Class BouncyCastleSupport

java.lang.Object
de.xima.fc.cryptography.BouncyCastleSupport
Direct Known Subclasses:
FSServer, KeyStoreCertProvider
public abstract class BouncyCastleSupport extends Object
Base class for classes that require Bouncy Castle support. Provides utility methods for cryptographic operations using the Bouncy Castle provider. Ensures the Bouncy Castle provider is registered.

  • Constructor Details

    • BouncyCastleSupport

      public BouncyCastleSupport()

  • Method Details

    • createContentSigner

      protected static org.bouncycastle.operator.ContentSigner createContentSigner(PrivateKey privateKey, String signatureAlgorithm) throws org.bouncycastle.operator.OperatorCreationException
      Creates a ContentSigner using the specified private key and signature algorithm.
      Parameters:
      privateKey - the private key to sign with
      signatureAlgorithm - the signature algorithm to use (e.g. "SHA256withRSA")
      Returns:
      the ContentSigner instance
      Throws:
      org.bouncycastle.operator.OperatorCreationException - if an error occurs while creating the ContentSigner

    • buildSignedCertificate

      protected static X509Certificate buildSignedCertificate(PrivateKey signingKey, String signatureAlgorithm, org.bouncycastle.cert.X509v3CertificateBuilder certBuilder) throws CertificateException, org.bouncycastle.operator.OperatorCreationException
      Creates a signed X509Certificate from a PrivateKey and a X509v3CertificateBuilder.
      Parameters:
      signingKey - the private key to sign the certificate with
      signatureAlgorithm - the signature algorithm to use (e.g. "SHA256withRSA")
      certBuilder - the X509v3CertificateBuilder to build the certificate
      Returns:
      the X509Certificate instance
      Throws:
      CertificateException - if an error occurs while creating the certificate
      org.bouncycastle.operator.OperatorCreationException - if an error occurs while creating the ContentSigner

    • createKeyFactory

      protected static KeyFactory createKeyFactory(String algorithm) throws NoSuchAlgorithmException
      Creates a KeyFactory for the specified algorithm using the Bouncy Castle provider.
      Parameters:
      algorithm - the key algorithm (e.g. "RSA", "EC")
      Returns:
      the KeyFactory instance
      Throws:
      NoSuchAlgorithmException - if the algorithm is not available
      RuntimeException - if the provider is not available

    • createKeyPairGenerator

      protected static KeyPairGenerator createKeyPairGenerator(String algorithm) throws NoSuchAlgorithmException
      Creates a KeyPairGenerator for the specified algorithm using the Bouncy Castle provider.
      Parameters:
      algorithm - the key pair algorithm (e.g. "RSA", "EC")
      Returns:
      the KeyPairGenerator instance
      Throws:
      NoSuchAlgorithmException - if the algorithm is not available
      RuntimeException - if the provider is not available

    • createX509CertificateFactory

      protected static CertificateFactory createX509CertificateFactory() throws CertificateException
      Creates a CertificateFactory for X.509 certificates using the Bouncy Castle provider.
      Returns:
      the CertificateFactory instance
      Throws:
      CertificateException - if an error occurs while creating the factory
      RuntimeException - if the provider is not available

    • createKeyStore

      protected static KeyStore createKeyStore(String type) throws KeyStoreException
      Creates a KeyStore instance of the specified type using the Bouncy Castle provider.
      Parameters:
      type - the type of KeyStore (e.g. "PKCS12", "JKS")
      Returns:
      the KeyStore instance
      Throws:
      KeyStoreException - if an error occurs while creating the KeyStore
      RuntimeException - if the provider is not available

    • createSignature

      protected static Signature createSignature(String signatureAlgorithm) throws NoSuchAlgorithmException
      Creates a Signature instance for the specified algorithm using the Bouncy Castle provider.
      Parameters:
      signatureAlgorithm - the signature algorithm (e.g. "SHA256withRSA")
      Returns:
      the Signature instance
      Throws:
      NoSuchAlgorithmException - if the algorithm is not available
      RuntimeException - if the provider is not available

    • createPEMKeyConverter

      protected static org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter createPEMKeyConverter()
      Creates a JcaPEMKeyConverter using the Bouncy Castle provider.
      Returns:
      the JcaPEMKeyConverter instance

    • createX509CertificateConverter

      protected static org.bouncycastle.cert.jcajce.JcaX509CertificateConverter createX509CertificateConverter()
      Creates a JcaX509CertificateConverter using the Bouncy Castle provider.
      Returns:
      the JcaX509CertificateConverter instance

    • createOpenSSLPKCS8DecryptorProviderBuilder

      protected static org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder createOpenSSLPKCS8DecryptorProviderBuilder()
      Creates a JceOpenSSLPKCS8DecryptorProviderBuilder using the Bouncy Castle provider.
      Returns:
      the JceOpenSSLPKCS8DecryptorProviderBuilder instance

    • createCMSContentEncryptorBuilder

      protected static org.bouncycastle.operator.OutputEncryptor createCMSContentEncryptorBuilder(org.bouncycastle.asn1.ASN1ObjectIdentifier algorithmIdentifier) throws org.bouncycastle.cms.CMSException
      Creates a CMSContentEncryptorBuilder for the specified algorithm identifier using the Bouncy Castle provider.
      Parameters:
      algorithmIdentifier - the ASN.1 object identifier for the encryption algorithm
      Returns:
      the OutputEncryptor instance
      Throws:
      org.bouncycastle.cms.CMSException - if an error occurs while creating the encryptor

    • createJceKeyTransRecipientInfoGenerator

      protected static org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator createJceKeyTransRecipientInfoGenerator(X509Certificate cert) throws CertificateEncodingException
      Creates a JceKeyTransRecipientInfoGenerator for the specified X509Certificate using the Bouncy Castle provider.
      Parameters:
      cert - the X509Certificate to use for the recipient info
      Returns:
      the JceKeyTransRecipientInfoGenerator instance
      Throws:
      CertificateEncodingException - if an error occurs while encoding the certificate