DefaultSecurityProviderTool (LittleProxy MITM Module 2.1.0 API)

java.lang.Object
- net.lightbody.bmp.mitm.tools.DefaultSecurityProviderTool

All Implemented Interfaces:

SecurityProviderTool
```
public class DefaultSecurityProviderTool
extends Object
implements SecurityProviderTool
```
A SecurityProviderTool implementation that uses the default system Security provider where possible, but uses the Bouncy Castle provider for operations that the JCA does not provide or implement (e.g. certificate generation and signing).

Constructor Summary

Constructors
Constructor and Description

DefaultSecurityProviderTool()

Constructors
Constructor and Description
`DefaultSecurityProviderTool()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`CertificateAndKey`	`createCARootCertificate(CertificateInfo certificateInfo, KeyPair keyPair, String messageDigest)` Creates a new self-signed CA root certificate, suitable for use signing new server certificates.
`KeyStore`	`createRootCertificateKeyStore(String keyStoreType, CertificateAndKey rootCertificateAndKey, String privateKeyAlias, String password)` Assembles a Java KeyStore containing a CA root certificate and its private key.
`CertificateAndKey`	`createServerCertificate(CertificateInfo certificateInfo, X509Certificate caRootCertificate, PrivateKey caPrivateKey, KeyPair serverKeyPair, String messageDigest)` Creates a new server X.509 certificate using the serverKeyPair.
`KeyStore`	`createServerKeyStore(String keyStoreType, CertificateAndKey serverCertificateAndKey, X509Certificate rootCertificate, String privateKeyAlias, String password)` Assembles a Java KeyStore containing a server's certificate, private key, and the certificate authority's certificate, which can be used to create an `SSLContext`.
`X509Certificate`	`decodePemEncodedCertificate(Reader certificateReader)` Decodes a PEM-encoded X.509 Certificate into a `X509Certificate`.
`PrivateKey`	`decodePemEncodedPrivateKey(Reader privateKeyReader, String password)` Decodes a PEM-encoded private key into a `PrivateKey`.
`String`	`encodeCertificateAsPem(Certificate certificate)` Encodes a certificate in PEM format.
`String`	`encodePrivateKeyAsPem(PrivateKey privateKey, String passwordForPrivateKey, String encryptionAlgorithm)` Encodes a private key in PEM format, encrypting it with the specified password.
`KeyManager[]`	`getKeyManagers(KeyStore keyStore, String keyStorePassword)` Retrieve the KeyManagers for the specified KeyStore.
`KeyStore`	`loadKeyStore(File file, String keyStoreType, String password)` Loads the KeyStore from the specified InputStream.
`void`	`saveKeyStore(File file, KeyStore keyStore, String keystorePassword)` Exports the keyStore to the specified file.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - DefaultSecurityProviderTool
```
public DefaultSecurityProviderTool()
```
- Method Detail
  - createCARootCertificate
```
public CertificateAndKey createCARootCertificate(CertificateInfo certificateInfo,
                                                 KeyPair keyPair,
                                                 String messageDigest)
```
    Description copied from interface: SecurityProviderTool
    
    Creates a new self-signed CA root certificate, suitable for use signing new server certificates.
    
    Specified by:
    
    createCARootCertificate in interface SecurityProviderTool
    
    Parameters:
    
    certificateInfo - certificate info to populate in the new root cert
    
    keyPair - root certificate's public and private keys
    
    messageDigest - digest to use when signing the new root certificate, such as SHA512
    
    Returns:
    
    a new root certificate and private key
  - createServerCertificate
```
public CertificateAndKey createServerCertificate(CertificateInfo certificateInfo,
                                                 X509Certificate caRootCertificate,
                                                 PrivateKey caPrivateKey,
                                                 KeyPair serverKeyPair,
                                                 String messageDigest)
```
    Description copied from interface: SecurityProviderTool
    
    Creates a new server X.509 certificate using the serverKeyPair. The new certificate will be populated with information from the specified certificateInfo and will be signed using the specified caPrivateKey and messageDigest.
    
    Specified by:
    
    createServerCertificate in interface SecurityProviderTool
    
    Parameters:
    
    certificateInfo - basic X.509 certificate info that will be used to create the server certificate
    
    caRootCertificate - root certificate that will be used to populate the issuer field of the server certificate
    
    caPrivateKey - root certificate private key that will be used to sign the server certificate
    
    serverKeyPair - server's public and private keys
    
    messageDigest - message digest to use when signing the server certificate, such as SHA512
    
    Returns:
    
    a new server certificate and its private key
  - createServerKeyStore
```
public KeyStore createServerKeyStore(String keyStoreType,
                                     CertificateAndKey serverCertificateAndKey,
                                     X509Certificate rootCertificate,
                                     String privateKeyAlias,
                                     String password)
```
    Description copied from interface: SecurityProviderTool
    
    Assembles a Java KeyStore containing a server's certificate, private key, and the certificate authority's certificate, which can be used to create an SSLContext.
    
    Specified by:
    
    createServerKeyStore in interface SecurityProviderTool
    
    Parameters:
    
    keyStoreType - the KeyStore type, such as JKS or PKCS12
    
    serverCertificateAndKey - certificate and private key for the server, which will be placed in the KeyStore
    
    rootCertificate - CA root certificate of the private key that signed the server certificate
    
    privateKeyAlias - alias to assign the private key (with accompanying certificate chain) to in the KeyStore
    
    password - password for the new KeyStore and private key
    
    Returns:
    
    a new KeyStore with the server's certificate and password-protected private key
  - createRootCertificateKeyStore
```
public KeyStore createRootCertificateKeyStore(String keyStoreType,
                                              CertificateAndKey rootCertificateAndKey,
                                              String privateKeyAlias,
                                              String password)
```
    Description copied from interface: SecurityProviderTool
    
    Assembles a Java KeyStore containing a CA root certificate and its private key.
    
    Specified by:
    
    createRootCertificateKeyStore in interface SecurityProviderTool
    
    Parameters:
    
    keyStoreType - the KeyStore type, such as JKS or PKCS12
    
    rootCertificateAndKey - certification authority's root certificate and private key, which will be placed in the KeyStore
    
    privateKeyAlias - alias to assign the private key (with accompanying certificate chain) to in the KeyStore
    
    password - password for the new KeyStore and private key
    
    Returns:
    
    a new KeyStore with the root certificate and password-protected private key
  - encodePrivateKeyAsPem
```
public String encodePrivateKeyAsPem(PrivateKey privateKey,
                                    String passwordForPrivateKey,
                                    String encryptionAlgorithm)
```
    Description copied from interface: SecurityProviderTool
    
    Encodes a private key in PEM format, encrypting it with the specified password. The private key will be encrypted using the specified algorithm.
    
    Specified by:
    
    encodePrivateKeyAsPem in interface SecurityProviderTool
    
    Parameters:
    
    privateKey - private key to encode
    
    passwordForPrivateKey - password to protect the private key
    
    encryptionAlgorithm - algorithm to use to encrypt the private key
    
    Returns:
    
    PEM-encoded private key as a String
  - encodeCertificateAsPem
```
public String encodeCertificateAsPem(Certificate certificate)
```
    Description copied from interface: SecurityProviderTool
    
    Encodes a certificate in PEM format.
    
    Specified by:
    
    encodeCertificateAsPem in interface SecurityProviderTool
    
    Parameters:
    
    certificate - certificate to encode
    
    Returns:
    
    PEM-encoded certificate as a String
  - decodePemEncodedPrivateKey
```
public PrivateKey decodePemEncodedPrivateKey(Reader privateKeyReader,
                                             String password)
```
    Description copied from interface: SecurityProviderTool
    
    Decodes a PEM-encoded private key into a PrivateKey. The password may be null if the PEM-encoded private key is not password-encrypted.
    
    Specified by:
    
    decodePemEncodedPrivateKey in interface SecurityProviderTool
    
    Parameters:
    
    privateKeyReader - a reader for a PEM-encoded private key
    
    password - password protecting the private key @return the decoded private key
  - decodePemEncodedCertificate
```
public X509Certificate decodePemEncodedCertificate(Reader certificateReader)
```
    Description copied from interface: SecurityProviderTool
    
    Decodes a PEM-encoded X.509 Certificate into a X509Certificate.
    
    Specified by:
    
    decodePemEncodedCertificate in interface SecurityProviderTool
    
    Parameters:
    
    certificateReader - a reader for a PEM-encoded certificate
    
    Returns:
    
    the decoded X.509 certificate
  - loadKeyStore
```
public KeyStore loadKeyStore(File file,
                             String keyStoreType,
                             String password)
```
    Loads the KeyStore from the specified InputStream. The InputStream is not closed after the KeyStore has been read.
    
    Specified by:
    
    loadKeyStore in interface SecurityProviderTool
    
    Parameters:
    
    file - file containing a KeyStore
    
    keyStoreType - KeyStore type, such as "JKS" or "PKCS12"
    
    password - password of the KeyStore
    
    Returns:
    
    KeyStore loaded from the input stream
  - saveKeyStore
```
public void saveKeyStore(File file,
                         KeyStore keyStore,
                         String keystorePassword)
```
    Exports the keyStore to the specified file.
    
    Specified by:
    
    saveKeyStore in interface SecurityProviderTool
    
    Parameters:
    
    file - file to save the KeyStore to
    
    keyStore - KeyStore to export
    
    keystorePassword - the password for the KeyStore
  - getKeyManagers
```
public KeyManager[] getKeyManagers(KeyStore keyStore,
                                   String keyStorePassword)
```
    Description copied from interface: SecurityProviderTool
    
    Retrieve the KeyManagers for the specified KeyStore.
    
    Specified by:
    
    getKeyManagers in interface SecurityProviderTool
    
    Parameters:
    
    keyStore - the KeyStore to retrieve KeyManagers from
    
    keyStorePassword - the KeyStore password
    
    Returns:
    
    KeyManagers for the specified KeyStore

Class DefaultSecurityProviderTool

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

DefaultSecurityProviderTool

Method Detail

createCARootCertificate

createServerCertificate

createServerKeyStore

createRootCertificateKeyStore

encodePrivateKeyAsPem

encodeCertificateAsPem

decodePemEncodedPrivateKey

decodePemEncodedCertificate

loadKeyStore

saveKeyStore

getKeyManagers