BouncyCastleSecurityProviderTool (LittleProxy MITM Module 2.1.0 API)

java.lang.Object
- net.lightbody.bmp.mitm.tools.BouncyCastleSecurityProviderTool

All Implemented Interfaces:: SecurityProviderTool

public class BouncyCastleSecurityProviderTool
extends Object
implements SecurityProviderTool

Constructor Summary

Constructors
Constructor and Description

BouncyCastleSecurityProviderTool()

Constructors
Constructor and Description
`BouncyCastleSecurityProviderTool()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`CertificateAndKey`	`createCARootCertificate(CertificateInfo certificateInfo, KeyPair keyPair, String messageDigest)` Creates a new self-signed CA root certificate, suitable for use signing new server certificates.
`KeyStore`	`createRootCertificateKeyStore(String keyStoreType, CertificateAndKey rootCertificateAndKey, String privateKeyAlias, String password)` Assembles a Java KeyStore containing a CA root certificate and its private key.
`CertificateAndKey`	`createServerCertificate(CertificateInfo certificateInfo, X509Certificate caRootCertificate, PrivateKey caPrivateKey, KeyPair serverKeyPair, String messageDigest)` Creates a new server X.509 certificate using the serverKeyPair.
`KeyStore`	`createServerKeyStore(String keyStoreType, CertificateAndKey serverCertificateAndKey, X509Certificate rootCertificate, String privateKeyAlias, String password)` Assembles a Java KeyStore containing a server's certificate, private key, and the certificate authority's certificate, which can be used to create an `SSLContext`.
`X509Certificate`	`decodePemEncodedCertificate(Reader certificateReader)` Decodes a PEM-encoded X.509 Certificate into a `X509Certificate`.
`PrivateKey`	`decodePemEncodedPrivateKey(Reader privateKeyReader, String password)` Decodes a PEM-encoded private key into a `PrivateKey`.
`String`	`encodeCertificateAsPem(Certificate certificate)` Encodes a certificate in PEM format.
`String`	`encodePrivateKeyAsPem(PrivateKey privateKey, String passwordForPrivateKey, String encryptionAlgorithm)` Encodes a private key in PEM format, encrypting it with the specified password.
`KeyManager[]`	`getKeyManagers(KeyStore keyStore, String keyStorePassword)` Retrieve the KeyManagers for the specified KeyStore.
`KeyStore`	`loadKeyStore(File file, String keyStoreType, String password)` Loads a Java KeyStore object from a file.
`void`	`saveKeyStore(File file, KeyStore keyStore, String keystorePassword)` Saves a Java KeyStore to a file, protecting it with the specified password.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - BouncyCastleSecurityProviderTool
```
public BouncyCastleSecurityProviderTool()
```
- Method Detail
  - createServerCertificate
```
public CertificateAndKey createServerCertificate(CertificateInfo certificateInfo,
                                                 X509Certificate caRootCertificate,
                                                 PrivateKey caPrivateKey,
                                                 KeyPair serverKeyPair,
                                                 String messageDigest)
```
    Description copied from interface: SecurityProviderTool
    
    Creates a new server X.509 certificate using the serverKeyPair. The new certificate will be populated with information from the specified certificateInfo and will be signed using the specified caPrivateKey and messageDigest.
    
    Specified by:
    
    createServerCertificate in interface SecurityProviderTool
    
    Parameters:
    
    certificateInfo - basic X.509 certificate info that will be used to create the server certificate
    
    caRootCertificate - root certificate that will be used to populate the issuer field of the server certificate
    
    caPrivateKey - root certificate private key that will be used to sign the server certificate
    
    serverKeyPair - server's public and private keys
    
    messageDigest - message digest to use when signing the server certificate, such as SHA512
    
    Returns:
    
    a new server certificate and its private key
  - createServerKeyStore
```
public KeyStore createServerKeyStore(String keyStoreType,
                                     CertificateAndKey serverCertificateAndKey,
                                     X509Certificate rootCertificate,
                                     String privateKeyAlias,
                                     String password)
```
    Description copied from interface: SecurityProviderTool
    
    Assembles a Java KeyStore containing a server's certificate, private key, and the certificate authority's certificate, which can be used to create an SSLContext.
    
    Specified by:
    
    createServerKeyStore in interface SecurityProviderTool
    
    Parameters:
    
    keyStoreType - the KeyStore type, such as JKS or PKCS12
    
    serverCertificateAndKey - certificate and private key for the server, which will be placed in the KeyStore
    
    rootCertificate - CA root certificate of the private key that signed the server certificate
    
    privateKeyAlias - alias to assign the private key (with accompanying certificate chain) to in the KeyStore
    
    password - password for the new KeyStore and private key
    
    Returns:
    
    a new KeyStore with the server's certificate and password-protected private key
  - createRootCertificateKeyStore
```
public KeyStore createRootCertificateKeyStore(String keyStoreType,
                                              CertificateAndKey rootCertificateAndKey,
                                              String privateKeyAlias,
                                              String password)
```
    Description copied from interface: SecurityProviderTool
    
    Assembles a Java KeyStore containing a CA root certificate and its private key.
    
    Specified by:
    
    createRootCertificateKeyStore in interface SecurityProviderTool
    
    Parameters:
    
    keyStoreType - the KeyStore type, such as JKS or PKCS12
    
    rootCertificateAndKey - certification authority's root certificate and private key, which will be placed in the KeyStore
    
    privateKeyAlias - alias to assign the private key (with accompanying certificate chain) to in the KeyStore
    
    password - password for the new KeyStore and private key
    
    Returns:
    
    a new KeyStore with the root certificate and password-protected private key
  - createCARootCertificate
```
public CertificateAndKey createCARootCertificate(CertificateInfo certificateInfo,
                                                 KeyPair keyPair,
                                                 String messageDigest)
```
    Description copied from interface: SecurityProviderTool
    
    Creates a new self-signed CA root certificate, suitable for use signing new server certificates.
    
    Specified by:
    
    createCARootCertificate in interface SecurityProviderTool
    
    Parameters:
    
    certificateInfo - certificate info to populate in the new root cert
    
    keyPair - root certificate's public and private keys
    
    messageDigest - digest to use when signing the new root certificate, such as SHA512
    
    Returns:
    
    a new root certificate and private key
  - encodePrivateKeyAsPem
```
public String encodePrivateKeyAsPem(PrivateKey privateKey,
                                    String passwordForPrivateKey,
                                    String encryptionAlgorithm)
```
    Description copied from interface: SecurityProviderTool
    
    Encodes a private key in PEM format, encrypting it with the specified password. The private key will be encrypted using the specified algorithm.
    
    Specified by:
    
    encodePrivateKeyAsPem in interface SecurityProviderTool
    
    Parameters:
    
    privateKey - private key to encode
    
    passwordForPrivateKey - password to protect the private key
    
    encryptionAlgorithm - algorithm to use to encrypt the private key
    
    Returns:
    
    PEM-encoded private key as a String
  - encodeCertificateAsPem
```
public String encodeCertificateAsPem(Certificate certificate)
```
    Description copied from interface: SecurityProviderTool
    
    Encodes a certificate in PEM format.
    
    Specified by:
    
    encodeCertificateAsPem in interface SecurityProviderTool
    
    Parameters:
    
    certificate - certificate to encode
    
    Returns:
    
    PEM-encoded certificate as a String
  - decodePemEncodedPrivateKey
```
public PrivateKey decodePemEncodedPrivateKey(Reader privateKeyReader,
                                             String password)
```
    Description copied from interface: SecurityProviderTool
    
    Decodes a PEM-encoded private key into a PrivateKey. The password may be null if the PEM-encoded private key is not password-encrypted.
    
    Specified by:
    
    decodePemEncodedPrivateKey in interface SecurityProviderTool
    
    Parameters:
    
    privateKeyReader - a reader for a PEM-encoded private key
    
    password - password protecting the private key @return the decoded private key
  - decodePemEncodedCertificate
```
public X509Certificate decodePemEncodedCertificate(Reader certificateReader)
```
    Description copied from interface: SecurityProviderTool
    
    Decodes a PEM-encoded X.509 Certificate into a X509Certificate.
    
    Specified by:
    
    decodePemEncodedCertificate in interface SecurityProviderTool
    
    Parameters:
    
    certificateReader - a reader for a PEM-encoded certificate
    
    Returns:
    
    the decoded X.509 certificate
  - loadKeyStore
```
public KeyStore loadKeyStore(File file,
                             String keyStoreType,
                             String password)
```
    Description copied from interface: SecurityProviderTool
    
    Loads a Java KeyStore object from a file.
    
    Specified by:
    
    loadKeyStore in interface SecurityProviderTool
    
    Parameters:
    
    file - KeyStore file to load
    
    keyStoreType - KeyStore type (PKCS12, JKS, etc.)
    
    password - the KeyStore password
    
    Returns:
    
    an initialized Java KeyStore object
  - saveKeyStore
```
public void saveKeyStore(File file,
                         KeyStore keyStore,
                         String keystorePassword)
```
    Description copied from interface: SecurityProviderTool
    
    Saves a Java KeyStore to a file, protecting it with the specified password.
    
    Specified by:
    
    saveKeyStore in interface SecurityProviderTool
    
    Parameters:
    
    file - file to save the KeyStore to
    
    keyStore - KeyStore to save
    
    keystorePassword - password for the KeyStore
  - getKeyManagers
```
public KeyManager[] getKeyManagers(KeyStore keyStore,
                                   String keyStorePassword)
```
    Description copied from interface: SecurityProviderTool
    
    Retrieve the KeyManagers for the specified KeyStore.
    
    Specified by:
    
    getKeyManagers in interface SecurityProviderTool
    
    Parameters:
    
    keyStore - the KeyStore to retrieve KeyManagers from
    
    keyStorePassword - the KeyStore password
    
    Returns:
    
    KeyManagers for the specified KeyStore

Class BouncyCastleSecurityProviderTool

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

BouncyCastleSecurityProviderTool

Method Detail

createServerCertificate

createServerKeyStore

createRootCertificateKeyStore

createCARootCertificate

encodePrivateKeyAsPem

encodeCertificateAsPem

decodePemEncodedPrivateKey

decodePemEncodedCertificate

loadKeyStore

saveKeyStore

getKeyManagers