AsymmetricKeyParameter的用法示例。
在下文中一共展示了AsymmetricKeyParameter.isPrivate方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: DefaultTlsEncryptionCredentials
import org.bouncycastle.crypto.params.AsymmetricKeyParameter; //导入方法依赖的package包/类
public DefaultTlsEncryptionCredentials(TlsContext context, Certificate certificate,
AsymmetricKeyParameter privateKey)
{
if (certificate == null)
{
throw new IllegalArgumentException("'certificate' cannot be null");
}
if (certificate.isEmpty())
{
throw new IllegalArgumentException("'certificate' cannot be empty");
}
if (privateKey == null)
{
throw new IllegalArgumentException("'privateKey' cannot be null");
}
if (!privateKey.isPrivate())
{
throw new IllegalArgumentException("'privateKey' must be private");
}
if (privateKey instanceof RSAKeyParameters)
{
}
else
{
throw new IllegalArgumentException("'privateKey' type not supported: "
+ privateKey.getClass().getName());
}
this.context = context;
this.certificate = certificate;
this.privateKey = privateKey;
}
示例2: DefaultTlsEncryptionCredentials
import org.bouncycastle.crypto.params.AsymmetricKeyParameter; //导入方法依赖的package包/类
public DefaultTlsEncryptionCredentials(TlsContext context, Certificate certificate,
AsymmetricKeyParameter privateKey)
{
if (certificate == null)
{
throw new IllegalArgumentException("'certificate' cannot be null");
}
if (certificate.isEmpty())
{
throw new IllegalArgumentException("'certificate' cannot be empty");
}
if (privateKey == null)
{
throw new IllegalArgumentException("'privateKey' cannot be null");
}
if (!privateKey.isPrivate())
{
throw new IllegalArgumentException("'privateKey' must be private");
}
if (privateKey instanceof RSAKeyParameters)
{
}
else
{
throw new IllegalArgumentException("'privateKey' type not supported: "
+ privateKey.getClass().getName());
}
this.context = context;
this.certificate = certificate;
this.privateKey = privateKey;
}
示例3: getClientCertificateType
import org.bouncycastle.crypto.params.AsymmetricKeyParameter; //导入方法依赖的package包/类
static short getClientCertificateType(Certificate clientCertificate, Certificate serverCertificate)
throws IOException
{
if (clientCertificate.isEmpty())
{
return -1;
}
org.bouncycastle.asn1.x509.Certificate x509Cert = clientCertificate.getCertificateAt(0);
SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo();
try
{
AsymmetricKeyParameter publicKey = PublicKeyFactory.createKey(keyInfo);
if (publicKey.isPrivate())
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
/*
* TODO RFC 5246 7.4.6. The certificates MUST be signed using an acceptable hash/
* signature algorithm pair, as described in Section 7.4.4. Note that this relaxes the
* constraints on certificate-signing algorithms found in prior versions of TLS.
*/
/*
* RFC 5246 7.4.6. Client Certificate
*/
/*
* RSA public key; the certificate MUST allow the key to be used for signing with the
* signature scheme and hash algorithm that will be employed in the certificate verify
* message.
*/
if (publicKey instanceof RSAKeyParameters)
{
validateKeyUsage(x509Cert, KeyUsage.digitalSignature);
return ClientCertificateType.rsa_sign;
}
/*
* DSA public key; the certificate MUST allow the key to be used for signing with the
* hash algorithm that will be employed in the certificate verify message.
*/
if (publicKey instanceof DSAPublicKeyParameters)
{
validateKeyUsage(x509Cert, KeyUsage.digitalSignature);
return ClientCertificateType.dss_sign;
}
/*
* ECDSA-capable public key; the certificate MUST allow the key to be used for signing
* with the hash algorithm that will be employed in the certificate verify message; the
* public key MUST use a curve and point format supported by the server.
*/
if (publicKey instanceof ECPublicKeyParameters)
{
validateKeyUsage(x509Cert, KeyUsage.digitalSignature);
// TODO Check the curve and point format
return ClientCertificateType.ecdsa_sign;
}
// TODO Add support for ClientCertificateType.*_fixed_*
}
catch (Exception e)
{
}
throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
}
示例4: DefaultTlsSignerCredentials
import org.bouncycastle.crypto.params.AsymmetricKeyParameter; //导入方法依赖的package包/类
public DefaultTlsSignerCredentials(TlsContext context, Certificate certificate, AsymmetricKeyParameter privateKey)
{
if (certificate == null)
{
throw new IllegalArgumentException("'certificate' cannot be null");
}
if (certificate.isEmpty())
{
throw new IllegalArgumentException("'certificate' cannot be empty");
}
if (privateKey == null)
{
throw new IllegalArgumentException("'privateKey' cannot be null");
}
if (!privateKey.isPrivate())
{
throw new IllegalArgumentException("'privateKey' must be private");
}
if (privateKey instanceof RSAKeyParameters)
{
this.signer = new TlsRSASigner();
}
else if (privateKey instanceof DSAPrivateKeyParameters)
{
this.signer = new TlsDSSSigner();
}
else if (privateKey instanceof ECPrivateKeyParameters)
{
this.signer = new TlsECDSASigner();
}
else
{
throw new IllegalArgumentException("'privateKey' type not supported: " + privateKey.getClass().getName());
}
this.signer.init(context);
this.context = context;
this.certificate = certificate;
this.privateKey = privateKey;
}
示例5: isValidPublicKey
import org.bouncycastle.crypto.params.AsymmetricKeyParameter; //导入方法依赖的package包/类
public boolean isValidPublicKey(AsymmetricKeyParameter publicKey)
{
return publicKey instanceof RSAKeyParameters && !publicKey.isPrivate();
}
示例6: getClientCertificateType
import org.bouncycastle.crypto.params.AsymmetricKeyParameter; //导入方法依赖的package包/类
static short getClientCertificateType(Certificate clientCertificate, Certificate serverCertificate)
throws IOException
{
if (clientCertificate.isEmpty())
{
return -1;
}
org.bouncycastle.asn1.x509.Certificate x509Cert = clientCertificate.getCertificateAt(0);
SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo();
try
{
AsymmetricKeyParameter publicKey = PublicKeyFactory.createKey(keyInfo);
if (publicKey.isPrivate())
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
/*
* TODO RFC 5246 7.4.6. The certificates MUST be signed using an acceptable hash/
* signature algorithm pair, as described in Section 7.4.4. Note that this relaxes the
* constraints on certificate-signing algorithms found in prior versions of TLS.
*/
/*
* RFC 5246 7.4.6. Client Certificate
*/
/*
* RSA public key; the certificate MUST allow the key to be used for signing with the
* signature scheme and hash algorithm that will be employed in the certificate verify
* message.
*/
if (publicKey instanceof RSAKeyParameters)
{
validateKeyUsage(x509Cert, KeyUsage.digitalSignature);
return ClientCertificateType.rsa_sign;
}
/*
* DSA public key; the certificate MUST allow the key to be used for signing with the
* hash algorithm that will be employed in the certificate verify message.
*/
if (publicKey instanceof DSAPublicKeyParameters)
{
validateKeyUsage(x509Cert, KeyUsage.digitalSignature);
return ClientCertificateType.dss_sign;
}
/*
* ECDSA-capable public key; the certificate MUST allow the key to be used for signing
* with the hash algorithm that will be employed in the certificate verify message; the
* public key MUST use a curve and point format supported by the server.
*/
if (publicKey instanceof ECPublicKeyParameters)
{
validateKeyUsage(x509Cert, KeyUsage.digitalSignature);
// TODO Check the curve and point format
return ClientCertificateType.ecdsa_sign;
}
// TODO Add support for ClientCertificateType.*_fixed_*
throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
}
catch (Exception e)
{
throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
}
}
示例7: DefaultTlsSignerCredentials
import org.bouncycastle.crypto.params.AsymmetricKeyParameter; //导入方法依赖的package包/类
public DefaultTlsSignerCredentials(TlsContext context, Certificate certificate, AsymmetricKeyParameter privateKey,
SignatureAndHashAlgorithm signatureAndHashAlgorithm)
{
if (certificate == null)
{
throw new IllegalArgumentException("'certificate' cannot be null");
}
if (certificate.isEmpty())
{
throw new IllegalArgumentException("'certificate' cannot be empty");
}
if (privateKey == null)
{
throw new IllegalArgumentException("'privateKey' cannot be null");
}
if (!privateKey.isPrivate())
{
throw new IllegalArgumentException("'privateKey' must be private");
}
if (TlsUtils.isTLSv12(context) && signatureAndHashAlgorithm == null)
{
throw new IllegalArgumentException("'signatureAndHashAlgorithm' cannot be null for (D)TLS 1.2+");
}
if (privateKey instanceof RSAKeyParameters)
{
this.signer = new TlsRSASigner();
}
else if (privateKey instanceof DSAPrivateKeyParameters)
{
this.signer = new TlsDSSSigner();
}
else if (privateKey instanceof ECPrivateKeyParameters)
{
this.signer = new TlsECDSASigner();
}
else
{
throw new IllegalArgumentException("'privateKey' type not supported: " + privateKey.getClass().getName());
}
this.signer.init(context);
this.context = context;
this.certificate = certificate;
this.privateKey = privateKey;
this.signatureAndHashAlgorithm = signatureAndHashAlgorithm;
}