RFC 3039 Gender - PrintableString (SIZE(1)) -- "M", "F", "m" or "f"
base implementation of MD4 family style digest as outlined in
"Handbook of Applied Cryptography", pages 344 - 347.
When the subjectAltName extension contains an Internet mail address,
the address MUST be included as an rfc822Name.
Create a General name for the given tag from the passed in String.
Construct a GeneralNames object containing one GeneralName.
Class for containing a restriction object subtrees in NameConstraints.
Constructor from a given details.
Generate an unsigned request
Generate an X509Extensions object based on the current state of the generator.
generate an X509 certificate, based on the current issuer and subject
using the default provider.
generate an X509 CRL, based on the current issuer and subject
using the default provider.
generate an X509 certificate, based on the current issuer and subject
using the default provider.
generate an X509 certificate, based on the current issuer and subject
using the default provider and the passed in source of randomness
Note: this differs from the deprecated method in that the default provider is
used - not "BC".
generate an X509 CRL, based on the current issuer and subject
using the default provider and an user defined SecureRandom object as
source of randomness.
generate an X509 certificate, based on the current issuer and subject
using the default provider, and the passed in source of randomness
(if required).
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing, and the passed in source
of randomness (if required).
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing.
generate an X509 certificate, based on the current issuer and subject
using the passed in provider for the signing.
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing.
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing, and the passed in source
of randomness (if required).
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing and the supplied source
of randomness, if required.
generate an X509 CRL, based on the current issuer and subject,
using the passed in provider for the signing.
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing and the supplied source
of randomness, if required.
fill len bytes of the output buffer with bytes generated from
the derivation function.
fill len bytes of the output buffer with bytes generated from
the derivation function.
fill len bytes of the output buffer with bytes generated from
the derivation function.
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing.
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing and the supplied source
of randomness, if required.
Generate a key parameter for use with a MAC derived from the password,
salt, and iteration count we are currently initialised with.
generate derived parameters for a key of length keySize, specifically
for use with a MAC.
Generate a key parameter for use with a MAC derived from the password,
salt, and iteration count we are currently initialised with.
Generate a key parameter for use with a MAC derived from the password,
salt, and iteration count we are currently initialised with.
Generate a key parameter for use with a MAC derived from the password,
salt, and iteration count we are currently initialised with.
Generate a key parameter derived from the password, salt, and iteration
count we are currently initialised with.
generate derived parameters for a key of length keySize.
Generate a key parameter derived from the password, salt, and iteration
count we are currently initialised with.
Generate a key parameter derived from the password, salt, and iteration
count we are currently initialised with.
Generate a key parameter derived from the password, salt, and iteration
count we are currently initialised with.
Generate a key with initialisation vector parameter derived from
the password, salt, and iteration count we are currently initialised
with.
generate derived parameters for a key of length keySize, and
an initialisation vector (IV) of length ivSize.
Generate a key with initialisation vector parameter derived from
the password, salt, and iteration count we are currently initialised
with.
Generate a key with initialisation vector parameter derived from
the password, salt, and iteration count we are currently initialised
with.
Generate a key with initialisation vector parameter derived from
the password, salt, and iteration count we are currently initialised
with.
return an AsymmetricCipherKeyPair containing the generated keys.
Given the domain parameters this routine generates an EC key
pair in accordance with X9.62 section 5.2.1 pages 26, 27.
return an AsymmetricCipherKeyPair containing the generated keys.
return an AsymmetricCipherKeyPair containing the generated keys.
which generates the p and g values from the given parameters,
returning the DHParameters object.
which generates the p and g values from the given parameters,
returning the DSAParameters object.
which generates the p and g values from the given parameters,
returning the ElGamalParameters object.
which generates the p , q and a values from the given parameters,
returning the GOST3410Parameters object.
generate a signature for the loaded message using the key we were
initialised with.
generate a signature for the loaded message using the key we were
initialised with.
generate a signature for the message we've been loaded with using
the key we were initialised with.
generate a signature for the message we've been loaded with using
the key we were initialised with.
sign the passed in message (usually the output of a hash function).
generate a signature for the given message using the key we were
initialised with.
generate a signature for the given message using the key we were
initialised with.
generate a signature for the given message using the key we were
initialised with.
generate a signature for the given message using the key we were
initialised with.
generate a signature for the given message using the key we were
initialised with.
generate an integer based working key based on our secret key
and what we processing we are planning to do.
generate an X509 certificate, based on the current issuer and subject
using the default provider "BC".
generate an X509 certificate, based on the current issuer and subject
using the default provider "BC".
generate an X509 certificate, based on the current issuer and subject
using the default provider "BC".
generate an X509 certificate, based on the current issuer and subject
using the default provider "BC".
generate an X509 certificate, based on the current issuer and subject
using the default provider "BC" and the passed in source of randomness
generate an X509 certificate, based on the current issuer and subject
using the default provider "BC" and the passed in source of randomness
generate an X509 certificate, based on the current issuer and subject
using the default provider "BC", and the passed in source of randomness
(if required).
generate an X509 certificate, based on the current issuer and subject
using the default provider "BC", and the passed in source of randomness
(if required).
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing, and the passed in source
of randomness (if required).
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing, and the passed in source
of randomness (if required).
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing.
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing.
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing, and the passed in source
of randomness (if required).
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing, and the passed in source
of randomness (if required).
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing and the supplied source
of randomness, if required.
generate an X509 certificate, based on the current issuer and subject,
using the passed in provider for the signing and the supplied source
of randomness, if required.
generate an X509 CRL, based on the current issuer and subject
using the default provider "BC".
generate an X509 CRL, based on the current issuer and subject
using the default provider "BC".
generate an X509 CRL, based on the current issuer and subject
using the default provider "BC" and an user defined SecureRandom object as
source of randomness.
generate an X509 CRL, based on the current issuer and subject
using the default provider "BC" and an user defined SecureRandom object as
source of randomness.
generate an X509 certificate, based on the current issuer and subject
using the passed in provider for the signing.
generate an X509 certificate, based on the current issuer and subject
using the passed in provider for the signing.
generate an X509 CRL, based on the current issuer and subject,
using the passed in provider for the signing.
generate an X509 CRL, based on the current issuer and subject,
using the passed in provider for the signing.
Return the first attribute matching the OBJECT IDENTIFIER oid.
Returns attribute certificates for an attribute authority
The aAcertificate holds the privileges of an attribute authority.
Returns an immutable List
of additional Bouncy Castle
Store
s used for finding CRLs, certificates, attribute
certificates or cross certificates.
return the time as an adjusted date
in the range of 1950 - 2049.
return a time string as an adjusted date with a 4 digit year.
Return the name of the algorithm the cipher implements.
Return the name of the algorithm the cipher implements.
Return the name of the algorithm the cipher implements.
Return the name of the algorithm the cipher implements.
Return the name of the algorithm the cipher implements.
Return the name of the algorithm the cipher implements.
return the algorithm name and mode.
return the algorithm name and mode.
Return the name of the algorithm the cipher implements.
Return the name of the algorithm the cipher implements.
return the algorithm name
return the algorithm name and mode.
Return the name of the algorithm the cipher implements.
Return the name of the algorithm the MAC implements.
return the algorithm name
return the algorithm name
return the algorithm name
Return the name of the algorithm the cipher implements.
return the algorithm name and mode.
Return the name of the algorithm the MAC implements.
return the algorithm name and mode.
return the algorithm name and mode.
Return the name of the algorithm the cipher implements.
Return the name of the algorithm the cipher implements.
Return the name of the algorithm the cipher implements.
Return the name of the algorithm the cipher implements.
return the algorithm name
return the algorithm name
return the algorithm name
return the algorithm name
return the algorithm name
return the algorithm name
return the algorithm name
Return the name of the algorithm the cipher implements.
Return the name of the algorithm the cipher implements.
return the name of the algorithm we are wrapping.
Return the name of the algorithm the cipher implements.
Return the name of the algorithm the cipher implements.
return the algorithm name
return the algorithm name
Return the name of the algorithm the wrapper implements.
Return the name of the algorithm the cipher implements.
Return all the attributes matching the OBJECT IDENTIFIER oid.
Returns the attribute certificate being checked.
Returns the revocation list for revoked attribute certificates for an
attribute authority
The attributeAuthorityList holds a list of AA certificates that have been
revoked.
Returns the attribute certificate which must be matched.
Returns an attribute certificate for an user.
Returns the revocation list for revoked attribute certificates.
Get the criteria for the validity.
Returns an attribute certificate for an authority
The attributeDescriptorCertificate is self signed by a source of
authority and holds a description of the privilege and its delegation
rules.
Return the attributes contained in the attribute block in the certificate.
Return the attributes contained in the attribute block in the certificate.
Return the attributes with the same type as the passed in oid.
Return the attributes with the same type as the passed in oid.
Returns the CRLs for issued certificates for other CAs matching the given
selector.
Return the block size for this cipher (in bytes).
Return the block size for this cipher (in bytes).
Return the block size for this cipher (in bytes).
Return the block size for this cipher (in bytes).
return the blocksize for the underlying cipher.
Return the block size for this cipher (in bytes).
Return the block size for this cipher (in bytes).
return the block size of the underlying cipher.
return the block size we are operating at.
Return the block size for this cipher (in bytes).
Return the block size for this cipher (in bytes).
return the block size we are operating at (in bytes).
Return the block size for this cipher (in bytes).
Return the block size for this cipher (in bytes).
return the block size we are operating at (in bytes).
return the block size we are operating at.
return the block size we are operating at.
Return the block size for this cipher (in bytes).
Return the block size for this cipher (in bytes).
Return the block size for this cipher (in bytes).
Return the block size for this cipher (in bytes).
Return the block size for this cipher (in bytes).
Return the block size for this cipher (in bytes).
Return the block size for this cipher (in bytes).
Return the block size for this cipher (in bytes).
return the amount of data sitting in the buffer.
return the ECDomainParameters object for the given OID, null if it
isn't present.
return the GOST3410ParamSetParameters object for the given OID, null if it
isn't present.
return the X9ECParameters object for the named curve represented by
the passed in object identifier.
return the X9ECParameters object for the named curve represented by
the passed in object identifier.
return the X9ECParameters object for the named curve represented by
the passed in object identifier.
Return the size in bytes of the internal buffer the digest applies it's compression
function to.
Return the size in bytes of the internal buffer the digest applies it's compression
function to.
return the correct number of bytes for a bit string defined in
a 32 bit constant
returns a vector with 0 or more objects of all the capabilities
matching the passed in capability OID.
Returns the certificate revocation lists for revoked certificates.
Get the X.509 certificates associated with this PKCS#7 object
Returns the list of certificates in this certification
path.
Return the certificates, if any associated with the response.
If the request is signed return a possibly empty CertStore containing the certificates in the
request.
Returns the certificate pair which is used for testing on equality.
Return the status object for the response - null indicates good.
Returns a copy of the Collection
.
Apply default coversion for the given value depending on the oid
and the character range of the value.
Convert the passed in String value into the appropriate ASN.1
encoded object.
Get the X.509 certificate revocation lists associated with this PKCS#7 object
Returns cross certificate pairs.
return the CRT coefficient.
return the curve along which the base point lies.
return the private value D.
return the private number D
return the private value D.
return the time as a date based on whatever a 2 digit year will return.
Returns the delta revocation list for revoked certificates.
Return the DER encoding of the object, null if the DER encoding can not be made.
return the derivation vector.
return the underlying digest.
return the underlying digest.
return the message digest used as the basis for the function
return the underlying digest.
Get the algorithm used to calculate the message digest
return the size, in bytes, of the digest produced by this message digest.
return the size, in bytes, of the digest produced by this message digest.
return the size, in bytes, of the digest produced by this message digest.
return the size, in bytes, of the digest produced by this message digest.
return the size, in bytes, of the digest produced by this message digest.
return the size, in bytes, of the digest produced by this message digest.
return the size, in bytes, of the digest produced by this message digest.
return the size, in bytes, of the digest produced by this message digest.
return the size, in bytes, of the digest produced by this message digest.
return the size, in bytes, of the digest produced by this message digest.
return the size, in bytes, of the digest produced by this message digest.
return the size, in bytes, of the digest produced by this message digest.
return the size, in bytes, of the digest produced by this message digest.
Return the distribution points making up the sequence.
return the ASN.1 encoded representation of this object.
Return a PKCS8 representation of the key.
Return a PKCS8 representation of the key.
Return a PKCS8 representation of the key.
Return a PKCS8 representation of the key.
Return a PKCS8 representation of the key.
Return a PKCS8 representation of the key.
return the ASN.1 encoded representation of this object.
return the ASN.1 encoded representation of this object.
return a DER encoded byte array representing this object
return the bytes for the PKCS7SignedData object.
Returns the encoded form of this certification path, using
the default encoding.
Return an ASN.1 encoded byte array representing the attribute certificate.
return a DER encoded byte array representing this object
Return an ASN.1 encoded byte array representing the attribute certificate.
Returns the encoded form of this certification path, using
the specified encoding.
Returns an iteration of the encodings supported by this
certification path, with the default encoding
first.
return the encoding vector.
Return any principal objects inside the attribute certificate holder entity names field.
return the extension represented by the object identifier
passed in.
extract the value of the given extension, if it exists.
return the encoding format we produce in getEncoded().
return the encoding format we produce in getEncoded().
return the encoding format we produce in getEncoded().
return the encoding format we produce in getEncoded().
return the encoding format we produce in getEncoded().
return the encoding format we produce in getEncoded().
Returns the certificate from the other CA to this CA.
Returns the certicate selector for the forward part.
return the base point we are using for these domain parameters.
Returns the base generator g
.
return the cofactor H to the order of G.
Return the holder of the certificate.
Return the holder of the certificate.
returns the largest size an input block can be.
returns the largest size an input block can be.
Return the maximum size for an input block to this engine.
return the input block size.
Returns the input block size of this algorithm.
Return the maximum size for an input block to this engine.
Return the maximum size for an input block to this engine.
return a DERBoolean from the passed in boolean.
return an Octet String from the given object.
return an ASN1Sequence from the given object.
return an ASN1Set from the given object.
return an Attribute object from the given object.
return an Attribute object from the given object.
return an Attribute object from the given object.
return a CompressedData object from the given object.
return a Bit String from the passed in object
return a BMP String from the given object.
return a boolean from the passed in object.
return an integer from the passed in object
return a generalized time from the passed in object
return a IA5 string from the passed in object
return an integer from the passed in object
return a Numeric string from the passed in object
return an OID from the passed in object
return a printable string from the passed in object.
return a T61 string from the passed in object.
return a Universal String from the passed in object.
return an UTC Time from the passed in object.
return an UTF8 string from the passed in object.
return a Visible String from the passed in object.
return an EncryptedContentInfo object from the given object.
return an EnvelopedData object from the given object.
return a KEKIdentifier object from the given object.
return a KEKRecipientInfo object from the given object.
return an KeyAgreeRecipientIdentifier object from the given object.
return a KeyAgreeRecipientInfo object from the given object.
return a KeyTransRecipientInfo object from the given object.
return an OriginatorIdentifierOrKey object from the given object.
return an OriginatorInfo object from the given object.
return an OriginatorPublicKey object from the given object.
return an OtherKeyAttribute object from the given object.
return a OtherRecipientInfo object from the given object.
return a PasswordRecipientInfo object from the given object.
return a RecipientEncryptedKey object from the given object.
return a RecipientIdentifier object from the given object.
return a RecipientKeyIdentifier object from the given object.
RoleSyntax factory method.
return a SignerIdentifier object from the given object.
return an Attribute object from the given object.
return an Octet String from a tagged object.
Return an ASN1 sequence from a tagged object.
Return an ASN1 set from a tagged object.
return a CompressedData object from a tagged object.
return a Bit String from a tagged object.
return a BMP String from a tagged object.
return a Boolean from a tagged object.
return an Enumerated from a tagged object.
return a Generalized Time object from a tagged object.
return an IA5 String from a tagged object.
return an Integer from a tagged object.
return an Numeric String from a tagged object.
return an Object Identifier from a tagged object.
return a Printable String from a tagged object.
return an T61 String from a tagged object.
return a Universal String from a tagged object.
return an UTC Time from a tagged object.
return an UTF8 String from a tagged object.
return a Visible String from a tagged object.
return an EnvelopedData object from a tagged object.
return a KEKIdentifier object from a tagged object.
return a KEKRecipientInfo object from a tagged object.
return an KeyAgreeRecipientIdentifier object from a tagged object.
return a KeyAgreeRecipientInfo object from a tagged object.
return an OriginatorIdentifierOrKey object from a tagged object.
return an OriginatorInfo object from a tagged object.
return an OriginatorPublicKey object from a tagged object.
return a OtherRecipientInfo object from a tagged object.
return a PasswordRecipientInfo object from a tagged object.
return an RecipientEncryptedKey object from a tagged object.
return a RecipientKeyIdentifier object from a tagged object.
Return a X509Name based on the passed in tagged object.
Returns an instance with the parameters of a given
PKIXParameters
object.
Generates a StreamParser object that implements the specified type.
Generates a X509StreamParser object for the specified type from the
specified provider.
Generates a X509StreamParser object for the specified type from the
specified provider.
Returns an instance of this from a X509CertSelector
.
Returns an instance of this from a X509CRLSelector
.
Return the principals associated with the issuer attached to this holder
Return the issuer details for the certificate.
Return the issuer details for the certificate.
return the issuer of the given cert as an X509PrincipalObject.
return the issuer of the given CRL as an X509PrincipalObject.
Returns the issuing distribution point.
return the iteration count.
Returns the IV or null if this parameter set does not contain an IV.
Return the private value length in bits - if set, zero otherwise (use bitLength(P) - 1).
return private value limit - l
Returns a byte array containing the mac calculated as part of the
last encrypt or decrypt operation.
return the key size in bits for the MAC used with the message
Return the block size for this MAC (in bytes).
Return the block size for this MAC (in bytes).
Get the maximum base CRL number.
Return the tagged object inside the distribution point name.
return the name of the curve the EC domain parameters belong to.
return the named curve name represented by the given object identifier.
return the named curve name represented by the given object identifier.
return the named curve name represented by the given object identifier.
return the named curve name represented by the given object identifier.
returns an enumeration containing the name strings for parameters
contained in this structure.
return an enumeration of the names of the available curves.
return an enumeration of the names of the available curves.
returns an enumeration containing the name strings for parameters
contained in this structure.
returns an enumeration containing the name strings for curves
contained in this structure.
returns an enumeration containing the name strings for curves
contained in this structure.
returns an enumeration containing the name strings for curves
contained in this structure.
return the NextUpdate value - note: this is an optional field so may
be returned as null.
Return the date after which the certificate is not valid.
Return the date after which the certificate is not valid.
Return the date before which the certificate is not valid.
Return the date before which the certificate is not valid.
return whatever was following the tag.
return the object at the sequence postion indicated by index.
return the object at the set postion indicated by index.
Return the object held in this tagged object as a parser assuming it has
the type of the passed in tag.
return the DER octets that make up this string.
return the object identifier signified by the passed in name.
return the object identifier signified by the passed in name.
return the object identifier signified by the passed in name.
return a vector of the oids in the name, in the order they were found.
returns the maximum size of the block produced by this cipher.
returns the maximum size of the block produced by this cipher.
Return the maximum size for an output block to this engine.
return the maximum possible size for the output.
Returns the output block size of this algorithm.
Return the maximum size for an output block to this engine.
Return the maximum size for an output block to this engine.
return the size of the output buffer required for an update plus a
doFinal with an input of len bytes.
return the size of the output buffer required for an update plus a
doFinal with an input of len bytes.
return the size of the output buffer required for an update plus a
doFinal with an input of len bytes.
return the minimum size of the output buffer required for an update
plus a doFinal with an input of len bytes.
Returns the prime modulus p
.
retrieve the number of pad bits in the last decoded message.
return the correct number of pad bits for a bit string defined in
a 32 bit constant
Return the name of the algorithm the cipher implements.
Return the name of the algorithm the padder implements.
Return the name of the algorithm the padder implements.
Return the name of the algorithm the padder implements.
Return the name of the algorithm the padder implements.
Return the name of the algorithm the padder implements.
Return the name of the algorithm the padder implements.
return a parameter specification representing the EC domain parameters
for the key.
return a parameter spec representing the passed in named
curve.
return a parameter spec representing the passed in named
curve.
return a parameter specification representing the EC domain parameters
for the key.
return the domain parameters for the curve
return the password byte array.
in some cases positive values get crammed into a space,
that's not quite big enough...
return the prime exponent for P.
return the prime exponent for Q.
Returns the size in bits of the prime modulus.
Return any principal objects inside the attribute certificate issuer object.
return the private key parameters.
return the local private key.
return the local private key.
return the public key parameters.
return the intended recipient's/sender's public key.
return the intended recipient's/sender's public key.
return the public exponent.
return the public exponent.
return the public key associated with the certification request -
the public key is created using the BC provider.
for when the public key is an encoded object - if the bitstring
can't be decoded this routine throws an IOException.
for when the public key is raw bits...
return the public point Q
return the public point q
return the public point Q
return the random source associated with this
generator.
Return a reference to the recoveredMessage message.
Return a reference to the recoveredMessage message.
Returns a reference to what message was recovered (if any).
Return the certificate from this CA to the other CA.
Returns the certicate selector for the reverse part.
return the revocation reason.
Gets the role authority of this RoleSyntax.
Gets the role authority as a String[]
object.
Gets the role name of this RoleSyntax.
Gets the role name as a java.lang.String
object.
return the salt byte array.
Return the S-Box associated with SBoxName
return the seed used to generate this curve (if available).
Return the serial number associated with the issuer attached to this holder.
return the serial number for the certificate associated
with this request.
Return the serial number for the certificate.
Return the serial number for the certificate.
return a more "meaningful" representation for the signature algorithm used in
the certficate.
return the object identifier for the signature.
return the signature parameters, or null if there aren't any.
Return an iterator of the signature names supported by the generator.
Return an iterator of the signature names supported by the generator.
Return an iterator of the signature names supported by the generator.
Return an iterator of the signature names supported by the generator.
Return an iterator of the signature names supported by the generator.
Return an iterator of the signature names supported by the generator.
return the object identifier representing the signature algorithm
Get the X.509 certificate actually used to sign the digest.
Get the version of the PKCS#7 "SignerInfo" object.
Returns an immutable List
of Bouncy Castle
Store
s used for finding CRLs, certificates, attribute
certificates or cross certificates.
return the bit strength for keys produced by this generator,
Returns the stored String
object.
Return the UTF8STRING at index i.
return the subject of the given cert as an X509PrincipalObject.
Returns the required constraints on the target certificate or attribute
certificate.
Return the DER encoding of the tbsRequest field.
Return the DER encoding of the tbsResponseData field.
return the time - always in the form of
YYYYMMDDhhmmssGMT(+hh:mm|-hh:mm).
return the time - always in the form of
YYMMDDhhmmssGMT(+hh:mm|-hh:mm).
Return the tag number applying to the underlying choice.
return the underlying cipher for the buffer.
return the cipher this object wraps.
return the underlying block cipher that we are wrapping.
return the underlying block cipher that we are wrapping.
return the underlying block cipher that we are wrapping.
return the underlying block cipher that we are wrapping.
return the underlying block cipher that we are wrapping.
return the underlying block cipher that we are wrapping.
return the underlying block cipher that we are wrapping.
return the underlying block cipher that we are wrapping.
return the size of the output buffer required for an update
an input of len bytes.
return the size of the output buffer required for an update
an input of len bytes.
return the size of the output buffer required for an update
an input of len bytes.
return the size of the output buffer required for an update
an input of len bytes.
Returns end certificates.
return a vector of the values found in the name, in the order they
were found.
return a vector of the values found in the name, in the order they
were found, with the DN label corresponding to passed in oid.
Get the version of the PKCS#7 object.
Return the version number for the certificate.
Return the version number for the certificate.
Returns the private value x
.
Returns the private key x
.
Returns the public value y
.
Returns the public key y
.
implements the GOST 28147 OFB counter mode (GCTR).
implementation of GOST 28147-89
implementation of GOST 28147-89 MAC
A parameter spec for the GOST-28147 cipher.
basic test class for the GOST28147 cipher
Main interface for a GOST 3410-94 key.
a GOST3410 key pair generator.
table of the available named parameters for GOST 3410-94.
generate suitable parameters for GOST3410.
ParameterSpec for a GOST 3410-94 key.
This class specifies a GOST3410-94 private key with its associated parameters.
Creates a new GOST3410PrivateKeySpec with the specified parameter values.
ParameterSpec for a GOST 3410-94 key parameters.
Creates a new GOST3410ParameterSpec with the specified parameter values.
This class specifies a GOST3410-94 public key with its associated parameters.
Creates a new GOST3410PublicKeySpec with the specified parameter values.
GOST R 34.10-94 Signature Algorithm
utility class for converting jce/jca GOST3410-94 objects
objects into their org.bouncycastle.crypto counterparts.
implementation of GOST R 34.11-94
return the number of pad bytes present in the block.
return the number of pad bytes present in the block.
return the number of pad bytes present in the block.
return the number of pad bytes present in the block.
return the number of pad bytes present in the block.
return the number of pad bytes present in the block.
return the number of pad bytes present in the block.
A wrapper class that allows block ciphers to be used to process data in
a piecemeal fashion with PKCS5/PKCS7 padding.
Create a buffered block cipher with, or without, padding.
A wrapper class that allows block ciphers to be used to process data in
a piecemeal fashion with padding.
Create a buffered block cipher PKCS7 padding
Create a buffered block cipher with the desired padding.
Cipher parameters with a fixed salt value associated with them.
Parse the ServerCertificate message.
call back to allow a password to be fetched when one is requested.
PBE - interface org.bouncycastle.jce.provider.
PBE super class for all Password Based Encryption (PBE) parameter generator classes.
test out the various PBE modes, making sure the JCE implementations
are compatible woth the light weight ones.
PBEWithMD5And128BitAES-OpenSSL
PBEWithMD5And192BitAES-OpenSSL
PBEWithMD5And256BitAES-OpenSSL
PBEWithSHA256And128BitAES-BC
PBEWithSHA256And192BitAES-BC
PBEWithSHA256And256BitAES-BC
PBEWithSHA1And128BitAES-BC
PBEWithSHAAnd128BitRC2-CBC
PBEWithSHAAnd128BitRC2-CBC
PBEWithSHA1And192BitAES-BC
PBEWithSHA1And256BitAES-BC
PBEWithSHAAnd40BitRC2-CBC
PBEWithSHAAnd40BitRC2-CBC
PBEWithSHAAnd2-KeyTripleDES-CBC
PBEWithSHAAnd2-KeyTripleDES-CBC
PBEWithSHAAnd3-KeyTripleDES-CBC
PBEWithSHAAnd3-KeyTripleDES-CBC
Class for reading OpenSSL PEM encoded streams containing
X509 certificates, PKCS8 encoded keys and PKCS7 objects.
Create a new PEMReader with a password finder
Create a new PEMReader with a password finder
General purpose writer for OpenSSL PEM objects.
Pfx - class org.bouncycastle.asn1.pkcs.
Pfx the infamous Pfx from PKCS12
Implements OpenPGP's rather strange version of Cipher-FeedBack (CFB) mode on top of a simple cipher.
A class for verifying and creating PKCS10 Certification requests.
construct a PKCS10 certification request from a DER encoded
byte stream.
create a PKCS10 certfication request using the BC provider.
create a PKCS10 certfication request using the named provider.
create a PKCS10 certfication request using the BC provider.
create a PKCS10 certfication request using the named provider.
PKCS12 - static field in class org.bouncycastle.jce.provider.
PBE allow us to set attributes on objects that can go into a PKCS12 store.
Example of how to set up a certificiate chain and a PKCS 12 store for
a private individual - obviously you'll need to generate your own keys,
and you may need to add a NetscapeCertType extension or add a key
usage extension depending on your application, but you should get the
idea!
Generator for PBE derived keys and ivs as defined by PKCS 12 V1.0.
Construct a PKCS 12 Parameters generator.
converts a password to a byte array according to the scheme in
PKCS12 (unicode, big endian, 2 zero pad bytes at the end).
Exercise the various key stores, making sure we at least get back what we put in!
this does your basic PKCS 1 v1.5 padding - whether or not you should be using this
depends on your application - see PKCS1 Version 2 for details.
converts a password to a byte array according to the scheme in
PKCS5 (ascii, no padding)
PKCS5S1 - static field in class org.bouncycastle.jce.provider.
PBE Generator for PBE derived keys and ivs as defined by PKCS 5 V2.0 Scheme 1.
Construct a PKCS 5 Scheme 1 Parameters generator.
PKCS5S2 - static field in class org.bouncycastle.jce.provider.
PBE Generator for PBE derived keys and ivs as defined by PKCS 5 V2.0 Scheme 2.
construct a PKCS5 Scheme 2 Parameters generator.
A padder that adds PKCS7/PKCS5 padding to a block.
Represents a PKCS#7 object - specifically the "Signed Data"
type.
Read an existing PKCS#7 object from a DER encoded byte array using
the BC provider.
Read an existing PKCS#7 object from a DER encoded byte array
Create a new PKCS#7 object from the specified key.
Create a new PKCS#7 object from the specified key using the BC provider.
Create a new PKCS#7 object from the specified key.
PKIFailureInfo ::= BIT STRING {
badAlg (0),
-- unrecognized or unsupported Algorithm Identifier
badMessageCheck (1), -- integrity check failed (e.g., signature did not verify)
badRequest (2),
-- transaction not permitted or supported
badTime (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
badCertId (4), -- no certificate could be found matching the provided criteria
badDataFormat (5),
-- the data submitted has the wrong format
wrongAuthority (6), -- the authority indicated in the request is different from the one creating the response token
incorrectData (7), -- the requester's data is incorrect (for notary services)
missingTimeStamp (8), -- when the timestamp is missing but should be there (by policy)
badPOP (9) -- the proof-of-possession failed
timeNotAvailable (14),
-- the TSA's time source is not available
unacceptedPolicy (15),
-- the requested TSA policy is not supported by the TSA
unacceptedExtension (16),
-- the requested extension is not supported by the TSA
addInfoNotAvailable (17)
-- the additional information requested could not be understood
-- or is not available
systemFailure (25)
-- the request cannot be handled due to system failure
This is the default PKIX validity model.
CertPath implementation for X.509 certificates.
Implements the PKIX CertPathBuilding algorithem for BouncyCastle.
CertPathValidatorSpi implemenation for X.509 Certificate validation ala rfc 3280
RFC 3039 PlaceOfBirth - DirectoryString(SIZE(1..128)
PolicyMappings V3 extension, described in RFC3280.
Creates a new PolicyMappings
instance.
Creates a new PolicyMappings
instance.
PolicyQualifierId, used in the CertificatePolicies
X509V3 extension.
Policy qualifiers, used in the X509V3 CertificatePolicies
extension.
Creates a new PolicyQualifierInfo
instance.
Creates a new PolicyQualifierInfo
instance.
Creates a new PolicyQualifierInfo
containing a
cPSuri qualifier.
RFC 3039 PostalAddress - SEQUENCE SIZE (1..6) OF
DirectoryString(SIZE(1..30))
postalCode - DirectoryString(SIZE(1..40)
a utility class that will extract X509Principal objects from X.509 certificates.
Factory for creating private key objects from PKCS8 PrivateKeyInfo objects.
PrivateKeyUsagePeriod ::= SEQUENCE {
notBefore [0] GeneralizedTime OPTIONAL,
notAfter [1] GeneralizedTime OPTIONAL }
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
Process one block of input from the array in and write it to
the out array.
process the block of len bytes stored in in from offset inOff.
Process a single block using the basic ElGamal algorithm.
Process a single Block using the Naccache-Stern algorithm.
Process a single block using the basic RSA algorithm.
Process a single block using the basic RSA algorithm.
add another byte for processing.
process a single byte, producing an output block if neccessary.
process a single byte, producing an output block if neccessary.
process a single byte, producing an output block if neccessary.
process a single byte, producing an output block if neccessary.
add len bytes to the buffer for processing.
process an array of bytes, producing output if necessary.
process an array of bytes, producing output if necessary.
process an array of bytes, producing output if necessary.
process an array of bytes, producing output if necessary.
process a block of bytes from in putting the result into out.
process a block of bytes from in putting the result into out.
Convenience Method for data exchange with the cipher.
A permission class to define what can be done with the ConfigurableProvider interface.
RFC 3039 Pseudonym - DirectoryString(SIZE(1..64)
RSA-PSS as described in PKCS# 1 v 2.1.
This is designed to parse
the PublicKeyAndChallenge created by the KEYGEN tag included by
Mozilla based browsers.
Factory to create asymmetric public key parameters for asymmetric ciphers
from range of ASN.1 encoded SubjectPublicKeyInfo objects.
T - static field in class org.bouncycastle.asn1.x509.
X509Name Title
A padder that adds Trailing-Bit-Compliment padding to a block.
The TBSCertificate object.
PKIX RFC-2459 - TBSCertList object.
Create an instance of the TEA encryption algorithm
and set some defaults
A thread based seed generator - one source of randomness.
TIGER - static field in class org.bouncycastle.jce.provider.
PBE Time - class org.bouncycastle.asn1.cms.
Time Time - class org.bouncycastle.asn1.x509.
Time creates a time object from a given date - if the date is between 1950
and 2049 a UTCTime object is generated, otherwise a GeneralizedTime
is used.
creates a time object from a given date - if the date is between 1950
and 2049 a UTCTime object is generated, otherwise a GeneralizedTime
is used.
A generic TLS 1.0 block cipher suite.
A generic class for ciphersuites in TLS 1.0.
A manager for ciphersuite.
An InputStream for an TLS 1.0 connection.
A generic TLS MAC implementation, which can be used with any kind of
Digest to act as an HMAC.
Generate a new instance of an TlsMac.
A NULL CipherSuite in java, this should only be used during handshake.
An OutputStream for an TLS connection.
An implementation of all high level protocols in TLS 1.0.
Some helper fuctions for MicroTLS.
Accuracy ::= SEQUENCE {
seconds INTEGER OPTIONAL,
millis [0] INTEGER (1..999) OPTIONAL,
micros [1] INTEGER (1..999) OPTIONAL
}
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
PolicyInformation ::= SEQUENCE {
policyIdentifier CertPolicyId,
policyQualifiers SEQUENCE SIZE (1..MAX) OF
PolicyQualifierInfo OPTIONAL }
CertPolicyId ::= OBJECT IDENTIFIER
PolicyQualifierInfo ::= SEQUENCE {
policyQualifierId PolicyQualifierId,
qualifier ANY DEFINED BY policyQualifierId }
PolicyQualifierId ::=
OBJECT IDENTIFIER (id-qt-cps | id-qt-unotice)
Produce an object suitable for an ASN1OutputStream.
CommitmentTypeIndication ::= SEQUENCE {
commitmentTypeId CommitmentTypeIdentifier,
commitmentTypeQualifier SEQUENCE SIZE (1..MAX) OF
CommitmentTypeQualifier OPTIONAL }
Returns a DER-encodable representation of this instance.
ContentHints ::= SEQUENCE {
contentDescription UTF8String (SIZE (1..MAX)) OPTIONAL,
contentType ContentType }
The definition of ContentIdentifier is
ContentIdentifier ::= OCTET STRING
id-aa-contentIdentifier OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
smime(16) id-aa(2) 7 }
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
ECPrivateKey ::= SEQUENCE {
version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
privateKey OCTET STRING,
parameters [0] Parameters OPTIONAL,
publicKey [1] BIT STRING OPTIONAL }
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
ESSCertID ::= SEQUENCE {
certHash Hash,
issuerSerial IssuerSerial OPTIONAL }
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Gost28147-89-Parameters ::=
SEQUENCE {
iv Gost28147-89-IV,
encryptionParamSet OBJECT IDENTIFIER
}
Gost28147-89-IV ::= OCTET STRING (SIZE (8))
Produce an object suitable for an ASN1OutputStream.
IetfAttrSyntax ::= SEQUENCE {
policyAuthority [0] GeneralNames OPTIONAL,
values SEQUENCE OF CHOICE {
octets OCTET STRING,
oid OBJECT IDENTIFIER,
string UTF8String
}
}
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
MessageImprint ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
hashedMessage OCTET STRING }
Describe toASN1Object
method here.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
OtherCertID ::= SEQUENCE {
otherCertHash OtherHash,
issuerSerial IssuerSerial OPTIONAL }
OtherHash ::= CHOICE {
sha1Hash OCTET STRING,
otherHash OtherHashAlgAndValue }
OtherHashAlgAndValue ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
hashValue OCTET STRING }
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
The definition of OtherSigningCertificate is
OtherSigningCertificate ::= SEQUENCE {
certs SEQUENCE OF OtherCertID,
policies SEQUENCE OF PolicyInformation OPTIONAL
}
id-aa-otherSigCert OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
smime(16) id-aa(2) 19 }
Produce an object suitable for an ASN1OutputStream.
PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
PKIStatusInfo ::= SEQUENCE {
status PKIStatus, (INTEGER)
statusString PKIFreeText OPTIONAL,
failInfo PKIFailureInfo OPTIONAL (BIT STRING)
}
PKIStatus:
granted (0), -- you got exactly what you asked for
grantedWithMods (1), -- you got something like what you asked for
rejection (2), -- you don't get it, more information elsewhere in the message
waiting (3), -- the request body part has not yet been processed, expect to hear more later
revocationWarning (4), -- this message contains a warning that a revocation is imminent
revocationNotification (5), -- notification that a revocation has occurred
keyUpdateWarning (6) -- update already done for the oldCertId specified in CertReqMsg
PKIFailureInfo:
badAlg (0), -- unrecognized or unsupported Algorithm Identifier
badMessageCheck (1), -- integrity check failed (e.g., signature did not verify)
badRequest (2), -- transaction not permitted or supported
badTime (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
badCertId (4), -- no certificate could be found matching the provided criteria
badDataFormat (5), -- the data submitted has the wrong format
wrongAuthority (6), -- the authority indicated in the request is different from the one creating the response token
incorrectData (7), -- the requester's data is incorrect (for notary services)
missingTimeStamp (8), -- when the timestamp is missing but should be there (by policy)
badPOP (9) -- the proof-of-possession failed
Returns a DER-encodable representation of this instance.
write out an RSA private key with it's asscociated information
as described in PKCS8.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Implementation of the method toASN1Object
as
required by the superclass ASN1Encodable
.
RSAES-OAEP-params ::= SEQUENCE {
hashAlgorithm [0] OAEP-PSSDigestAlgorithms DEFAULT sha1,
maskGenAlgorithm [1] PKCS1MGFAlgorithms DEFAULT mgf1SHA1,
pSourceAlgorithm [2] PKCS1PSourceAlgorithms DEFAULT pSpecifiedEmpty
}
OAEP-PSSDigestAlgorithms ALGORITHM-IDENTIFIER ::= {
{ OID id-sha1 PARAMETERS NULL }|
{ OID id-sha256 PARAMETERS NULL }|
{ OID id-sha384 PARAMETERS NULL }|
{ OID id-sha512 PARAMETERS NULL },
...
This outputs the key in PKCS1v2 format.
This outputs the key in PKCS1v2 format.
RSASSA-PSS-params ::= SEQUENCE {
hashAlgorithm [0] OAEP-PSSDigestAlgorithms DEFAULT sha1,
maskGenAlgorithm [1] PKCS1MGFAlgorithms DEFAULT mgf1SHA1,
saltLength [2] INTEGER DEFAULT 20,
trailerField [3] TrailerField DEFAULT trailerFieldBC
}
OAEP-PSSDigestAlgorithms ALGORITHM-IDENTIFIER ::= {
{ OID id-sha1 PARAMETERS NULL }|
{ OID id-sha256 PARAMETERS NULL }|
{ OID id-sha384 PARAMETERS NULL }|
{ OID id-sha512 PARAMETERS NULL },
...
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
SignerLocation ::= SEQUENCE {
countryName [0] DirectoryString OPTIONAL,
localityName [1] DirectoryString OPTIONAL,
postalAddress [2] PostalAddress OPTIONAL }
PostalAddress ::= SEQUENCE SIZE(1..6) OF DirectoryString
DirectoryString ::= CHOICE {
teletexString TeletexString (SIZE (1..MAX)),
printableString PrintableString (SIZE (1..MAX)),
universalString UniversalString (SIZE (1..MAX)),
utf8String UTF8String (SIZE (1..
The definition of SigningCertificate is
SigningCertificate ::= SEQUENCE {
certs SEQUENCE OF ESSCertID,
policies SEQUENCE OF PolicyInformation OPTIONAL
}
id-aa-signingCertificate OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
smime(16) id-aa(2) 12 }
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
TimeStampReq ::= SEQUENCE {
version INTEGER { v1(1) },
messageImprint MessageImprint,
--a hash algorithm OID and the hash value of the data to be
--time-stamped
reqPolicy TSAPolicyId OPTIONAL,
nonce INTEGER OPTIONAL,
certReq BOOLEAN DEFAULT FALSE,
extensions [0] IMPLICIT Extensions OPTIONAL
}
TimeStampResp ::= SEQUENCE {
status PKIStatusInfo,
timeStampToken TimeStampToken OPTIONAL }
TSTInfo ::= SEQUENCE {
version INTEGER { v1(1) },
policy TSAPolicyId,
messageImprint MessageImprint,
-- MUST have the same value as the similar field in
-- TimeStampReq
serialNumber INTEGER,
-- Time-Stamping users MUST be ready to accommodate integers
-- up to 160 bits.
Produce an object suitable for an ASN1OutputStream.
Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
Extension ::= SEQUENCE {
extnId EXTENSION.&id ({ExtensionSet}),
critical BOOLEAN DEFAULT FALSE,
extnValue OCTET STRING }
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce an object suitable for an ASN1OutputStream.
Produce a DER encoding of the following structure.
Returns a formatted string describing the parameters.
Returns a string representation of this CRL.
convert the structure to a string - if reverse is true the
oids and values are listed out starting with the last element
in the sequence (ala RFC 2253), otherwise the string will begin
with the first element of the structure.
A class that provides Twofish encryption operations.
The TypeOfBiometricData object.