iWS: Plugin for Trustbase Services Java API Documentation · Get the set of certiﬁcate paths that will be used to verify the response message. Returns: the veriﬁcation paths or

API GuideiPlanet Web Server Plugin for Trustbase Services

Version1.0

8xx-xxxx-xx

October 2001

Copyright © 2001 Sun Microsystems, Inc. All rights reserved.

Sun, Sun Microsystems, the Sun logo, Java, iPlanet, JDK, JVM, EJB, JavaBeans, HotJava, JavaScript, Java Naming

and Directory Interface, Solaris, Trustbase and JDBC are trademarks or registered trademarks of Sun

Microsystems, Inc. in the U.S. and other countries.

Federal Acquisitions: Commercial Software -- Government Users Subject to Standard License Terms and

Conditions

This product is distributed under licenses restricting its use, copying, distribution, and decompilation. No part of

the product or this document may be reproduced in any form by any means without prior written authorization

of the Sun Microsystems, Inc. and its licensors, if any.

DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS,

REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF

MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE

DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY

INVALID.

Copyright © 2001 Sun Microsystems, Inc. Tous droits réservés.

Sun, Sun Microsystems, the Sun logo, Java, iPlanet, JDK, JVM, EJB, JavaBeans, HotJava, JavaScript, Java Naming

and Directory Interface, Solaris, Trustbase et JDBC logos sont des marques de fabrique ou des marques déposées

de Sun Microsystems, Inc. aux Etats-Unis et d'autre pays.

Ce produit est soumise à des conditions de licence. Le produit décrit dans ce document est distribué selon des

conditions de licence qui en restreignent l'utilisation, la copie, la distribution et la décompilation. Aucune partie

de ce produit ou document ne peut être reproduite sous aucune forme, par quelque moyen que ce soit, sans

l'autorisation préalable écrite de Sun, et de ses bailleurs de licence, s'il y en a.

DOCUMENTATION EST FOURNIE « EN L'ÉTAT », ET TOUTES CONDITIONS EXPRESSES OU IMPLICITES,

TOUTES REPRÉSENTATIONS ET TOUTES GARANTIES, Y COMPRIS TOUTE GARANTIE IMPLICITE

D'APTITUDE À LA VENTE, OU À UN BUT PARTICULIER OU DE NON CONTREFAÇON SONT EXCLUES,

EXCEPTÉ DANS LA MESURE OÙ DE TELLES EXCLUSIONS SERAIENT CONTRAIRES À LA LOI.

...... 3.. 5

35

51

93

7

03

ContentsOverview ...........................................................................................................com.iplanet.trustbase.initiator ...........................................................................

ConfigAdapter ........................................................................................................................................................ 6ConfigAdapterException ....................................................................................................................................... 9EngineLogger ....................................................................................................................................................... 11ExceptionCodes ................................................................................................................................................... 12InitiatorException ................................................................................................................................................ 21PropertyCodes ...................................................................................................................................................... 24TransportAdapter ................................................................................................................................................. 30TransportAdapterException ................................................................................................................................. 31TransportAdapterFactory ..................................................................................................................................... 33

com.iplanet.trustbase.initiator.config ................................................................ ConfigAdapterImpl .............................................................................................................................................. 36ErrorConfigAdapter ............................................................................................................................................. 39PropertyConfigAdapter ........................................................................................................................................ 45

com.iplanet.trustbase.initiator.dsms.................................................................. CertIdContainer .................................................................................................................................................... 52CertStatus ............................................................................................................................................................. 54CertStatus.CS ....................................................................................................................................................... 59CertStatusCodes ................................................................................................................................................... 60CSCEngine ........................................................................................................................................................... 64CSCException ...................................................................................................................................................... 71CSCMessageException ........................................................................................................................................ 73CSCProtocolException ........................................................................................................................................ 75DataConverterClient ............................................................................................................................................ 77MessageData ........................................................................................................................................................ 78MessageFactory ................................................................................................................................................... 80NewOCSPUtil ...................................................................................................................................................... 82ProtocolAdapter ................................................................................................................................................... 84ProtocolAdapterFactory ....................................................................................................................................... 86StatusCheckData .................................................................................................................................................. 89

com.iplanet.trustbase.initiator.logger ................................................................ DefaultEngineLogger ........................................................................................................................................... 94

com.iplanet.trustbase.initiator.transport .......................................................... 9HTTPTransportAdapter ....................................................................................................................................... 98XURLTransportAdapter .................................................................................................................................... 101

com.iplanet.trustbase.security.store................................................................. 1AliasConflictException ...................................................................................................................................... 105IncompleteChainException ................................................................................................................................ 107IncorrectPasswordException .............................................................................................................................. 109KeyEntry ............................................................................................................................................................ 110KeyUsages ......................................................................................................................................................... 113KeyUsages.ExtendedKeyUsage ......................................................................................................................... 120KeyUsages.KeyUsage ........................................................................................................................................ 121KeyUsages.KeyUsageI ...................................................................................................................................... 122KeyUsageSpecification ...................................................................................................................................... 124NoKeyUsageException ...................................................................................................................................... 125

i

Contents

159

175

.. 209.. 233

NoSuchEntryException ...................................................................................................................................... 127Password ............................................................................................................................................................ 128PasswordCallback .............................................................................................................................................. 130PasswordCallback.GiveUpException ................................................................................................................ 131TokenKeyStore .................................................................................................................................................. 132TokenKeyStoreEntry ......................................................................................................................................... 140TokenKeyStoreException .................................................................................................................................. 142TokenKeyStoreInstantiationException .............................................................................................................. 144TokenKeyTool ................................................................................................................................................... 146TrustedCertificateEntry ...................................................................................................................................... 152TrustException ................................................................................................................................................... 154UnmatchedSubjectCertException ...................................................................................................................... 156

com.iplanet.trustbase.xurl ................................................................................ Handler ............................................................................................................................................................... 160HttpsClient ......................................................................................................................................................... 162HttpsConfiguration ............................................................................................................................................ 164HttpsConfigurationProperties ............................................................................................................................ 167HttpsURLConnection ........................................................................................................................................ 169XURL ................................................................................................................................................................. 172

uk.co.jcp.util.properties .................................................................................... JCPProperties ..................................................................................................................................................... 176JCPPropertyFactory ........................................................................................................................................... 178JCPPropertyFactoryRegistry .............................................................................................................................. 180MalformedPropertyException ............................................................................................................................ 183PropertyException .............................................................................................................................................. 184PropertyManager ................................................................................................................................................ 185PropertyNotFoundException ............................................................................................................................. 188PropertySection .................................................................................................................................................. 190PropertySource ................................................................................................................................................... 200SectionAlreadyDefinedException ...................................................................................................................... 202SectionNotFoundException ............................................................................................................................... 203WritablePropertySource ..................................................................................................................................... 205

Almanac ............................................................................................................Index .................................................................................................................

ii

Overview

Package Summary

Packages

com.iplanet.trust-base.initiator 5

com.iplanet.trust-base.initia-tor.config 35

com.iplanet.trust-base.initiator.dsms 51

com.iplanet.trust-base.initia-tor.logger 93

com.iplanet.trust-base.initia-tor.transport 97

com.iplanet.trust-base.security.store 103

com.iplanet.trust-base.xurl 159

uk.co.jcp.util.properties 175

3

Overview

4

es-

Package

com.iplanet.trustbase.initiator

Class Summary

Interfaces

ConfigAdapter 6 Interface to the host property system.

EngineLogger 11 The interface definition to the engine logger.

TransportAdapter 30 The TransportAdapter is responsible for managing the delivery and reception of a msage.

Classes

ExceptionCodes 12

PropertyCodes 24

TransportAdapterFactory 33

Exceptions

ConfigAdapterException9

The exceptions thrown by ConfigAdapter.

InitiatorException 21 The parent class of exceptions thrown in this package hierarchy.

TransportAdapterException 31

The exceptions thrown by TransportAdapter.

5

ConfigAdapter com.iplanet.trustbase.initiator

completeChain(X509Certificate)

te


ConfigAdapterDeclarationpublic interface ConfigAdapter

All Known Implementing Classes: PropertyConfigAdapter 45, ConfigAdapterImpl 36

DescriptionInterface to the host property system.

See Also: ConfigAdapterException 9

Methods


public java.security.cert.X509Certificate[]

completeChain (java.security.cert.X509Certificate certificate)

throws ConfigAdapterException

Completes a chain given a supplied certificate.

Member Summary

Methodspublic

X509CertificatecompleteChain(X509Certificate) 6

Completes a chain given a supplied certificate.public Object getObjectProperty(String) 7

Get an object property from the system.public String getProperty(String) 7

Get a property from the systempublic PrivateKey getSignerKey() 7

Get the private key used to sign the request messagepublic

X509CertificategetSignerPath() 7

Get the certificate path that will be included in the request as the signer’s certificapath.

public PrivateKey getSSLSignerKey() 8Get the signing key for SSL Client Transactions

publicX509Certificate

getSSLSignerPath() 8Get the SSL Client Certificate to use for SSL negotiation.


getVerificationPaths() 8Get the set of certificate paths that will be used to verify the response message.

public void validateChain(X509Certificate[]) 8Validate a supplied certificate chain.

6

com.iplanet.trustbase.initiator ConfigAdapter

getObjectProperty(String)

at the

certifi-

Parameters:certificate - The certificate to try and complete

Returns: The chain

Throws:ConfigAdapterException 9 - if it is unable to complete the chain


public java.lang.Object getObjectProperty (java.lang.String property)


Get an object property from the system. all object properties are optional. A null return signifies thobject is not present in the system.

Parameters:property - the name of the property required.

Returns: the value of the property or null if the property is not present in the system.

Throws:ConfigAdapterException 9 - if the property could not be found and processing should notcontinue.

getProperty(String)

public java.lang.String getProperty (java.lang.String property)


Get a property from the system

Parameters:property - the name of the property required

Returns: the value of the property or null if it is not present

Throws:ConfigAdapterException 9 - if the property could not be found and processing should notcontinue.

getSignerKey()

public java.security.PrivateKey getSignerKey ()


Get the private key used to sign the request message

Returns: the signing key or null if not found

Throws:ConfigAdapterException 9 - if the key could not be retrieved and processing should notcontinue.

getSignerPath()

public java.security.cert.X509Certificate[] getSignerPath ()


Get the certificate path that will be included in the request as the signer’s certificate path. This is thecate that will be used to sign requests.

7


getSSLSignerKey()

.

Returns: the signing certificate path or null if not found

Throws:ConfigAdapterException 9 - if the path could not be retrieved and processing should notcontinue.

getSSLSignerKey()

public java.security.PrivateKey getSSLSignerKey ()


Get the signing key for SSL Client Transactions

Returns: the private for SSL Client signing.

Throws:ConfigAdapterException 9 - if the key could not be returned.

getSSLSignerPath()

public java.security.cert.X509Certificate[] getSSLSignerPath ()


Get the SSL Client Certificate to use for SSL negotiation.

Returns: the SSL client signing certificate chain.

Throws:ConfigAdapterException 9 - if the certificate chain could not be returned.

getVerificationPaths()

public java.security.cert.X509Certificate[][] getVerificationPaths ()


Get the set of certificate paths that will be used to verify the response message.

Returns: the verification paths or null if not found

Throws:CSCConfigException - if the paths could not be retrieved and processing should not continue

ConfigAdapterException 9

validateChain(X509Certificate[])

public void validateChain (java.security.cert.X509Certificate[] chain)


Validate a supplied certificate chain.

Parameters:certificateChain - is the certificate chain to check.

Throws:ConfigAdapterException 9

8

com.iplanet.trustbase.initiator ConfigAdapterException



ConfigAdapterExceptionDeclarationpublic class ConfigAdapterException extends InitiatorException 21

java.lang.Object|+--java.lang.Throwable

|+--java.lang.Exception

|+--com.iplanet.trustbase.initiator. InitiatorException 21

|+-- com.iplanet.trustbase.initiator.ConfigAdapterException

All Implemented Interfaces: java.io.Serializable

DescriptionThe exceptions thrown by ConfigAdapter.

See Also: ConfigAdapter 6, InitiatorException 21

Member Summary

Constructorspublic ConfigAdapterException(String) 10

public ConfigAdapterException(String, Throwable) 10

public ConfigAdapterException(String, Throwable, Object[]) 10

public ConfigAdapterException(Throwable) 10

Inherited Member Summary

Methods inherited from interface InitiatorException 21

getArgs() 22, getNestedException() 23

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from class java.lang.Throwable

fillInStackTrace, getLocalizedMessage, getMessage, printStackTrace, printStackTrace,printStackTrace, toString

9

ConfigAdapterException com.iplanet.trustbase.initiator

ConfigAdapterException(String)

Constructors

ConfigAdapterException(String)

public ConfigAdapterException (java.lang.String message)

ConfigAdapterException(String, Throwable)

public ConfigAdapterException (java.lang.String message, java.lang.Throwable throwable)

ConfigAdapterException(String, Throwable, Object[])

public ConfigAdapterException (java.lang.String message, java.lang.Throwable throwable,

java.lang.Object[] args)

ConfigAdapterException(Throwable)

public ConfigAdapterException (java.lang.Throwable throwable)

10

com.iplanet.trustbase.initiator EngineLogger

log(String, Throwable, String[])

of thisith


EngineLoggerDeclarationpublic interface EngineLogger

All Known Implementing Classes: DefaultEngineLogger 94

DescriptionThe interface definition to the engine logger. The Engine checks for the existance of an implementation class by checking the object property “csc.engine.logger”. If the logger is present it will call the logger wengine events. The primary focus of this logger is to provide debugging information.

Methods


public void log (java.lang.String logMessage, java.lang.Throwable t,

java.lang.String[] params)

log a message to the log.

Parameters:logMessage - the message to log.

t - A throwable that may or may not accompany the message.

params - explanatory parameters to are message specific.

Member Summary

Methodspublic void log(String, Throwable, String[]) 11


11

ExceptionCodes com.iplanet.trustbase.initiator


ro-

in

e

e

e

e

e

e

e

e


ExceptionCodesDeclarationpublic class ExceptionCodes

java.lang.Object|+-- com.iplanet.trustbase.initiator.ExceptionCodes

Member Summary

Fieldspublic static final CSC_CANNOT_CHECK_ROOT14

An attempt was made to check the root certificate this is not and supported in the ptocol.

public static final CSC_CLASS_LOAD14Unable to load the specified class This exception code MAY include the class namestring form as an argument.

public static final CSC_COULD_NOT_CREATE_DATA_CONVERTER15

public static final CSC_COULD_NOT_DECODE_PKCS7_BLOCK15Could not extract certificates or signature from pkcs7 signed block.

public static final CSC_HTTP_CONNECT_FAILED15The location to transmit to could not be opened - This exception code will include thlocation in string form as an argument.

public static final CSC_HTTP_NO_MIME_TYPE15No mime type specified for message type.

public static final CSC_HTTP_NO_ROUTE_TO_HOST15The location to transmit to could not be opened - This exception code will include thlocation in string form as an argument.

public static final CSC_HTTP_OPEN_CONNECTION_FAILED15The location to transmit to could not be opened - This exception code will include thlocation in string form as an argument.

public static final CSC_HTTP_PROTOCOL_ERROR15The location to transmit to could not be opened - This exception code will include thlocation in string form as an argument.

public static final CSC_HTTP_READ_FAILED15The location to transmit to could not be opened - This exception code will include thlocation in string form as an argument.

public static final CSC_HTTP_SOCKET_ERROR15The location to transmit to could not be opened - This exception code will include thlocation in string form as an argument.

public static final CSC_HTTP_UNKNOWN_HOST16The location to transmit to could not be opened - This exception code will include thlocation in string form as an argument.

public static final CSC_HTTP_WRITE_FAILED16The location to transmit to could not be opened - This exception code will include thlocation in string form as an argument.

public static final CSC_IDENTRUS_GEN_ERROR16Could not correctly generate an identrus message.

public static final CSC_IDENTRUS_INVALID_RESPONSE_MESSAGE16Could not parse the response message.

12

com.iplanet.trustbase.initiator ExceptionCodes


is

the

ins

n.

public static final CSC_IDENTRUS_MESSAGE_ERROR16Could not correctly generate an identrus message.

public static final CSC_IDENTRUS_OCSP_BASE64_ERROR16Could not correctly generate an identrus message.

public static final CSC_IDENTRUS_SIGNATURE_ERROR16Could not generate an identrus signature for the message.

public static final CSC_IDENTRUS_TXID_ERROR16Could not generate a unique transaction id for the identrus transaction.

public static final CSC_INVALID_MESSAGE_FACTORY16The selected message factory for the specified oid does not appear to be valid Thexception code will include the classname in string form as an argument.

public static final CSC_INVALID_PROTOCOL_VERSION16A Requested protocol version is not supported or has not been initialised.

public static final CSC_INVALID_SIGNATURE_ON_PKCS7_SIGNED_BLOCK17Invalid signature on given pkcs7 signed block.

public static final CSC_INVALID_TRANSPORT_ADAPTER17The transport adapter selected for the location appears to be an invalid class.

public static final CSC_MALFORMED_URL17The location to transmit to is not a valid URL This Exception code will include thelocation in String form as an argument.

public static final CSC_MISSING_AIA17An aia which was expected has not been specified.

public static final CSC_MISSING_SIGNINGCHAIN_FROM_RESPONSE17No signing chain was given in the response.

public static final CSC_NO_CERTIFICATES_TO_CHECK17No Certificates where given to check

public static final CSC_NO_DEFAULT_LOCATION17The location to send data cannot be determined.

public static final CSC_NO_DEFAULT_MESSAGE_FACTORY17A message factory could not be located for the specified oid.

public static final CSC_NO_STATUSES_RECEIVED17No status’s where provided to validate.

public static final CSC_OCSP_ASN1_BUILD_ERROR18There was an error constructing the ASN1 elements for transmission.

public static final CSC_OCSP_ASN1_ERROR18There was a failure to encode or decode an ASN structure.

public static final CSC_OCSP_NO_RESPONSE_DATA18The ocsp response does not provide any ocsp response data.

public static final CSC_OCSP_NO_RESPONSE_SIGNATURE18The ocsp response was signed we have been asked to validate the response andresponse did not have a signature.

public static final CSC_OCSP_OCSP_BUILD_ERROR18There was an erorr generating the OCSP Message for transmission.

public static final CSC_OCSP_OCSP_ERROR18There was error translating the ASN into an OCSP message or vice versa.

public static final CSC_OCSP_RESPONSE_SIGNER_COULD_NOT_BE_FOUND18A response signer could not be found for the ocsp

public static final CSC_OCSP_SIGNING_CERT_NOT_TRUSTED18The response signer is not a trusted signer —- It is not part of the verification chaprovided.

public static final CSC_OCSP_X509_ERROR18An X50(x) error occured while attempting to prepare the message for transmissio

Member Summary

13


CSC_CANNOT_CHECK_ROOT

as an

its

d to

Fields

CSC_CANNOT_CHECK_ROOT

public static final java.lang.String CSC_CANNOT_CHECK_ROOT

An attempt was made to check the root certificate this is not and supported in the protocol.

CSC_CLASS_LOAD

public static final java.lang.String CSC_CLASS_LOAD

Unable to load the specified class This exception code MAY include the class name in string formargument.

public static final CSC_ONLY_SINGLE_CERTIFICATE_SIGNING18An ocsp responder replied with only a single certificate - it is not possible to checksigning certificate and acquire proof is turned on!.

public static final CSC_RECEIVED_BAD_STATUS_PROOF_CERT19One of the required proofs has an unacceptable status.

public static final CSC_RECEIVED_BAD_STATUS_REQUEST_CERT19One of the requested certificates has an unacceptable status.

public static final CSC_RECEIVED_ERROR_CERT_STATUS19A CertStatus reporting an error is among the returned status’s

public static final CSC_RECEIVED_MISMATCHED_NONCE19The nonce in the responses was not the same as that set in the request.

public static final CSC_RECEIVED_OLD_STATUS_PROOF_CERT19One of the required proofs is too old to be acceptable.

public static final CSC_STATUS_MISSING_FOR_PROOF_CERT19One of the required proofs does not have a specific status.

public static final CSC_STATUS_MISSING_FOR_REQUEST_CERT19One of certificates requested does not have a specific status.

public static final CSC_TRANSPORT_UNSPECIFIED19The location to transmit to could not have an appropriate transport adapter assigneit.

public static final CSC_UNIMPLEMENTED19The method called has not been implemented.

Constructorspublic ExceptionCodes() 20



clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait,wait

Member Summary

14


CSC_COULD_NOT_CREATE_DATA_CONVERTER

tring

type in

tring

tring

tring

tring

tring

CSC_COULD_NOT_CREATE_DATA_CONVERTER

public static final java.lang.String CSC_COULD_NOT_CREATE_DATA_CONVERTER

CSC_COULD_NOT_DECODE_PKCS7_BLOCK

public static final java.lang.String CSC_COULD_NOT_DECODE_PKCS7_BLOCK

Could not extract certificates or signature from pkcs7 signed block.

CSC_HTTP_CONNECT_FAILED

public static final java.lang.String CSC_HTTP_CONNECT_FAILED

The location to transmit to could not be opened - This exception code will include the location in sform as an argument.

CSC_HTTP_NO_MIME_TYPE

public static final java.lang.String CSC_HTTP_NO_MIME_TYPE

No mime type specified for message type. This exception code will include the location and messagestring form as arguments.

CSC_HTTP_NO_ROUTE_TO_HOST

public static final java.lang.String CSC_HTTP_NO_ROUTE_TO_HOST


CSC_HTTP_OPEN_CONNECTION_FAILED

public static final java.lang.String CSC_HTTP_OPEN_CONNECTION_FAILED


CSC_HTTP_PROTOCOL_ERROR

public static final java.lang.String CSC_HTTP_PROTOCOL_ERROR


CSC_HTTP_READ_FAILED

public static final java.lang.String CSC_HTTP_READ_FAILED


CSC_HTTP_SOCKET_ERROR

public static final java.lang.String CSC_HTTP_SOCKET_ERROR


15


CSC_HTTP_UNKNOWN_HOST

tring

tring

de will

CSC_HTTP_UNKNOWN_HOST

public static final java.lang.String CSC_HTTP_UNKNOWN_HOST


CSC_HTTP_WRITE_FAILED

public static final java.lang.String CSC_HTTP_WRITE_FAILED


CSC_IDENTRUS_GEN_ERROR

public static final java.lang.String CSC_IDENTRUS_GEN_ERROR

Could not correctly generate an identrus message.

CSC_IDENTRUS_INVALID_RESPONSE_MESSAGE

public static final java.lang.String CSC_IDENTRUS_INVALID_RESPONSE_MESSAGE

Could not parse the response message. There was an error in the XML encoding.

CSC_IDENTRUS_MESSAGE_ERROR

public static final java.lang.String CSC_IDENTRUS_MESSAGE_ERROR


CSC_IDENTRUS_OCSP_BASE64_ERROR

public static final java.lang.String CSC_IDENTRUS_OCSP_BASE64_ERROR


CSC_IDENTRUS_SIGNATURE_ERROR

public static final java.lang.String CSC_IDENTRUS_SIGNATURE_ERROR

Could not generate an identrus signature for the message.

CSC_IDENTRUS_TXID_ERROR

public static final java.lang.String CSC_IDENTRUS_TXID_ERROR

Could not generate a unique transaction id for the identrus transaction.

CSC_INVALID_MESSAGE_FACTORY

public static final java.lang.String CSC_INVALID_MESSAGE_FACTORY

The selected message factory for the specified oid does not appear to be valid This exception coinclude the classname in string form as an argument.

CSC_INVALID_PROTOCOL_VERSION

public static final java.lang.String CSC_INVALID_PROTOCOL_VERSION

16


CSC_INVALID_SIGNATURE_ON_PKCS7_SIGNED_BLOCK

by 2

de will

rm

efault

A Requested protocol version is not supported or has not been initialised. This will be accompiedStrings - String 1 the protocol , String 2 - the version.

CSC_INVALID_SIGNATURE_ON_PKCS7_SIGNED_BLOCK

public static final java.lang.String CSC_INVALID_SIGNATURE_ON_PKCS7_SIGNED_BLOCK

Invalid signature on given pkcs7 signed block.

CSC_INVALID_TRANSPORT_ADAPTER

public static final java.lang.String CSC_INVALID_TRANSPORT_ADAPTER

The transport adapter selected for the location appears to be an invalid class. This exception coinclude the class name in string form as an argument.

CSC_MALFORMED_URL

public static final java.lang.String CSC_MALFORMED_URL

The location to transmit to is not a valid URL This Exception code will include the location in String foas an argument.

CSC_MISSING_AIA

public static final java.lang.String CSC_MISSING_AIA

An aia which was expected has not been specified.

CSC_MISSING_SIGNINGCHAIN_FROM_RESPONSE

public static final java.lang.String CSC_MISSING_SIGNINGCHAIN_FROM_RESPONSE

No signing chain was given in the response.

CSC_NO_CERTIFICATES_TO_CHECK

public static final java.lang.String CSC_NO_CERTIFICATES_TO_CHECK

No Certificates where given to check

CSC_NO_DEFAULT_LOCATION

public static final java.lang.String CSC_NO_DEFAULT_LOCATION

The location to send data cannot be determined.

CSC_NO_DEFAULT_MESSAGE_FACTORY

public static final java.lang.String CSC_NO_DEFAULT_MESSAGE_FACTORY

A message factory could not be located for the specified oid. This exception code will include the doid in string form as an argument.

CSC_NO_STATUSES_RECEIVED

public static final java.lang.String CSC_NO_STATUSES_RECEIVED

No status’s where provided to validate.

17


CSC_OCSP_ASN1_BUILD_ERROR

ssage

ot have a

nclude

CSC_OCSP_ASN1_BUILD_ERROR

public static final java.lang.String CSC_OCSP_ASN1_BUILD_ERROR

There was an error constructing the ASN1 elements for transmission.

CSC_OCSP_ASN1_ERROR

public static final java.lang.String CSC_OCSP_ASN1_ERROR

There was a failure to encode or decode an ASN structure. This exception code MAY include the meas a byte array as an argument.

CSC_OCSP_NO_RESPONSE_DATA

public static final java.lang.String CSC_OCSP_NO_RESPONSE_DATA

The ocsp response does not provide any ocsp response data.

CSC_OCSP_NO_RESPONSE_SIGNATURE

public static final java.lang.String CSC_OCSP_NO_RESPONSE_SIGNATURE

The ocsp response was signed we have been asked to validate the response and the response did nsignature.

CSC_OCSP_OCSP_BUILD_ERROR

public static final java.lang.String CSC_OCSP_OCSP_BUILD_ERROR

There was an erorr generating the OCSP Message for transmission.

CSC_OCSP_OCSP_ERROR

public static final java.lang.String CSC_OCSP_OCSP_ERROR

There was error translating the ASN into an OCSP message or vice versa. This exception code will ithe message as a byte array as an argument.

CSC_OCSP_RESPONSE_SIGNER_COULD_NOT_BE_FOUND

public static final java.lang.String CSC_OCSP_RESPONSE_SIGNER_COULD_NOT_BE_FOUND

A response signer could not be found for the ocsp

CSC_OCSP_SIGNING_CERT_NOT_TRUSTED

public static final java.lang.String CSC_OCSP_SIGNING_CERT_NOT_TRUSTED

The response signer is not a trusted signer —- It is not part of the verification chains provided.

CSC_OCSP_X509_ERROR

public static final java.lang.String CSC_OCSP_X509_ERROR

An X50(x) error occured while attempting to prepare the message for transmission.

CSC_ONLY_SINGLE_CERTIFICATE_SIGNING

public static final java.lang.String CSC_ONLY_SINGLE_CERTIFICATE_SIGNING

18


CSC_RECEIVED_BAD_STATUS_PROOF_CERT

ficate

eption

An ocsp responder replied with only a single certificate - it is not possible to check its signing certiand acquire proof is turned on!.

CSC_RECEIVED_BAD_STATUS_PROOF_CERT

public static final java.lang.String CSC_RECEIVED_BAD_STATUS_PROOF_CERT

One of the required proofs has an unacceptable status.

CSC_RECEIVED_BAD_STATUS_REQUEST_CERT

public static final java.lang.String CSC_RECEIVED_BAD_STATUS_REQUEST_CERT

One of the requested certificates has an unacceptable status.

CSC_RECEIVED_ERROR_CERT_STATUS

public static final java.lang.String CSC_RECEIVED_ERROR_CERT_STATUS

A CertStatus reporting an error is among the returned status’s

CSC_RECEIVED_MISMATCHED_NONCE

public static final java.lang.String CSC_RECEIVED_MISMATCHED_NONCE

The nonce in the responses was not the same as that set in the request.

CSC_RECEIVED_OLD_STATUS_PROOF_CERT

public static final java.lang.String CSC_RECEIVED_OLD_STATUS_PROOF_CERT

One of the required proofs is too old to be acceptable.

CSC_STATUS_MISSING_FOR_PROOF_CERT

public static final java.lang.String CSC_STATUS_MISSING_FOR_PROOF_CERT

One of the required proofs does not have a specific status.

CSC_STATUS_MISSING_FOR_REQUEST_CERT

public static final java.lang.String CSC_STATUS_MISSING_FOR_REQUEST_CERT

One of certificates requested does not have a specific status.

CSC_TRANSPORT_UNSPECIFIED

public static final java.lang.String CSC_TRANSPORT_UNSPECIFIED

The location to transmit to could not have an appropriate transport adapter assigned to it. This exccode will include the locstion in String form as an argument.

CSC_UNIMPLEMENTED

public static final java.lang.String CSC_UNIMPLEMENTED

The method called has not been implemented.

19


ExceptionCodes()

Constructors

ExceptionCodes()

public ExceptionCodes ()

20

com.iplanet.trustbase.initiator InitiatorException

ExceptionCodes()


InitiatorExceptionDeclarationpublic class InitiatorException extends java.lang.Exception



|+-- com.iplanet.trustbase.initiator.InitiatorException


Direct Known Subclasses:ConfigAdapterException 9, CSCException 71,TransportAdapterException 31

DescriptionThe parent class of exceptions thrown in this package hierarchy.

Member Summary

Constructorspublic InitiatorException(String) 22

Construct an InitiatorException with given messagepublic InitiatorException(String, Throwable) 22

Construct an InitiatorException with given message and throwablepublic InitiatorException(String, Throwable, Object[]) 22

Construct an InitiatorException with given message,throwable and arguments.public InitiatorException(Throwable) 22

Construct an InitiatorException with given throwable

Methodspublic Object getArgs() 22

Retrieve the supporting arguments.public Throwable getNestedException() 23

Retrieve the nested exception that is carried as payload for this exception.





21

InitiatorException com.iplanet.trustbase.initiator

InitiatorException(String)

Constructors

InitiatorException(String)

public InitiatorException (java.lang.String mess)

Construct an InitiatorException with given message

Parameters:message - a message code

InitiatorException(String, Throwable)

public InitiatorException (java.lang.String mess, java.lang.Throwable throwable)

Construct an InitiatorException with given message and throwable


throwable - a supporting exception

InitiatorException(String, Throwable, Object[])

public InitiatorException (java.lang.String mess, java.lang.Throwable throwable,


Construct an InitiatorException with given message,throwable and arguments.



args - further supporting information

InitiatorException(Throwable)

public InitiatorException (java.lang.Throwable throwable)

Construct an InitiatorException with given throwable

Parameters:throwable - a supporting exception

Methods

getArgs()

public java.lang.Object[] getArgs ()



22

com.iplanet.trustbase.initiator InitiatorException

getNestedException()

Retrieve the supporting arguments.

Returns: the array of supporting objects or null if not present


public java.lang.Throwable getNestedException ()

Retrieve the nested exception that is carried as payload for this exception.

Returns: the nested exception or null if not present

23

PropertyCodes com.iplanet.trustbase.initiator


roto-

ro-

col


PropertyCodesDeclarationpublic class PropertyCodes

java.lang.Object|+-- com.iplanet.trustbase.initiator.PropertyCodes

Member Summary

Fieldspublic static CPI_LOCATION_DEFAULT25

public static CPI_LOCATION_FORCE_DEFAULT25

public static CSC_CLIP_BASE64_LINES26Retrieve whether or not to clip lines that are output in Base64 Format.

public static CSC_CREATE_SIGNED_OCSP26boolean value determines whether or not transmitted ocsp is signed.

public static CSC_DATA_CONVERTER26

public static CSC_LOCATION_DEFAULT26

public static CSC_LOCATION_FORCE_DEFAULT26

public static CSC_LOCATION_RPRESPONDERPROXY26Retrieve the rp responder proxy location —- a null means don’t use it.

public static CSC_MAX_PROOF_RESPONSE_AGE26Retrieve the maximum time in seconds that a freshness proof is considered valid.

public static CSC_MESSAGE_FACTORY26Retrieves the classname of the message factory to use for a given protocol The pcol is specified by the oid.

public static CSC_MESSAGE_FACTORY_DEFAULT26Retrieve the class name of the default message factory.

public static CSC_MESSAGE_FACTORY_FORCE_DEFAULT26boolean value as to whether we force the usage of the default factory.

public static CSC_PREFERRED_OID27Retrieve the preferred protocol to use when performing operations.

public static CSC_PREFERRED_PROTOCOL27Retrieve The preferred protocol name —- this is a shorthand way of choosing the ptocol via OID.

public static CSC_PREFERRED_VERSION27Retrieve the preferred protocol version to use.

public static CSC_PROTOCOL_ADAPTER27Retrieves the class name of a protocol adapter.

public static CSC_RESOURCE_DATA_CONVERTER27

public static CSC_RESOURCE_MAX_PROOF_RESPONSE_AGE27Retrieve the maximum time in seconds that a freshness proof is considered valid.

public static CSC_RESOURCE_MESSAGE_FACTORY27Retreives the classname of the message factory to use for given protocol The protois specified by the oid.

public static CSC_RESOURCE_MESSAGE_FACTORY_DEFAULT27Retrieve the class name of the default message factory.

public static CSC_RESOURCE_PREFERRED_OID27Retrieve the preferred protocol to use when performing operations.

24

com.iplanet.trustbase.initiator PropertyCodes

CPI_LOCATION_DEFAULT

ound

Fields

CPI_LOCATION_DEFAULT

public static java.lang.String CPI_LOCATION_DEFAULT

CPI_LOCATION_FORCE_DEFAULT

public static java.lang.String CPI_LOCATION_FORCE_DEFAULT

public static CSC_RESOURCE_PREFERRED_VERSION27Retrieves the preferred protocol version to use when performing operations.

public static CSC_RESOURCE_PROTOCOL_ADAPTER28Retreives the class name of a protocol adapter.

public static CSC_VERIFY_SIGNED_OCSP28boolean value determines whether or not received ocsp is verified.

public static INITIATOR_ENGINE_LOGGER28The Engine logger.

public static INITIATOR_KEYSTORE_DOMAIN_SPACE28

public static INITIATOR_KEYSTORE_PASSWORD28

public static INITIATOR_KEYSTORE_SIGNING_CERTIFICATE28KeyStore Properties to be used with ConfigAdapterImpl.

public static INITIATOR_KEYSTORE_SSLSIGNING_CERTIFICATE28

public static INITIATOR_KEYSTORE_VERIFICATION_CERTIFICATE 28

public static INITIATOR_LOCATION_DEFAULT28Retrieve the default location to send transactions.

public static INITIATOR_LOCATION_FORCE_DEFAULT28Retrieve whether or not to force the location default.

public static INITIATOR_RESOURCE_TRANSPORT_ADAPTER29Retrieve the classname of a transport adapter that supports a given protocol.

public static INITIATOR_RESOURCE_TRANSPORT_ADAPTER_DEFAULT29Retrieves the default classname of a transport adapter to use if none have been fwith the previous checks.

public static INITIATOR_TRANSPORT_ADAPTER29Retrieve the classname of a transport adapter that supports a given protocol.

public static INITIATOR_TRANSPORT_DEFAULT_PROTOCOL29Retrieve the classname of the default transport adapter to use.

Constructorspublic PropertyCodes() 29




Member Summary

25


CSC_CLIP_BASE64_LINES

e case

by the

ifand

CSC_CLIP_BASE64_LINES

public static java.lang.String CSC_CLIP_BASE64_LINES

Retrieve whether or not to clip lines that are output in Base64 Format.

CSC_CREATE_SIGNED_OCSP

public static java.lang.String CSC_CREATE_SIGNED_OCSP

boolean value determines whether or not transmitted ocsp is signed. It defaults to false if not set. In thof identrus XML wrapped ocsp it is forced to false.

CSC_DATA_CONVERTER

public static java.lang.String CSC_DATA_CONVERTER

CSC_LOCATION_DEFAULT

public static java.lang.String CSC_LOCATION_DEFAULT

CSC_LOCATION_FORCE_DEFAULT

public static java.lang.String CSC_LOCATION_FORCE_DEFAULT

CSC_LOCATION_RPRESPONDERPROXY

public static java.lang.String CSC_LOCATION_RPRESPONDERPROXY

Retrieve the rp responder proxy location —- a null means don’t use it.

CSC_MAX_PROOF_RESPONSE_AGE

public static java.lang.String CSC_MAX_PROOF_RESPONSE_AGE

Retrieve the maximum time in seconds that a freshness proof is considered valid.

CSC_MESSAGE_FACTORY

public static java.lang.String CSC_MESSAGE_FACTORY

Retrieves the classname of the message factory to use for a given protocol The protocol is specifiedoid.

CSC_MESSAGE_FACTORY_DEFAULT

public static java.lang.String CSC_MESSAGE_FACTORY_DEFAULT

Retrieve the class name of the default message factory. This is checkedCSC_MESSAGE_FACTORY_FORCE_DEFAULT return true or both CSC_MESSAGE_FACTORYCSC_RESOURCE_MESSAGE_FACTORY return null.

CSC_MESSAGE_FACTORY_FORCE_DEFAULT

public static java.lang.String CSC_MESSAGE_FACTORY_FORCE_DEFAULT

boolean value as to whether we force the usage of the default factory.

26


CSC_PREFERRED_OID

pecific

by the

if

ked if

CSC_PREFERRED_OID

public static java.lang.String CSC_PREFERRED_OID

Retrieve the preferred protocol to use when performing operations.

CSC_PREFERRED_PROTOCOL

public static java.lang.String CSC_PREFERRED_PROTOCOL

Retrieve The preferred protocol name —- this is a shorthand way of choosing the protocol via OID.

CSC_PREFERRED_VERSION

public static java.lang.String CSC_PREFERRED_VERSION

Retrieve the preferred protocol version to use.

CSC_PROTOCOL_ADAPTER

public static java.lang.String CSC_PROTOCOL_ADAPTER

Retrieves the class name of a protocol adapter. It is concatenated with the protocol oid , to get the sprotocol.

CSC_RESOURCE_DATA_CONVERTER

public static java.lang.String CSC_RESOURCE_DATA_CONVERTER

CSC_RESOURCE_MAX_PROOF_RESPONSE_AGE

public static java.lang.String CSC_RESOURCE_MAX_PROOF_RESPONSE_AGE

Retrieve the maximum time in seconds that a freshness proof is considered valid.

CSC_RESOURCE_MESSAGE_FACTORY

public static java.lang.String CSC_RESOURCE_MESSAGE_FACTORY

Retreives the classname of the message factory to use for given protocol The protocol is specifiedoid. This property is only checked if CSC_MESSAGE_FACTORY returns null.

CSC_RESOURCE_MESSAGE_FACTORY_DEFAULT

public static java.lang.String CSC_RESOURCE_MESSAGE_FACTORY_DEFAULT

Retrieve the class name of the default message factory. This is only checkedCSC_MESSAGE_FACTORY_DEFAULT returns null.

CSC_RESOURCE_PREFERRED_OID

public static java.lang.String CSC_RESOURCE_PREFERRED_OID

Retrieve the preferred protocol to use when performing operations. This resource is only checCSC_PREFERRED_OID returns null.

CSC_RESOURCE_PREFERRED_VERSION

public static java.lang.String CSC_RESOURCE_PREFERRED_VERSION

27


CSC_RESOURCE_PROTOCOL_ADAPTER

ecked

pecific

e case

tore.

deter-

Retrieves the preferred protocol version to use when performing operations. This resource is only chif CSC_PREFERRED_VERSION returns null.

CSC_RESOURCE_PROTOCOL_ADAPTER

public static java.lang.String CSC_RESOURCE_PROTOCOL_ADAPTER

Retreives the class name of a protocol adapter. It id concatenated with the protocol oid , to get the sprotocol. This resource is checked if the CSC_PROTOCOL_ADAPTER property returns null.

CSC_VERIFY_SIGNED_OCSP

public static java.lang.String CSC_VERIFY_SIGNED_OCSP

boolean value determines whether or not received ocsp is verified. It defaults to false if not set. In thof identrus XML wrapped ocsp it is forced to false.

INITIATOR_ENGINE_LOGGER

public static java.lang.String INITIATOR_ENGINE_LOGGER

The Engine logger.

INITIATOR_KEYSTORE_DOMAIN_SPACE

public static java.lang.String INITIATOR_KEYSTORE_DOMAIN_SPACE

INITIATOR_KEYSTORE_PASSWORD

public static java.lang.String INITIATOR_KEYSTORE_PASSWORD

INITIATOR_KEYSTORE_SIGNING_CERTIFICATE

public static java.lang.String INITIATOR_KEYSTORE_SIGNING_CERTIFICATE

KeyStore Properties to be used with ConfigAdapterImpl. They allow the easy setup of a TokenKeyS

INITIATOR_KEYSTORE_SSLSIGNING_CERTIFICATE

public static java.lang.String INITIATOR_KEYSTORE_SSLSIGNING_CERTIFICATE

INITIATOR_KEYSTORE_VERIFICATION_CERTIFICATE

public static java.lang.String INITIATOR_KEYSTORE_VERIFICATION_CERTIFICATE

INITIATOR_LOCATION_DEFAULT

public static java.lang.String INITIATOR_LOCATION_DEFAULT

Retrieve the default location to send transactions. This location is used if no other location can bemined ( through AIA’s ) or if INITIATOR_LOCATION_FORCE_DEFAULT OR CPI/CSC_LOCATION_FORCE_DEFAULT - Depending on library - return “True”.

INITIATOR_LOCATION_FORCE_DEFAULT

public static java.lang.String INITIATOR_LOCATION_FORCE_DEFAULT

Retrieve whether or not to force the location default.

28


INITIATOR_RESOURCE_TRANSPORT_ADAPTER

ked if

revious


public static java.lang.String INITIATOR_RESOURCE_TRANSPORT_ADAPTER

Retrieve the classname of a transport adapter that supports a given protocol. This is only checINITIATOR_TRANSPORT_ADAPTER returns null.

INITIATOR_RESOURCE_TRANSPORT_ADAPTER_DEFAULT

public static java.lang.String INITIATOR_RESOURCE_TRANSPORT_ADAPTER_DEFAULT

Retrieves the default classname of a transport adapter to use if none have been found with the pchecks.

INITIATOR_TRANSPORT_ADAPTER

public static java.lang.String INITIATOR_TRANSPORT_ADAPTER

Retrieve the classname of a transport adapter that supports a given protocol.

INITIATOR_TRANSPORT_DEFAULT_PROTOCOL

public static java.lang.String INITIATOR_TRANSPORT_DEFAULT_PROTOCOL

Retrieve the classname of the default transport adapter to use.

Constructors

PropertyCodes()

public PropertyCodes ()

29

TransportAdapter com.iplanet.trustbase.initiator

sendReceive(byte[], String, String)

by a


TransportAdapterDeclarationpublic interface TransportAdapter

All Known Implementing Classes: XURLTransportAdapter 101 , HTTPTransportAdapter 98

DescriptionThe TransportAdapter is responsible for managing the delivery and reception of a message.

See Also: TransportAdapterException 31, ConfigAdapterException 9

Methods


public byte[] sendReceive (byte[] data, java.lang.String url,

java.lang.String messageType)

throws TransportAdapterException, ConfigAdapterException

Send and receive the message data

Parameters:data - the data to be sent

location - the responder URL

messageType - the message type of the request such as paymenrequest. This is later resolvedconcrete implementation of the TransportAdapter into a specific mimeType.

Returns: the data that was returned from the responder

Throws:TransportAdapterException 31 - on any transport error


Member Summary

Methodspublic byte sendReceive(byte[], String, String) 30


30

com.iplanet.trustbase.initiator TransportAdapterException



TransportAdapterExceptionDeclarationpublic class TransportAdapterException extends InitiatorException 21




|+-- com.iplanet.trustbase.initiator.TransportAdapterException


DescriptionThe exceptions thrown by TransportAdapter.

See Also: TransportAdapter 30, InitiatorException 21

Member Summary

Constructorspublic TransportAdapterException(String) 32

public TransportAdapterException(String, Throwable) 32

public TransportAdapterException(String, Throwable, Object[]) 32

public TransportAdapterException(Throwable) 32








31

TransportAdapterException com.iplanet.trustbase.initiator

TransportAdapterException(String)

Constructors

TransportAdapterException(String)

public TransportAdapterException (java.lang.String message)

TransportAdapterException(String, Throwable)

public TransportAdapterException (java.lang.String message,

java.lang.Throwable throwable)

TransportAdapterException(String, Throwable, Object[])

public TransportAdapterException (java.lang.String message,

java.lang.Throwable throwable, java.lang.Object[] args)

TransportAdapterException(Throwable)

public TransportAdapterException (java.lang.Throwable throwable)

32

com.iplanet.trustbase.initiator TransportAdapterFactory

_argTypes


TransportAdapterFactoryDeclarationpublic class TransportAdapterFactory

java.lang.Object|+-- com.iplanet.trustbase.initiator.TransportAdapterFactory

Fields

_argTypes

public static final java.lang.Class[] _argTypes

PROPERTIES_FILE

public static java.lang.String PROPERTIES_FILE

Member Summary

Fieldspublic static final _argTypes 33

public static PROPERTIES_FILE33

Constructorspublic TransportAdapterFactory() 34

Methodspublic static Trans-

portAdaptergetTransportAdapterFromLocation(String, ConfigAdapter) 34

public static Trans-portAdapter

getTransportAdapterFromProtocol(String, ConfigAdapter) 34




33

TransportAdapterFactory com.iplanet.trustbase.initiator

TransportAdapterFactory()

Constructors

TransportAdapterFactory()

public TransportAdapterFactory ()

Methods

getTransportAdapterFromLocation(String, ConfigAdapter)

public static TransportAdapter 30 getTransportAdapterFromLocation (java.lang.String

location, ConfigAdapter 6 config)

throws TransportAdapterException

Throws:TransportAdapterException 31

getTransportAdapterFromProtocol(String, ConfigAdapter)

public static TransportAdapter 30 getTransportAdapterFromProtocol (java.lang.String

protocol, ConfigAdapter 6 config)

throws TransportAdapterException

Throws:TransportAdapterException 31

34

t-

Package

com.iplanet.trustbase.initiator.config

Class Summary

Classes

ConfigAdapterImpl 36

ErrorConfigAdapter 39 Implementation of ConfigAdapter using PropertyConfigAdapter - it is for DSMS tesing and should not be instantiated in a correctly configured system.

PropertyConfigAdapter 4

5

Implementation of ConfigAdapter using a Properties object

35

ConfigAdapterImpl com.iplanet.trustbase.initiator.config


ConfigAdapterImplDeclarationpublic class ConfigAdapterImpl implements ConfigAdapter 6

java.lang.Object|+-- com.iplanet.trustbase.initiator.config.ConfigAdapterImpl

All Implemented Interfaces: ConfigAdapter 6

Member Summary

Constructorspublic ConfigAdapterImpl(Properties) 37

Methodspublic

X509CertificatecompleteChain(X509Certificate) 37

public Object getObjectProperty(String) 37

public String getProperty(String) 37

public PrivateKey getSignerKey() 37


getSignerPath() 37

public PrivateKey getSSLSignerKey() 38


getSSLSignerPath() 38

public TokenKeyStore getStore() 38


getVerificationPaths() 38

public void validateChain(X509Certificate[]) 38




36

com.iplanet.trustbase.initiator.config ConfigAdapterImpl

ConfigAdapterImpl(Properties)

Constructors

ConfigAdapterImpl(Properties)

public ConfigAdapterImpl (java.util.Properties props)



Methods





Specified By: completeChain(X509Certificate) 37 in interfaceConfigAdapterImpl 36





Specified By: getObjectProperty(String) 37 in interfaceConfigAdapterImpl 36


getProperty(String)



Specified By: getProperty(String) 37 in interfaceConfigAdapterImpl 36


getSignerKey()



Specified By: getSignerKey() 37 in interfaceConfigAdapterImpl 36


getSignerPath()



37


getSSLSignerKey()

Specified By: getSignerPath() 37 in interfaceConfigAdapterImpl 36


getSSLSignerKey()



Specified By: getSSLSignerKey() 38 in interfaceConfigAdapterImpl 36


getSSLSignerPath()



Specified By: getSSLSignerPath() 38 in interfaceConfigAdapterImpl 36


getStore()

public TokenKeyStore 132 getStore ()




Specified By: getVerificationPaths() 38 in interfaceConfigAdapterImpl 36





Specified By: validateChain(X509Certificate[]) 38 in interfaceConfigAdapterImpl 36


38

com.iplanet.trustbase.initiator.config ErrorConfigAdapter


e


ErrorConfigAdapterDeclarationpublic class ErrorConfigAdapter extends PropertyConfigAdapter 45

java.lang.Object|+--com.iplanet.trustbase.initiator.config. PropertyConfigAdapter 45

|+-- com.iplanet.trustbase.initiator.config.ErrorConfigAdapter


DescriptionImplementation of ConfigAdapter using PropertyConfigAdapter - it is for DSMS testing and should not binstantiated in a correctly configured system.

See Also: ConfigAdapter 6, com.iplanet.trustbase.initiator.PropertyConfigAda-pter , ConfigAdapterException 9, ExceptionCodes 12

Member Summary

Fieldspublic static ERROR_PROPERTY40

Constructorspublic ErrorConfigAdapter() 40

Create a blank ErrorConfigAdapterpublic ErrorConfigAdapter(Properties, Map, PrivateKey,

X509Certificate[], X509Certificate[][]) 40Create a ErrorConfigAdapter.

public ErrorConfigAdapter(Properties, Map, String, String[], Token-KeyStore) 41

Create a ErrorConfigAdapter.public ErrorConfigAdapter(Properties, PrivateKey,

X509Certificate[], X509Certificate[][]) 41Create a ErrorConfigAdapter.

public ErrorConfigAdapter(Properties, String, String[], TokenKey-Store) 41

Create a ErrorConfigAdapter.public ErrorConfigAdapter(Properties, String, String, String[],

TokenKeyStore) 42Create a ErrorConfigAdapter.

Methodspublic Object getObjectProperty(String) 42

Returns an object with the given property name from the system.public String getProperty(String) 42

Get a property from the system.

39

ErrorConfigAdapter com.iplanet.trustbase.initiator.config

ERROR_PROPERTY

te

Fields

ERROR_PROPERTY

public static java.lang.String ERROR_PROPERTY

Constructors

ErrorConfigAdapter()

public ErrorConfigAdapter ()

Create a blank ErrorConfigAdapter

ErrorConfigAdapter(Properties, Map, PrivateKey, X509Certificate[], X509Certificate[][])

public ErrorConfigAdapter (java.util.Properties properties,

java.util.Map objectProperties, java.security.PrivateKey signingKey,

java.security.cert.X509Certificate[] signerPath,

java.security.cert.X509Certificate[][] verificationPaths)

Create a ErrorConfigAdapter.

Parameters:properties - the properties object to use

public PrivateKey getSignerKey() 43Get the private key used to sign the request message.


getSignerPath() 43Get the certificate path that will be included in the request as the signer’s certificapath.

public PrivateKey getSSLSignerKey() 43Get the private key used in SSL Transactions.


getSSLSignerPath() 43Get the SSL certificate path to be used in SSL Transactions.






Methods inherited from classPropertyConfigAdapter 45

completeChain(TokenKeyStore, Collection) 48, completeChain(TokenKeyStore, Collec-tion) 48, validateChain(X509Certificate[]) 50

Member Summary

40


ErrorConfigAdapter(Properties, Map, String, String[], TokenKeyStore)

objectProperties - the object properties to use.

signingKey - the private key used to sign the request

signerPath - the certificate path to be included in a request

verificationPaths - the set of certificate paths used to verify the response

ErrorConfigAdapter(Properties, Map, String, String[], TokenKeyStore)


java.util.Map objectProperties, java.lang.String signingName,

java.lang.String[] verificationNames, TokenKeyStore 132 store)



Parameters:properties - the properties object to use.

signingName - the name of the certificate and key pair to use for signing.

verificationName - the names of the certificate chains to use for verification.

store - the token key store to retrieve the keys and certificates from.

Throws:ConfigAdapterException 9 - if it cannot access a certificate or key it needs.

ErrorConfigAdapter(Properties, PrivateKey, X509Certificate[], X509Certificate[][])


java.security.PrivateKey signingKey,


java.security.cert.X509Certificate[][] verificationPaths)






ErrorConfigAdapter(Properties, String, String[], TokenKeyStore)

public ErrorConfigAdapter (java.util.Properties properties, java.lang.String signingName,








41


ErrorConfigAdapter(Properties, String, String, String[], TokenKeyStore)


ErrorConfigAdapter(Properties, String, String, String[], TokenKeyStore)

public ErrorConfigAdapter (java.util.Properties properties, java.lang.String signingName,

java.lang.String sslsigningName, java.lang.String[] verificationNames,

TokenKeyStore 132 store)





sslsigningname - the name of the certificate and key pair to use for ssl client transactions.




Methods




Returns an object with the given property name from the system.

Overrides: getObjectProperty(String) 49 in classPropertyConfigAdapter 45


getProperty(String)




Overrides: getProperty(String) 49 in classPropertyConfigAdapter 45




42


getSignerKey()

getSignerKey()



Get the private key used to sign the request message.

Overrides: getSignerKey() 49 in classPropertyConfigAdapter 45

Returns: the signing key


getSignerPath()



Get the certificate path that will be included in the request as the signer’s certificate path.

Overrides: getSignerPath() 49 in classPropertyConfigAdapter 45

Returns: the signing certificate path


getSSLSignerKey()



Get the private key used in SSL Transactions.

Overrides: getSSLSignerKey() 49 in classPropertyConfigAdapter 45



getSSLSignerPath()



Get the SSL certificate path to be used in SSL Transactions.

Overrides: getSSLSignerPath() 50 in classPropertyConfigAdapter 45







Overrides: getVerificationPaths() 50 in classPropertyConfigAdapter 45

43



Returns: the verification path


44

com.iplanet.trustbase.initiator.config PropertyConfigAdapter



PropertyConfigAdapterDeclarationpublic class PropertyConfigAdapter implements ConfigAdapter 6

java.lang.Object|+-- com.iplanet.trustbase.initiator.config.PropertyConfigAdapter


Direct Known Subclasses:ErrorConfigAdapter 39

DescriptionImplementation of ConfigAdapter using a Properties object

See Also: ConfigAdapter 6, ConfigAdapterException 9, ExceptionCodes 12

Member Summary

Constructorspublic PropertyConfigAdapter() 46

Create a blank PropertyConfigAdapterpublic PropertyConfigAdapter(Properties, Map, PrivateKey,

X509Certificate[], X509Certificate[][]) 46Create a PropertyConfigAdapter.

public PropertyConfigAdapter(Properties, Map, String, String[],TokenKeyStore) 47

Create a PropertyConfigAdapter.protected PropertyConfigAdapter(Properties, Map, String, String,

String[], TokenKeyStore) 47

public PropertyConfigAdapter(Properties, PrivateKey,X509Certificate[], X509Certificate[][]) 47

Create a PropertyConfigAdapter.public PropertyConfigAdapter(Properties, String, String[], TokenKey-

Store) 47Create a PropertyConfigAdapter.

public PropertyConfigAdapter(Properties, String, String, String[],TokenKeyStore) 48

Create a PropertyConfigAdapter.

Methodsprotected

X509CertificatecompleteChain(TokenKeyStore, Collection) 48


completeChain(X509Certificate) 48Completes a chain given a supplied certificate.

public Object getObjectProperty(String) 49Returns an object with the given property name from the system.

45

PropertyConfigAdapter com.iplanet.trustbase.initiator.config

PropertyConfigAdapter()

te

Constructors

PropertyConfigAdapter()

public PropertyConfigAdapter ()

Create a blank PropertyConfigAdapter

PropertyConfigAdapter(Properties, Map, PrivateKey, X509Certificate[], X509Certificate[][])

public PropertyConfigAdapter (java.util.Properties properties,

java.util.Map objectProperties, java.security.PrivateKey signingKey,


java.security.cert.X509Certificate[][] vertificationPaths)



objectProperties - the object properties to use.




public String getProperty(String) 49Get a property from the system.

public PrivateKey getSignerKey() 49Get the private key used to sign the request message.


getSignerPath() 49Get the certificate path that will be included in the request as the signer’s certificapath.

public PrivateKey getSSLSignerKey() 49Get the private key used in SSL Transactions.


getSSLSignerPath() 50Get the SSL certificate path to be used in SSL Transactions.



public void validateChain(X509Certificate[]) 50Validate a supplied certificate chain.




Member Summary

46


PropertyConfigAdapter(Properties, Map, String, String[], TokenKeyStore)

PropertyConfigAdapter(Properties, Map, String, String[], TokenKeyStore)











PropertyConfigAdapter(Properties, Map, String, String, String[], TokenKeyStore)

protected PropertyConfigAdapter (java.util.Properties properties,


java.lang.String sslsigningName, java.lang.String[] verificationNames,




PropertyConfigAdapter(Properties, PrivateKey, X509Certificate[], X509Certificate[][])


java.security.PrivateKey signingKey,


java.security.cert.X509Certificate[][] vertificationPaths)






PropertyConfigAdapter(Properties, String, String[], TokenKeyStore)


java.lang.String signingName, java.lang.String[] verificationNames,






47


PropertyConfigAdapter(Properties, String, String, String[], TokenKeyStore)




PropertyConfigAdapter(Properties, String, String, String[], TokenKeyStore)


java.lang.String signingName, java.lang.String sslsigningName,






sslsigningname - the name of the certificate and key pair to use for ssl client transactions.




Methods

completeChain(TokenKeyStore, Collection)

protected java.security.cert.X509Certificate[] completeChain ( TokenKeyStore 132 store,

java.util.Collection c)







Completes a chain given a supplied certificate.

Specified By: completeChain(X509Certificate) 48 in interfacePropertyConfigAdapter 45

Parameters:certificate - The certificate to try and complete

Returns: The chain

Throws:ConfigException - if it is unable to complete the chain


48






Returns an object with the given property name from the system.

Specified By: getObjectProperty(String) 49 in interfacePropertyConfigAdapter 45


getProperty(String)




Specified By: getProperty(String) 49 in interfacePropertyConfigAdapter 45




getSignerKey()



Get the private key used to sign the request message.

Specified By: getSignerKey() 49 in interfacePropertyConfigAdapter 45



getSignerPath()



Get the certificate path that will be included in the request as the signer’s certificate path.

Specified By: getSignerPath() 49 in interfacePropertyConfigAdapter 45



getSSLSignerKey()



Get the private key used in SSL Transactions.

49


getSSLSignerPath()

Specified By: getSSLSignerKey() 49 in interfacePropertyConfigAdapter 45



getSSLSignerPath()



Get the SSL certificate path to be used in SSL Transactions.

Specified By: getSSLSignerPath() 50 in interfacePropertyConfigAdapter 45







Specified By: getVerificationPaths() 50 in interfacePropertyConfigAdapter 45

Returns: the verification path





Validate a supplied certificate chain.

Specified By: validateChain(X509Certificate[]) 50 in interfacePropertyConfigAdapter 45

Parameters:certificateChain - is the certificate chain to check.


50

stman

the

ol.

rt of

col.

the

en

y

e

Package

com.iplanet.trustbase.initiator.dsms

Class Summary

Interfaces

DataConverterClient 77 The DataConverterClient interface allows different protocols to convert their requeand response data from the native network representation to something that is hureadable.

MessageFactory 80 Message factories are responsible for building a CSC message, and for interpretingreply.

ProtocolAdapter 84 The protocol adapter is responsible for performing a request under a given protoc

Classes

CertIdContainer 52

CertStatus 54 CertStatus represents the results of a Certificate Status Check It is returned as pathe array of StatusCheckData’s that are returned when a check is performed.

CertStatus.CS 59

CertStatusCodes 60 This class hold thet static strings that CertStatus instances will return inside theirresponse codes.

CSCEngine 64 The CSCEngine is the driver class for the CSC framework it selects a suitable ProtoAdapter based on the preferred or default protocol specified in the Config Adapter

MessageData 78 Convenience class to hold a raw message and the transactionID that was used inmessage

NewOCSPUtil 82

ProtocolAdapterFactory86

The protocol Adapter factory is used by the CSCEngine to select a protocol for a givoid.

StatusCheckData 89 StatusCheckData holds the all information relating to a certificate status check

Exceptions

CSCException 71 Base class exception for all DSMS based exceptions.

CSCMessageException 73 Exception thrown by the Message Factory implementations - it is then re-thrown bthe CSCEngine

CSCProtocolException 75 Exception thrown by the ProtocolAdapter implementations - it is then re-thrown by thCSCEngine

51

CertIdContainer com.iplanet.trustbase.initiator.dsms

aias


CertIdContainerDeclarationpublic class CertIdContainer

java.lang.Object|+-- com.iplanet.trustbase.initiator.dsms.CertIdContainer

Fields

aias

protected java.util.Map aias

certID

protected com.iplanet.trustbase.security.ocsp.CertID certID

Member Summary

Fieldsprotected aias 52

protected certID 52

Constructorspublic CertIdContainer(CertID) 53

public CertIdContainer(CertID, String[], String[]) 53

public CertIdContainer(CertID, String, String) 53

Methodsprotected void construct(CertID, String[], String[]) 53

public boolean equals(Object) 53

public String getAIA(String) 53

public CertID getCertID() 53

public String toString() 53



clone, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

52

com.iplanet.trustbase.initiator.dsms CertIdContainer

CertIdContainer(CertID)

Constructors

CertIdContainer(CertID)

public CertIdContainer (com.iplanet.trustbase.security.ocsp.CertID certID)

CertIdContainer(CertID, String[], String[])

public CertIdContainer (com.iplanet.trustbase.security.ocsp.CertID certID,

java.lang.String[] oid, java.lang.String[] aia)

CertIdContainer(CertID, String, String)

public CertIdContainer (com.iplanet.trustbase.security.ocsp.CertID certID,

java.lang.String oid, java.lang.String aia)

Methods

construct(CertID, String[], String[])

protected void construct (com.iplanet.trustbase.security.ocsp.CertID certID,

java.lang.String[] oid, java.lang.String[] aia)

equals(Object)

public boolean equals (java.lang.Object object)

Overrides: java.lang.Object.equals(java.lang.Object) in class java.lang.Object

getAIA(String)

public java.lang.String getAIA (java.lang.String oid)

getCertID()

public com.iplanet.trustbase.security.ocsp.CertID getCertID ()

toString()

public java.lang.String toString ()

Overrides: java.lang.Object.toString() in class java.lang.Object

53

CertStatus com.iplanet.trustbase.initiator.dsms

toString()

tualables inonse

rror

d

t ver-

er

ode


CertStatusDeclarationpublic class CertStatus

java.lang.Object|+-- com.iplanet.trustbase.initiator.dsms.CertStatus

DescriptionCertStatus represents the results of a Certificate Status Check It is returned as part of the array ofStatusCheckData’s that are returned when a check is performed. It utilises an inner class to store the accertificate statuses - these can then be compared with the static instances which are public member varithe class. The application programmer is referred to the Codes class for details about the possible respcodes that can be returned when an error occurs.

See Also: CSCEngine 64, StatusCheckData 89, com.iplanet.trustbase.initia-tor.dsms.Codes

Member Summary

Nested Classespublic static CertStatus.CS 59

Fieldspublic static final ERROR55

There was a responder error - check the response code Contains the code csc-epublic static final GOOD55

The certificate was valid at the time of the check Contains the code csc-goodpublic static final REVOKED56

The certificate was revoked at the time of the check Contains the code csc-revokepublic static final UNKNOWN56

The responder did not recognise the certificate Contains the code csc-unknownpublic static final UNRECOGNIZED56

The responder has used an unrecognized cert status code possibly a more recension of the protocol.

Constructorspublic CertStatus(CertStatus.CS, Date, X509Certificate[], CertID,

byte[], boolean) 56Construct a certificate status object which reflects a non-error status.

public CertStatus(CertStatus.CS, String) 56Construct a certificate status object which reflects an error condition without furthinformation.

public CertStatus(CertStatus.CS, String, Object[]) 56Constructs a certificate status object which reflects an error status with response cand customised information.

public CertStatus(CertStatus.CS, String, Object[], Throwable) 56Constructs a Certificate status object which reflects an error status.

54

com.iplanet.trustbase.initiator.dsms CertStatus

ERROR

Fields

ERROR

public static final CertStatus.CS 59 ERROR

There was a responder error - check the response code Contains the code csc-error

GOOD

public static final CertStatus.CS 59 GOOD

The certificate was valid at the time of the check Contains the code csc-good

public CertStatus(CertStatus.CS, String, Throwable) 56Constructs a Certificate status object which reflects an error status.

Methodspublic CertStatus.CS getCertStatus() 57

Get the cert statuspublic String getCheckCertificateIssuerNameHash() 57

Returns a hex encoded string of the issuer name hash of the checked certificate.public String getCheckCertificatePublicKeyHash() 57

Returns a hex encoded string of the public key hash for the checked certificaye.public BigInteger getCheckCertificateSerialNumber() 57

Rerturn the serial number of the checked certificate.public byte getNonce() 57

Return the nonce used in the reponse - or null if there wasn’t one.public Date getProducedAt() 57

public Object getResponseArgs() 57Get the arguments to the response code

public String getResponseCode() 57Get the response code.


getSigningPath() 58Retrieves the signing certificate chain.

public boolean isCheckedCertificate(X509Certificate, X509Certificate) 58Check to see if this cert status represents that status of the given certificate.

public boolean isFreshnessProof() 58Is this a freshness proof.





Member Summary

55


REVOKED

tocol.

d infor-

to the

throw-

REVOKED

public static final CertStatus.CS 59 REVOKED

The certificate was revoked at the time of the check Contains the code csc-revoked

UNKNOWN

public static final CertStatus.CS 59 UNKNOWN

The responder did not recognise the certificate Contains the code csc-unknown

UNRECOGNIZED

public static final CertStatus.CS 59 UNRECOGNIZED

The responder has used an unrecognized cert status code possibly a more recent version of the pro

Constructors

CertStatus(CertStatus.CS, Date, X509Certificate[], CertID, byte[], boolean)

public CertStatus ( CertStatus.CS 59 status, java.util.Date producedAt,

java.security.cert.X509Certificate[] signingPath,

com.iplanet.trustbase.security.ocsp.CertID checkCert, byte[] nonce,

boolean isFreshnessProof)

Construct a certificate status object which reflects a non-error status.

CertStatus(CertStatus.CS, String)

public CertStatus ( CertStatus.CS 59 status, java.lang.String responseCode)

Construct a certificate status object which reflects an error condition without further information.

CertStatus(CertStatus.CS, String, Object[])

public CertStatus ( CertStatus.CS 59 status, java.lang.String responseCode,

java.lang.Object[] responseArgs)

Constructs a certificate status object which reflects an error status with response code and customisemation. The client application must be carefull to correctly type the response args.

CertStatus(CertStatus.CS, String, Object[], Throwable)


java.lang.Object[] responseArgs, java.lang.Throwable t)

Constructs a Certificate status object which reflects an error status. All possible information is handedclient application.

CertStatus(CertStatus.CS, String, Throwable)


java.lang.Throwable t)

Constructs a Certificate status object which reflects an error status. A response code is given and aable.

56

com.iplanet.trustbase.initiator.dsms CertStatus

getCertStatus()

OR

upplied

esents.

ed for

nly.

Methods

getCertStatus()

public CertStatus.CS 59 getCertStatus ()

Get the cert status

Returns: one of CertStatus.GOOD, CertStatus.REVOKED, CertStatus.UNKNOWN , CertStatus.ERRor CertStatus.UNRECOGNIZED

getCheckCertificateIssuerNameHash()

public java.lang.String getCheckCertificateIssuerNameHash ()

Returns a hex encoded string of the issuer name hash of the checked certificate. This method is sonly for logging purposes.

Returns: hex encoded representation of the issuer name hash of the certificate that this object repr

getCheckCertificatePublicKeyHash()

public java.lang.String getCheckCertificatePublicKeyHash ()

Returns a hex encoded string of the public key hash for the checked certificaye. This method is providlogging purposes only.

Returns: hex encoded representation of the public key hash.

getCheckCertificateSerialNumber()

public java.math.BigInteger getCheckCertificateSerialNumber ()

Rerturn the serial number of the checked certificate. This method is provided for logging purposes o

Returns: The big integer representation of the checked certificate’s serial number.

getNonce()

public byte[] getNonce ()

Return the nonce used in the reponse - or null if there wasn’t one.

getProducedAt()

public java.util.Date getProducedAt ()

Returns: the date at which the response was produced

getResponseArgs()

public java.lang.Object getResponseArgs ()

Get the arguments to the response code

Returns: the arguments, or null if there are none

getResponseCode()

public java.lang.String getResponseCode ()

57


getSigningPath()

or.

fresh-

Get the response code. This should be set if the CertStatus is ERROR, otherwise it is null.

Returns: the response code, or null if the request was successful.

getSigningPath()

public java.security.cert.X509Certificate[] getSigningPath ()

Retrieves the signing certificate chain.

Returns: the certificate path used to sign the response

isCheckedCertificate(X509Certificate, X509Certificate)

public boolean isCheckedCertificate (java.security.cert.X509Certificate

issuerCertificate, java.security.cert.X509Certificate certificate)

Check to see if this cert status represents that status of the given certificate.

Parameters:issuerCertificate - the issuer of the certificate that you think this is a status for.

certificate - The certificate you would like know whether this cert status reflects the status f

Returns: boolean indicating whether this is the status for the certificate or not.

isFreshnessProof()

public boolean isFreshnessProof ()

Is this a freshness proof. The concept of a freshness proof only applies during identrus operation. Aness proof is enclosed with another response to prove the identity of the signing party.

Returns: true if this CertStatus object is a freshness proof

toString()



Returns: a String representation of the status

58

com.iplanet.trustbase.initiator.dsms CertStatus.CS

getCode()


CertStatus.CSDeclarationpublic static class CertStatus.CS

java.lang.Object|+-- com.iplanet.trustbase.initiator.dsms.CertStatus.CS

Enclosing Class: CertStatus 54

Methods

getCode()

public java.lang.String getCode ()

toString()



Member Summary

Methodspublic String getCode() 59





59

CertStatusCodes com.iplanet.trustbase.initiator.dsms

toString()

or it


CertStatusCodesDeclarationpublic class CertStatusCodes

java.lang.Object|+-- com.iplanet.trustbase.initiator.dsms.CertStatusCodes

DescriptionThis class hold thet static strings that CertStatus instances will return inside their response codes.

Member Summary

Fieldspublic static STATUS_IDENTRUS_CANNOT_VALIDATE61

Cannot validate TC response.public static STATUS_IDENTRUS_CSC_ERROR61

TC Responder returned a CSC ERROR response code.public static STATUS_IDENTRUS_CSC_EXCEPTION61

public static STATUS_IDENTRUS_INVALID_SIGNING_CHAIN61TC responder used a signing chain that does not appear to be valid.

public static STATUS_IDENTRUS_NO_RESPONSE_FOUND61TC Responder did not appear to return any valid ocsp responses.

public static STATUS_IDENTRUS_NO_TRUSTED_ROOTS61We have no trusted roots to cerify signature against

public static STATUS_IDENTRUS_SIGNATURE_INVALID61TC responder signature is invalid

public static STATUS_IDENTRUS_SIGNING_CERT_NOT_TRUSTED62The TC used a certificate rooted in an untrusted root.

public static STATUS_IDENTRUS_TRANSPORT_ERROR62TC Responder returned an identrus transport error.

public static final STATUS_OCSP_INTERNAL_ERROR62OCSP Responder reported an internal erorr.

public static final STATUS_OCSP_MALFORMED_REQUEST62OCSP Responder reported A malformed OCSP Request.

public static final STATUS_OCSP_SIGNATURE_REQUIRED62OCSP Responder reported that a signature is required and we didn’t supply one was not recognised as such.

public static final STATUS_OCSP_TRY_LATER62OCSP Responder reported a “Try later” Code.

public static final STATUS_OCSP_UNAUTHORISED62OCSP Responder reported that we are not authorised to access this responder.

public static final STATUS_OCSP_UNKNOWN_RESPONSE_ERROR62OCSP Responder reported an unknown status.

public static final STATUS_OCSP_VERIFICATION_FAILED62OCSP responder used an invalid or untrusted signature.

Constructors

60

com.iplanet.trustbase.initiator.dsms CertStatusCodes

STATUS_IDENTRUS_CANNOT_VALIDATE

Fields

STATUS_IDENTRUS_CANNOT_VALIDATE

public static java.lang.String STATUS_IDENTRUS_CANNOT_VALIDATE

Cannot validate TC response.

STATUS_IDENTRUS_CSC_ERROR

public static java.lang.String STATUS_IDENTRUS_CSC_ERROR

TC Responder returned a CSC ERROR response code.

STATUS_IDENTRUS_CSC_EXCEPTION

public static java.lang.String STATUS_IDENTRUS_CSC_EXCEPTION

STATUS_IDENTRUS_INVALID_SIGNING_CHAIN

public static java.lang.String STATUS_IDENTRUS_INVALID_SIGNING_CHAIN

TC responder used a signing chain that does not appear to be valid.

STATUS_IDENTRUS_NO_RESPONSE_FOUND

public static java.lang.String STATUS_IDENTRUS_NO_RESPONSE_FOUND

TC Responder did not appear to return any valid ocsp responses.

STATUS_IDENTRUS_NO_TRUSTED_ROOTS

public static java.lang.String STATUS_IDENTRUS_NO_TRUSTED_ROOTS

We have no trusted roots to cerify signature against

STATUS_IDENTRUS_SIGNATURE_INVALID

public static java.lang.String STATUS_IDENTRUS_SIGNATURE_INVALID

TC responder signature is invalid

public CertStatusCodes() 63




Member Summary

61


STATUS_IDENTRUS_SIGNING_CERT_NOT_TRUSTED

code ,

ised as

ation of

le.

STATUS_IDENTRUS_SIGNING_CERT_NOT_TRUSTED

public static java.lang.String STATUS_IDENTRUS_SIGNING_CERT_NOT_TRUSTED

The TC used a certificate rooted in an untrusted root.

STATUS_IDENTRUS_TRANSPORT_ERROR

public static java.lang.String STATUS_IDENTRUS_TRANSPORT_ERROR

TC Responder returned an identrus transport error. included with this cert status will be the vendorthe error code , and the error description all of these are in String form any and all may be null.

STATUS_OCSP_INTERNAL_ERROR

public static final java.lang.String STATUS_OCSP_INTERNAL_ERROR

OCSP Responder reported an internal erorr.

STATUS_OCSP_MALFORMED_REQUEST

public static final java.lang.String STATUS_OCSP_MALFORMED_REQUEST

OCSP Responder reported A malformed OCSP Request.

STATUS_OCSP_SIGNATURE_REQUIRED

public static final java.lang.String STATUS_OCSP_SIGNATURE_REQUIRED

OCSP Responder reported that a signature is required and we didn’t supply one or it was not recognsuch.

STATUS_OCSP_TRY_LATER

public static final java.lang.String STATUS_OCSP_TRY_LATER

OCSP Responder reported a “Try later” Code.

STATUS_OCSP_UNAUTHORISED

public static final java.lang.String STATUS_OCSP_UNAUTHORISED

OCSP Responder reported that we are not authorised to access this responder.

STATUS_OCSP_UNKNOWN_RESPONSE_ERROR

public static final java.lang.String STATUS_OCSP_UNKNOWN_RESPONSE_ERROR

OCSP Responder reported an unknown status. The cert status object will inlude an Integer representthe status code as an argument.

STATUS_OCSP_VERIFICATION_FAILED

public static final java.lang.String STATUS_OCSP_VERIFICATION_FAILED

OCSP responder used an invalid or untrusted signature. This response code may carry a thrownab

62

com.iplanet.trustbase.initiator.dsms CertStatusCodes

CertStatusCodes()

Constructors

CertStatusCodes()

public CertStatusCodes ()

63

CSCEngine com.iplanet.trustbase.initiator.dsms

CertStatusCodes()

n the

/

n

e and


CSCEngineDeclarationpublic class CSCEngine

java.lang.Object|+-- com.iplanet.trustbase.initiator.dsms.CSCEngine

DescriptionThe CSCEngine is the driver class for the CSC framework it selects a suitable Protocol Adapter based opreferred or default protocol specified in the Config Adapter. The Config Adapter property it uses is“csc.preferred.oid” If no specification is made in the Config Adapter then it checks for a resource in “comiplanet/trustbase/identrus/dsms/dsms.properties” called “csc.preferred.oid.default”. Finally if that is notspecified it uses “1.2.840.114021.4.1” - which is the standard TC oid.

See Also: ConfigAdapter 6, InitiatorException 21, ConfigAdapterException 9,TransportAdapterException 31, TransportAdapter 30, StatusCheckData 89,CertStatus 54, ProtocolAdapter 84, ExceptionCodes 12, PropertyCodes 24

Member Summary

Fieldspublic static IDENTRUS_OID65

public static IDENTRUS_PROTOCOL65

public static OCSP_OID65

public static OCSP_PROTOCOL65

Constructorspublic CSCEngine(ConfigAdapter) 65

Construct a CSCEngine The config information used is summarised below.

Methodspublic static Collec-

tiongetCertificateFromPkcs7(byte[], byte[]) 66

Convenience method provided for full complience with Identrus DSMS specificatiosee IT-DSMSSP Version 2.0 for details.

public static String getResourceProperty(String) 67Get a resource property from the the classpath resource.

protected Status-CheckData

getStatus(X509Certificate[], boolean, boolean, String-Buffer) 67

public StatusCheck-Data

getStatus(X509Certificate[], boolean, byte[]) 67Get the status of a certificate uses a nonce value that the user specified.

public StatusCheck-Data

getStatus(X509Certificate[], boolean, StringBuffer) 68Get the status of a certificate as above except the engine generates its own noncfills in the nonceValue parameter with it.

public boolean validateStatus(StatusCheckData[], X509Certificate[], bool-ean, byte[]) 69

Validate the StatusCheckData according to the specified parameters.

64

com.iplanet.trustbase.initiator.dsms CSCEngine

IDENTRUS_OID

Fields

IDENTRUS_OID

public static java.lang.String IDENTRUS_OID

IDENTRUS_PROTOCOL

public static java.lang.String IDENTRUS_PROTOCOL

OCSP_OID

public static java.lang.String OCSP_OID

OCSP_PROTOCOL

public static java.lang.String OCSP_PROTOCOL

Constructors

CSCEngine(ConfigAdapter)

public CSCEngine ( ConfigAdapter 6 configAdapter)

Construct a CSCEngine The config information used is summarised below.




Property Description Default

csc.preferred.protocol The protocol name to use when conduction transac-tions - this is a short hand version of csc.pre-ferred.oid. The values that are acceptable are“identrus” and “ocsp”.

csc.preferred.oid The protocol oid to use when conducting transac-tions.

1.2.840.114021.4.1

csc.preferred.version The version of the protocol to use when conductiontransactions - version 0 means the latest.

0

csc.location.default The default URL to use for status checks. none

csc.location.forceDefault (“true” or “false”) Whether to ignore the AIA exten-sion in a certificate (if present)

false

65


getCertificateFromPkcs7(byte[], byte[])

Ver-that it

n from

Parameters:configAdapter - the interface to the config information that will be used in constructing therequest.

Methods

getCertificateFromPkcs7(byte[], byte[])

public static java.util.Collection getCertificateFromPkcs7 (byte[] pkcs7SignedBlock,

byte[] signText)

throws CSCException

Convenience method provided for full complience with Identrus DSMS specification see IT-DSMSSPsion 2.0 for details. The Routine extracts the certificate from a signed pkcs7 signed block and checksactually signed the text you supplied in the signText parameter. Exceptions codes that can be Throwthis method are :-

csc.maxProofResponseAge The length of time in seconds that a freshness proof isconsidered valid for, under the XML wrapped OCSPprotocol A re-request is carried out if the freshnessproof is older then this. The age of the freshness proofis determined by the OCSP produced at time.

csc.createSignedOCSP Controls whether the DSMS generates signed OCSPmessages - this setting is overriden for XML transac-tions.

false

csc.verifySignedOCSP Controls whether the DSMS demands that OCSPresponses be signed - this setting is overriden forXML transactions.

false

csc.location.rpResponderProxy Controls where to send requests for the RP’s Signingcertificate - if this is not set then these checks are sentto the same location as the the client requests.

none

csc.messageFactory.<objectIdentifier> The message factory to use for the specified OID

csc.transport.defaultProtocol The default protocol to use (e.g. “http”)

csc.transport. The transport adapter to use for the specified protocol(e.g.csc.transport.https=com.acme.transport.HTTPSTransportAdapter)

csc.clipBase64Lines Defines whether or to clip base64 lines.

Code Description

Exception-Codes.CSC_NO_CERTIFICATES_TO_CHECK

indicating that no certificates where contained withinthe signed block

66


getResourceProperty(String)

ck.

d in this

C

E

E

EC

ation

EC

ECY

use

Parameters:pkcs7SignedBlock - The base64 raw data block.

signText - The data that is alledged to have been signed during creation of the signedDataBlo

Returns: A collection which has in it the certificate that signed the data.

Throws:CSCException 71 - if it cannot decode / extract / validate the pkcs7 block

getResourceProperty(String)

public static java.lang.String getResourceProperty (java.lang.String key)

Get a resource property from the the classpath resource.

Parameters:key - the key to retrieve from the resource.

getStatus(X509Certificate[], boolean, boolean, StringBuffer)

protected StatusCheckData 89[] getStatus (java.security.cert.X509Certificate[]

certificatePath, boolean acquireProof, boolean generateNonce,

java.lang.StringBuffer nonceValue)

throws CSCException, TransportAdapterException, ConfigAdapterException

Throws:ConfigAdapterException 9, TransportAdapterException 31, CSCException 71

getStatus(X509Certificate[], boolean, byte[])

public StatusCheckData 89[] getStatus (java.security.cert.X509Certificate[]

certificatePath, boolean aquireProof, byte[] bnonceValue)


Get the status of a certificate uses a nonce value that the user specified. Exception codes generateclass are as follows:

Exception-Codes.CSC_INVALID_SIGNATURE_ON_PKCS7_SIGNED_BLOCK

indicating an invalid signature on the pkcs7 block

ode Arguments Description

xceptionCodes.CSC_OCSP_X509_ERROR There was an error decoding a certificate

xceptionCodes.CSC_MALFORMED_URL String:url Malformed location URL

xception-odes.CSC_TRANSPORT_UNSPECIFIED

String:location Could not find a transport adapter for the loc

xception-odes.CSC_INVALID_TRANSPORT_ADAPTER

String:className Specified class not a TransportAdapter

xception-odes.CSC_NO_DEFAULT_MESSAGE_FACTOR

String: defaultType Cannot determine which MessageFactory to

67


getStatus(X509Certificate[], boolean, StringBuffer)

y the

not

nd

ceValue

y the

not

d

EC

e

E ss

E

Parameters:certificatePath - the chain to be checked, in the identrus protocol this means a check isperformed on all certificates in the chain excluding the root certificate. In the OCSP protocol onlleaf certificate is checked.

acquireProof - are status proofs required for the delivered signing certificates. This setting isapplied when operating using the OCSP protocol.

nonceValue - the nonce value to use for the check.

Returns: the status information pertaining to the check

Throws:ConfigAdapterException 9 - if the supplied config adapter is unable to retrieve a property, awishes to stop execution. The message in this exception is generated by the host system.

CSCException 71 - if there is an error performing the check.


See Also:com.iplanet.trustbase.identrus.dsms.CSCException ,com.iplanet.trustbase.identrus.dsms.ConfigAdapterException

getStatus(X509Certificate[], boolean, StringBuffer)


certificatePath, boolean acquireProof, java.lang.StringBuffer nonceValue)

throws CSCException, ConfigAdapterException, TransportAdapterException

Get the status of a certificate as above except the engine generates its own nonce and fills in the nonparameter with it. Exception codes generated are as above.

Parameters:certificatePath - the chain to be checked, in the identrus protocol this means a check isperformed on all certificates in the chain excluding the root certificate. In the OCSP protocol onlleaf certificate is checked.

acquireProof - are status proofs required for the delivered signing certificates. This setting isapplied when operating using the OCSP protocol.

nonceValue - this StringBuffer is filled in with the value of the nonce used.

Throws:ConfigAdapterException 9 - if the supplied config adapter is unable to retrieve a property anwishes to terminate execution.

CSCException 71 - if there is an error performing the check.


See Also:com.iplanet.trustbase.identrus.dsms.ConfigAdapterException ,com.iplanet.trustbase.identrus.dsms.CSCException

xception-odes.CSC_INVALID_MESSAGE_FACTORY

String:className Specified class not a MessageFactory to us

xceptionCodes.CSC_CLASS_LOAD String:className Error loading / instantiating specified cla

xceptionCodes.CSC_NO_DEFAULT_LOCATION No location could be determined

68


validateStatus(StatusCheckData[], X509Certificate[], boolean, byte[])

d by this


public boolean validateStatus ( StatusCheckData 89[] statusCheckData,

java.security.cert.X509Certificate[] certificatePath, boolean acquireProof,

byte[] nonceValue)


Validate the StatusCheckData according to the specified parameters. The Exception codes generatecall are as follows :

Parameters:statusCheckData - the status data produced by a getStatus call.

certificatePath - the certificatePath that was checked with the getStatus call.

acquireProof - do we require proofs for the delivered signing certificate.

nonceValue - the nonce value that was used in the getStatus call.

Code Description

ExceptionCodes.CSC_UNIMPLEMENTED An operation has been requested that the protocoldoes not support.

ExceptionCodes.CSC_NO_STATUSES_RECEIVED No statuses where given to the validate method.

Exception-Codes.CSC_NO_CERTIFICATES_TO_CHECK

No Certificates where provided to check status of.

Exception-Codes.CSC_RECEIVED_ERROR_CERT_STATUS

One of more the statuses was a CertStatus.ERROR.

Exception-Codes.CSC_RECEIVED_MISMATCHED_NONCE

The nonce sent is not the same as the nonce received.

Exception-Codes.CSC_MISSING_SIGNINGCHAIN_FROM_RESPONSE

No signing chain could be extracted from theresponse.

Exception-Codes.CSC_STATUS_MISSING_FOR_REQUEST_CERT

One or more of the request certs has not been returnedwith a status.

Exception-Codes.CSC_RECEIVED_BAD_STATUS_REQUEST_CERT

One or more of the requested certs has a bad status ieCertStatus.UNKNOWN or CertStatus.REVOKED.

Exception-Codes.CSC_RECEIVED_BAD_STATUS_PROOF_CERT

The signing cert proof has a bad status ie Cert-Status.UNKNOWN or CertStatus.REVOKED.

Exception-Codes.CSC_STATUS_MISSING_FOR_PROOF_CERT

The status for the signing cert is not present in therequest.

*

69



Throws:ConfigAdapterException 9 - if the supplied Config Adapter cannot retrieve a property andwishes to terminate execution.

CSCException 71 - If the check does not validate.


70

com.iplanet.trustbase.initiator.dsms CSCException



CSCExceptionDeclarationpublic class CSCException extends InitiatorException 21




|+-- com.iplanet.trustbase.initiator.dsms.CSCException


Direct Known Subclasses:CSCMessageException 73, CSCProtocolException 75

DescriptionBase class exception for all DSMS based exceptions.

See Also: InitiatorException 21

Member Summary

Constructorspublic CSCException(String) 72

Construct a CSCExceptionpublic CSCException(String, Throwable) 72

Construct a CSCExceptionpublic CSCException(String, Throwable, Object[]) 72

Construct a CSCException







71

CSCException com.iplanet.trustbase.initiator.dsms

CSCException(String)

Constructors

CSCException(String)

public CSCException (java.lang.String mess)



CSCException(String, Throwable)

public CSCException (java.lang.String mess, java.lang.Throwable throwable)




CSCException(String, Throwable, Object[])

public CSCException (java.lang.String mess, java.lang.Throwable throwable,








72

com.iplanet.trustbase.initiator.dsms CSCMessageException

CSCException(String, Throwable, Object[])


CSCMessageExceptionDeclarationpublic class CSCMessageException extends CSCException 71




|+--com.iplanet.trustbase.initiator.dsms. CSCException 71

|+-- com.iplanet.trustbase.initiator.dsms.CSCMessageException


DescriptionException thrown by the Message Factory implementations - it is then re-thrown by the CSCEngine

See Also: MessageFactory 80, CSCEngine 64, CSCException 71

Member Summary

Constructorspublic CSCMessageException(String) 74

Construct a CSCMessageExceptionpublic CSCMessageException(String, Throwable) 74

Construct a CSCMessageExceptionpublic CSCMessageException(String, Throwable, Object[]) 74

Construct a CSCMessageException







73

CSCMessageException com.iplanet.trustbase.initiator.dsms

CSCMessageException(String)

Constructors

CSCMessageException(String)

public CSCMessageException (java.lang.String mess)



CSCMessageException(String, Throwable)

public CSCMessageException (java.lang.String mess, java.lang.Throwable throwable)




CSCMessageException(String, Throwable, Object[])

public CSCMessageException (java.lang.String mess, java.lang.Throwable throwable,








74

com.iplanet.trustbase.initiator.dsms CSCProtocolException

CSCMessageException(String, Throwable, Object[])


CSCProtocolExceptionDeclarationpublic class CSCProtocolException extends CSCException 71




|+--com.iplanet.trustbase.initiator.dsms. CSCException 71

|+-- com.iplanet.trustbase.initiator.dsms.CSCProtocolException


DescriptionException thrown by the ProtocolAdapter implementations - it is then re-thrown by the CSCEngine

See Also: ProtocolAdapter 84, CSCEngine 64, CSCException 71

Member Summary

Constructorspublic CSCProtocolException(String) 76

Construct a CSCProtocolExceptionpublic CSCProtocolException(String, Throwable) 76

Construct a CSCProtocolExceptionpublic CSCProtocolException(String, Throwable, Object[]) 76

Construct a CSCProtocolException







75

CSCProtocolException com.iplanet.trustbase.initiator.dsms

CSCProtocolException(String)

Constructors

CSCProtocolException(String)

public CSCProtocolException (java.lang.String mess)



CSCProtocolException(String, Throwable)

public CSCProtocolException (java.lang.String mess, java.lang.Throwable throwable)




CSCProtocolException(String, Throwable, Object[])

public CSCProtocolException (java.lang.String mess, java.lang.Throwable throwable,








76

com.iplanet.trustbase.initiator.dsms DataConverterClient

makeHumanReadableRequest(byte[])

om the


DataConverterClientDeclarationpublic interface DataConverterClient

DescriptionThe DataConverterClient interface allows different protocols to convert their request and response data frnative network representation to something that is human readable.

Methods

makeHumanReadableRequest(byte[])

public byte[] makeHumanReadableRequest (byte[] request)

throws CSCException

Provide a human readable request given a raw network request.

Parameters:request - The raw network request you need to convert.

Returns: The converted human readable request.

Throws:CSCException 71

makeHumanReadableResponse(byte[])

public byte[] makeHumanReadableResponse (byte[] response)

throws CSCException

Provide a human readable response given a raw network response.

Parameters:response - The raw network response you need to convert.

Returns: The converted human readable response.


Member Summary

Methodspublic byte makeHumanReadableRequest(byte[]) 77

Provide a human readable request given a raw network request.public byte makeHumanReadableResponse(byte[]) 77

Provide a human readable response given a raw network response.

77

MessageData com.iplanet.trustbase.initiator.dsms

MessageData(byte[], byte[])


MessageDataDeclarationpublic class MessageData

java.lang.Object|+-- com.iplanet.trustbase.initiator.dsms.MessageData

DescriptionConvenience class to hold a raw message and the transactionID that was used in the message

Constructors

MessageData(byte[], byte[])

public MessageData (byte[] message, byte[] txID)

Create a MessageData

Parameters:message - the raw message

txID - the transaction ID

Member Summary

Constructorspublic MessageData(byte[], byte[]) 78

Create a MessageData

Methodspublic byte getMessage() 79

public byte getTxID() 79




78

com.iplanet.trustbase.initiator.dsms MessageData

getMessage()

Methods

getMessage()

public byte[] getMessage ()

Returns: the raw message data

getTxID()

public byte[] getTxID ()

Returns: the transaction ID

79

MessageFactory com.iplanet.trustbase.initiator.dsms

buildMessage(X509Certificate[], boolean, StringBuffer)

t


MessageFactoryDeclarationpublic interface MessageFactory

DescriptionMessage factories are responsible for building a CSC message, and for interpreting the reply.Note that any implementation of MessageFactoryMUST supply a public constructor taking a single argumenof type ConfigAdapter. Failure to provide this constructor will result in an exception at run time. All config information is picked up from the ConfigAdapter that is supplied to the MessageFactoryimplementation at construction time.

Methods

buildMessage(X509Certificate[], boolean, StringBuffer)

public MessageData 78 buildMessage (java.security.cert.X509Certificate[] toCheck,

boolean generateNonce, java.lang.StringBuffer nonceValue)

throws CSCMessageException, ConfigAdapterException

Build a message, optionally signing it

Parameters:toCheck - the certificate chain whose leaf is the certificate to be checked

generateNonce - controls whether the message builder generates its own nonce.

nonceValue - if generateNonce is false then a nonce can be specified here.

Returns: the MessageData, which comprises the message itself and the transaction ID

Throws:CSCMessageException 73 - if the message could not be built

ConfigAdapterException 9 - if necessary config information could not be retrieved

parseMessage(X509Certificate[], MessageData, boolean)

public CertStatus 54[] parseMessage (java.security.cert.X509Certificate[] request,

MessageData 78 response, boolean forceProof)

throws CSCMessageException, ConfigAdapterException

Member Summary

Methodspublic MessageData buildMessage(X509Certificate[], boolean, StringBuffer) 80

Build a message, optionally signing itpublic CertStatus parseMessage(X509Certificate[], MessageData, boolean) 80

Interpret the results of a status check

80

com.iplanet.trustbase.initiator.dsms MessageFactory

parseMessage(X509Certificate[], MessageData, boolean)

Interpret the results of a status check

Parameters:messageData - the response message from a responder

forceProof - forces the cert status’s to be generated as freshness proofs.

Returns: the status information

Throws:CSCMessageException 73 - if the message could not be parsed

ConfigAdapterException 9 - if necessary config information could not be retrieved

81

NewOCSPUtil com.iplanet.trustbase.initiator.dsms

NewOCSPUtil()


NewOCSPUtilDeclarationpublic class NewOCSPUtil

java.lang.Object|+-- com.iplanet.trustbase.initiator.dsms.NewOCSPUtil

Constructors

NewOCSPUtil()

public NewOCSPUtil ()

Methods

deserializeOCSPResponse(String)

public static com.iplanet.trustbase.security.ocsp.OCSPResponse

deserializeOCSPResponse (java.lang.String data)

throws CscUtilityException

Member Summary

Constructorspublic NewOCSPUtil() 82

Methodspublic static OCSPRe-

sponsedeserializeOCSPResponse(String) 82

public static CertId-Container

getCertIdsFromOCSPResponse(OCSPResponse) 83

public static byte getNonceFromOCSPResponse(OCSPResponse) 83

public static Date getProducedAt(OCSPResponse) 83

public static OCSPRe-sponse

retrieveOCSPResponse(CSCResponse) 83




82

com.iplanet.trustbase.initiator.dsms NewOCSPUtil

getCertIdsFromOCSPResponse(OCSPResponse)

Throws:CscUtilityException

getCertIdsFromOCSPResponse(OCSPResponse)

public static CertIdContainer 52[]

getCertIdsFromOCSPResponse (com.iplanet.trustbase.security.ocsp.OCSPResponse

ocspResponse)



getNonceFromOCSPResponse(OCSPResponse)

public static byte[]

getNonceFromOCSPResponse (com.iplanet.trustbase.security.ocsp.OCSPResponse

ocspResponse)



getProducedAt(OCSPResponse)

public static java.util.Date

getProducedAt (com.iplanet.trustbase.security.ocsp.OCSPResponse

ocspResponse)



retrieveOCSPResponse(CSCResponse)

public static com.iplanet.trustbase.security.ocsp.OCSPResponse

retrieveOCSPResponse (com.iplanet.trustbase.generated.IDENTRUS.CERTIFICATE_S

TATUS_CHECK_DTD.CSCResponse cscResponse)



83

ProtocolAdapter com.iplanet.trustbase.initiator.dsms


entedructorwn at

ain

re-


ProtocolAdapterDeclarationpublic interface ProtocolAdapter

DescriptionThe protocol adapter is responsible for performing a request under a given protocol. The currently implemprotocols are Identrus and OCSP. As with the MessageFactory’s implementations must provide a constwhich takes as its single parameter a ConfigAdapter. If they do not provide one an exception will be throrun-time.

See Also: ProtocolAdapterFactory 86, ConfigAdapter 6, ConfigAdapterException 9,TransportAdapterException 31, TransportAdapter 30, CSCProtocolException 75,StatusCheckData 89

Methods



certificatePath, boolean acquireProof, boolean generateNonce,

java.lang.StringBuffer nonceValue)

throws CSCProtocolException, ConfigAdapterException, CSCMessageException, T

ransportAdapterException

Check the status of a given certificate and return the results.

Parameters:certificatePath - The certificate path to check.

acquireProof - Whether or not acquire proof responses for the signing certificate used in the mresponses. All configuration information should be retrieved from the CSCConfigAdapter that issupplied during construction.

generateNonce - whether or not to allow the system to generate a nonce.

Member Summary

Methodspublic StatusCheck-

DatagetStatus(X509Certificate[], boolean, boolean, String-Buffer) 84

Check the status of a given certificate and return the results.public boolean validateStatus(StatusCheckData[], X509Certificate[], bool-

ean, byte[]) 85Validate the status’s provided - which will have been produced as the result of a pceeding check.

84

com.iplanet.trustbase.initiator.dsms ProtocolAdapter


no.

given

.

nonceValue - if generateNonce is set to false then this is used as the nonce value - if it is null nonce is used. If generate nonce is true then this is filled out with the nonce that was generated

Returns: The array of status’s that the check produced.

Throws:ConfigAdapterException 9, TransportAdapterException 31,CSCProtocolException 75, CSCMessageException 73


public boolean validateStatus ( StatusCheckData 89[] status,

java.security.cert.X509Certificate[] certificatePath, boolean acquireProof,

byte[] nonceValue)

throws CSCProtocolException, ConfigAdapterException, CSCMessageException, T

ransportAdapterException

Validate the status’s provided - which will have been produced as the result of a preceeding check. Aprotocol is free define what criteria it considers “valid”.

Parameters:status - the status’s of the certificates.

certificatePath - the certificate path that was checked when these status’s where produced

acquireProof - whether or not a proof of the signer’s was required.

nonceValue - the nonce value that was sent in the request.

Returns: boolean valid or not?

Throws:CSCProtocolException 75, CConfigAdapterException ,TransportAdapterException 31, CSCMessageException 73,ConfigAdapterException 9

85

ProtocolAdapterFactory com.iplanet.trustbase.initiator.dsms


d findin the


ProtocolAdapterFactoryDeclarationpublic class ProtocolAdapterFactory

java.lang.Object|+-- com.iplanet.trustbase.initiator.dsms.ProtocolAdapterFactory

DescriptionThe protocol Adapter factory is used by the CSCEngine to select a protocol for a given oid. It uses theconfigAdapter to determine the association between oid’s and classnames. Given an oid “x” is will try anthe property “csc.protocolAdapter.x” which will give the class name if no class name is specified it checksresource accessible through the CSCEngine for the property “protocolAdapter.x”.

See Also: CSCEngine 64, CSCProtocolException 75, ConfigAdapter 6,ConfigAdapterException 9

Member Summary

Fieldspublic adapters 87

public configAdapter 87

Constructorspublic ProtocolAdapterFactory(ConfigAdapter) 87

Construct a Protocol adapter based on the given config adapter.

Methodsprotected String getAdapterClassName(String) 87

public synchronizedProtocolAdapter

getInstance(String) 87Get a protocol Adapter for the given protocol

public synchronizedProtocolAdapter

getInstance(String, int) 87Get a Protocol Adapter for the given protocol and version.

protected Protocol-Adapter

makeAdapter(String, String) 88

protected List makeAdapterList(String) 88




86

com.iplanet.trustbase.initiator.dsms ProtocolAdapterFactory

adapters

Fields

adapters

public java.util.Map adapters

configAdapter

public ConfigAdapter 6 configAdapter

Constructors

ProtocolAdapterFactory(ConfigAdapter)

public ProtocolAdapterFactory ( ConfigAdapter 6 configAdapter)

Construct a Protocol adapter based on the given config adapter.

Parameters:configAdapter - the configAdapter.

Methods

getAdapterClassName(String)

protected java.lang.String getAdapterClassName (java.lang.String adapterName)



getInstance(String)

public synchronized ProtocolAdapter 84 getInstance (java.lang.String oid)

throws CSCProtocolException, ConfigAdapterException

Get a protocol Adapter for the given protocol

Parameters:oid - the protocol.

Throws:CSCProtocolException 75, CSCConfigException , ConfigAdapterException 9

getInstance(String, int)

public synchronized ProtocolAdapter 84 getInstance (java.lang.String oid, int version)


Get a Protocol Adapter for the given protocol and version.

Parameters:oid - the protocol required.

version - the version number of the protocol - or 0 if the latest version is required.

87


makeAdapter(String, String)

Throws:CSCProtocolException 75, CSCConfigException , ConfigAdapterException 9

makeAdapter(String, String)

protected ProtocolAdapter 84 makeAdapter (java.lang.String oid, java.lang.String className)


Throws:ConfigAdapterException 9, CSCProtocolException 75

makeAdapterList(String)

protected java.util.List makeAdapterList (java.lang.String oid)


Throws:ConfigAdapterException 9, CSCProtocolException 75

88

com.iplanet.trustbase.initiator.dsms StatusCheckData

makeAdapterList(String)

ed to

sseded.

ata

is


StatusCheckDataDeclarationpublic class StatusCheckData

java.lang.Object|+-- com.iplanet.trustbase.initiator.dsms.StatusCheckData

DescriptionStatusCheckData holds the all information relating to a certificate status check

Member Summary

Constructorspublic StatusCheckData(CertStatus[], Date, byte[], byte[], byte[],

String, DataConverterClient) 90Construct a StatusCheckData object.

Methodspublic CertStatus getCertStatus() 90

Get the CertStatus object.public byte getHumanReadableRequestData() 90

Get a human readable version of the request data - this data may be post processallow it to be displayed, For Example an OCSP request will be Base64 Encoded.

public byte getHumanReadableResponseData() 90Get the human readable version of the response data - this data may be post proceto allow it to be displayed, for Example an OCSP response will be Base64 Encod

public byte getRequestData() 91Get the raw request message - Exactly reflects what is sent over the network, this dmay be a binary representation.

public Date getRequestTime() 91Get the Date at which this transaction took place.

public String getResponderURL() 91Get the URL of the responder from which this status data was obtained.

public byte getResponseData() 91Get the raw response message - Exactly reflects what is sent over the network, thdata may be a binary representation.

public byte getTransactionID() 91Get The Transaction Id that this transaction was.



89

StatusCheckData com.iplanet.trustbase.initiator.dsms

StatusCheckData(CertStatus[], Date, byte[], byte[], byte[], String, DataConverterClient)

be dis-

Constructors

StatusCheckData(CertStatus[], Date, byte[], byte[], byte[], String, DataConverterClient)

public StatusCheckData ( CertStatus 54[] certStatus, java.util.Date timestamp, byte[] txID,

byte[] requestData, byte[] responseData, java.lang.String responderURL,

DataConverterClient 77 client)

Construct a StatusCheckData object.

Parameters:certStatus - the result of the check

timestamp - the time at which the check was made

txID - the transaction ID associated with the check

requestData - the raw request message

responseData - the raw response message

checkSubjectPath - the certificate path whose leaf was the subject of the check

responderURL - the responder from which this status info was obtained

Methods

getCertStatus()

public CertStatus 54[] getCertStatus ()

Get the CertStatus object.

Returns: the cert status

getHumanReadableRequestData()

public byte[] getHumanReadableRequestData ()

throws CSCException

Get a human readable version of the request data - this data may be post processed to allow it toplayed, For Example an OCSP request will be Base64 Encoded.

Returns: the human readable data.


getHumanReadableResponseData()

public byte[] getHumanReadableResponseData ()

throws CSCException



90

com.iplanet.trustbase.initiator.dsms StatusCheckData

getRequestData()

be dis-

ary rep-

binary

Get the human readable version of the response data - this data may be post processed to allow it toplayed, for Example an OCSP response will be Base64 Encoded.

Returns: The human readable data.


getRequestData()

public byte[] getRequestData ()

Get the raw request message - Exactly reflects what is sent over the network, this data may be a binresentation.

Returns: the raw request message

getRequestTime()

public java.util.Date getRequestTime ()

Get the Date at which this transaction took place.

Returns: the Date at which the request was made

getResponderURL()

public java.lang.String getResponderURL ()

Get the URL of the responder from which this status data was obtained.

Returns: the url of the responder from which this status data was obtained

getResponseData()

public byte[] getResponseData ()

Get the raw response message - Exactly reflects what is sent over the network, this data may be arepresentation.

Returns: the raw response data

getTransactionID()

public byte[] getTransactionID ()

Get The Transaction Id that this transaction was.

Returns: the raw transaction ID

91


getTransactionID()

92

Package

com.iplanet.trustbase.initiator.logger

Class Summary

Classes

DefaultEngineLogger 94 DefaultEngineLogger provides a default logger for the Engine.

93

DefaultEngineLogger com.iplanet.trustbase.initiator.logger

DefaultEngineLogger()

com.iplanet.trustbase.initiator.logger

DefaultEngineLoggerDeclarationpublic class DefaultEngineLogger implements EngineLogger 11

java.lang.Object|+-- com.iplanet.trustbase.initiator.logger.DefaultEngineLogger

All Implemented Interfaces: EngineLogger 11

DescriptionDefaultEngineLogger provides a default logger for the Engine. Can be used in combination withPropertyConfigAdapter.

Constructors

DefaultEngineLogger()

public DefaultEngineLogger ()

Member Summary

Constructorspublic DefaultEngineLogger() 94

Methodspublic void log(String, Throwable, String[]) 95





94

com.iplanet.trustbase.initiator.logger DefaultEngineLogger


Methods


public void log (java.lang.String logMessage, java.lang.Throwable t,

java.lang.String[] params)


Specified By: log(String, Throwable, String[]) 95 in interfaceDefaultEngineLogger 94

Parameters:logMessage - the message to log.

t - A throwable that may or may not accompany the message.

params - explanatory parameters to are message specific.

95



96

er

Package

com.iplanet.trustbase.initiator.trans-port

Class Summary

Classes

HTTPTransportAdapter 98 HTTPTransportAdapter provides a standard implementation of TransportAdapterusing the java.net.URL classes to provide the transport

XURLTransportAdapter 10

1

XURLTransportAdapter provides a XURL based implementation of TransportAdaptusing the XURL classes to provide the transportQ

97

HTTPTransportAdapter com.iplanet.trustbase.initiator.transport

HTTPTransportAdapter(ConfigAdapter)

com.iplanet.trustbase.initiator.transport

HTTPTransportAdapterDeclarationpublic class HTTPTransportAdapter implements TransportAdapter 30

java.lang.Object|+-- com.iplanet.trustbase.initiator.transport.HTTPTransportAdapter

All Implemented Interfaces: TransportAdapter 30

DescriptionHTTPTransportAdapter provides a standard implementation of TransportAdapter using the java.net.URLclasses to provide the transport

See Also: ExceptionCodes 12, TransportAdapterException 31,ConfigAdapterException 9

Constructors

HTTPTransportAdapter(ConfigAdapter)

public HTTPTransportAdapter ( ConfigAdapter 6 configAdapter)

Construct a HTTPTransportAdapter

Member Summary

Constructorspublic HTTPTransportAdapter(ConfigAdapter) 98

Construct a HTTPTransportAdapter






98

com.iplanet.trustbase.initiator.transport HTTPTransportAdapter


Code

Exception this message type

Exception

Exception

Exception

ExceptionCodes.CSD

not be opened

Exception uld not be opened

ExceptionCodes.CS

etermined

Exception

Exception r

Parameters:configAdapter - the config adapter to use The config information used is summarised below

Methods


public byte[] sendReceive (byte[] data, java.lang.String location,




Specified By: sendReceive(byte[], String, String) 99 in interfaceHTTPTransportAdapter 98



messageType - the type of the message data (e.g. “ocsp”);



ConfigAdapterException 9 - if config information cannot be retrieved Exception codesgenerated in this class are as follows:

Property Description

<messageType>.http.mimeType The mime type to use for the given message type

Arguments Description

Codes.CSC_HTTP_NO_MIME_TYPE String:location,String:messageType No mime type was registered for

Codes.CSC_MALFORMED_URL String:location Location string not a valid URL

Codes.CSC_HTTP_WRITE_FAILED String:location The data could not be sent

Codes.CSC_HTTP_READ_FAILED String:location The data could not be read

-C_HTTP_OPEN_CONNECTION_FAILE

String:location A connection to the remote host could

Codes.CSC_HTTP_CONNECT_FAILED String:location A connection to the remote host co

-C_HTTP_NO_ROUTE_TO_HOST

String:location No route to the remote host could be d

Codes.CSC_HTTP_PROTOCOL_ERROR String:location There was a protocol error

Codes.CSC_HTTP_SOCKET_ERROR String:location There was a general network erro

99



Exception d
Codes.CSC_HTTP_UNKNOWN_HOST String:location The remote host could not be foun
100

com.iplanet.trustbase.initiator.transport XURLTransportAdapter

XURLTransportAdapter(ConfigAdapter)

sses

com.iplanet.trustbase.initiator.transport

XURLTransportAdapterDeclarationpublic class XURLTransportAdapter implements TransportAdapter 30

java.lang.Object|+-- com.iplanet.trustbase.initiator.transport.XURLTransportAdapter

All Implemented Interfaces: TransportAdapter 30

DescriptionXURLTransportAdapter provides a XURL based implementation of TransportAdapter using the XURL clato provide the transportQ

See Also: com.iplanet.trustbase.xurl.XURL;,TransportAdapterException 31,ConfigAdapterException 9, ExceptionCodes 12, TransportAdapter 30,ConfigAdapter 6, ExceptionCodes 12

Constructors

XURLTransportAdapter(ConfigAdapter)

public XURLTransportAdapter ( ConfigAdapter 6 configAdapter)

Construct a XURLTransportAdapter

Member Summary

Constructorspublic XURLTransportAdapter(ConfigAdapter) 101

Construct a XURLTransportAdapter






101

XURLTransportAdapter com.iplanet.trustbase.initiator.transport


ge type

opened

opened

ed

Parameters:configAdapter - the config adapter to use The config information used is summarised below

Methods


public byte[] sendReceive (byte[] data, java.lang.String location,




Specified By: sendReceive(byte[], String, String) 102 in interfaceXURLTransportAdapter 101



messageType - the type of the message data (e.g. “ocsp”);



ConfigAdapterException 9 - if config information cannot be retrieved Exception codesgenerated in this class are as follows:

Property Description

<messageType>.http.mimeType The mime type to use for the given message type

Code Arguments Description

csc-http-noMimeType String:location,String:messageType No mime type was registered for this messa

csc-http-malformedURL String:location Location string not a valid URL

csc-http-writeFailed String:location The data could not be sent

csc-http-readFailed String:location The data could not be read

csc-http-openConnectionFailed String:location A connection to the remote host could not be

csc-http-connectFailed String:location A connection to the remote host could not be

csc-http-noRouteToHost String:location No route to the remote host could be determin

csc-http-protocolError String:location There was a protocol error

csc-http-socketError String:location There was a general network error

csc-http-unknownHost String:location The remote host could not be found

102

-

ate

age

scrip-

nd a

ame

gesate

d a

ia-

t

ntry

Package

com.iplanet.trustbase.security.store

Class Summary

Interfaces

PasswordCallback 130 collect a password for authenticating a user to a token, or for decrypting a pbe protected archive

Classes

KeyEntry 110 a KeyEntry in the TokenKeyStore contains a PrivateKey and an associated certificchain.

KeyUsages 113 represents purposes for which a private key may be used draws from X.509 KeyUsand ExtendedKeyUsage extensions for KeyUsage definitions

Key-Usages.ExtendedKeyUsage120

describes an X509 ExtendedKeyUsage, giving a code defined here, a name, a detion and an ASN.1 OID

KeyUsages.KeyUsage 121 describes an X509 KeyUsage, giving a code defined here, a name, a description aposition in the ASN.1 KeyUsage BitString

KeyUsages.KeyUsageI 122 common base class for KeyUsage and ExtendedKeyUsage ties together a code, nand description

KeyUsageSpecification 1

24

a means for an application to specify how a key is to be used, and how the KeyUsaassociated with that key are to be taken into consideration when validating a certific

Password 128 Password holds a users password in a char array.

TokenKeyStore 132 TokenKeyStore is similar to the JCA notion of a KeyStore, but implements functionmore appropriate to implementation by hardware tokens

TokenKeyStoreEntry 140 an entry in a TokenKeyStore database.

TokenKeyTool 146 TokenKeyTool is a command line utility for manipulating TokenKeyStores

TrustedCertificateEntry 152

a TrustedCertificateEntry in a TokenKeyStore contains a single X.509 certificate, anset of trust attributes

Exceptions

AliasConflictException105

AliasConflictException is thrown when an attempt is made to make an alias assoction which has already been made

IncompleteChainException 107

IncompleteChainException is thrown by import operations when a certificate chaincannot be completed

IncorrectPasswordException 109

IncorrectPasswordException

NoKeyUsageException 125 NoKeyUsageException is thrown when a certificate cannot be validated because idoes not have a required KeyUsage asserted

NoSuchEntryException 12

7

NoSuchEntryException thrown when a request to fetch an entry fails because the eis not in the store

103


eot

PasswordCall-back.GiveUpException 13

1

TokenKeyStoreException142

base class for Exception thrown by TokenKeyStore Objects

TokenKeyStoreInstantiationException 144

TokenKeyStoreInstantiationException

TrustException 154 TrustException thrown from TokenKeyTool.validate if a certificate is valid, but nottrusted

UnmatchedSubjectCertException 156

UnmatchedSubjectCertException is thrown when an attempt is made to update thcertchain associated with a KeyEntry, and the the subject cert of the chain does nmatch the PrivateKey

Class Summary

104

com.iplanet.trustbase.security.store AliasConflictException

y been


AliasConflictExceptionDeclarationpublic class AliasConflictException extends TokenKeyStoreException 142



|+--com.iplanet.trustbase.security.store. TokenKeyStoreException 142

|+-- com.iplanet.trustbase.security.store.AliasConflictException


DescriptionAliasConflictException is thrown when an attempt is made to make an alias association which has alreadmade

Member Summary

Constructorspublic AliasConflictException(String) 106





fillInStackTrace, getLocalizedMessage, getMessage

Methods inherited from interface TokenKeyStoreException 142

printStackTrace(PrintWriter) 143, printStackTrace(PrintWriter) 143, printStack-Trace(PrintWriter) 143, toString() 143

105

AliasConflictException com.iplanet.trustbase.security.store

AliasConflictException(String)

Constructors


public AliasConflictException (java.lang.String alias)

106

com.iplanet.trustbase.security.store IncompleteChainException



IncompleteChainExceptionDeclarationpublic class IncompleteChainException extends TokenKeyStoreException 142




|+-- com.iplanet.trustbase.security.store.IncompleteChainException


DescriptionIncompleteChainException is thrown by import operations when a certificate chain cannot be completed

Member Summary

Constructorspublic IncompleteChainException(X509Certificate[]) 108

Methodspublic static String describeChain(X509Certificate[]) 108


getIncompleteChain() 108








107

IncompleteChainException com.iplanet.trustbase.security.store

IncompleteChainException(X509Certificate[])

Constructors

IncompleteChainException(X509Certificate[])

public IncompleteChainException (java.security.cert.X509Certificate[] chain)

Methods

describeChain(X509Certificate[])

public static java.lang.String describeChain (java.security.cert.X509Certificate[] chain)

getIncompleteChain()

public java.security.cert.X509Certificate[] getIncompleteChain ()

108

com.iplanet.trustbase.security.store IncorrectPasswordException

IncorrectPasswordException()


IncorrectPasswordExceptionDeclarationpublic class IncorrectPasswordException extends TokenKeyStoreException 142




|+-- com.iplanet.trustbase.security.store.IncorrectPasswordException


DescriptionIncorrectPasswordException

Constructors


public IncorrectPasswordException ()

Member Summary

Constructorspublic IncorrectPasswordException() 109








109

KeyEntry com.iplanet.trustbase.security.store


aren, and

of the


KeyEntryDeclarationpublic abstract class KeyEntry extends TokenKeyStoreEntry 140

java.lang.Object|+--com.iplanet.trustbase.security.store. TokenKeyStoreEntry 140

|+-- com.iplanet.trustbase.security.store.KeyEntry

Descriptiona KeyEntry in the TokenKeyStore contains a PrivateKey and an associated certificate chain. KeyEntrys created by TokenKeyStores to form the client interface to a PrivateKey and it’s associated certificate chaiadditional attribute such as KeyUsage

A KeyPair is be created on a token, and in doing so a self-signed certificate, signed with the PrivateKey KeyPair, and containing the PublicKey of the KeyPair will be created.

Member Summary

Constructorsprotected KeyEntry(PrivateKey, X509Certificate[], KeyUsages) 111

Creates new KeyEntry

Methodspublic byte generatePKCS10Request(String, boolean) 111

generate a PKCS#10 request for the PrivateKey in this entry.public

X509CertificategetCertificateChain() 111

get the certificate chain guaranteeing the PrivateKey of this KeyEntrypublic KeyUsages getKeyUsages() 111

get the KeyUsages to which this Key may be putpublic PrivateKey getPrivateKey() 111

get the PrivateKey from the KeyEntrypublic PublicKey getPublicKey() 112

get the PublicKey associated with the PrivateKey.public final void setCertificateChain(X509Certificate[]) 112

set the certificate chain associated with a PrivateKey.protected abstract

X509CertificatesetCertificateChainImpl(X509Certificate[]) 112

overridable by sub-classes to do any implementation specific stuff.public void setKeyUsages(KeyUsages) 112

set the KeyUsages to which this Key may be put.



110

com.iplanet.trustbase.security.store KeyEntry

KeyEntry(PrivateKey, X509Certificate[], KeyUsages)

rom

Constructors

KeyEntry(PrivateKey, X509Certificate[], KeyUsages)

protected KeyEntry (java.security.PrivateKey key,

java.security.cert.X509Certificate[] chain, KeyUsages 113 keyUsages)

Creates new KeyEntry

Methods

generatePKCS10Request(String, boolean)

public byte[] generatePKCS10Request (java.lang.String subjectName, boolean base64)

throws TokenKeyStoreException

generate a PKCS#10 request for the PrivateKey in this entry.

Parameters:subjectName - the subject name in the request. may be null, in which case the subject name fthe existing subject cert will be used

base64 - true if the result is to be base-64 encoded

Throws:TokenKeyStoreException 142

getCertificateChain()

public java.security.cert.X509Certificate[] getCertificateChain ()

get the certificate chain guaranteeing the PrivateKey of this KeyEntry

Returns: a list of X509Certificates. not empty

getKeyUsages()

public KeyUsages 113 getKeyUsages ()

get the KeyUsages to which this Key may be put

Returns: a KeyUsages Object. not null

getPrivateKey()

public java.security.PrivateKey getPrivateKey ()


Methods inherited from classTokenKeyStoreEntry 140

addAlias(String) 141, getAliases() 141, getIssuerName() 141, getSerialNo() 141, getSubject-Name() 141, removeAlias(String) 141, setSubject(String, String, BigInteger) 141


111


getPublicKey()

t cer-

e tem-

fore it

uld be

get the PrivateKey from the KeyEntry

Returns: a PrivateKey. not null

getPublicKey()

public java.security.PublicKey getPublicKey ()

get the PublicKey associated with the PrivateKey. equivalent to getting the PublicKey from the subjectificate [ the first certificate in the chain ]

Returns: a PublicKey. not null

setCertificateChain(X509Certificate[])

public final void setCertificateChain (java.security.cert.X509Certificate[] newchain)

throws IncompleteChainException, ValidateException, TokenKeyStoreException

set the certificate chain associated with a PrivateKey. this method will normally be used to replace thporary self-signed certificate created when a KeyPair is generated with a certificate issued by a CA

Parameters:the - [ possibly partial ] certificate chain to set

Returns: the [ must be complete ] certificate chain which will be set

Throws:IncompleteChainException 107 - thrown if the supplied chain is incomplete, or cannot becompleted

TokenKeyStoreException 142 - thrown if there is any other problem

ValidateException

setCertificateChainImpl(X509Certificate[])

protected abstract java.security.cert.X509Certificate[]

setCertificateChainImpl (java.security.cert.X509Certificate[] chain)


overridable by sub-classes to do any implementation specific stuff. called by setCertificateChain beactually replaces the existing cert chain in the private members and updates the subject name


setKeyUsages(KeyUsages)

public void setKeyUsages ( KeyUsages 113 usages)

set the KeyUsages to which this Key may be put. after setting the KeyUsages, the KeyEntry shoupdated in the TokenKeyStore using the TokenKeyStore.updateEntry() method

112

com.iplanet.trustbase.security.store KeyUsages


yUsage

crip-

nd a

ame


KeyUsagesDeclarationpublic class KeyUsages implements java.lang.Cloneable

java.lang.Object|+-- com.iplanet.trustbase.security.store.KeyUsages

All Implemented Interfaces: java.lang.Cloneable

Descriptionrepresents purposes for which a private key may be used draws from X.509 KeyUsage and ExtendedKeextensions for KeyUsage definitions

Member Summary

Nested Classespublic static KeyUsages.ExtendedKeyUsage 120

describes an X509 ExtendedKeyUsage, giving a code defined here, a name, a destion and an ASN.1 OID

public static KeyUsages.KeyUsage 121describes an X509 KeyUsage, giving a code defined here, a name, a description aposition in the ASN.1 KeyUsage BitString

public abstract static KeyUsages.KeyUsageI 122common base class for KeyUsage and ExtendedKeyUsage ties together a code, nand description

Fieldspublic static final CLIENT_AUTH115

code for the clientAuth ExtendedKeyUsagepublic static final CODE_SIGNING115

code for the codeSigning ExtendedKeyUsagepublic static final CRL_SIGN115

code for the cRLSign keyUsagepublic static final DATA_ENCIPHERMENT115

code for the dataEncipherment KeyUsagepublic static final DECIPHER_ONLY115

code for the decipherOnoly KeyUsagepublic static final DIGITAL_SIGNATURE116

code for the digitalSignature KeyUsagepublic static final EKU_CLIENT_AUTH116

the clientAuth ExtendedKeyUsagepublic static final EKU_CODE_SIGNING116

the codeSigning ExtendedKeyUsagepublic static final EKU_EMAIL_PROTECTION116

the emailProtection ExtendedKeyUsagepublic static final EKU_SERVER_AUTH116

the serverAuth ExtendedKeyUsage

113

KeyUsages com.iplanet.trustbase.security.store


d in

public static final EKU_TIME_STAMPING116the timeStamping ExtendedKeyUsage

public static final EMAIL_PROTECTION116code for the emailProtection ExtendedKeyUsage

public static final ENCIPHER_ONLY116code for the encipherOnly KeyUsage

public static final EXTENDED_KEY_USAGES116all X.509 ExtendedKeyUsages presented

public static final KEY_AGREEMENT116code for the keyAgreement KeyUsage

public static final KEY_CERT_SIGN117code for the keyCertSign KeyUsage

public static final KEY_ENCIPHERMENT117code for the keyEncipherment KeyUsage

public static final KEY_USAGES117all the X.509 KeyUsages presented in ASN.1 BitString order

public static final KU_CRL_SIGN117the cRLSign KeyUsage

public static final KU_DECIPHER_ONLY117the decipherOnly KeyUsage

public static final KU_DIGITAL_SIGNATURE117the digitalSignature KeyUsage

public static final KU_ENCIPHER_ONLY117the encipherOnly KeyUsage

public static final KU_KEY_AGREEMENT117the keyAgreement KeyUsage

public static final KU_KEY_CERT_SIGN117the keyCertSignKeyUsage

public static final KU_KEY_ENCIPHERMENT117the keyEncipherment KeyUsage

public static final KU_NON_REPUDIATION118the nonRepudiation KeyUsage

public static final NON_REPUDIATION118code for the nonRepudiation KeyUsage

public static final SERVER_AUTH118code for the serverAuth ExtendedKeyUsage

public static final TIME_STAMPING118code for the timeStamping ExtendedKeyUsage

Constructorspublic KeyUsages() 118

construct an empty KeyUsages Objectpublic KeyUsages(boolean[], String[]) 118

Creates new KeyUsage, from the KeyUsages and ExtendedKeyUsages presentean X.509 certificate

public KeyUsages(KeyUsages.KeyUsage[], KeyUsages.ExtendedKey-Usage[]) 118

create a new KeyUsages from lists of KeyUsage and ExtendedKeyUsages

Methodspublic void addUsage(KeyUsages.KeyUsageI) 119

public Object clone() 119

public static Key-Usages.KeyUsageI

getByAbbrev(String) 119get a KeyUsageI by it’s abbreviation

Member Summary

114


CLIENT_AUTH

-

Fields

CLIENT_AUTH

public static final int CLIENT_AUTH

code for the clientAuth ExtendedKeyUsage

CODE_SIGNING

public static final int CODE_SIGNING

code for the codeSigning ExtendedKeyUsage

CRL_SIGN

public static final int CRL_SIGN

code for the cRLSign keyUsage

DATA_ENCIPHERMENT

public static final int DATA_ENCIPHERMENT

code for the dataEncipherment KeyUsage

DECIPHER_ONLY

public static final int DECIPHER_ONLY

code for the decipherOnoly KeyUsage

public static Key-Usages.ExtendedKey-

Usage

getByOid(String) 119get an ExtendedKeyUsages, identified by it’s ASN.1 Oid, given in the period separated decimal digit encoding

public Set getExtendedKeyUsages() 119get the enabled ExtendedKeyUsages

public Set getKeyUsages() 119get the enabled X509 KeyUsages

public boolean hasUsage(KeyUsages.KeyUsageI) 119check if this KeyUsage has the specified usage

public void removeUsage(KeyUsages.KeyUsageI) 119



equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Member Summary

115


DIGITAL_SIGNATURE

DIGITAL_SIGNATURE

public static final int DIGITAL_SIGNATURE

code for the digitalSignature KeyUsage

EKU_CLIENT_AUTH

public static final KeyUsages.ExtendedKeyUsage 120 EKU_CLIENT_AUTH

the clientAuth ExtendedKeyUsage

EKU_CODE_SIGNING

public static final KeyUsages.ExtendedKeyUsage 120 EKU_CODE_SIGNING

the codeSigning ExtendedKeyUsage

EKU_EMAIL_PROTECTION

public static final KeyUsages.ExtendedKeyUsage 120 EKU_EMAIL_PROTECTION

the emailProtection ExtendedKeyUsage

EKU_SERVER_AUTH

public static final KeyUsages.ExtendedKeyUsage 120 EKU_SERVER_AUTH

the serverAuth ExtendedKeyUsage

EKU_TIME_STAMPING

public static final KeyUsages.ExtendedKeyUsage 120 EKU_TIME_STAMPING

the timeStamping ExtendedKeyUsage

EMAIL_PROTECTION

public static final int EMAIL_PROTECTION

code for the emailProtection ExtendedKeyUsage

ENCIPHER_ONLY

public static final int ENCIPHER_ONLY

code for the encipherOnly KeyUsage

EXTENDED_KEY_USAGES

public static final KeyUsages.ExtendedKeyUsage 120[] EXTENDED_KEY_USAGES

all X.509 ExtendedKeyUsages presented

KEY_AGREEMENT

public static final int KEY_AGREEMENT

code for the keyAgreement KeyUsage

116


KEY_CERT_SIGN

KEY_CERT_SIGN

public static final int KEY_CERT_SIGN

code for the keyCertSign KeyUsage

KEY_ENCIPHERMENT

public static final int KEY_ENCIPHERMENT

code for the keyEncipherment KeyUsage

KEY_USAGES

public static final KeyUsages.KeyUsage 121[] KEY_USAGES

all the X.509 KeyUsages presented in ASN.1 BitString order

KU_CRL_SIGN

public static final KeyUsages.KeyUsage 121 KU_CRL_SIGN

the cRLSign KeyUsage

KU_DECIPHER_ONLY

public static final KeyUsages.KeyUsage 121 KU_DECIPHER_ONLY

the decipherOnly KeyUsage

KU_DIGITAL_SIGNATURE

public static final KeyUsages.KeyUsage 121 KU_DIGITAL_SIGNATURE

the digitalSignature KeyUsage

KU_ENCIPHER_ONLY

public static final KeyUsages.KeyUsage 121 KU_ENCIPHER_ONLY

the encipherOnly KeyUsage

KU_KEY_AGREEMENT

public static final KeyUsages.KeyUsage 121 KU_KEY_AGREEMENT

the keyAgreement KeyUsage

KU_KEY_CERT_SIGN

public static final KeyUsages.KeyUsage 121 KU_KEY_CERT_SIGN

the keyCertSignKeyUsage

KU_KEY_ENCIPHERMENT

public static final KeyUsages.KeyUsage 121 KU_KEY_ENCIPHERMENT

the keyEncipherment KeyUsage

117


KU_NON_REPUDIATION

ficate

KU_NON_REPUDIATION

public static final KeyUsages.KeyUsage 121 KU_NON_REPUDIATION

the nonRepudiation KeyUsage

NON_REPUDIATION

public static final int NON_REPUDIATION

code for the nonRepudiation KeyUsage

SERVER_AUTH

public static final int SERVER_AUTH

code for the serverAuth ExtendedKeyUsage

TIME_STAMPING

public static final int TIME_STAMPING

code for the timeStamping ExtendedKeyUsage

Constructors

KeyUsages()

public KeyUsages ()

construct an empty KeyUsages Object

KeyUsages(boolean[], String[])

public KeyUsages (boolean[] keyUsages, java.lang.String[] ekuOids)

Creates new KeyUsage, from the KeyUsages and ExtendedKeyUsages presented in an X.509 certi

Parameters:keyUsages - the ASN.1 BitString from the X.509 KeyUsage extension. may be null

ekuOids - a list of ASN.1 OIDs from the X.509 ExtendedKeyUsage extension. may be null

KeyUsages(KeyUsages.KeyUsage[], KeyUsages.ExtendedKeyUsage[])

public KeyUsages ( KeyUsages.KeyUsage 121[] keyUsages,

KeyUsages.ExtendedKeyUsage 120[] extendedKeyUsages)

create a new KeyUsages from lists of KeyUsage and ExtendedKeyUsages

Parameters:keyUsages - the required KeyUsages. may be null

extendedKeyUsages - the required ExtendedKeyUsages. may be null

118


addUsage(KeyUsages.KeyUsageI)

ncod-

Methods

addUsage(KeyUsages.KeyUsageI)

public void addUsage ( KeyUsages.KeyUsageI 122 usage)

clone()

public java.lang.Object clone ()

Overrides: java.lang.Object.clone() in class java.lang.Object

getByAbbrev(String)

public static KeyUsages.KeyUsageI 122 getByAbbrev (java.lang.String abbrev)

get a KeyUsageI by it’s abbreviation

getByOid(String)

public static KeyUsages.ExtendedKeyUsage 120 getByOid (java.lang.String oid)

get an ExtendedKeyUsages, identified by it’s ASN.1 Oid, given in the period separated decimal digit eing

getExtendedKeyUsages()

public java.util.Set getExtendedKeyUsages ()

get the enabled ExtendedKeyUsages

Returns: a Set of ExtendedKeyUsage Objects. not null

getKeyUsages()

public java.util.Set getKeyUsages ()

get the enabled X509 KeyUsages

Returns: a Set of KeyUsage Objects. not null

hasUsage(KeyUsages.KeyUsageI)

public boolean hasUsage ( KeyUsages.KeyUsageI 122 usage)

check if this KeyUsage has the specified usage

Returns: true if the KeyUsage or ExtendedKeyUsage specified was enabled in theis KeyUsages

removeUsage(KeyUsages.KeyUsageI)

public void removeUsage ( KeyUsages.KeyUsageI 122 usage)

119

KeyUsages.ExtendedKeyUsage com.iplanet.trustbase.security.store

getOid()

1 OID


KeyUsages.ExtendedKeyUsageDeclarationpublic static class KeyUsages.ExtendedKeyUsage extends KeyUsages.KeyUsageI 122

java.lang.Object|+--com.iplanet.trustbase.security.store. KeyUsages.KeyUsageI 122

|+-- com.iplanet.trustbase.security.store.KeyUsages.ExtendedKeyUsage

Enclosing Class: KeyUsages 113

Descriptiondescribes an X509 ExtendedKeyUsage, giving a code defined here, a name, a description and an ASN.

Methods

getOid()

public java.lang.String getOid ()

Member Summary

Methodspublic String getOid() 120


Methods inherited from classKeyUsages.KeyUsageI 122

equals(Object) 122, getAbbrev() 122, getCode() 123, getDescription() 123, getName() 123,hashCode() 123


clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

120

com.iplanet.trustbase.security.store KeyUsages.KeyUsage

getBitPosition()

SN.1


KeyUsages.KeyUsageDeclarationpublic static class KeyUsages.KeyUsage extends KeyUsages.KeyUsageI 122

java.lang.Object|+--com.iplanet.trustbase.security.store. KeyUsages.KeyUsageI 122

|+-- com.iplanet.trustbase.security.store.KeyUsages.KeyUsage


Descriptiondescribes an X509 KeyUsage, giving a code defined here, a name, a description and a position in the AKeyUsage BitString

Methods

getBitPosition()

public int getBitPosition ()

Member Summary

Methodspublic int getBitPosition() 121


Methods inherited from classKeyUsages.KeyUsageI 122

equals(Object) 122, getAbbrev() 122, getCode() 123, getDescription() 123, getName() 123,hashCode() 123



121

KeyUsages.KeyUsageI com.iplanet.trustbase.security.store

equals(Object)


KeyUsages.KeyUsageIDeclarationpublic abstract static class KeyUsages.KeyUsageI

java.lang.Object|+-- com.iplanet.trustbase.security.store.KeyUsages.KeyUsageI

Direct Known Subclasses:KeyUsages.ExtendedKeyUsage 120 , KeyUsages.KeyUsage 121


Descriptioncommon base class for KeyUsage and ExtendedKeyUsage ties together a code, name and description

Methods

equals(Object)

public boolean equals (java.lang.Object obj)

Overrides: java.lang.Object.equals(java.lang.Object) in class java.lang.Object

getAbbrev()

public java.lang.String getAbbrev ()

Member Summary

Methodspublic boolean equals(Object) 122

public String getAbbrev() 122

public int getCode() 123

public String getDescription() 123

public String getName() 123

public int hashCode() 123




122

com.iplanet.trustbase.security.store KeyUsages.KeyUsageI

getCode()

getCode()

public int getCode ()

getDescription()

public java.lang.String getDescription ()

getName()

public java.lang.String getName ()

hashCode()

public int hashCode ()

Overrides: java.lang.Object.hashCode() in class java.lang.Object

123

KeyUsageSpecification com.iplanet.trustbase.security.store

KeyUsageSpecification()

that key


KeyUsageSpecificationDeclarationpublic class KeyUsageSpecification

java.lang.Object|+-- com.iplanet.trustbase.security.store.KeyUsageSpecification

Descriptiona means for an application to specify how a key is to be used, and how the KeyUsages associated with are to be taken into consideration when validating a certificate

Constructors


public KeyUsageSpecification ()

Creates new KeyUsageSpecification

Member Summary

Constructorspublic KeyUsageSpecification() 124

Creates new KeyUsageSpecification




124

com.iplanet.trustbase.security.store NoKeyUsageException


ired


NoKeyUsageExceptionDeclarationpublic class NoKeyUsageException extends TrustException 154




|+--com.iplanet.trustbase.security.store. TrustException 154

|+-- com.iplanet.trustbase.security.store.NoKeyUsageException


DescriptionNoKeyUsageException is thrown when a certificate cannot be validated because it does not have a requKeyUsage asserted

Member Summary

Constructorspublic NoKeyUsageException(KeyUsages.KeyUsageI,

X509Certificate[]) 126








125

NoKeyUsageException com.iplanet.trustbase.security.store

NoKeyUsageException(KeyUsages.KeyUsageI, X509Certificate[])

Constructors

NoKeyUsageException(KeyUsages.KeyUsageI, X509Certificate[])

public NoKeyUsageException ( KeyUsages.KeyUsageI 122 usage,

java.security.cert.X509Certificate[] chain)

126

com.iplanet.trustbase.security.store NoSuchEntryException

NoSuchEntryException(String)

e


NoSuchEntryExceptionDeclarationpublic class NoSuchEntryException extends TokenKeyStoreException 142




|+-- com.iplanet.trustbase.security.store.NoSuchEntryException


DescriptionNoSuchEntryException thrown when a request to fetch an entry fails because the entry is not in the stor

Constructors

NoSuchEntryException(String)

public NoSuchEntryException (java.lang.String entryAlias)

Member Summary

Constructorspublic NoSuchEntryException(String) 127








127

Password com.iplanet.trustbase.security.store

Password(char[])

passwordCallback


PasswordDeclarationpublic class Password implements PasswordCallback 130

java.lang.Object|+-- com.iplanet.trustbase.security.store.Password

All Implemented Interfaces: PasswordCallback 130

DescriptionPassword holds a users password in a char array. a char array is used rather than a String to allow the to be erased. Password also implements PasswordCallback, so it can be supplied as a simple Passwordparameter

Constructors

Password(char[])

public Password (char[] password)

Creates new Password

Member Summary

Constructorspublic Password(char[]) 128

Creates new Password

Methodspublic char getPasswordChars() 129

public Password readPassword(String) 129

public Password readPasswordAgain(String) 129




128

com.iplanet.trustbase.security.store Password

getPasswordChars()

Methods

getPasswordChars()

public char[] getPasswordChars ()

readPassword(String)

public Password 128 readPassword (java.lang.String displayText)

Specified By: readPassword(String) 129 in interfacePassword 128

readPasswordAgain(String)

public Password 128 readPasswordAgain (java.lang.String displayText)

throws PasswordCallback.GiveUpException

Specified By: readPasswordAgain(String) 129 in interfacePassword 128

Throws:PasswordCallback.GiveUpException 131

129

PasswordCallback com.iplanet.trustbase.security.store



PasswordCallbackDeclarationpublic interface PasswordCallback

All Known Implementing Classes: Password 128

Descriptioncollect a password for authenticating a user to a token, or for decrypting a pbe protected archive

Methods


public Password 128 readPassword (java.lang.String displayText)


called on a first attempt to read a password


readPasswordAgain(String)

public Password 128 readPasswordAgain (java.lang.String displayText)


called on a second or subsequent attempt to read a password


Member Summary

Nested Classespublic static PasswordCallback.GiveUpException 131

Methodspublic Password readPassword(String) 130

called on a first attempt to read a passwordpublic Password readPasswordAgain(String) 130

called on a second or subsequent attempt to read a password

130

com.iplanet.trustbase.security.storePasswordCallback.GiveUpException

PasswordCallback.GiveUpException(String)


PasswordCallback.GiveUpExceptionDeclarationpublic static class PasswordCallback.GiveUpException extends TokenKeyStoreException 142




|+-- com.iplanet.trustbase.security.store.PasswordCallback.GiveUpExcep-

tion


Enclosing Class: PasswordCallback 130

Constructors


public PasswordCallback.GiveUpException (java.lang.String message)

Member Summary

Constructorspublic PasswordCallback.GiveUpException(String) 131








131

TokenKeyStore com.iplanet.trustbase.security.store


ry ise

ithm.


TokenKeyStoreDeclarationpublic abstract class TokenKeyStore

java.lang.Object|+-- com.iplanet.trustbase.security.store.TokenKeyStore

DescriptionTokenKeyStore is similar to the JCA notion of a KeyStore, but implements function more appropriate toimplementation by hardware tokens

TokenKeyStore supports two types of entries: KeyEntrys and TrustedCertificateEntrys Either type of entassociated with at least one aliases. An alias which is the RFC 2253 encoding of the subject name in thcertificate is guaranteed to be associated with the entry. Support for additional aliases is implementationdependent

Member Summary

Fieldspublic static final PROVIDER_PROPERTY133

the Provider property which specifies implementations of TokenKeyStores

Constructorspublic TokenKeyStore() 133

Methodspublic abstract Trust-

edCertificateEntryaddTrustedCertificateEntry(String, X509Certificate) 134

import a trusted certificate.public abstract Set aliases() 134

get a list of all the aliases in use in this TokenKeyStorepublic abstractX509Certificate

completeCertificateChain(X509Certificate[]) 134complete a certificate chain, given a partial chain

public abstract void deleteEntry(TokenKeyStoreEntry) 134delete an entry from the TokenKeyStore

public abstract void doCommand(String, String[]) 135perform an implementation specific command

public abstract byte exportPKCS12KeyEntry(String, PasswordCallback) 135export a KeyEntry to a PKCS#12 archive

public abstract KeyEn-try

generateKeyPair(String, String, String, int) 135generate a KeyPair on the token, using default parameters for the specified algor

public abstract Set getAllEntries() 136get all TokenKeySTore entries

public abstract Set getAllKeyEntries() 136get all KeyEntries from the KeyStore

public abstract Set getAllTrustedCertificateEntries() 136list all TrustedCertificateEntries on the token

public abstract Token-KeyStoreEntry

getEntry(String) 136get the entry with a given alias

132

com.iplanet.trustbase.security.store TokenKeyStore

PROVIDER_PROPERTY

ed

Fields

PROVIDER_PROPERTY

public static final java.lang.String PROVIDER_PROPERTY

the Provider property which specifies implementations of TokenKeyStores

Constructors

TokenKeyStore()

public TokenKeyStore ()


getEntry(String, BigInteger) 136get an entry whose certificate has the given issuer and serial number


getEntry(X509Certificate) 137get an entry whose certificate matches the provided cert

public static Token-KeyStore

getInstance(String, String, PasswordCallback) 137get a TokenKeyStore


getKeyEntry(String) 137get a KeyEntry from the store


getKeyEntry(String, BigInteger) 137get a KeyEntry whose subject certificate has the given issuer and serial number

public abstract Trust-edCertificateEntry

getTrustedCertificateEntry(String) 138get a TrustedCertificateEntry

public abstract Trust-edCertificateEntry

getTrustedCertificateEntry(String, BigInteger) 138get a TrustedCertificateEntry whose issuer and serial number match those specifi


importPKCS12KeyEntry(String, byte[], PasswordCallback) 138import a PKCS#12 PrivateKey and associated certificate chain.

public static void main(String[]) 139provides useful debug output.

public abstract void updateEntry(TokenKeyStoreEntry) 139update an entry on the TokenKeyStore

public void validate(X509Certificate[], Date) 139

public abstract void validate(X509Certificate[], KeyUsages, Date) 139validate a certificate chain for a given purpose, on a given data




Member Summary

133


addTrustedCertificateEntry(String, X509Certificate)

bject

ore

Methods

addTrustedCertificateEntry(String, X509Certificate)

public abstract TrustedCertificateEntry 152 addTrustedCertificateEntry (java.lang.String

alias, java.security.cert.X509Certificate cert)

throws AliasConflictException, TokenKeyStoreException

import a trusted certificate. This action creates a new TrustedCertificateEntry

Parameters:the - alias to give the TrustedCertificateEntry. may be null, in which case the rfc 2253 encoded suname of the certificate will be used as the alias

cert - the certificate to be trusted. not null

callback - a PasswordCallback to authenticate the user to the token. may be null

Throws:TokenKeyStoreException 142 , AliasConflictException 105

aliases()

public abstract java.util.Set aliases ()

get a list of all the aliases in use in this TokenKeyStore

Returns: a Set of Strings. not null

completeCertificateChain(X509Certificate[])

public abstract java.security.cert.X509Certificate[]

completeCertificateChain (java.security.cert.X509Certificate[] partialChain)

throws IncompleteChainException, TokenKeyStoreException

complete a certificate chain, given a partial chain

Parameters:partialChain - the partial certificate chain. must contain at least one certificate

Returns: the completed certificate chain

Throws:IncompleteChainException 107 - if the chain cannot be completed using certificates in the st

TokenKeyStoreException 142

deleteEntry(TokenKeyStoreEntry)

public abstract void deleteEntry ( TokenKeyStoreEntry 140 entry)

throws NoSuchEntryException, TokenKeyStoreException

delete an entry from the TokenKeyStore

Parameters:entry - the entry to delete. not null

Throws:TokenKeyStoreException 142 , NoSuchEntryException 127

134


doCommand(String, String[])

. may

ill cre-le self

sed

doCommand(String, String[])

public abstract void doCommand(java.lang.String commandVerb,

java.lang.String[] arguments)


perform an implementation specific command

Parameters:commandVerb - a String identifying the action to take. not empty

arguments - any arguments required by the commandVerb. may be null


exportPKCS12KeyEntry(String, PasswordCallback)

public abstract byte[] exportPKCS12KeyEntry (java.lang.String alias,

PasswordCallback 130 callback)


export a KeyEntry to a PKCS#12 archive

Parameters:alias - the KeyEntry to export. not null

callback - a PasswordCallback to encrypt the archive and to authenticate the user to the tokenbe null

Returns: a byte array containing a BER encoded PKCS#12 archive


generateKeyPair(String, String, String, int)

public abstract KeyEntry 110 generateKeyPair (java.lang.String alias,

java.lang.String subjectName, java.lang.String algorithm, int keysize)


generate a KeyPair on the token, using default parameters for the specified algorithm. This action wate a new KeyEntry on the token, with a KeyPair and a temporary certificate chain consisting of a singsigned certificate with a fixed Distinguished Name

Parameters:alias - the alias to assign to the new KeyEntry. may be null, in which case subjectName will be uas the alias

subjectName - RFC2253 encoded subject DN of temporary certificate. not null

the - algorithm to generate the KeyPair for. not null

keysize - key size of the keys to be generated

Returns: a KeyEntry whos Keys reference objects resident on the token. not null


See Also:KeyEntry 110

135


getAllEntries()

getAllEntries()

public abstract java.util.Set getAllEntries ()


get all TokenKeySTore entries

Returns: a Set of TokenKeyStoreEntry Objects


getAllKeyEntries()

public abstract java.util.Set getAllKeyEntries ()

get all KeyEntries from the KeyStore

Returns: an Enumeration of KeyEntry Objects. not null

getAllTrustedCertificateEntries()

public abstract java.util.Set getAllTrustedCertificateEntries ()

list all TrustedCertificateEntries on the token

Returns: an Enumeration of TrustedCertificateEntrys. not null

getEntry(String)

public abstract TokenKeyStoreEntry 140 getEntry (java.lang.String alias)


get the entry with a given alias

Parameters:the - alias of the entry to get. not null

Returns: a TokenKeyStore entry: one of a KeyEntry or a TrustedCertificateEntry. not null


getEntry(String, BigInteger)

public abstract TokenKeyStoreEntry 140 getEntry (java.lang.String issuer,

java.math.BigInteger serialNo)


get an entry whose certificate has the given issuer and serial number

Parameters:issuer - an RFC2253 encoded certificate issuer distinguished name

a - certificate serial number

Returns: a TokenKeyStoreEntry: either a KeyEntry or a TrustedCertificateEntry. not null


136


getEntry(X509Certificate)

getEntry(X509Certificate)

public abstract TokenKeyStoreEntry 140 getEntry (java.security.cert.X509Certificate cert)


get an entry whose certificate matches the provided cert

Parameters:cert - the cert to match. not null

Returns: a TokenKeyStoreEntry: either a KeyEntry or a TrustedCertificateEntry. not null


getInstance(String, String, PasswordCallback)

public static TokenKeyStore 132 getInstance (java.lang.String type,

java.lang.String location, PasswordCallback 130 callback)


get a TokenKeyStore

Parameters:type - the type of the TokenKeyStore, e.g. “JSS”. not null

location - a URL, can benull

callback - PasswordCallback for logon to token, and also for use if other actions requiring apassword don’t explicitly receive a PasswordCallback. may be null

Returns: a TokenKeyStore object. not null


getKeyEntry(String)

public abstract KeyEntry 110 getKeyEntry (java.lang.String alias)


get a KeyEntry from the store

Parameters:alias - the alias of the entry. not null

Returns: a KeyEntry. not null


getKeyEntry(String, BigInteger)

public abstract KeyEntry 110 getKeyEntry (java.lang.String issuer,

java.math.BigInteger serialNo)


get a KeyEntry whose subject certificate has the given issuer and serial number

Parameters:issuer - an RFC2253 encoded certificate issuer distinguished name

a - certificate serial number

137


getTrustedCertificateEntry(String)

y

. may

Returns: a KeyEntry. not null


getTrustedCertificateEntry(String)

public abstract TrustedCertificateEntry 152 getTrustedCertificateEntry (java.lang.String

alias)


get a TrustedCertificateEntry

Parameters:alias - the alias of the entry. not null

Returns: a TruistedCertificateEntry. not null


getTrustedCertificateEntry(String, BigInteger)

public abstract TrustedCertificateEntry 152 getTrustedCertificateEntry (java.lang.String

issuer, java.math.BigInteger serialNo)


get a TrustedCertificateEntry whose issuer and serial number match those specified

Parameters:issuer - the RFC2253 encoded issuer name of the certificate. not null

serialNo - the serial number of the certificate. not null

Returns: a TruistedCertificateEntry. not null


importPKCS12KeyEntry(String, byte[], PasswordCallback)

public abstract KeyEntry 110 importPKCS12KeyEntry (java.lang.String alias,

byte[] encodedEntry, PasswordCallback 130 callback)

throws AliasConflictException, IncompleteChainException, TokenKeyStoreExcep

tion

import a PKCS#12 PrivateKey and associated certificate chain. this action will create a new KeyEntr

Parameters:alias - the alias to associate with the new KeyEntry. may be null, in which case the RFC 2253encoded name of the subject cert will be used as the alias

encodedEntry - a BER encoded PKCS#12 archive. not null

callback - a PasswordCallback to decrypt the archive and to authenticate the user to the tokenbe null

Throws:TokenKeyStoreException 142 , IncompleteChainException 107 ,AliasConflictException 105

138


main(String[])

ations

rd to

s

main(String[])

public static void main (java.lang.String[] args)

throws Throwable

provides useful debug output. If run with no parameters, lists all installed TokenKeyStore implementfrom all Providers.

If instantiated as

TokenKeyStore [ ]

instantiate the TokenKeyStore of the given type, at the given location using the optional passwoauthenticate. Then dump a summary of all entries in the TokenKeyStore

Throws:Throwable

updateEntry(TokenKeyStoreEntry)

public abstract void updateEntry ( TokenKeyStoreEntry 140 entry)


update an entry on the TokenKeyStore

Parameters:entry - the entry to update. not null


validate(X509Certificate[], Date)

public void validate (java.security.cert.X509Certificate[] chain, java.util.Date date)

throws ValidateException, TrustException, TokenKeyStoreException

Throws:TokenKeyStoreException 142 , TrustException 154 , ValidateException

validate(X509Certificate[], KeyUsages, Date)

public abstract void validate (java.security.cert.X509Certificate[] chain,

KeyUsages 113 purpose, java.util.Date date)

throws ValidateException, TrustException, TokenKeyStoreException

validate a certificate chain for a given purpose, on a given data

Parameters:chain - the certificate chain. not null

purpose - the purpose to validate for. may be null, if TokenKeyStore policy permits it

date - the date on which to validate the certificate. may be null, in which case the current date iassumed

Throws:ValidateException - thrown if the certificate chain is invalid

TrustException 154 - thrown if the certificate chain is valid but not trusted


139

TokenKeyStoreEntry com.iplanet.trustbase.security.store

validate(X509Certificate[], KeyUsages, Date)

ed as

re


TokenKeyStoreEntryDeclarationpublic abstract class TokenKeyStoreEntry

java.lang.Object|+-- com.iplanet.trustbase.security.store.TokenKeyStoreEntry

Direct Known Subclasses:KeyEntry 110 , TrustedCertificateEntry 152

Descriptionan entry in a TokenKeyStore database. Entries are either TrustedCertificateEntrys or KeyEntrys.

Each entry is associated with at least one alias. At a minimum their will be a single alias which will be fixthe RFC2253 encoding of the subject name in the certificate.

A more flexible single alias, or additional aliases may be supported at the discretion of the TokenKeyStoimplementation

Member Summary

Methodspublic abstract void addAlias(String) 141

add an alias to this entrypublic abstract Set getAliases() 141

get all aliases associated with this entrypublic String getIssuerName() 141

public BigInteger getSerialNo() 141

public String getSubjectName() 141get the subjectName associated with this entry

public abstract void removeAlias(String) 141remove an alias from this entry.

protected final void setSubject(String, String, BigInteger) 141




140

com.iplanet.trustbase.security.store TokenKeyStoreEntry

addAlias(String)

Methods

addAlias(String)

public abstract void addAlias (java.lang.String alias)

throws AliasConflictException, TokenKeyStoreException

add an alias to this entry

Parameters:alias - the alias to add. not null. not empty

Throws:AliasConflictException 105 - thrown if the alias is already in use


getAliases()

public abstract java.util.Set getAliases ()

get all aliases associated with this entry

Returns: a Set of Strings. not empty

getIssuerName()

public java.lang.String getIssuerName ()

getSerialNo()

public java.math.BigInteger getSerialNo ()

getSubjectName()

public java.lang.String getSubjectName ()

get the subjectName associated with this entry

Returns: the subjectName. not empty

removeAlias(String)

public abstract void removeAlias (java.lang.String alias)


remove an alias from this entry. silently completes if the specified alias is not present

Parameters:alias - the alias to remove. may be null


setSubject(String, String, BigInteger)

protected final void setSubject (java.lang.String subjectName,

java.lang.String issuerName, java.math.BigInteger serialNo)

141

TokenKeyStoreException com.iplanet.trustbase.security.store

setSubject(String, String, BigInteger)


TokenKeyStoreExceptionDeclarationpublic class TokenKeyStoreException extends java.lang.Exception



|+-- com.iplanet.trustbase.security.store.TokenKeyStoreException


Direct Known Subclasses:AliasConflictException 105 , IncompleteChainException 107 ,IncorrectPasswordException 109 , NoSuchEntryException 127 , PasswordCall-back.GiveUpException 131 , TokenKeyStoreInstantiationException 144 ,TrustException 154 , UnmatchedSubjectCertException 156

Descriptionbase class for Exception thrown by TokenKeyStore Objects

Member Summary

Constructorspublic TokenKeyStoreException(String) 143

public TokenKeyStoreException(Throwable) 143

Methodspublic void printStackTrace() 143

public void printStackTrace(PrintStream) 143

public void printStackTrace(PrintWriter) 143







142

com.iplanet.trustbase.security.store TokenKeyStoreException

TokenKeyStoreException(String)

Constructors

TokenKeyStoreException(String)

public TokenKeyStoreException (java.lang.String message)

TokenKeyStoreException(Throwable)

public TokenKeyStoreException (java.lang.Throwable t)

Methods

printStackTrace()

public void printStackTrace ()

Overrides: java.lang.Throwable.printStackTrace() in class java.lang.Throwable

printStackTrace(PrintStream)

public void printStackTrace (java.io.PrintStream s)

Overrides: java.lang.Throwable.printStackTrace(java.io.PrintStream) in class java.lang.Throwable

printStackTrace(PrintWriter)

public void printStackTrace (java.io.PrintWriter s)

Overrides: java.lang.Throwable.printStackTrace(java.io.PrintWriter) in class java.lang.Throwable

toString()


Overrides: java.lang.Throwable.toString() in class java.lang.Throwable

143

TokenKeyStoreInstantiationException com.iplanet.trustbase.security.store

toString()

n
TokenKeyStoreInstantiationExceptioDeclarationpublic class TokenKeyStoreInstantiationException extends TokenKeyStoreException 142




|+-- com.iplanet.trustbase.security.store.TokenKeyStoreInstantiationEx-

ception


DescriptionTokenKeyStoreInstantiationException

Member Summary

Constructorspublic TokenKeyStoreInstantiationException(String) 145

public TokenKeyStoreInstantiationException(Throwable) 145








144

com.iplanet.trustbase.security.storeTokenKeyStoreInstantiationException

TokenKeyStoreInstantiationException(String)

Constructors

TokenKeyStoreInstantiationException(String)

public TokenKeyStoreInstantiationException (java.lang.String message)

TokenKeyStoreInstantiationException(Throwable)

public TokenKeyStoreInstantiationException (java.lang.Throwable t)

145

TokenKeyTool com.iplanet.trustbase.security.store

TokenKeyStoreInstantiationException(Throwable)

rgu-


TokenKeyToolDeclarationpublic class TokenKeyTool

java.lang.Object|+-- com.iplanet.trustbase.security.store.TokenKeyTool

DescriptionTokenKeyTool is a command line utility for manipulating TokenKeyStores

Member Summary

Fieldspublic static final SWITCH_RESOURCE147

name of the resource containing the Switch specifications for the command line aments

Constructorspublic TokenKeyTool() 147

Methodspublic static void addAlias(Argv) 147

public static void certReq(Argv) 147

public static void deleteCert(Argv) 147

public static void deleteKey(Argv) 148

public static void digest(Argv) 148

public static boolean doCommand(String, Argv, Argv) 148

public static void examineCerts(Argv) 148

public static void exportCerts(Argv) 148

public static void exportKey(Argv) 148

public static void genKey(Argv) 148

public static void httpsClient(Argv) 149

public static void httpsServer(Argv) 149

public static void importKey(Argv) 149

public static void importKeyChain(Argv) 149

public static void importTrustedCerts(Argv) 149

public static void listAliases(Argv) 149list all aliases defined in the store

public static void listCerts(Argv) 149

public static void listKeys(Argv) 150lists all the KeyEntrys in the store

public static void listProviders(Argv) 150

public static void main(String[]) 150

public static void removeAlias(Argv) 150

public static void shell(Argv) 150

public static void sign(Argv) 150

public static void validate(Argv) 150

146

com.iplanet.trustbase.security.store TokenKeyTool

SWITCH_RESOURCE

Fields

SWITCH_RESOURCE

public static final java.lang.String SWITCH_RESOURCE

name of the resource containing the Switch specifications for the command line arguments

Constructors

TokenKeyTool()

public TokenKeyTool ()

Methods

addAlias(Argv)

public static void addAlias (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

certReq(Argv)

public static void certReq (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

deleteCert(Argv)

public static void deleteCert (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

public static void verify(Argv) 151




Member Summary

147


deleteKey(Argv)

Throws:Throwable

deleteKey(Argv)

public static void deleteKey (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

digest(Argv)

public static void digest (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

doCommand(String, Argv, Argv)

public static boolean doCommand(java.lang.String command,

com.iplanet.trustbase.util.argv.Argv argv,

com.iplanet.trustbase.util.argv.Argv startArgv)

throws Throwable

Throws:Throwable

examineCerts(Argv)

public static void examineCerts (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

exportCerts(Argv)

public static void exportCerts (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

exportKey(Argv)

public static void exportKey (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

genKey(Argv)

public static void genKey (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

148


httpsClient(Argv)

Throws:Throwable

httpsClient(Argv)

public static void httpsClient (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

httpsServer(Argv)

public static void httpsServer (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

importKey(Argv)

public static void importKey (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

importKeyChain(Argv)

public static void importKeyChain (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

importTrustedCerts(Argv)

public static void importTrustedCerts (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

listAliases(Argv)

public static void listAliases (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

list all aliases defined in the store

Throws:Throwable

listCerts(Argv)

public static void listCerts (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

149


listKeys(Argv)

Throws:Throwable

listKeys(Argv)

public static void listKeys (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

lists all the KeyEntrys in the store

Throws:Throwable

listProviders(Argv)

public static void listProviders (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

main(String[])

public static void main (java.lang.String[] args)

throws Throwable

Throws:Throwable

removeAlias(Argv)

public static void removeAlias (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

shell(Argv)

public static void shell (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

sign(Argv)

public static void sign (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

validate(Argv)

public static void validate (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

150


verify(Argv)

Throws:Throwable

verify(Argv)

public static void verify (com.iplanet.trustbase.util.argv.Argv argv)

throws Throwable

Throws:Throwable

151

TrustedCertificateEntry com.iplanet.trustbase.security.store

verify(Argv)

utes

e


TrustedCertificateEntryDeclarationpublic abstract class TrustedCertificateEntry extends TokenKeyStoreEntry 140

java.lang.Object|+--com.iplanet.trustbase.security.store. TokenKeyStoreEntry 140

|+-- com.iplanet.trustbase.security.store.TrustedCertificateEntry

Descriptiona TrustedCertificateEntry in a TokenKeyStore contains a single X.509 certificate, and a set of trust attrib

TrustedCertificateEntrys are created by TokenKeyStores, by calling one of the import methods

when a TokenKeyStores validate() method is called, the signatures on the presented certificate chain arverified, and the additional requirement that one of the certificates in the chain must be present in theTokenKeyStore as a trusted certificate is imposed

Member Summary

Constructorsprotected TrustedCertificateEntry(X509Certificate) 153

Creates new TrustedCertificateEntry

Methodspublic

X509CertificategetTrustedCertificate() 153




Methods inherited from classTokenKeyStoreEntry 140

addAlias(String) 141, getAliases() 141, getIssuerName() 141, getSerialNo() 141, getSubject-Name() 141, removeAlias(String) 141, setSubject(String, String, BigInteger) 141

152

com.iplanet.trustbase.security.store TrustedCertificateEntry

TrustedCertificateEntry(X509Certificate)

Constructors

TrustedCertificateEntry(X509Certificate)

protected TrustedCertificateEntry (java.security.cert.X509Certificate trusted)

Creates new TrustedCertificateEntry

Methods

getTrustedCertificate()

public java.security.cert.X509Certificate getTrustedCertificate ()

153

TrustException com.iplanet.trustbase.security.store

getTrustedCertificate()


TrustExceptionDeclarationpublic class TrustException extends TokenKeyStoreException 142




|+-- com.iplanet.trustbase.security.store.TrustException


Direct Known Subclasses:NoKeyUsageException 125

DescriptionTrustException thrown from TokenKeyTool.validate if a certificate is valid, but not trusted

Member Summary

Constructorspublic TrustException(X509Certificate[], String) 155








154

com.iplanet.trustbase.security.store TrustException

TrustException(X509Certificate[], String)

Constructors


public TrustException (java.security.cert.X509Certificate[] cert,

java.lang.String reason)

155

UnmatchedSubjectCertException com.iplanet.trustbase.security.store


with a


UnmatchedSubjectCertExceptionDeclarationpublic class UnmatchedSubjectCertException extends TokenKeyStoreException 142




|+-- com.iplanet.trustbase.security.store.UnmatchedSubjectCertException


DescriptionUnmatchedSubjectCertException is thrown when an attempt is made to update the certchain associatedKeyEntry, and the the subject cert of the chain does not match the PrivateKey

Member Summary

Constructorspublic UnmatchedSubjectCertException(X509Certificate,

X509Certificate) 157

Methodspublic

X509CertificategetExistingCertificate() 157


getUnmatchedCertificate() 157








156

com.iplanet.trustbase.security.store UnmatchedSubjectCertException

UnmatchedSubjectCertException(X509Certificate, X509Certificate)

Constructors

UnmatchedSubjectCertException(X509Certificate, X509Certificate)

public UnmatchedSubjectCertException (java.security.cert.X509Certificate newCert,

java.security.cert.X509Certificate oldCert)

Methods

getExistingCertificate()

public java.security.cert.X509Certificate getExistingCertificate ()

getUnmatchedCertificate()

public java.security.cert.X509Certificate getUnmatchedCertificate ()

157


getUnmatchedCertificate()

158

Package

com.iplanet.trustbase.xurl

Class Summary

Classes

Handler 160 open an http input stream given a URL

HttpsClient 162

HttpsConfiguration 164 HttpsConfiguration is a static initialiser class - it must be initialised before anyHTTPS/SSL transactions can take place within the CSCEngine.

HttpsConfigurationProperties 167

HttpsURLConnection 169

XURL172 extended URL behaviour.

159

Handler com.iplanet.trustbase.xurl


HandlerDeclarationpublic class Handler extends sun.net.www.protocol.http.Handler

java.lang.Object|+--java.net.URLStreamHandler

|+--sun.net.www.protocol.http.Handler

|+-- com.iplanet.trustbase.xurl.Handler

Descriptionopen an http input stream given a URL

Member Summary

Fieldsprotected proxy 161

protected proxyPort 161

Constructorspublic Handler() 161

public Handler(String, int) 161

Methodsprotected URLConnec-

tionopenConnection(URL) 161


Methods inherited from class sun.net.www.protocol.http.Handler

getDefaultPort



Methods inherited from class java.net.URLStreamHandler

equals, getHostAddress, hashCode, hostsEqual, parseURL, sameFile, setURL, setURL,toExternalForm

160

com.iplanet.trustbase.xurl Handler

proxy

Fields

proxy

protected java.lang.String proxy

proxyPort

protected int proxyPort

Constructors

Handler()

public Handler ()

Handler(String, int)

public Handler (java.lang.String proxy, int port)

Methods

openConnection(URL)

protected java.net.URLConnection openConnection (java.net.URL u)

throws IOException

Overrides: sun.net.www.protocol.http.Handler.openConnection(java.net.URL) in classsun.net.www.protocol.http.Handler

Throws:IOException

161

HttpsClient com.iplanet.trustbase.xurl

openConnection(URL)

hed


HttpsClientDeclarationpublic class HttpsClient extends sun.net.www.http.HttpClient

java.lang.Object|+--sun.net.NetworkClient

|+--sun.net.www.http.HttpClient

|+-- com.iplanet.trustbase.xurl.HttpsClient

Member Summary

Constructorspublic HttpsClient(URL) 163

public HttpsClient(URL, String, int) 163

Methodsprotected Socket doConnect(String, int) 163

Return a socket connected to the server, with any appropriate options pre-establispublic static HttpCli-

entNew(URL) 163


Fields inherited from class sun.net.www.http.HttpClient

kac, proxyDisabled, proxyHost, proxyPort, url, usingProxy

Fields inherited from class sun.net.NetworkClient

serverInput, serverOutput, serverSocket

Methods inherited from class sun.net.www.http.HttpClient

closeServer, finalize, finished, getDefaultPort, getHttpKeepAliveSet, getInputStream,getOutputStream, getProxyHostUsed, getProxyPortUsed, getURLFile, isKeepingAlive,openServer, parseHTTP, resetProperties, toString, writeRequests

Methods inherited from class sun.net.NetworkClient

serverIsOpen


clone, equals, getClass, hashCode, notify, notifyAll, wait, wait, wait

162

com.iplanet.trustbase.xurl HttpsClient

HttpsClient(URL)

Constructors

HttpsClient(URL)

public HttpsClient (java.net.URL url)

throws IOException

Throws:IOException

HttpsClient(URL, String, int)

public HttpsClient (java.net.URL url, java.lang.String proxy, int proxyPort)

throws IOException

Throws:IOException

Methods

doConnect(String, int)

protected java.net.Socket doConnect (java.lang.String server, int port)

throws IOException, UnknownHostException

Return a socket connected to the server, with any appropriate options pre-established

Overrides: sun.net.NetworkClient.doConnect(java.lang.String, int) in class sun.net.NetworkClient

Throws:UnknownHostException , IOException

New(URL)

public static sun.net.www.http.HttpClient New(java.net.URL url)

throws IOException

Throws:IOException

163

HttpsConfiguration com.iplanet.trustbase.xurl

New(URL)

cantes you

cate


HttpsConfigurationDeclarationpublic class HttpsConfiguration

java.lang.Object|+-- com.iplanet.trustbase.xurl.HttpsConfiguration

DescriptionHttpsConfiguration is a static initialiser class - it must be initialised before any HTTPS/SSL transactionstake place within the CSCEngine. It is initialised by creating an instance and then the store and certificawant the SSL Session to use. For Example a typical initialisation would be

HttpsConfiguration httpConfig = HttpsConfiguration.getInstance ();httpConfig.setTokenKeyStore ( tokenKeyStore ); *httpConfig.setClientCertAlias ( “Server-Cert” ); *httpConfig.setServerCertAlias ( null );

Where the ClientCertAlias is the name of the certificate you wish to use as your SSL Client Certificate.

Member Summary

Methodspublic SSLClientCert-

SelectorgetClientCertSelector() 165

Gets The Client Cert Selector used by the SSL Context.public static Http-

sConfigurationgetInstance() 165

Gets An instance of HttpsConfiguration.public String getServerCertAlias() 165

Gets The Server Cert Alias to use when conducting transactions as a server.public TokenKeyStore getTokenKeyStore() 165

Gets The TokenKeyStore associated with this SSL Configuration.public void setClientCert(X509Certificate) 165

Sets the client cert selector to be the issuerName and SerialNumber of the Certifiprovided.

public void setClientCertAlias(String) 165Sets the client Cert Selector to be used by the SSL Context.

public void setClientCertSelector(SSLClientCertSelector) 165A Convenience method to set the client Cert selector using a certificate name.

public void setServerCertAlias(String) 165Sets the server certificate alias.

public void setTokenKeyStore(TokenKeyStore) 166Sets the TokenKeyStore associated with this SSL Configuration.

164

com.iplanet.trustbase.xurl HttpsConfiguration

getClientCertSelector()

Methods


public com.iplanet.trustbase.security.store.ssl.SSLClientCertSelector

getClientCertSelector ()

Gets The Client Cert Selector used by the SSL Context.

getInstance()

public static HttpsConfiguration 164 getInstance ()

Gets An instance of HttpsConfiguration.

getServerCertAlias()

public java.lang.String getServerCertAlias ()

Gets The Server Cert Alias to use when conducting transactions as a server.

getTokenKeyStore()

public TokenKeyStore 132 getTokenKeyStore ()

Gets The TokenKeyStore associated with this SSL Configuration.

setClientCert(X509Certificate)

public void setClientCert (java.security.cert.X509Certificate clientCert)

Sets the client cert selector to be the issuerName and SerialNumber of the Certificate provided.

setClientCertAlias(String)

public void setClientCertAlias (java.lang.String clientAlias)

Sets the client Cert Selector to be used by the SSL Context.

setClientCertSelector(SSLClientCertSelector)

public void

setClientCertSelector (com.iplanet.trustbase.security.store.ssl.SSLClientCer

tSelector clientCertSelector)

A Convenience method to set the client Cert selector using a certificate name.

setServerCertAlias(String)

public void setServerCertAlias (java.lang.String alias)




165


setTokenKeyStore(TokenKeyStore)

Sets the server certificate alias.

setTokenKeyStore(TokenKeyStore)

public void setTokenKeyStore ( TokenKeyStore 132 store)

Sets the TokenKeyStore associated with this SSL Configuration.

166

com.iplanet.trustbase.xurl HttpsConfigurationProperties

CLIENT_CERT_SELECTOR


HttpsConfigurationPropertiesDeclarationpublic class HttpsConfigurationProperties

java.lang.Object|+-- com.iplanet.trustbase.xurl.HttpsConfigurationProperties

Fields

CLIENT_CERT_SELECTOR

public static java.lang.String CLIENT_CERT_SELECTOR

INITIALISATION_EXCEPTION

public static java.lang.String INITIALISATION_EXCEPTION

SERVER_CERT_ALIAS

public static java.lang.String SERVER_CERT_ALIAS

TOKEN_KEY_STORE

public static java.lang.String TOKEN_KEY_STORE

Member Summary

Fieldspublic static CLIENT_CERT_SELECTOR167

public static INITIALISATION_EXCEPTION 167

public static SERVER_CERT_ALIAS167

public static TOKEN_KEY_STORE167

Constructorspublic HttpsConfigurationProperties() 168




167

HttpsConfigurationProperties com.iplanet.trustbase.xurl

HttpsConfigurationProperties()

Constructors


public HttpsConfigurationProperties ()

168

com.iplanet.trustbase.xurl HttpsURLConnection


ec-


HttpsURLConnectionDeclarationpublic class HttpsURLConnection extends sun.net.www.protocol.http.HttpURLConnection

java.lang.Object|+--java.net.URLConnection

|+--java.net.HttpURLConnection

|+--sun.net.www.protocol.http.HttpURLConnection

|+-- com.iplanet.trustbase.xurl.HttpsURLConnection

Member Summary

Constructorspublic HttpsURLConnection(URL, Handler) 170

Methodspublic void connect() 170

protected HttpClient getNewClient(URL) 171Create a new HttpClient object, bypassing the cache of HTTP client objects/conntions.

protected HttpClient getProxiedClient(URL, String, int) 171Create a new HttpClient object, set up so that it uses per-instance proxying to thegiven HTTP proxy.


Fields inherited from class sun.net.www.protocol.http.HttpURLConnection

handler, http, pe, ps, userAgent

Fields inherited from class java.net.HttpURLConnection

HTTP_ACCEPTED, HTTP_BAD_GATEWAY, HTTP_BAD_METHOD, HTTP_BAD_REQUEST,HTTP_CLIENT_TIMEOUT, HTTP_CONFLICT, HTTP_CREATED, HTTP_ENTITY_TOO_LARGE,HTTP_FORBIDDEN, HTTP_GATEWAY_TIMEOUT, HTTP_GONE, HTTP_INTERNAL_ERROR,HTTP_LENGTH_REQUIRED, HTTP_MOVED_PERM, HTTP_MOVED_TEMP, HTTP_MULT_CHOICE,HTTP_NOT_ACCEPTABLE, HTTP_NOT_AUTHORITATIVE, HTTP_NOT_FOUND, HTTP_NOT_IMPLEMENTED,HTTP_NOT_MODIFIED, HTTP_NO_CONTENT, HTTP_OK, HTTP_PARTIAL, HTTP_PAYMENT_REQUIRED,HTTP_PRECON_FAILED, HTTP_PROXY_AUTH, HTTP_REQ_TOO_LONG, HTTP_RESET, HTTP_SEE_OTHER,HTTP_SERVER_ERROR, HTTP_UNAUTHORIZED, HTTP_UNAVAILABLE, HTTP_UNSUPPORTED_TYPE,HTTP_USE_PROXY, HTTP_VERSION, instanceFollowRedirects, method, responseCode, respon-seMessage

Fields inherited from class java.net.URLConnection

169

HttpsURLConnection com.iplanet.trustbase.xurl

HttpsURLConnection(URL, Handler)

Constructors

HttpsURLConnection(URL, Handler)

public HttpsURLConnection (java.net.URL url, Handler 160 handler)

throws IOException

Throws:IOException

Methods

connect()

public void connect ()

throws IOException

Overrides: sun.net.www.protocol.http.HttpURLConnection.connect() in classsun.net.www.protocol.http.HttpURLConnection

Throws:IOException

allowUserInteraction, connected, doInput, doOutput, ifModifiedSince, url, useCaches

Methods inherited from class sun.net.www.protocol.http.HttpURLConnection

disconnect, finalize, getHeaderField, getHeaderField, getHeaderFieldKey, getInput-Stream, getOutputStream, getRequestProperty, openConnectionCheckRedirects, setDefaul-tAuthenticator, setRequestProperty, usingProxy

Methods inherited from class java.net.HttpURLConnection

getErrorStream, getFollowRedirects, getHeaderFieldDate, getInstanceFollowRedirects,getPermission, getRequestMethod, getResponseCode, getResponseMessage, setFollowRedi-rects, setInstanceFollowRedirects, setRequestMethod


clone, equals, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from class java.net.URLConnection

getAllowUserInteraction, getContent, getContent, getContentEncoding, getCon-tentLength, getContentType, getDate, getDefaultAllowUserInteraction, getDefaultRe-questProperty, getDefaultUseCaches, getDoInput, getDoOutput, getExpiration,getFileNameMap, getHeaderFieldInt, getIfModifiedSince, getLastModified, getURL,getUseCaches, guessContentTypeFromName, guessContentTypeFromStream, setAllowUse-rInteraction, setContentHandlerFactory, setDefaultAllowUserInteraction, setDefaultRe-questProperty, setDefaultUseCaches, setDoInput, setDoOutput, setFileNameMap,setIfModifiedSince, setUseCaches, toString


170

com.iplanet.trustbase.xurl HttpsURLConnection

getNewClient(URL)

. This

getNewClient(URL)

protected sun.net.www.http.HttpClient getNewClient (java.net.URL url)

throws IOException

Create a new HttpClient object, bypassing the cache of HTTP client objects/connections.

Overrides: sun.net.www.protocol.http.HttpURLConnection.getNewClient(java.net.URL) in classsun.net.www.protocol.http.HttpURLConnection

Parameters:url - the URL being accessed

Throws:IOException

getProxiedClient(URL, String, int)

protected sun.net.www.http.HttpClient getProxiedClient (java.net.URL url,

java.lang.String proxyHost, int proxyPort)

throws IOException

Create a new HttpClient object, set up so that it uses per-instance proxying to the given HTTP proxybypasses the cache of HTTP client objects/connections.

Overrides: sun.net.www.protocol.http.HttpURLConnection.getProxiedClient(java.net.URL,java.lang.String, int) in class sun.net.www.protocol.http.HttpURLConnection

Parameters:url - the URL being accessed

proxyHost - the proxy host to use

proxyPort - the proxy port to use

Throws:IOException

171

XURL com.iplanet.trustbase.xurl

XURL(String)

createesn’t


XURLDeclarationpublic class XURL

java.lang.Object|+-- com.iplanet.trustbase.xurl.XURL

Descriptionextended URL behaviour. XURL aggregates a regular URL, and uses the XURLStreamHandlerFactory toURLConnections, delegating to the javasoft URLStreamHandlers if the XURLStreamHandlerFactory dohave a registered XURLStreamHandler for the appropriate protocol

Constructors

XURL(String)

public XURL(java.lang.String urlStr)

throws MalformedURLException

construct an XURL from a string representing a URL

Throws:MalformedURLException

Member Summary

Constructorspublic XURL(String) 172

construct an XURL from a string representing a URL

Methodspublic URLConnection openConnection() 173

Attempts to open a connection to the url pointed to by the supplied url string.




172

com.iplanet.trustbase.xurl XURL

openConnection()

d pro-d url

url

Methods

openConnection()

public java.net.URLConnection openConnection ()

throws IOException

Attempts to open a connection to the url pointed to by the supplied url string.Tries the XURLStreamHandlerFactory first, and if that has no XURLStreamHandler for the requestetocol, tries the javasoft URL.openConnection() method on the aggregated url built from the suppliestring supplied in the constructor.

Returns: URLConnection an object connected to the url

Throws:IOException - occurs if there is an error in creating an URLConnection object from the suppliedstring specified in the constructor.

173


openConnection()

174

n be

Package

uk.co.jcp.util.properties

Class Summary

Interfaces

JCPProperties 176 Class to embody a set of properties in easy to access form such that properties caretrieved as the desired type

JCPPropertyFactory 178 Interface for Property Factories

JCPPropertyFactoryRegistry 180

Interface for the PropertyFactoryRegistry.

PropertySection 190

PropertySource 200 Interface for PropertySources, e.g.

WritablePropertySource205

Interface for PropertySources, e.g.

Classes

PropertyManager 185 Contains a set of static accessor methods for using a PropertyFactoryRegistry

Exceptions

MalformedPropertyException 183

Exception thrown on failing to parse a property as the required type

PropertyException 184 Superclass of all exceptions in the properties package

PropertyNotFoundException 188

Exception thrown if a requested property is not found

SectionAlreadyDefinedException 202

Exception thrown if section already exists.

SectionNotFoundException 203

Exception thrown if a requested Section is not found

175

JCPProperties uk.co.jcp.util.properties

desired


JCPPropertiesDeclarationpublic interface JCPProperties extends PropertySection 190

All Superinterfaces: PropertySection 190 , java.io.Serializable

DescriptionClass to embody a set of properties in easy to access form such that properties can be retrieved as thetype

Member Summary

Methodspublic void addSection(String, PropertySection) 177

Adds a section to this properties object.public PropertySec-

tiongetSection(String) 177

Get a Properties object representing the named sectionpublic Enumeration getSections() 177

Return an Emueration of the section names that this property resource containspublic void save() 177

Save the properties to the source they came frompublic void setParentProperties(JCPProperties) 177

set parent properties for this object.


Methods inherited from interface PropertySection 190

getBlobProperty(String, byte[]) 191, getBlobProperty(String, byte[]) 191, getBoolean-Property(String, boolean) 192, getBooleanProperty(String, boolean) 192, getDateProp-erty(String, Date) 193, getDateProperty(String, Date) 193, getDateProperty(String,Date) 193, getDateProperty(String, Date) 193, getDoubleProperty(String, double) 194, get-DoubleProperty(String, double) 194, getEnumeratedProperty(String) 194, getFloatProp-erty(String, float) 195, getFloatProperty(String, float) 195, getIntProperty(String,int) 195, getIntProperty(String, int) 195, getKeys() 195, getLongProperty(String,long) 196, getLongProperty(String, long) 196, getObjectProperty(String, Object) 196, getO-bjectProperty(String, Object) 196, getSectionName() 196, getStringProperty(String,String) 197, getStringProperty(String, String) 197, setBooleanProperty(String, bool-ean) 197, setDateProperty(String, Date, String) 198, setDateProperty(String, Date,String) 198, setDoubleProperty(String, double) 198, setEnumeratedProperty(String, Enu-meration) 198, setFloatProperty(String, float) 198, setIntProperty(String, int) 199, set-LongProperty(String, long) 199, setObjectProperty(String, Object) 199,setStringProperty(String, String) 199

176

uk.co.jcp.util.properties JCPProperties

addSection(String, PropertySection)

Methods


public void addSection (java.lang.String sectionName, PropertySection 190 section)

throws PropertyException

Adds a section to this properties object.

Throws:SectionAlreadyDefined - if the section is already present.

PropertyException 184

getSection(String)

public PropertySection 190 getSection (java.lang.String sectionName)

throws SectionNotFoundException

Get a Properties object representing the named section

Returns: the properties contained in the named section

Throws:SectionNotFoundException 203 - if the section is not present

getSections()

public java.util.Enumeration getSections ()

throws SectionNotFoundException

Return an Emueration of the section names that this property resource contains

Returns: an Enumeration of Strings

Throws:SectionNotFoundException 203 - if no sections are present

save()

public void save ()


Save the properties to the source they came from

Throws:PropertyException 184 - if the properties could not be saved

setParentProperties(JCPProperties)

public void setParentProperties ( JCPProperties 176 jcp)

set parent properties for this object.

177

JCPPropertyFactory uk.co.jcp.util.properties

getInstance(String)


JCPPropertyFactoryDeclarationpublic interface JCPPropertyFactory

DescriptionInterface for Property Factories

Methods

getInstance(String)

public JCPProperties 176 getInstance (java.lang.String source)


Get an instance of the properties from the specified source

Parameters:source - an identifier for the property source (e.g. a filename)

Throws:PropertyException 184 - if the instance could not be created

getInstance(String, JCPProperties)

public JCPProperties 176 getInstance (java.lang.String source,

JCPProperties 176 parentProperties)


Get an instance of the properties from the specified source

Parameters:source - an identifier for the property source (e.g. a filename)

parentProperties - the properties from which the new properties should be chained

Throws:PropertyException 184 - if the instance could not be created

Member Summary

Methodspublic JCPProperties getInstance(String) 178

Get an instance of the properties from the specified sourcepublic JCPProperties getInstance(String, JCPProperties) 178

Get an instance of the properties from the specified sourcepublic String getResourceType() 179

Get the resource identifier for the resource that this factory supports

178

uk.co.jcp.util.properties JCPPropertyFactory

getResourceType()

getResourceType()

public java.lang.String getResourceType ()

Get the resource identifier for the resource that this factory supports

Returns: the resource identifier

179

JCPPropertyFactoryRegistry uk.co.jcp.util.properties

getInstance(String)


JCPPropertyFactoryRegistryDeclarationpublic interface JCPPropertyFactoryRegistry

DescriptionInterface for the PropertyFactoryRegistry. Maintains a list of resource string to factory mappings.

Methods

getInstance(String)

public JCPProperties 176 getInstance (java.lang.String source)


Get an instance of JCPProperties from the default provider

Parameters:source - the identifier for the property source (e.g. a filename)

Returns: an instance of JCPProperties

Throws:PropertyException 184 - if the instance couple not be created


public JCPProperties 176 getInstance (java.lang.String source,



Member Summary

Methodspublic JCPProperties getInstance(String) 180

Get an instance of JCPProperties from the default providerpublic JCPProperties getInstance(String, JCPProperties) 180

Get an instance of JCPProperties from the default providerpublic JCPProperties getInstance(String, String) 181

Get an instance of JCPProperties from a specific providerpublic JCPProperties getInstance(String, String, JCPProperties) 181

Get an instance of JCPProperties from a specific providerpublic boolean isRegistered(String) 181

Determine if the property factory for the named rsource has been registeredpublic void registerPropertyFactory(JCPPropertyFactory) 181

Register a property factorypublic void setDefaultPropertyFactory(JCPPropertyFactory) 182

Set the default property factory.

180

uk.co.jcp.util.properties JCPPropertyFactoryRegistry

getInstance(String, String)



parentProperties - another properties object from which the new object will inherit values




public JCPProperties 176 getInstance (java.lang.String resource, java.lang.String source)


Get an instance of JCPProperties from a specific provider

Parameters:resource - the identifier for the property resource (e.g. “INI”)

source - the identifier for the property source (e.g. a filename)



getInstance(String, String, JCPProperties)

public JCPProperties 176 getInstance (java.lang.String resource, java.lang.String source,









isRegistered(String)

public boolean isRegistered (java.lang.String resource)

Determine if the property factory for the named rsource has been registered

Parameters:resource - the name of the resource

Returns: true if the resource factory has been registered

registerPropertyFactory(JCPPropertyFactory)

public void registerPropertyFactory ( JCPPropertyFactory 178 factory)

181


setDefaultPropertyFactory(JCPPropertyFactory)

Register a property factory

Parameters:factory - the factory to register


public void setDefaultPropertyFactory ( JCPPropertyFactory 178 factory)


Set the default property factory. Can only be set once.


Throws:PropertyException 184 - if the default has already been set

182

uk.co.jcp.util.properties MalformedPropertyException

MalformedPropertyException(String)


MalformedPropertyExceptionDeclarationpublic class MalformedPropertyException extends PropertyException 184



|+--uk.co.jcp.util.properties. PropertyException 184

|+-- uk.co.jcp.util.properties.MalformedPropertyException


DescriptionException thrown on failing to parse a property as the required type

Constructors

MalformedPropertyException(String)

public MalformedPropertyException (java.lang.String message)

Member Summary

Constructorspublic MalformedPropertyException(String) 183






183

PropertyException uk.co.jcp.util.properties

PropertyException(String)


PropertyExceptionDeclarationpublic class PropertyException extends java.lang.Exception



|+-- uk.co.jcp.util.properties.PropertyException


Direct Known Subclasses:MalformedPropertyException 183 ,PropertyNotFoundException 188 , SectionAlreadyDefinedException 202

DescriptionSuperclass of all exceptions in the properties package

Constructors


public PropertyException (java.lang.String message)

Member Summary

Constructorspublic PropertyException(String) 184






184

uk.co.jcp.util.properties PropertyManager



PropertyManagerDeclarationpublic class PropertyManager

java.lang.Object|+-- uk.co.jcp.util.properties.PropertyManager

DescriptionContains a set of static accessor methods for using a PropertyFactoryRegistry

Member Summary

Methodspublic static JCPProp-

ertiesgetInstance(String) 186

Get an instance of JCPProperties from the default providerpublic static JCPProp-

ertiesgetInstance(String, JCPProperties) 186

Get an instance of JCPProperties from the default providerpublic static JCPProp-

ertiesgetInstance(String, String) 186

Get an instance of JCPProperties from a specific providerpublic static JCPProp-

ertiesgetInstance(String, String, JCPProperties) 186

Get an instance of JCPProperties from a specific providerpublic boolean isRegistered(String) 187

Determine if the property factory for the named rsource has been registeredpublic static void registerPropertyFactory(JCPPropertyFactory) 187

Register a property factorypublic static void setDefaultPropertyFactory(JCPPropertyFactory) 187

Set the default property factory.public static void setRegistry(JCPPropertyFactoryRegistry) 187

Set the registry instance that the manager uses




185

PropertyManager uk.co.jcp.util.properties

getInstance(String)

Methods

getInstance(String)

public static JCPProperties 176 getInstance (java.lang.String source)







public static JCPProperties 176 getInstance (java.lang.String source,









public static JCPProperties 176 getInstance (java.lang.String resource,

java.lang.String source)







getInstance(String, String, JCPProperties)

public static JCPProperties 176 getInstance (java.lang.String resource,

java.lang.String source, JCPProperties 176 parentProperties)



186

uk.co.jcp.util.properties PropertyManager








public boolean isRegistered (java.lang.String resource)

Determine if the property factory for the named rsource has been registered

Parameters:resource - the name of the resource

Returns: true if the resource factory has been registered

registerPropertyFactory(JCPPropertyFactory)

public static void registerPropertyFactory ( JCPPropertyFactory 178 factory)

Register a property factory



public static void setDefaultPropertyFactory ( JCPPropertyFactory 178 factory)


Set the default property factory. Can only be set once.


Throws:PropertyException 184 - if the default has already been set

setRegistry(JCPPropertyFactoryRegistry)

public static void setRegistry ( JCPPropertyFactoryRegistry 180 registry)

Set the registry instance that the manager uses

187

PropertyNotFoundException uk.co.jcp.util.properties

setRegistry(JCPPropertyFactoryRegistry)


PropertyNotFoundExceptionDeclarationpublic class PropertyNotFoundException extends PropertyException 184




|+-- uk.co.jcp.util.properties.PropertyNotFoundException


Direct Known Subclasses:SectionNotFoundException 203

DescriptionException thrown if a requested property is not found

Member Summary

Constructorspublic PropertyNotFoundException(String) 189

Construct a new exception.

Methodspublic String getMessage() 189

Overloaded to emulate the original functionality.public String getPropertyName() 189

Return the name of the unfound property





fillInStackTrace, getLocalizedMessage, printStackTrace, printStackTrace, printStack-Trace, toString

188

uk.co.jcp.util.properties PropertyNotFoundException

PropertyNotFoundException(String)

Constructors

PropertyNotFoundException(String)

public PropertyNotFoundException (java.lang.String propertyName)

Construct a new exception.

Parameters:propertyName - the name of the property that cannot be found

Methods

getMessage()

public java.lang.String getMessage ()

Overloaded to emulate the original functionality.

Overrides: java.lang.Throwable.getMessage() in class java.lang.Throwable

Returns: “Unable to find the property: ”

getPropertyName()

public java.lang.String getPropertyName ()

Return the name of the unfound property

189

PropertySection uk.co.jcp.util.properties

getPropertyName()


PropertySectionDeclarationpublic interface PropertySection extends java.io.Serializable

All Superinterfaces: java.io.Serializable

All Known Subinterfaces: JCPProperties 176

Member Summary

Methodspublic byte getBlobProperty(String) 191

Retrieve a property as a BLOB (byte[])public byte getBlobProperty(String, byte[]) 191

Retrieve a property as a BLOB ( byte[] )public boolean getBooleanProperty(String) 192

Retrieve a property as a booleanpublic boolean getBooleanProperty(String, boolean) 192

Retrieve a property as a booleanpublic Date getDateProperty(String) 192

Retrieve a property as a Datepublic Date getDateProperty(String, Date) 193

Retrieve a property as a Datepublic Date getDateProperty(String, String) 193

Retrieve a property as a Datepublic Date getDateProperty(String, String, Date) 193

Retrieve a property as a Datepublic double getDoubleProperty(String) 193

Retrieve a property as a doublepublic double getDoubleProperty(String, double) 194

Retrieve a property as a doublepublic Enumeration getEnumeratedProperty(String) 194

Retrieve a set of properties under a common name, as an Enumeration of Stringspublic float getFloatProperty(String) 194

Retrieve a property as a floatpublic float getFloatProperty(String, float) 195

Retrieve a property as a floatpublic int getIntProperty(String) 195

Retrieve a property as an intpublic int getIntProperty(String, int) 195

Retrieve a property as an intpublic Enumeration getKeys() 195

Get the keys set in this properties objectpublic long getLongProperty(String) 195

Retrieve a property as a longpublic long getLongProperty(String, long) 196

Retrieve a property as a long

190

uk.co.jcp.util.properties PropertySection

getBlobProperty(String)

Methods

getBlobProperty(String)

public byte[] getBlobProperty (java.lang.String key)

throws MalformedPropertyException, PropertyNotFoundException

Retrieve a property as a BLOB (byte[])

Parameters:key - the key to use

Returns: The property

Throws:MalformedPropertyException 183 - could not be parsed to the correct format

PropertyNotFoundException 188 - if the property does not exist

getBlobProperty(String, byte[])

public byte[] getBlobProperty (java.lang.String key, byte[] defaultValue)

throws MalformedPropertyException

public Object getObjectProperty(String) 196Retrieve a property as an Object

public Object getObjectProperty(String, Object) 196Retrieve a property as an Object

public String getSectionName() 196returns the identifier for this section

public String getStringProperty(String) 197Retrieve a property as a String

public String getStringProperty(String, String) 197Retrieve a property as a String

public void setBooleanProperty(String, boolean) 197Set a property as a boolean

public void setDateProperty(String, Date) 197Set a property as a boolean

public void setDateProperty(String, Date, String) 198Set a property as a boolean

public void setDoubleProperty(String, double) 198Set a property as a double

public void setEnumeratedProperty(String, Enumeration) 198Set a set of properties under a common name, as an Enumeration of Strings

public void setFloatProperty(String, float) 198Set a property as a float

public void setIntProperty(String, int) 199Set a property as an integer

public void setLongProperty(String, long) 199Set a property as a long

public void setObjectProperty(String, Object) 199Set a property as an Object

public void setStringProperty(String, String) 199Set a property as a String

Member Summary

191


getBooleanProperty(String)

Retrieve a property as a BLOB ( byte[] )


defaultValue - the value to use if the entry cannot be found

Returns: The property or the default value of the property is not present

Throws:MalformedPropertyException 183 - if the value could not be parsed correctly

getBooleanProperty(String)

public boolean getBooleanProperty (java.lang.String key)


Retrieve a property as a boolean





getBooleanProperty(String, boolean)

public boolean getBooleanProperty (java.lang.String key, boolean defaultValue)


Retrieve a property as a boolean





getDateProperty(String)

public java.util.Date getDateProperty (java.lang.String key)


Retrieve a property as a Date





192


getDateProperty(String, Date)

getDateProperty(String, Date)

public java.util.Date getDateProperty (java.lang.String key, java.util.Date defaultValue)







getDateProperty(String, String)

public java.util.Date getDateProperty (java.lang.String key, java.lang.String dateFormat)




dateFormat - the format string for the date




See Also: for details on the composition of the format string

getDateProperty(String, String, Date)

public java.util.Date getDateProperty (java.lang.String key, java.lang.String dateFormat,

java.util.Date defaultValue)









getDoubleProperty(String)

public double getDoubleProperty (java.lang.String key)


193


getDoubleProperty(String, double)

Retrieve a property as a double





getDoubleProperty(String, double)

public double getDoubleProperty (java.lang.String key, double defaultValue)


Retrieve a property as a double





getEnumeratedProperty(String)

public java.util.Enumeration getEnumeratedProperty (java.lang.String key)

throws PropertyNotFoundException

Retrieve a set of properties under a common name, as an Enumeration of Strings

Parameters:the - key to use

Returns: an Enumeration of properties, as Strings.

Throws:PropertyNotFoundException 188 - if the property does not exist

getFloatProperty(String)

public float getFloatProperty (java.lang.String key)


Retrieve a property as a float





194


getFloatProperty(String, float)

getFloatProperty(String, float)

public float getFloatProperty (java.lang.String key, float defaultValue)


Retrieve a property as a float





getIntProperty(String)

public int getIntProperty (java.lang.String key)


Retrieve a property as an int





getIntProperty(String, int)

public int getIntProperty (java.lang.String key, int defaultValue)


Retrieve a property as an int





getKeys()

public java.util.Enumeration getKeys ()

Get the keys set in this properties object

Returns: an enumeration of Strings representing the keys

getLongProperty(String)

public long getLongProperty (java.lang.String key)


195


getLongProperty(String, long)






getLongProperty(String, long)

public long getLongProperty (java.lang.String key, long defaultValue)








public java.lang.Object getObjectProperty (java.lang.String key)


Retrieve a property as an Object




getObjectProperty(String, Object)

public java.lang.Object getObjectProperty (java.lang.String key,

java.lang.Object defaultValue)

Retrieve a property as an Object




getSectionName()

public java.lang.String getSectionName ()

returns the identifier for this section

196


getStringProperty(String)

getStringProperty(String)

public java.lang.String getStringProperty (java.lang.String key)


Retrieve a property as a String




getStringProperty(String, String)

public java.lang.String getStringProperty (java.lang.String key,

java.lang.String defaultValue)

Retrieve a property as a String




setBooleanProperty(String, boolean)

public void setBooleanProperty (java.lang.String key, boolean value)


Set a property as a boolean

Parameters:key - the key to use for this property

value - the value to store

Throws:PropertyException 184

setDateProperty(String, Date)

public void setDateProperty (java.lang.String key, java.util.Date value)






197


setDateProperty(String, Date, String)

setDateProperty(String, Date, String)

public void setDateProperty (java.lang.String key, java.util.Date value,

java.lang.String dateFormat)








setDoubleProperty(String, double)

public void setDoubleProperty (java.lang.String key, double value)


Set a property as a double




setEnumeratedProperty(String, Enumeration)

public void setEnumeratedProperty (java.lang.String key, java.util.Enumeration values)


Set a set of properties under a common name, as an Enumeration of Strings

Parameters:the - key to use

Returns: an Enumeration of properties, as Strings. If there are no matching properties, an emptyEnumeration will be returned.


setFloatProperty(String, float)

public void setFloatProperty (java.lang.String key, float value)


Set a property as a float



198


setIntProperty(String, int)


setIntProperty(String, int)

public void setIntProperty (java.lang.String key, int value)


Set a property as an integer




setLongProperty(String, long)

public void setLongProperty (java.lang.String key, long value)


Set a property as a long




setObjectProperty(String, Object)

public void setObjectProperty (java.lang.String key, java.lang.Object value)


Set a property as an Object




setStringProperty(String, String)

public void setStringProperty (java.lang.String key, java.lang.String value)


Set a property as a String




199

PropertySource uk.co.jcp.util.properties

containsSection(String)


PropertySourceDeclarationpublic interface PropertySource extends java.io.Serializable

All Superinterfaces: java.io.Serializable

All Known Subinterfaces: WritablePropertySource 205

DescriptionInterface for PropertySources, e.g. INI file, Trustbase properties, Database etc.

Methods

containsSection(String)

public boolean containsSection (java.lang.String sectionName)

Returns: true is the property source contains the named section

getKeys(String)

public java.util.Enumeration getKeys (java.lang.String section)

Get an enumeration of the keys in the named section

Parameters:section - the name of the section to inspect. This can be null for the default section

Returns: an Enumeration of strings

Member Summary

Methodspublic boolean containsSection(String) 200

public Enumeration getKeys(String) 200Get an enumeration of the keys in the named section

public Enumeration getPropertyValues(String, String) 201Get the set of values held by the named key

public Enumeration getSectionNames() 201

public void load(String) 201Load properties in from the named source

public void setProperty(String, String, Object) 201

200

uk.co.jcp.util.properties PropertySource

getPropertyValues(String, String)

the

getPropertyValues(String, String)

public java.util.Enumeration getPropertyValues (java.lang.String section,

java.lang.String key)

Get the set of values held by the named key


key - the key for the property required

Returns: an Enumeration of strings

getSectionNames()

public java.util.Enumeration getSectionNames ()

Returns: an enumeration of the section names that are suppoertd by this source (not including null,default section)

load(String)

public void load (java.lang.String source)


Load properties in from the named source

Parameters:source - the name of the source (e.g. a filename)

Throws:PropertyException 184 - if the properties could not be loaded

setProperty(String, String, Object)

public void setProperty (java.lang.String section, java.lang.String key,

java.lang.Object value)



key - the key for the property required

Throws:PropertyException 184 - if the value could not be set

201

SectionAlreadyDefinedException uk.co.jcp.util.properties

SectionAlreadyDefinedException(String)


SectionAlreadyDefinedExceptionDeclarationpublic class SectionAlreadyDefinedException extends PropertyException 184




|+-- uk.co.jcp.util.properties.SectionAlreadyDefinedException


DescriptionException thrown if section already exists.

Constructors


public SectionAlreadyDefinedException (java.lang.String message)

Member Summary

Constructorspublic SectionAlreadyDefinedException(String) 202






202

uk.co.jcp.util.properties SectionNotFoundException



SectionNotFoundExceptionDeclarationpublic class SectionNotFoundException extends PropertyNotFoundException 188




|+--uk.co.jcp.util.properties. PropertyNotFoundException 188

|+-- uk.co.jcp.util.properties.SectionNotFoundException


DescriptionException thrown if a requested Section is not found

Member Summary

Constructorspublic SectionNotFoundException(String) 204




Methods inherited from interface PropertyNotFoundException 188

getMessage() 189, getPropertyName() 189


fillInStackTrace, getLocalizedMessage, printStackTrace, printStackTrace, printStack-Trace, toString

203

SectionNotFoundException uk.co.jcp.util.properties

SectionNotFoundException(String)

Constructors

SectionNotFoundException(String)

public SectionNotFoundException (java.lang.String message)

204

uk.co.jcp.util.properties WritablePropertySource



WritablePropertySourceDeclarationpublic interface WritablePropertySource extends PropertySource 200

All Superinterfaces: PropertySource 200 , java.io.Serializable

DescriptionInterface for PropertySources, e.g. INI file, Trustbase properties, Database etc that can be saved

Methods


public void addSection (java.lang.String sectionName, PropertySection 190 section)

throws SectionAlreadyDefinedException

adds a section

Throws:SectionAlreadyDefinedException 202 - thrown if section is already present.

save()

public void save ()


Save the current state of the properties

Member Summary

Methodspublic void addSection(String, PropertySection) 205

adds a sectionpublic void save() 205

Save the current state of the properties


Methods inherited from interface PropertySource 200

containsSection(String) 200, getKeys(String) 200, getPropertyValues(String, String) 201,getSectionNames() 201, load(String) 201, setProperty(String, String, Object) 201

205

WritablePropertySource uk.co.jcp.util.properties

save()


206

207

displays

.

mple,

ro-o sym-

s mem-

ALMANAC LEGENDThe almanac presents classes and intefaces in alphabetic order, regardless of their package. Each classa list of its members in alphabetic order – fields, methods and constructors are sorted together.

This almanac is modeled after the style introduced by Patrick Chan in his excellent bookJava DevelopersAlmanac.

1. The name of the class, interface, nested class or nested interface. All interfaces are shown in italic

2. The name of the package containing the class.

3. The inheritance chain of superclasses. In this example,RealtimeThread extendsThread , whichextendsObject .

4. Implemented interfaces. The class and the interface it implements are on the same line. In this exaThread implementsRunnable , andRealtimeThread implementsSchedulable .

5. The first column is for the value of the@since comment, which indicates the version in which the itemwas introduced.

6. The second column is for the following icons that indicate modifiers, constructors and fields. If the “ptected” symbol does not appear, the member is public. (Private and package-private modifiers have nbols.)

7. The return type of a method or the declared type of a field. It is blank for constructors.

8. The name of the constructor, field or method. Sorted alphabetically. Nested classes are not listed abers.

Modifiers❍ abstract● final❏ static■ static final♦ protected

Constructors and Fields❉ constructor✍ field

Object➥Thread Runnable

➥ RealtimeThread Schedulable

RealtimeThread javax.realtime

void addToFeasibility()RealtimeThread currentRealtimeThread()

void deschedulePeriodic()MemoryArea getMemoryArea()

Scheduler getScheduler()SchedulingParameters getSchedulingParameters()

void interrupt()❉ RealtimeThread()❉ RealtimeThread(SchedulingParameters scheduling)❏ void sleep(Clock clock, HighResolutionTime time)

throws InterruptedException❏ void sleep(HighResolutionTime time)

➊ ➋

➌➍

➎ ➏

➐ ➑

➘➘

➙➙

➘

➚

➘1.3 ❏

1.3

throws InterruptedException

➚

208

Almanac

Object➥Throwable java.io.Serializable

➥Exception➥TokenKeyStoreException

➥AliasConflictException

Object➥CertIdContainer

Object➥CertStatus

AliasConflictException com.iplanet.trustbase.security.store

❉ AliasConflictException(String alias)

CertIdContainer com.iplanet.trustbase.initiator.dsms

✍♦ java.util.Map aias

✍♦ com.iplanet.trustbase.secu-rity.ocsp.CertID

certID

❉ CertIdContainer(com.iplanet.trustbase.security.ocsp.CertID certID)

❉ CertIdContainer(com.iplanet.trustbase.security.ocsp.CertID certID,String[] oid, String[] aia)

❉ CertIdContainer(com.iplanet.trustbase.security.ocsp.CertID certID,String oid, String aia)

♦ void construct(com.iplanet.trustbase.security.ocsp.CertID certID, String[] oid,String[] aia)

boolean equals(Object object)

String getAIA(String oid)

com.iplanet.trustbase.secu-rity.ocsp.CertID

getCertID()

String toString()


❉ CertStatus(CertStatus.CS status, java.util.Date producedAt,java.security.cert.X509Certificate[] signingPath,com.iplanet.trustbase.security.ocsp.CertID checkCert, byte[] nonce,boolean isFreshnessProof)

❉ CertStatus(CertStatus.CS status, String responseCode)

❉ CertStatus(CertStatus.CS status, String responseCode,Object[] responseArgs)

❉ CertStatus(CertStatus.CS status, String responseCode,Object[] responseArgs, Throwable t)

209

Object➥CertStatus.CS

Object➥CertStatusCodes

❉ CertStatus(CertStatus.CS status, String responseCode, Throwable t)

✍■ CertStatus.CS ERROR

CertStatus.CS getCertStatus()

String getCheckCertificateIssuerNameHash()

String getCheckCertificatePublicKeyHash()

java.math.BigInteger getCheckCertificateSerialNumber()

byte[] getNonce()

java.util.Date getProducedAt()

Object getResponseArgs()

String getResponseCode()

java.security.cert.X509Certificate[] getSigningPath()

✍■ CertStatus.CS GOOD

boolean isCheckedCertificate(java.security.cert.X509Certificate issuerCertificate,java.security.cert.X509Certificate certificate)

boolean isFreshnessProof()

✍■ CertStatus.CS REVOKED

String toString()

✍■ CertStatus.CS UNKNOWN

✍■ CertStatus.CS UNRECOGNIZED

CertStatus.CS com.iplanet.trustbase.initiator.dsms

String getCode()

String toString()


❉ CertStatusCodes()

✍❏ String STATUS_IDENTRUS_CANNOT_VALIDATE

✍❏ String STATUS_IDENTRUS_CSC_ERROR

✍❏ String STATUS_IDENTRUS_CSC_EXCEPTION

✍❏ String STATUS_IDENTRUS_INVALID_SIGNING_CHAIN

✍❏ String STATUS_IDENTRUS_NO_RESPONSE_FOUND

✍❏ String STATUS_IDENTRUS_NO_TRUSTED_ROOTS

✍❏ String STATUS_IDENTRUS_SIGNATURE_INVALID

✍❏ String STATUS_IDENTRUS_SIGNING_CERT_NOT_TRUSTED

✍❏ String STATUS_IDENTRUS_TRANSPORT_ERROR

✍■ String STATUS_OCSP_INTERNAL_ERROR

✍■ String STATUS_OCSP_MALFORMED_REQUEST

✍■ String STATUS_OCSP_SIGNATURE_REQUIRED

✍■ String STATUS_OCSP_TRY_LATER

✍■ String STATUS_OCSP_UNAUTHORISED

✍■ String STATUS_OCSP_UNKNOWN_RESPONSE_ERROR

✍■ String STATUS_OCSP_VERIFICATION_FAILED

210

ConfigAdapter


➥Exception➥InitiatorException

➥ConfigAdapterException

Object➥ConfigAdapterImpl com.iplanet.trustbase.initiator.ConfigAdapter


java.security.cert.X509Certificate[] completeChain(java.security.cert.X509Certificate certificate)throws ConfigAdapterException

Object getObjectProperty(String property) throws ConfigAdapterException

String getProperty(String property) throws ConfigAdapterException

java.security.PrivateKey getSignerKey() throws ConfigAdapterException

java.security.cert.X509Certificate[] getSignerPath() throws ConfigAdapterException

java.security.PrivateKey getSSLSignerKey() throws ConfigAdapterException

java.security.cert.X509Certificate[] getSSLSignerPath() throws ConfigAdapterException

java.secu-rity.cert.X509Certificate[][]

getVerificationPaths() throws ConfigAdapterException

void validateChain(java.security.cert.X509Certificate[] chain)throws ConfigAdapterException

ConfigAdapterException com.iplanet.trustbase.initiator

❉ ConfigAdapterException(String message)

❉ ConfigAdapterException(String message, Throwable throwable)

❉ ConfigAdapterException(String message, Throwable throwable,Object[] args)

❉ ConfigAdapterException(Throwable throwable)


java.security.cert.X509Certificate[] completeChain(java.security.cert.X509Certificate certificate)throws com.iplanet.trustbase.initiator.ConfigAdapterException

❉ ConfigAdapterImpl(java.util.Properties props)throws com.iplanet.trustbase.initiator.ConfigAdapterException

Object getObjectProperty(String property)throws com.iplanet.trustbase.initiator.ConfigAdapterException

String getProperty(String property)throws com.iplanet.trustbase.initiator.ConfigAdapterException

java.security.PrivateKey getSignerKey()throws com.iplanet.trustbase.initiator.ConfigAdapterException

java.security.cert.X509Certificate[] getSignerPath()throws com.iplanet.trustbase.initiator.ConfigAdapterException

java.security.PrivateKey getSSLSignerKey()throws com.iplanet.trustbase.initiator.ConfigAdapterException

java.security.cert.X509Certificate[] getSSLSignerPath()throws com.iplanet.trustbase.initiator.ConfigAdapterException

211

Object➥CSCEngine


➥Exception➥com.iplanet.trustbase.initiator.InitiatorException

➥CSCException


➥Exception

com.iplanet.trustbase.secu-rity.store.TokenKeyStore

getStore()


getVerificationPaths()throws com.iplanet.trustbase.initiator.ConfigAdapterException

void validateChain(java.security.cert.X509Certificate[] chain)throws com.iplanet.trustbase.initiator.ConfigAdapterException


❉ CSCEngine(com.iplanet.trustbase.initiator.ConfigAdapter configAdapter)

❏ java.util.Collection getCertificateFromPkcs7(byte[] pkcs7SignedBlock, byte[] signText)throws CSCException

❏ String getResourceProperty(String key)

♦ StatusCheckData[] getStatus(java.security.cert.X509Certificate[] certificatePath,boolean acquireProof, boolean generateNonce,StringBuffer nonceValue) throws CSCException, com.iplanet.trust-base.initiator.TransportAdapterException, com.iplanet.trustbase.ini-tiator.ConfigAdapterException

StatusCheckData[] getStatus(java.security.cert.X509Certificate[] certificatePath,boolean aquireProof, byte[] bnonceValue) throws CSCException,com.iplanet.trustbase.initiator.TransportAdapterException,com.iplanet.trustbase.initiator.ConfigAdapterException

StatusCheckData[] getStatus(java.security.cert.X509Certificate[] certificatePath,boolean acquireProof, StringBuffer nonceValue)throws CSCException, com.iplanet.trustbase.initiator.ConfigAdap-terException, com.iplanet.trustbase.initiator.TransportAdapterEx-ception

✍❏ String IDENTRUS_OID

✍❏ String IDENTRUS_PROTOCOL

✍❏ String OCSP_OID

✍❏ String OCSP_PROTOCOL

boolean validateStatus(StatusCheckData[] statusCheckData,java.security.cert.X509Certificate[] certificatePath,boolean acquireProof, byte[] nonceValue) throws CSCException,com.iplanet.trustbase.initiator.TransportAdapterException,com.iplanet.trustbase.initiator.ConfigAdapterException

CSCException com.iplanet.trustbase.initiator.dsms

❉ CSCException(String mess)

❉ CSCException(String mess, Throwable throwable)

❉ CSCException(String mess, Throwable throwable, Object[] args)

CSCMessageException com.iplanet.trustbase.initiator.dsms

212

➥com.iplanet.trustbase.initiator.InitiatorException➥CSCException

➥CSCMessageException


➥Exception➥com.iplanet.trustbase.initiator.InitiatorException

➥CSCException➥CSCProtocolException

DataConverterClient

Object➥DefaultEngineLogger com.iplanet.trustbase.initiator.EngineLogger

EngineLogger

Object➥PropertyConfigAdapter com.iplanet.trustbase.initiator.ConfigAdapter

➥ErrorConfigAdapter

❉ CSCMessageException(String mess)

❉ CSCMessageException(String mess, Throwable throwable)

❉ CSCMessageException(String mess, Throwable throwable, Object[] args)

CSCProtocolException com.iplanet.trustbase.initiator.dsms

❉ CSCProtocolException(String mess)

❉ CSCProtocolException(String mess, Throwable throwable)

❉ CSCProtocolException(String mess, Throwable throwable, Object[] args)

DataConverterClient com.iplanet.trustbase.initiator.dsms

byte[] makeHumanReadableRequest(byte[] request) throws CSCException

byte[] makeHumanReadableResponse(byte[] response) throws CSCException


❉ DefaultEngineLogger()

void log(String logMessage, Throwable t, String[] params)

EngineLogger com.iplanet.trustbase.initiator

void log(String logMessage, Throwable t, String[] params)


✍❏ String ERROR_PROPERTY

❉ ErrorConfigAdapter()

❉ ErrorConfigAdapter(java.util.Properties properties,java.util.Map objectProperties, java.security.PrivateKey signingKey,java.security.cert.X509Certificate[] signerPath,java.security.cert.X509Certificate[][] verificationPaths)

❉ ErrorConfigAdapter(java.util.Properties properties,java.util.Map objectProperties, String signingName,String[] verificationNames,com.iplanet.trustbase.security.store.TokenKeyStore store)throws com.iplanet.trustbase.initiator.ConfigAdapterException

213

Object➥ExceptionCodes

❉ ErrorConfigAdapter(java.util.Properties properties,java.security.PrivateKey signingKey,java.security.cert.X509Certificate[] signerPath,java.security.cert.X509Certificate[][] verificationPaths)

❉ ErrorConfigAdapter(java.util.Properties properties, String signingName,String[] verificationNames,com.iplanet.trustbase.security.store.TokenKeyStore store)throws com.iplanet.trustbase.initiator.ConfigAdapterException

❉ ErrorConfigAdapter(java.util.Properties properties, String signingName,String sslsigningName, String[] verificationNames,com.iplanet.trustbase.security.store.TokenKeyStore store)throws com.iplanet.trustbase.initiator.ConfigAdapterException










✍■ String CSC_CANNOT_CHECK_ROOT

✍■ String CSC_CLASS_LOAD

✍■ String CSC_COULD_NOT_CREATE_DATA_CONVERTER

✍■ String CSC_COULD_NOT_DECODE_PKCS7_BLOCK

✍■ String CSC_HTTP_CONNECT_FAILED

✍■ String CSC_HTTP_NO_MIME_TYPE

✍■ String CSC_HTTP_NO_ROUTE_TO_HOST

✍■ String CSC_HTTP_OPEN_CONNECTION_FAILED

✍■ String CSC_HTTP_PROTOCOL_ERROR

✍■ String CSC_HTTP_READ_FAILED

✍■ String CSC_HTTP_SOCKET_ERROR

✍■ String CSC_HTTP_UNKNOWN_HOST

✍■ String CSC_HTTP_WRITE_FAILED

✍■ String CSC_IDENTRUS_GEN_ERROR

✍■ String CSC_IDENTRUS_INVALID_RESPONSE_MESSAGE

✍■ String CSC_IDENTRUS_MESSAGE_ERROR

✍■ String CSC_IDENTRUS_OCSP_BASE64_ERROR

✍■ String CSC_IDENTRUS_SIGNATURE_ERROR

✍■ String CSC_IDENTRUS_TXID_ERROR

✍■ String CSC_INVALID_MESSAGE_FACTORY

✍■ String CSC_INVALID_PROTOCOL_VERSION

✍■ String CSC_INVALID_SIGNATURE_ON_PKCS7_SIGNED_BLOCK

214

Object➥java.net.URLStreamHandler

➥sun.net.www.protocol.http.Handler➥Handler

✍■ String CSC_INVALID_TRANSPORT_ADAPTER

✍■ String CSC_MALFORMED_URL

✍■ String CSC_MISSING_AIA

✍■ String CSC_MISSING_SIGNINGCHAIN_FROM_RESPONSE

✍■ String CSC_NO_CERTIFICATES_TO_CHECK

✍■ String CSC_NO_DEFAULT_LOCATION

✍■ String CSC_NO_DEFAULT_MESSAGE_FACTORY

✍■ String CSC_NO_STATUSES_RECEIVED

✍■ String CSC_OCSP_ASN1_BUILD_ERROR

✍■ String CSC_OCSP_ASN1_ERROR

✍■ String CSC_OCSP_NO_RESPONSE_DATA

✍■ String CSC_OCSP_NO_RESPONSE_SIGNATURE

✍■ String CSC_OCSP_OCSP_BUILD_ERROR

✍■ String CSC_OCSP_OCSP_ERROR

✍■ String CSC_OCSP_RESPONSE_SIGNER_COULD_NOT_BE_FOUND

✍■ String CSC_OCSP_SIGNING_CERT_NOT_TRUSTED

✍■ String CSC_OCSP_X509_ERROR

✍■ String CSC_ONLY_SINGLE_CERTIFICATE_SIGNING

✍■ String CSC_RECEIVED_BAD_STATUS_PROOF_CERT

✍■ String CSC_RECEIVED_BAD_STATUS_REQUEST_CERT

✍■ String CSC_RECEIVED_ERROR_CERT_STATUS

✍■ String CSC_RECEIVED_MISMATCHED_NONCE

✍■ String CSC_RECEIVED_OLD_STATUS_PROOF_CERT

✍■ String CSC_STATUS_MISSING_FOR_PROOF_CERT

✍■ String CSC_STATUS_MISSING_FOR_REQUEST_CERT

✍■ String CSC_TRANSPORT_UNSPECIFIED

✍■ String CSC_UNIMPLEMENTED

❉ ExceptionCodes()

Handler com.iplanet.trustbase.xurl

❉ Handler()

❉ Handler(String proxy, int port)

♦ java.net.URLConnection openConnection(java.net.URL u) throws java.io.IOException

✍♦ String proxy

✍♦ int proxyPort

215

Object➥sun.net.NetworkClient

➥sun.net.www.http.HttpClient➥HttpsClient

Object➥HttpsConfiguration

Object➥HttpsConfigurationProperties

Object➥java.net.URLConnection

HttpsClient com.iplanet.trustbase.xurl

♦ java.net.Socket doConnect(String server, int port) throws java.io.IOException,java.net.UnknownHostException

❉ HttpsClient(java.net.URL url) throws java.io.IOException

❉ HttpsClient(java.net.URL url, String proxy, int proxyPort)throws java.io.IOException

❏ sun.net.www.http.HttpClient New(java.net.URL url) throws java.io.IOException


com.iplanet.trustbase.secu-rity.store.ssl.SSLClientCertSelec-

tor


❏ HttpsConfiguration getInstance()

String getServerCertAlias()

com.iplanet.trustbase.secu-rity.store.TokenKeyStore

getTokenKeyStore()

void setClientCert(java.security.cert.X509Certificate clientCert)

void setClientCertAlias(String clientAlias)

void setClientCertSelector(com.iplanet.trustbase.security.store.ssl.SSLClientCertSelector clientCertSelector)

void setServerCertAlias(String alias)

void setTokenKeyStore(com.iplanet.trustbase.security.store.TokenKeyStore store)

HttpsConfigurationProperties com.iplanet.trustbase.xurl

✍❏ String CLIENT_CERT_SELECTOR

❉ HttpsConfigurationProperties()

✍❏ String INITIALISATION_EXCEPTION

✍❏ String SERVER_CERT_ALIAS

✍❏ String TOKEN_KEY_STORE

HttpsURLConnection com.iplanet.trustbase.xurl

216

➥java.net.HttpURLConnection➥sun.net.www.protocol.http.HttpURLConnection

➥HttpsURLConnection

Object➥HTTPTransportAdapter com.iplanet.trustbase.initiator.TransportAdapter



➥IncompleteChainException



➥IncorrectPasswordException



void connect() throws java.io.IOException

♦ sun.net.www.http.HttpClient getNewClient(java.net.URL url) throws java.io.IOException

♦ sun.net.www.http.HttpClient getProxiedClient(java.net.URL url, String proxyHost, int proxyPort)throws java.io.IOException

❉ HttpsURLConnection(java.net.URL url, Handler handler)throws java.io.IOException


❉ HTTPTransportAdapter(com.iplanet.trustbase.initiator.ConfigAdapter configAdapter)

byte[] sendReceive(byte[] data, String location, String messageType)throws com.iplanet.trustbase.initiator.TransportAdapterException,com.iplanet.trustbase.initiator.ConfigAdapterException

IncompleteChainException com.iplanet.trustbase.security.store

❏ String describeChain(java.security.cert.X509Certificate[] chain)

java.security.cert.X509Certificate[] getIncompleteChain()

❉ IncompleteChainException(java.security.cert.X509Certificate[] chain)

IncorrectPasswordException com.iplanet.trustbase.security.store

❉ IncorrectPasswordException()

InitiatorException com.iplanet.trustbase.initiator

Object[] getArgs()

Throwable getNestedException()

❉ InitiatorException(String mess)

❉ InitiatorException(String mess, Throwable throwable)

❉ InitiatorException(String mess, Throwable throwable, Object[] args)

❉ InitiatorException(Throwable throwable)

217

JCPProperties PropertySection

JCPPropertyFactory

JCPPropertyFactoryRegistry

Object➥TokenKeyStoreEntry

➥KeyEntry

JCPProperties uk.co.jcp.util.properties

void addSection(String sectionName, PropertySection section)throws PropertyException

PropertySection getSection(String sectionName) throws SectionNotFoundException

java.util.Enumeration getSections() throws SectionNotFoundException

void save() throws PropertyException

void setParentProperties(JCPProperties jcp)

JCPPropertyFactory uk.co.jcp.util.properties

JCPProperties getInstance(String source) throws PropertyException

JCPProperties getInstance(String source, JCPProperties parentProperties)throws PropertyException

String getResourceType()


JCPProperties getInstance(String source) throws PropertyException

JCPProperties getInstance(String source, JCPProperties parentProperties)throws PropertyException

JCPProperties getInstance(String resource, String source) throws PropertyException

JCPProperties getInstance(String resource, String source,JCPProperties parentProperties) throws PropertyException

boolean isRegistered(String resource)

void registerPropertyFactory(JCPPropertyFactory factory)

void setDefaultPropertyFactory(JCPPropertyFactory factory)throws PropertyException


byte[] generatePKCS10Request(String subjectName, boolean base64)throws TokenKeyStoreException

java.security.cert.X509Certificate[] getCertificateChain()

KeyUsages getKeyUsages()

java.security.PrivateKey getPrivateKey()

java.security.PublicKey getPublicKey()

❉♦ KeyEntry(java.security.PrivateKey key,java.security.cert.X509Certificate[] chain, KeyUsages keyUsages)

● void setCertificateChain(java.security.cert.X509Certificate[] newchain)throws IncompleteChainException, com.iplanet.trustbase.secu-rity.cert.ValidateException, TokenKeyStoreException

❍♦ java.security.cert.X509Certificate[] setCertificateChainImpl(java.security.cert.X509Certificate[] chain)throws TokenKeyStoreException

void setKeyUsages(KeyUsages usages)

218

Object➥KeyUsages Cloneable


void addUsage(KeyUsages.KeyUsageI usage)

✍■ int CLIENT_AUTH

Object clone()

✍■ int CODE_SIGNING

✍■ int CRL_SIGN

✍■ int DATA_ENCIPHERMENT

✍■ int DECIPHER_ONLY

✍■ int DIGITAL_SIGNATURE

✍■ KeyUsages.ExtendedKeyUsage EKU_CLIENT_AUTH

✍■ KeyUsages.ExtendedKeyUsage EKU_CODE_SIGNING

✍■ KeyUsages.ExtendedKeyUsage EKU_EMAIL_PROTECTION

✍■ KeyUsages.ExtendedKeyUsage EKU_SERVER_AUTH

✍■ KeyUsages.ExtendedKeyUsage EKU_TIME_STAMPING

✍■ int EMAIL_PROTECTION

✍■ int ENCIPHER_ONLY

✍■ KeyUsages.ExtendedKeyUsage[] EXTENDED_KEY_USAGES

❏ KeyUsages.KeyUsageI getByAbbrev(String abbrev)

❏ KeyUsages.ExtendedKeyUsage getByOid(String oid)

java.util.Set getExtendedKeyUsages()

java.util.Set getKeyUsages()

boolean hasUsage(KeyUsages.KeyUsageI usage)

✍■ int KEY_AGREEMENT

✍■ int KEY_CERT_SIGN

✍■ int KEY_ENCIPHERMENT

✍■ KeyUsages.KeyUsage[] KEY_USAGES

❉ KeyUsages()

❉ KeyUsages(boolean[] keyUsages, String[] ekuOids)

❉ KeyUsages(KeyUsages.KeyUsage[] keyUsages,KeyUsages.ExtendedKeyUsage[] extendedKeyUsages)

✍■ KeyUsages.KeyUsage KU_CRL_SIGN

✍■ KeyUsages.KeyUsage KU_DECIPHER_ONLY

✍■ KeyUsages.KeyUsage KU_DIGITAL_SIGNATURE

✍■ KeyUsages.KeyUsage KU_ENCIPHER_ONLY

✍■ KeyUsages.KeyUsage KU_KEY_AGREEMENT

✍■ KeyUsages.KeyUsage KU_KEY_CERT_SIGN

✍■ KeyUsages.KeyUsage KU_KEY_ENCIPHERMENT

✍■ KeyUsages.KeyUsage KU_NON_REPUDIATION

✍■ int NON_REPUDIATION

void removeUsage(KeyUsages.KeyUsageI usage)

✍■ int SERVER_AUTH

✍■ int TIME_STAMPING

219

Object➥KeyUsages.KeyUsageI

➥KeyUsages.ExtendedKeyUsage


➥KeyUsages.KeyUsage


Object➥KeyUsageSpecification


➥Exception➥PropertyException

➥MalformedPropertyException

Object➥MessageData

KeyUsages.ExtendedKeyUsage com.iplanet.trustbase.security.store

String getOid()

KeyUsages.KeyUsage com.iplanet.trustbase.security.store

int getBitPosition()

KeyUsages.KeyUsageI com.iplanet.trustbase.security.store

boolean equals(Object obj)

String getAbbrev()

int getCode()

String getDescription()

String getName()

int hashCode()

KeyUsageSpecification com.iplanet.trustbase.security.store

❉ KeyUsageSpecification()

MalformedPropertyException uk.co.jcp.util.properties

❉ MalformedPropertyException(String message)

MessageData com.iplanet.trustbase.initiator.dsms

byte[] getMessage()

byte[] getTxID()

❉ MessageData(byte[] message, byte[] txID)

220

MessageFactory

Object➥NewOCSPUtil



➥TrustException➥NoKeyUsageException



➥NoSuchEntryException

MessageFactory com.iplanet.trustbase.initiator.dsms

MessageData buildMessage(java.security.cert.X509Certificate[] toCheck,boolean generateNonce, StringBuffer nonceValue)throws CSCMessageException, com.iplanet.trustbase.initiator.Con-figAdapterException

CertStatus[] parseMessage(java.security.cert.X509Certificate[] request,MessageData response, boolean forceProof)throws CSCMessageException, com.iplanet.trustbase.initiator.Con-figAdapterException

NewOCSPUtil com.iplanet.trustbase.initiator.dsms

❏ com.iplanet.trustbase.secu-rity.ocsp.OCSPResponse

deserializeOCSPResponse(String data)throws com.iplanet.trustbase.identrus.csc.CscUtilityException

❏ CertIdContainer[] getCertIdsFromOCSPResponse(com.iplanet.trustbase.security.ocsp.OCSPResponse ocspResponse)throws com.iplanet.trustbase.identrus.csc.CscUtilityException

❏ byte[] getNonceFromOCSPResponse(com.iplanet.trustbase.security.ocsp.OCSPResponse ocspResponse)throws com.iplanet.trustbase.identrus.csc.CscUtilityException

❏ java.util.Date getProducedAt(com.iplanet.trustbase.security.ocsp.OCSPResponse ocspResponse)throws com.iplanet.trustbase.identrus.csc.CscUtilityException

❉ NewOCSPUtil()

❏ com.iplanet.trustbase.secu-rity.ocsp.OCSPResponse

retrieveOCSPResponse(com.iplanet.trustbase.generated.IDENTRUS.CERTIFICATE_STATUS_CHECK_DTD.CSCResponse cscResponse)throws com.iplanet.trustbase.identrus.csc.CscUtilityException

NoKeyUsageException com.iplanet.trustbase.security.store

❉ NoKeyUsageException(KeyUsages.KeyUsageI usage,java.security.cert.X509Certificate[] chain)

NoSuchEntryException com.iplanet.trustbase.security.store

❉ NoSuchEntryException(String entryAlias)

221

Object➥Password PasswordCallback

PasswordCallback



➥PasswordCallback.GiveUpException

Object➥PropertyCodes

Password com.iplanet.trustbase.security.store

char[] getPasswordChars()

❉ Password(char[] password)

Password readPassword(String displayText)

Password readPasswordAgain(String displayText)throws PasswordCallback.GiveUpException

PasswordCallback com.iplanet.trustbase.security.store

Password readPassword(String displayText)throws PasswordCallback.GiveUpException

Password readPasswordAgain(String displayText)throws PasswordCallback.GiveUpException

PasswordCallback.GiveUpException com.iplanet.trustbase.security.store

❉ PasswordCallback.GiveUpException(String message)


✍❏ String CPI_LOCATION_DEFAULT

✍❏ String CPI_LOCATION_FORCE_DEFAULT

✍❏ String CSC_CLIP_BASE64_LINES

✍❏ String CSC_CREATE_SIGNED_OCSP

✍❏ String CSC_DATA_CONVERTER

✍❏ String CSC_LOCATION_DEFAULT

✍❏ String CSC_LOCATION_FORCE_DEFAULT

✍❏ String CSC_LOCATION_RPRESPONDERPROXY

✍❏ String CSC_MAX_PROOF_RESPONSE_AGE

✍❏ String CSC_MESSAGE_FACTORY

✍❏ String CSC_MESSAGE_FACTORY_DEFAULT

✍❏ String CSC_MESSAGE_FACTORY_FORCE_DEFAULT

✍❏ String CSC_PREFERRED_OID

✍❏ String CSC_PREFERRED_PROTOCOL

✍❏ String CSC_PREFERRED_VERSION

✍❏ String CSC_PROTOCOL_ADAPTER

✍❏ String CSC_RESOURCE_DATA_CONVERTER

✍❏ String CSC_RESOURCE_MAX_PROOF_RESPONSE_AGE

222

Object➥PropertyConfigAdapter com.iplanet.trustbase.initiator.ConfigAdapter

✍❏ String CSC_RESOURCE_MESSAGE_FACTORY

✍❏ String CSC_RESOURCE_MESSAGE_FACTORY_DEFAULT

✍❏ String CSC_RESOURCE_PREFERRED_OID

✍❏ String CSC_RESOURCE_PREFERRED_VERSION

✍❏ String CSC_RESOURCE_PROTOCOL_ADAPTER

✍❏ String CSC_VERIFY_SIGNED_OCSP

✍❏ String INITIATOR_ENGINE_LOGGER

✍❏ String INITIATOR_KEYSTORE_DOMAIN_SPACE

✍❏ String INITIATOR_KEYSTORE_PASSWORD

✍❏ String INITIATOR_KEYSTORE_SIGNING_CERTIFICATE

✍❏ String INITIATOR_KEYSTORE_SSLSIGNING_CERTIFICATE

✍❏ String INITIATOR_KEYSTORE_VERIFICATION_CERTIFICATE

✍❏ String INITIATOR_LOCATION_DEFAULT

✍❏ String INITIATOR_LOCATION_FORCE_DEFAULT

✍❏ String INITIATOR_RESOURCE_TRANSPORT_ADAPTER

✍❏ String INITIATOR_RESOURCE_TRANSPORT_ADAPTER_DEFAULT

✍❏ String INITIATOR_TRANSPORT_ADAPTER

✍❏ String INITIATOR_TRANSPORT_DEFAULT_PROTOCOL

❉ PropertyCodes()


♦ java.security.cert.X509Certificate[] completeChain(com.iplanet.trustbase.security.store.TokenKeyStore store, java.util.Collection c)throws com.iplanet.trustbase.initiator.ConfigAdapterException

java.security.cert.X509Certificate[] completeChain(java.security.cert.X509Certificate certificate)throws com.iplanet.trustbase.initiator.ConfigAdapterException









❉ PropertyConfigAdapter()

❉ PropertyConfigAdapter(java.util.Properties properties,java.util.Map objectProperties, java.security.PrivateKey signingKey,java.security.cert.X509Certificate[] signerPath,java.security.cert.X509Certificate[][] vertificationPaths)

❉ PropertyConfigAdapter(java.util.Properties properties,java.util.Map objectProperties, String signingName,String[] verificationNames,com.iplanet.trustbase.security.store.TokenKeyStore store)throws com.iplanet.trustbase.initiator.ConfigAdapterException

223



Object➥PropertyManager



➥PropertyNotFoundException

❉♦ PropertyConfigAdapter(java.util.Properties properties,java.util.Map objectProperties, String signingName,String sslsigningName, String[] verificationNames,com.iplanet.trustbase.security.store.TokenKeyStore store)throws com.iplanet.trustbase.initiator.ConfigAdapterException

❉ PropertyConfigAdapter(java.util.Properties properties,java.security.PrivateKey signingKey,java.security.cert.X509Certificate[] signerPath,java.security.cert.X509Certificate[][] vertificationPaths)

❉ PropertyConfigAdapter(java.util.Properties properties,String signingName, String[] verificationNames,com.iplanet.trustbase.security.store.TokenKeyStore store)throws com.iplanet.trustbase.initiator.ConfigAdapterException

❉ PropertyConfigAdapter(java.util.Properties properties,String signingName, String sslsigningName,String[] verificationNames,com.iplanet.trustbase.security.store.TokenKeyStore store)throws com.iplanet.trustbase.initiator.ConfigAdapterException

void validateChain(java.security.cert.X509Certificate[] chain)throws com.iplanet.trustbase.initiator.ConfigAdapterException

PropertyException uk.co.jcp.util.properties

❉ PropertyException(String message)

PropertyManager uk.co.jcp.util.properties

❏ JCPProperties getInstance(String source) throws PropertyException

❏ JCPProperties getInstance(String source, JCPProperties parentProperties)throws PropertyException

❏ JCPProperties getInstance(String resource, String source) throws PropertyException

❏ JCPProperties getInstance(String resource, String source,JCPProperties parentProperties) throws PropertyException

boolean isRegistered(String resource)

❏ void registerPropertyFactory(JCPPropertyFactory factory)

❏ void setDefaultPropertyFactory(JCPPropertyFactory factory)throws PropertyException

❏ void setRegistry(JCPPropertyFactoryRegistry registry)

PropertyNotFoundException uk.co.jcp.util.properties

String getMessage()

String getPropertyName()

❉ PropertyNotFoundException(String propertyName)

224

PropertySection java.io.Serializable


byte[] getBlobProperty(String key) throws MalformedPropertyException, Proper-tyNotFoundException

byte[] getBlobProperty(String key, byte[] defaultValue)throws MalformedPropertyException

boolean getBooleanProperty(String key) throws MalformedPropertyException,PropertyNotFoundException

boolean getBooleanProperty(String key, boolean defaultValue)throws MalformedPropertyException

java.util.Date getDateProperty(String key) throws MalformedPropertyException, Proper-tyNotFoundException

java.util.Date getDateProperty(String key, java.util.Date defaultValue)throws MalformedPropertyException

java.util.Date getDateProperty(String key, String dateFormat)throws MalformedPropertyException, PropertyNotFoundException

java.util.Date getDateProperty(String key, String dateFormat,java.util.Date defaultValue) throws MalformedPropertyException

double getDoubleProperty(String key) throws MalformedPropertyException,PropertyNotFoundException

double getDoubleProperty(String key, double defaultValue)throws MalformedPropertyException

java.util.Enumeration getEnumeratedProperty(String key) throws PropertyNotFoundException

float getFloatProperty(String key) throws MalformedPropertyException, Prop-ertyNotFoundException

float getFloatProperty(String key, float defaultValue)throws MalformedPropertyException

int getIntProperty(String key) throws MalformedPropertyException, Proper-tyNotFoundException

int getIntProperty(String key, int defaultValue)throws MalformedPropertyException

java.util.Enumeration getKeys()

long getLongProperty(String key) throws MalformedPropertyException, Prop-ertyNotFoundException

long getLongProperty(String key, long defaultValue)throws MalformedPropertyException

Object getObjectProperty(String key) throws PropertyNotFoundException

Object getObjectProperty(String key, Object defaultValue)

String getSectionName()

String getStringProperty(String key) throws PropertyNotFoundException

String getStringProperty(String key, String defaultValue)

void setBooleanProperty(String key, boolean value) throws PropertyException

void setDateProperty(String key, java.util.Date value)throws PropertyException

void setDateProperty(String key, java.util.Date value, String dateFormat)throws PropertyException

void setDoubleProperty(String key, double value) throws PropertyException

void setEnumeratedProperty(String key, java.util.Enumeration values)throws PropertyException

void setFloatProperty(String key, float value) throws PropertyException

void setIntProperty(String key, int value) throws PropertyException

225

PropertySource java.io.Serializable

ProtocolAdapter

Object➥ProtocolAdapterFactory

void setLongProperty(String key, long value) throws PropertyException

void setObjectProperty(String key, Object value) throws PropertyException

void setStringProperty(String key, String value) throws PropertyException

PropertySource uk.co.jcp.util.properties

boolean containsSection(String sectionName)

java.util.Enumeration getKeys(String section)

java.util.Enumeration getPropertyValues(String section, String key)

java.util.Enumeration getSectionNames()

void load(String source) throws PropertyException

void setProperty(String section, String key, Object value)throws PropertyException

ProtocolAdapter com.iplanet.trustbase.initiator.dsms

StatusCheckData[] getStatus(java.security.cert.X509Certificate[] certificatePath,boolean acquireProof, boolean generateNonce,StringBuffer nonceValue) throws CSCProtocolException,com.iplanet.trustbase.initiator.ConfigAdapterException, CSCMessa-geException, com.iplanet.trustbase.initiator.TransportAdapterEx-ception

boolean validateStatus(StatusCheckData[] status,java.security.cert.X509Certificate[] certificatePath,boolean acquireProof, byte[] nonceValue)throws CSCProtocolException, com.iplanet.trustbase.initiator.Confi-gAdapterException, CSCMessageException, com.iplanet.trust-base.initiator.TransportAdapterException


✍ java.util.Map adapters

✍ com.iplanet.trustbase.initiator.Con-figAdapter

configAdapter

♦ String getAdapterClassName(String adapterName)throws com.iplanet.trustbase.initiator.ConfigAdapterException

ProtocolAdapter getInstance(String oid) throws CSCProtocolException, com.iplanet.trust-base.initiator.ConfigAdapterException

ProtocolAdapter getInstance(String oid, int version) throws CSCProtocolException,com.iplanet.trustbase.initiator.ConfigAdapterException

♦ ProtocolAdapter makeAdapter(String oid, String className)throws CSCProtocolException, com.iplanet.trustbase.initiator.Confi-gAdapterException

♦ java.util.List makeAdapterList(String oid) throws CSCProtocolException,com.iplanet.trustbase.initiator.ConfigAdapterException

❉ ProtocolAdapterFactory(com.iplanet.trustbase.initiator.ConfigAdapter configAdapter)

226



➥SectionAlreadyDefinedException



➥PropertyNotFoundException➥SectionNotFoundException

Object➥StatusCheckData

Object➥TokenKeyStore

SectionAlreadyDefinedException uk.co.jcp.util.properties

❉ SectionAlreadyDefinedException(String message)

SectionNotFoundException uk.co.jcp.util.properties

❉ SectionNotFoundException(String message)


CertStatus[] getCertStatus()

byte[] getHumanReadableRequestData() throws CSCException

byte[] getHumanReadableResponseData() throws CSCException

byte[] getRequestData()

java.util.Date getRequestTime()

String getResponderURL()

byte[] getResponseData()

byte[] getTransactionID()

❉ StatusCheckData(CertStatus[] certStatus, java.util.Date timestamp,byte[] txID, byte[] requestData, byte[] responseData,String responderURL, DataConverterClient client)


❍ TrustedCertificateEntry addTrustedCertificateEntry(String alias,java.security.cert.X509Certificate cert)throws AliasConflictException, TokenKeyStoreException

❍ java.util.Set aliases()

❍ java.security.cert.X509Certificate[] completeCertificateChain(java.security.cert.X509Certificate[] partialChain)throws IncompleteChainException, TokenKeyStoreException

❍ void deleteEntry(TokenKeyStoreEntry entry) throws NoSuchEntryException,TokenKeyStoreException

❍ void doCommand(String commandVerb, String[] arguments)throws TokenKeyStoreException

❍ byte[] exportPKCS12KeyEntry(String alias, PasswordCallback callback)throws NoSuchEntryException, TokenKeyStoreException

227


❍ KeyEntry generateKeyPair(String alias, String subjectName, String algorithm,int keysize) throws TokenKeyStoreException

❍ java.util.Set getAllEntries() throws TokenKeyStoreException

❍ java.util.Set getAllKeyEntries()

❍ java.util.Set getAllTrustedCertificateEntries()

❍ TokenKeyStoreEntry getEntry(String alias) throws NoSuchEntryException, TokenKeyStoreEx-ception

❍ TokenKeyStoreEntry getEntry(String issuer, java.math.BigInteger serialNo)throws NoSuchEntryException, TokenKeyStoreException

❍ TokenKeyStoreEntry getEntry(java.security.cert.X509Certificate cert)throws NoSuchEntryException, TokenKeyStoreException

❏ TokenKeyStore getInstance(String type, String location, PasswordCallback callback)throws TokenKeyStoreException

❍ KeyEntry getKeyEntry(String alias) throws NoSuchEntryException, TokenKeyStore-Exception

❍ KeyEntry getKeyEntry(String issuer, java.math.BigInteger serialNo)throws NoSuchEntryException, TokenKeyStoreException

❍ TrustedCertificateEntry getTrustedCertificateEntry(String alias) throws NoSuchEntryException,TokenKeyStoreException

❍ TrustedCertificateEntry getTrustedCertificateEntry(String issuer, java.math.BigInteger serialNo)throws NoSuchEntryException, TokenKeyStoreException

❍ KeyEntry importPKCS12KeyEntry(String alias, byte[] encodedEntry,PasswordCallback callback) throws AliasConflictException, Incom-pleteChainException, TokenKeyStoreException

❏ void main(String[] args) throws Throwable

✍■ String PROVIDER_PROPERTY

❉ TokenKeyStore()

❍ void updateEntry(TokenKeyStoreEntry entry) throws NoSuchEntryException,TokenKeyStoreException

void validate(java.security.cert.X509Certificate[] chain, java.util.Date date)throws com.iplanet.trustbase.security.cert.ValidateException, Trust-Exception, TokenKeyStoreException

❍ void validate(java.security.cert.X509Certificate[] chain, KeyUsages purpose,java.util.Date date)throws com.iplanet.trustbase.security.cert.ValidateException, Trust-Exception, TokenKeyStoreException

TokenKeyStoreEntry com.iplanet.trustbase.security.store

❍ void addAlias(String alias) throws AliasConflictException, TokenKeyStoreEx-ception

❍ java.util.Set getAliases()

String getIssuerName()

java.math.BigInteger getSerialNo()

String getSubjectName()

❍ void removeAlias(String alias) throws TokenKeyStoreException

●♦ void setSubject(String subjectName, String issuerName,java.math.BigInteger serialNo)

228





➥TokenKeyStoreInstantiationException

Object➥TokenKeyTool

TokenKeyStoreException com.iplanet.trustbase.security.store

void printStackTrace()

void printStackTrace(java.io.PrintStream s)

void printStackTrace(java.io.PrintWriter s)

❉ TokenKeyStoreException(String message)

❉ TokenKeyStoreException(Throwable t)

String toString()

TokenKeyStoreInstantiationException com.iplanet.trustbase.security.store

❉ TokenKeyStoreInstantiationException(String message)

❉ TokenKeyStoreInstantiationException(Throwable t)


❏ void addAlias(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void certReq(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void deleteCert(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void deleteKey(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void digest(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ boolean doCommand(String command, com.iplanet.trustbase.util.argv.Argv argv,com.iplanet.trustbase.util.argv.Argv startArgv) throws Throwable

❏ void examineCerts(com.iplanet.trustbase.util.argv.Argv argv)throws Throwable

❏ void exportCerts(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void exportKey(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void genKey(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void httpsClient(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void httpsServer(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void importKey(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void importKeyChain(com.iplanet.trustbase.util.argv.Argv argv)throws Throwable

❏ void importTrustedCerts(com.iplanet.trustbase.util.argv.Argv argv)throws Throwable

❏ void listAliases(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void listCerts(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void listKeys(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void listProviders(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

229

TransportAdapter



➥TransportAdapterException

Object➥TransportAdapterFactory


➥TrustedCertificateEntry


❏ void main(String[] args) throws Throwable

❏ void removeAlias(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void shell(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void sign(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

✍■ String SWITCH_RESOURCE

❉ TokenKeyTool()

❏ void validate(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

❏ void verify(com.iplanet.trustbase.util.argv.Argv argv) throws Throwable

TransportAdapter com.iplanet.trustbase.initiator

byte[] sendReceive(byte[] data, String url, String messageType)throws TransportAdapterException, ConfigAdapterException

TransportAdapterException com.iplanet.trustbase.initiator

❉ TransportAdapterException(String message)

❉ TransportAdapterException(String message, Throwable throwable)

❉ TransportAdapterException(String message, Throwable throwable,Object[] args)

❉ TransportAdapterException(Throwable throwable)

TransportAdapterFactory com.iplanet.trustbase.initiator

✍■ Class[] _argTypes

❏ TransportAdapter getTransportAdapterFromLocation(String location, ConfigAdapter config)throws TransportAdapterException

❏ TransportAdapter getTransportAdapterFromProtocol(String protocol, ConfigAdapter config)throws TransportAdapterException

✍❏ String PROPERTIES_FILE

❉ TransportAdapterFactory()

TrustedCertificateEntry com.iplanet.trustbase.security.store

java.security.cert.X509Certificate getTrustedCertificate()

❉♦ TrustedCertificateEntry(java.security.cert.X509Certificate trusted)

TrustException com.iplanet.trustbase.security.store

230


➥TrustException



➥UnmatchedSubjectCertException

WritablePropertySource PropertySource

Object➥XURL

Object➥XURLTransportAdapter com.iplanet.trustbase.initiator.TransportAdapter

❉ TrustException(java.security.cert.X509Certificate[] cert, String reason)


java.security.cert.X509Certificate getExistingCertificate()

java.security.cert.X509Certificate getUnmatchedCertificate()

❉ UnmatchedSubjectCertException(java.security.cert.X509Certificate newCert, java.security.cert.X509Certificate oldCert)

WritablePropertySource uk.co.jcp.util.properties

void addSection(String sectionName, PropertySection section)throws SectionAlreadyDefinedException

void save() throws PropertyException


java.net.URLConnection openConnection() throws java.io.IOException

❉ XURL(String urlStr) throws java.net.MalformedURLException

XURLTransportAdapter com.iplanet.trustbase.initiator.transport

byte[] sendReceive(byte[] data, String location, String messageType)throws com.iplanet.trustbase.initiator.TransportAdapterException,com.iplanet.trustbase.initiator.ConfigAdapterException

❉ XURLTransportAdapter(com.iplanet.trustbase.initiator.ConfigAdapter configAdapter)

231

232

-

-

-

-

-

Index

Symbols_argTypes

of com.iplanet.trustbase.initiator.Transport-AdapterFactory33

Aadapters

of com.iplanet.trustbase.initiator.dsms.Proto-colAdapterFactory87

addAlias(Argv)of com.iplanet.trustbase.security.store.Token-

KeyTool 147addAlias(String)

of com.iplanet.trustbase.security.store.Token-KeyStoreEntry141

addSection(String, PropertySection)of uk.co.jcp.util.properties.JCPProperties177of uk.co.jcp.util.properties.WritableProperty-

Source205addTrustedCertificateEntry(String,

X509Certificate)of com.iplanet.trustbase.security.store.Token-

KeyStore134addUsage(KeyUsages.KeyUsageI)

of com.iplanet.trustbase.security.store.Key-Usages119

aiasof com.iplanet.trustbase.initiator.dsms.CertId-

Container52AliasConflictException

of com.iplanet.trustbase.security.store105AliasConflictException(String)

of com.iplanet.trustbase.security.store.Alias-ConflictException106

aliases()of com.iplanet.trustbase.security.store.Token-

KeyStore134

BbuildMessage(X509Certificate[], boolean,

StringBuffer)of com.iplanet.trustbase.initiator.dsms.Mes-

sageFactory80

CcertID

of com.iplanet.trustbase.initiator.dsms.CertIdContainer52

CertIdContainerof com.iplanet.trustbase.initiator.dsms52

CertIdContainer(CertID)of com.iplanet.trustbase.initiator.dsms.CertId

Container53CertIdContainer(CertID, String, String)


CertIdContainer(CertID, String[], String[])of com.iplanet.trustbase.initiator.dsms.CertId

Container53certReq(Argv)

of com.iplanet.trustbase.security.store.TokenKeyTool 147

CertStatusof com.iplanet.trustbase.initiator.dsms54

CertStatus(CertStatus.CS, Date,X509Certificate[], CertID, byte[], bool-ean)

of com.iplanet.trustbase.initiator.dsms.Cert-Status56

CertStatus(CertStatus.CS, String)of com.iplanet.trustbase.initiator.dsms.Cert-

Status56CertStatus(CertStatus.CS, String, Object[])


CertStatus(CertStatus.CS, String, Object[],Throwable)


CertStatus(CertStatus.CS, String, Throwable)of com.iplanet.trustbase.initiator.dsms.Cert-

Status56CertStatus.CS

of com.iplanet.trustbase.initiator.dsms59CertStatusCodes

of com.iplanet.trustbase.initiator.dsms60CertStatusCodes()

of com.iplanet.trustbase.initiator.dsms.Cert-StatusCodes63

CLIENT_AUTHof com.iplanet.trustbase.security.store.Key-

Usages115CLIENT_CERT_SELECTOR

233

Index

-

-

of com.iplanet.trustbase.xurl.HttpsConfigura-tionProperties167

clone()of com.iplanet.trustbase.security.store.Key-

Usages119CODE_SIGNING


com.iplanet.trustbase.initiatorpackage5

com.iplanet.trustbase.initiator.configpackage35

com.iplanet.trustbase.initiator.dsmspackage51

com.iplanet.trustbase.initiator.loggerpackage93

com.iplanet.trustbase.initiator.transportpackage97

com.iplanet.trustbase.security.storepackage103

com.iplanet.trustbase.xurlpackage159

completeCertificateChain(X509Certificate[])of com.iplanet.trustbase.security.store.Token-

KeyStore134completeChain(TokenKeyStore, Collection)

of com.iplanet.trustbase.initiator.config.Prop-ertyConfigAdapter48

completeChain(X509Certificate)of com.iplanet.trustbase.initiator.config.Confi-

gAdapterImpl37of com.iplanet.trustbase.initiator.config.Prop-

ertyConfigAdapter48of com.iplanet.trustbase.initiator.ConfigAdapt-

er 6ConfigAdapter

of com.iplanet.trustbase.initiator6configAdapter


ConfigAdapterExceptionof com.iplanet.trustbase.initiator9

ConfigAdapterException(String)of com.iplanet.trustbase.initiator.ConfigAdap-

terException10ConfigAdapterException(String, Throwable)

of com.iplanet.trustbase.initiator.ConfigAdap-terException10

ConfigAdapterException(String, Throwable,Object[])

of com.iplanet.trustbase.initiator.ConfigAdap-terException10

ConfigAdapterException(Throwable)of com.iplanet.trustbase.initiator.ConfigAdap-

terException10ConfigAdapterImpl

of com.iplanet.trustbase.initiator.config36ConfigAdapterImpl(Properties)

of com.iplanet.trustbase.initiator.config.ConfigAdapterImpl37

connect()of com.iplanet.trustbase.xurl.HttpsURLCon-

nection170construct(CertID, String[], String[])


containsSection(String)of uk.co.jcp.util.properties.PropertySource

200CPI_LOCATION_DEFAULT

of com.iplanet.trustbase.initiator.Property-Codes25

CPI_LOCATION_FORCE_DEFAULTof com.iplanet.trustbase.initiator.Property-

Codes25CRL_SIGN


CSC_CANNOT_CHECK_ROOTof com.iplanet.trustbase.initiator.Exception-

Codes14CSC_CLASS_LOAD

of com.iplanet.trustbase.initiator.Exception-Codes14

CSC_CLIP_BASE64_LINESof com.iplanet.trustbase.initiator.Property-

Codes26CSC_COULD_NOT_CREATE_DATA_CONV

ERTERof com.iplanet.trustbase.initiator.Exception-

Codes15CSC_COULD_NOT_DECODE_PKCS7_BLO

CKof com.iplanet.trustbase.initiator.Exception-

Codes15CSC_CREATE_SIGNED_OCSP


CSC_DATA_CONVERTERof com.iplanet.trustbase.initiator.Property-

234

Index

Codes26CSC_HTTP_CONNECT_FAILED


CSC_HTTP_NO_MIME_TYPEof com.iplanet.trustbase.initiator.Exception-

Codes15CSC_HTTP_NO_ROUTE_TO_HOST


CSC_HTTP_OPEN_CONNECTION_FAILEDof com.iplanet.trustbase.initiator.Exception-

Codes15CSC_HTTP_PROTOCOL_ERROR


CSC_HTTP_READ_FAILEDof com.iplanet.trustbase.initiator.Exception-

Codes15CSC_HTTP_SOCKET_ERROR


CSC_HTTP_UNKNOWN_HOSTof com.iplanet.trustbase.initiator.Exception-

Codes16CSC_HTTP_WRITE_FAILED


CSC_IDENTRUS_GEN_ERRORof com.iplanet.trustbase.initiator.Exception-

Codes16CSC_IDENTRUS_INVALID_RESPONSE_ME

SSAGEof com.iplanet.trustbase.initiator.Exception-

Codes16CSC_IDENTRUS_MESSAGE_ERROR


CSC_IDENTRUS_OCSP_BASE64_ERRORof com.iplanet.trustbase.initiator.Exception-

Codes16CSC_IDENTRUS_SIGNATURE_ERROR


CSC_IDENTRUS_TXID_ERRORof com.iplanet.trustbase.initiator.Exception-

Codes16CSC_INVALID_MESSAGE_FACTORY


CSC_INVALID_PROTOCOL_VERSIONof com.iplanet.trustbase.initiator.Exception-

Codes16CSC_INVALID_SIGNATURE_ON_PKCS7_SI

GNED_BLOCKof com.iplanet.trustbase.initiator.Exception-

Codes17CSC_INVALID_TRANSPORT_ADAPTER


CSC_LOCATION_DEFAULTof com.iplanet.trustbase.initiator.Property-

Codes26CSC_LOCATION_FORCE_DEFAULT


CSC_LOCATION_RPRESPONDERPROXYof com.iplanet.trustbase.initiator.Property-

Codes26CSC_MALFORMED_URL


CSC_MAX_PROOF_RESPONSE_AGEof com.iplanet.trustbase.initiator.Property-

Codes26CSC_MESSAGE_FACTORY


CSC_MESSAGE_FACTORY_DEFAULTof com.iplanet.trustbase.initiator.Property-

Codes26CSC_MESSAGE_FACTORY_FORCE_DEFA

ULTof com.iplanet.trustbase.initiator.Property-

Codes26CSC_MISSING_AIA


CSC_MISSING_SIGNINGCHAIN_FROM_RESPONSE


CSC_NO_CERTIFICATES_TO_CHECKof com.iplanet.trustbase.initiator.Exception-

Codes17CSC_NO_DEFAULT_LOCATION


CSC_NO_DEFAULT_MESSAGE_FACTORYof com.iplanet.trustbase.initiator.Exception-

235

Index

Codes17CSC_NO_STATUSES_RECEIVED


CSC_OCSP_ASN1_BUILD_ERRORof com.iplanet.trustbase.initiator.Exception-

Codes18CSC_OCSP_ASN1_ERROR


CSC_OCSP_NO_RESPONSE_DATAof com.iplanet.trustbase.initiator.Exception-

Codes18CSC_OCSP_NO_RESPONSE_SIGNATURE


CSC_OCSP_OCSP_BUILD_ERRORof com.iplanet.trustbase.initiator.Exception-

Codes18CSC_OCSP_OCSP_ERROR


CSC_OCSP_RESPONSE_SIGNER_COULD_NOT_BE_FOUND


CSC_OCSP_SIGNING_CERT_NOT_TRUSTED


CSC_OCSP_X509_ERRORof com.iplanet.trustbase.initiator.Exception-

Codes18CSC_ONLY_SINGLE_CERTIFICATE_SIGNI

NGof com.iplanet.trustbase.initiator.Exception-

Codes18CSC_PREFERRED_OID


CSC_PREFERRED_PROTOCOLof com.iplanet.trustbase.initiator.Property-

Codes27CSC_PREFERRED_VERSION


CSC_PROTOCOL_ADAPTERof com.iplanet.trustbase.initiator.Property-

Codes27CSC_RECEIVED_BAD_STATUS_PROOF_C

ERTof com.iplanet.trustbase.initiator.Exception-

Codes19CSC_RECEIVED_BAD_STATUS_REQUEST

_CERTof com.iplanet.trustbase.initiator.Exception-

Codes19CSC_RECEIVED_ERROR_CERT_STATUS


CSC_RECEIVED_MISMATCHED_NONCEof com.iplanet.trustbase.initiator.Exception-

Codes19CSC_RECEIVED_OLD_STATUS_PROOF_C

ERTof com.iplanet.trustbase.initiator.Exception-

Codes19CSC_RESOURCE_DATA_CONVERTER


CSC_RESOURCE_MAX_PROOF_RESPONSE_AGE


CSC_RESOURCE_MESSAGE_FACTORYof com.iplanet.trustbase.initiator.Property-

Codes27CSC_RESOURCE_MESSAGE_FACTORY_D

EFAULTof com.iplanet.trustbase.initiator.Property-

Codes27CSC_RESOURCE_PREFERRED_OID


CSC_RESOURCE_PREFERRED_VERSIONof com.iplanet.trustbase.initiator.Property-

Codes27CSC_RESOURCE_PROTOCOL_ADAPTER


CSC_STATUS_MISSING_FOR_PROOF_CERT


CSC_STATUS_MISSING_FOR_REQUEST_CERT


CSC_TRANSPORT_UNSPECIFIEDof com.iplanet.trustbase.initiator.Exception-

236

Index

-

-

-

-

-

-

-

Codes19CSC_UNIMPLEMENTED


CSC_VERIFY_SIGNED_OCSPof com.iplanet.trustbase.initiator.Property-

Codes28CSCEngine

of com.iplanet.trustbase.initiator.dsms64CSCEngine(ConfigAdapter)

of com.iplanet.trustbase.initia-tor.dsms.CSCEngine65

CSCExceptionof com.iplanet.trustbase.initiator.dsms71

CSCException(String)of com.iplanet.trustbase.initia-

tor.dsms.CSCException72CSCException(String, Throwable)

of com.iplanet.trustbase.initia-tor.dsms.CSCException72

CSCException(String, Throwable, Object[])of com.iplanet.trustbase.initia-

tor.dsms.CSCException72CSCMessageException

of com.iplanet.trustbase.initiator.dsms73CSCMessageException(String)

of com.iplanet.trustbase.initiator.dsms.CSC-MessageException74

CSCMessageException(String, Throwable)of com.iplanet.trustbase.initiator.dsms.CSC-

MessageException74CSCMessageException(String, Throwable, Ob-

ject[])of com.iplanet.trustbase.initiator.dsms.CSC-

MessageException74CSCProtocolException

of com.iplanet.trustbase.initiator.dsms75CSCProtocolException(String)

of com.iplanet.trustbase.initia-tor.dsms.CSCProtocolException76

CSCProtocolException(String, Throwable)of com.iplanet.trustbase.initia-

tor.dsms.CSCProtocolException76CSCProtocolException(String, Throwable, Ob-

ject[])of com.iplanet.trustbase.initia-

tor.dsms.CSCProtocolException76

DDATA_ENCIPHERMENT


DataConverterClientof com.iplanet.trustbase.initiator.dsms77

DECIPHER_ONLYof com.iplanet.trustbase.security.store.Key-

Usages115DefaultEngineLogger

of com.iplanet.trustbase.initiator.logger94DefaultEngineLogger()

of com.iplanet.trustbase.initiator.logger.De-faultEngineLogger94

deleteCert(Argv)of com.iplanet.trustbase.security.store.Token

KeyTool 147deleteEntry(TokenKeyStoreEntry)

of com.iplanet.trustbase.security.store.TokenKeyStore134

deleteKey(Argv)of com.iplanet.trustbase.security.store.Token

KeyTool 148describeChain(X509Certificate[])

of com.iplanet.trustbase.security.store.IncompleteChainException108

deserializeOCSPResponse(String)of com.iplanet.trustbase.initia-

tor.dsms.NewOCSPUtil82digest(Argv)


DIGITAL_SIGNATUREof com.iplanet.trustbase.security.store.Key-

Usages116doCommand(String, Argv, Argv)


doCommand(String, String[])of com.iplanet.trustbase.security.store.Token

KeyStore135doConnect(String, int)

of com.iplanet.trustbase.xurl.HttpsClient163

EEKU_CLIENT_AUTH


237

Index

-

-

-

-

-

-

-

-

EKU_CODE_SIGNINGof com.iplanet.trustbase.security.store.Key-

Usages116EKU_EMAIL_PROTECTION


EKU_SERVER_AUTHof com.iplanet.trustbase.security.store.Key-

Usages116EKU_TIME_STAMPING


EMAIL_PROTECTIONof com.iplanet.trustbase.security.store.Key-

Usages116ENCIPHER_ONLY


EngineLoggerof com.iplanet.trustbase.initiator11

equals(Object)of com.iplanet.trustbase.initiator.dsms.CertId-

Container53of com.iplanet.trustbase.security.store.Key-

Usages.KeyUsageI122ERROR


ERROR_PROPERTYof com.iplanet.trustbase.initiator.config.Error-

ConfigAdapter40ErrorConfigAdapter

of com.iplanet.trustbase.initiator.config39ErrorConfigAdapter()

of com.iplanet.trustbase.initiator.config.Error-ConfigAdapter40

ErrorConfigAdapter(Properties, Map, Pri-vateKey, X509Certificate[],X509Certificate[][])


ErrorConfigAdapter(Properties, Map, String,String[], TokenKeyStore)


ErrorConfigAdapter(Properties, PrivateKey,X509Certificate[], X509Certificate[][])


ErrorConfigAdapter(Properties, String, String,

String[], TokenKeyStore)of com.iplanet.trustbase.initiator.config.Error-

ConfigAdapter42ErrorConfigAdapter(Properties, String,

String[], TokenKeyStore)of com.iplanet.trustbase.initiator.config.Error-

ConfigAdapter41examineCerts(Argv)


ExceptionCodesof com.iplanet.trustbase.initiator12

ExceptionCodes()of com.iplanet.trustbase.initiator.Exception-

Codes20exportCerts(Argv)


exportKey(Argv)of com.iplanet.trustbase.security.store.Token

KeyTool 148exportPKCS12KeyEntry(String, PasswordCall-

back)of com.iplanet.trustbase.security.store.Token

KeyStore135EXTENDED_KEY_USAGES


GgenerateKeyPair(String, String, String, int)


generatePKCS10Request(String, boolean)of com.iplanet.trustbase.security.store.KeyEn

try 111genKey(Argv)


getAbbrev()of com.iplanet.trustbase.security.store.Key-

Usages.KeyUsageI122getAdapterClassName(String)


getAIA(String)of com.iplanet.trustbase.initiator.dsms.CertId

Container53getAliases()

238

Index

-

-

-

-


getAllEntries()of com.iplanet.trustbase.security.store.Token-

KeyStore136getAllKeyEntries()

of com.iplanet.trustbase.security.store.Token-KeyStore136

getAllTrustedCertificateEntries()of com.iplanet.trustbase.security.store.Token-

KeyStore136getArgs()

of com.iplanet.trustbase.initiator.InitiatorEx-ception22

getBitPosition()of com.iplanet.trustbase.security.store.Key-

Usages.KeyUsage121getBlobProperty(String)

of uk.co.jcp.util.properties.PropertySection191

getBlobProperty(String, byte[])of uk.co.jcp.util.properties.PropertySection

191getBooleanProperty(String)


getBooleanProperty(String, boolean)of uk.co.jcp.util.properties.PropertySection

192getByAbbrev(String)


getByOid(String)of com.iplanet.trustbase.security.store.Key-

Usages119getCertID()

of com.iplanet.trustbase.initiator.dsms.CertId-Container53

getCertIdsFromOCSPResponse(OCSPRe-sponse)

of com.iplanet.trustbase.initia-tor.dsms.NewOCSPUtil83

getCertificateChain()of com.iplanet.trustbase.security.store.KeyEn-

try 111getCertificateFromPkcs7(byte[], byte[])


getCertStatus()of com.iplanet.trustbase.initiator.dsms.Cert-

Status57of com.iplanet.trustbase.initiator.dsms.Status

CheckData90getCheckCertificateIssuerNameHash()


getCheckCertificatePublicKeyHash()of com.iplanet.trustbase.initiator.dsms.Cert-

Status57getCheckCertificateSerialNumber()


getClientCertSelector()of com.iplanet.trustbase.xurl.HttpsConfigura-

tion 165getCode()

of com.iplanet.trustbase.initiator.dsms.Cert-Status.CS59

of com.iplanet.trustbase.security.store.Key-Usages.KeyUsageI123

getDateProperty(String)of uk.co.jcp.util.properties.PropertySection

192getDateProperty(String, Date)


getDateProperty(String, String)of uk.co.jcp.util.properties.PropertySection

193getDateProperty(String, String, Date)


getDescription()of com.iplanet.trustbase.security.store.Key-

Usages.KeyUsageI123getDoubleProperty(String)


getDoubleProperty(String, double)of uk.co.jcp.util.properties.PropertySection

194getEntry(String)


getEntry(String, BigInteger)of com.iplanet.trustbase.security.store.Token

KeyStore136getEntry(X509Certificate)


239

Index

-

-

-

-

-

-

getEnumeratedProperty(String)of uk.co.jcp.util.properties.PropertySection

194getExistingCertificate()

of com.iplanet.trustbase.security.store.Un-matchedSubjectCertException157

getExtendedKeyUsages()of com.iplanet.trustbase.security.store.Key-

Usages119getFloatProperty(String)


getFloatProperty(String, float)of uk.co.jcp.util.properties.PropertySection

195getHumanReadableRequestData()

of com.iplanet.trustbase.initiator.dsms.Status-CheckData90

getHumanReadableResponseData()of com.iplanet.trustbase.initiator.dsms.Status-

CheckData90getIncompleteChain()

of com.iplanet.trustbase.security.store.Incom-pleteChainException108

getInstance()of com.iplanet.trustbase.xurl.HttpsConfigura-

tion 165getInstance(String)


of uk.co.jcp.util.properties.JCPPropertyFacto-ry 178

of uk.co.jcp.util.properties.JCPPropertyFacto-ryRegistry180

of uk.co.jcp.util.properties.PropertyManager186

getInstance(String, int)of com.iplanet.trustbase.initiator.dsms.Proto-

colAdapterFactory87getInstance(String, JCPProperties)

of uk.co.jcp.util.properties.JCPPropertyFacto-ry 178



getInstance(String, String)of uk.co.jcp.util.properties.JCPPropertyFacto-

ryRegistry181of uk.co.jcp.util.properties.PropertyManager

186getInstance(String, String, JCPProperties)

of uk.co.jcp.util.properties.JCPPropertyFactoryRegistry181


getInstance(String, String, PasswordCallback)of com.iplanet.trustbase.security.store.Token

KeyStore137getIntProperty(String)


getIntProperty(String, int)of uk.co.jcp.util.properties.PropertySection

195getIssuerName()

of com.iplanet.trustbase.security.store.TokenKeyStoreEntry141

getKeyEntry(String)of com.iplanet.trustbase.security.store.Token

KeyStore137getKeyEntry(String, BigInteger)


getKeys()of uk.co.jcp.util.properties.PropertySection

195getKeys(String)

of uk.co.jcp.util.properties.PropertySource200

getKeyUsages()of com.iplanet.trustbase.security.store.KeyEn

try 111of com.iplanet.trustbase.security.store.Key-

Usages119getLongProperty(String)


getLongProperty(String, long)of uk.co.jcp.util.properties.PropertySection

196getMessage()

of com.iplanet.trustbase.initiator.dsms.Mes-sageData79

of uk.co.jcp.util.properties.PropertyNotFoun-dException189

getName()of com.iplanet.trustbase.security.store.Key-

Usages.KeyUsageI123getNestedException()

240

Index

-

-

-

-

-

-

-


getNewClient(URL)of com.iplanet.trustbase.xurl.HttpsURLCon-

nection171getNonce()


getNonceFromOCSPResponse(OCSPResponse)of com.iplanet.trustbase.initia-

tor.dsms.NewOCSPUtil83getObjectProperty(String)

of com.iplanet.trustbase.initiator.config.Confi-gAdapterImpl37



of com.iplanet.trustbase.initiator.ConfigAdapt-er 7


getObjectProperty(String, Object)of uk.co.jcp.util.properties.PropertySection

196getOid()

of com.iplanet.trustbase.security.store.Key-Usages.ExtendedKeyUsage120

getPasswordChars()of com.iplanet.trustbase.security.store.Pass-

word 129getPrivateKey()

of com.iplanet.trustbase.security.store.KeyEn-try 111

getProducedAt()of com.iplanet.trustbase.initiator.dsms.Cert-

Status57getProducedAt(OCSPResponse)


getProperty(String)of com.iplanet.trustbase.initiator.config.Confi-

gAdapterImpl37of com.iplanet.trustbase.initiator.config.Error-

ConfigAdapter42of com.iplanet.trustbase.initiator.config.Prop-


er 7getPropertyName()


getPropertyValues(String, String)of uk.co.jcp.util.properties.PropertySource

201getProxiedClient(URL, String, int)

of com.iplanet.trustbase.xurl.HttpsURLCon-nection171

getPublicKey()of com.iplanet.trustbase.security.store.KeyEn

try 112getRequestData()

of com.iplanet.trustbase.initiator.dsms.StatusCheckData91

getRequestTime()of com.iplanet.trustbase.initiator.dsms.Status

CheckData91getResourceProperty(String)


getResourceType()of uk.co.jcp.util.properties.JCPPropertyFacto

ry 179getResponderURL()

of com.iplanet.trustbase.initiator.dsms.StatusCheckData91

getResponseArgs()of com.iplanet.trustbase.initiator.dsms.Cert-

Status57getResponseCode()


getResponseData()of com.iplanet.trustbase.initiator.dsms.Status

CheckData91getSection(String)

of uk.co.jcp.util.properties.JCPProperties177getSectionName()


getSectionNames()of uk.co.jcp.util.properties.PropertySource

201getSections()

of uk.co.jcp.util.properties.JCPProperties177getSerialNo()

of com.iplanet.trustbase.security.store.TokenKeyStoreEntry141

getServerCertAlias()of com.iplanet.trustbase.xurl.HttpsConfigura-

241

Index

-

-

-

d-

-

-

-

tion 165getSignerKey()





getSignerPath()of com.iplanet.trustbase.initiator.config.Confi-




er 7getSigningPath()


getSSLSignerKey()of com.iplanet.trustbase.initiator.config.Confi-




er 8getSSLSignerPath()





getStatus(X509Certificate[], boolean, boolean,StringBuffer)


of com.iplanet.trustbase.initiator.dsms.Proto-colAdapter84

getStatus(X509Certificate[], boolean, byte[])of com.iplanet.trustbase.initia-

tor.dsms.CSCEngine67getStatus(X509Certificate[], boolean, String-

Buffer)of com.iplanet.trustbase.initia-

tor.dsms.CSCEngine68getStore()

of com.iplanet.trustbase.initiator.config.ConfigAdapterImpl38

getStringProperty(String)of uk.co.jcp.util.properties.PropertySection

197getStringProperty(String, String)


getSubjectName()of com.iplanet.trustbase.security.store.Token

KeyStoreEntry141getTokenKeyStore()

of com.iplanet.trustbase.xurl.HttpsConfigura-tion 165

getTransactionID()of com.iplanet.trustbase.initiator.dsms.Status

CheckData91getTransportAdapterFromLocation(String,

ConfigAdapter)of com.iplanet.trustbase.initiator.Transport-

AdapterFactory34getTransportAdapterFromProtocol(String,

ConfigAdapter)of com.iplanet.trustbase.initiator.Transport-

AdapterFactory34getTrustedCertificate()

of com.iplanet.trustbase.security.store.TrusteCertificateEntry153

getTrustedCertificateEntry(String)of com.iplanet.trustbase.security.store.Token

KeyStore138getTrustedCertificateEntry(String, BigInteger)


getTxID()of com.iplanet.trustbase.initiator.dsms.Mes-

sageData79getUnmatchedCertificate()


getVerificationPaths()of com.iplanet.trustbase.initiator.config.Confi



242

Index

-

-

-

-

-


er 8GOOD


HHandler

of com.iplanet.trustbase.xurl160Handler()

of com.iplanet.trustbase.xurl.Handler161Handler(String, int)

of com.iplanet.trustbase.xurl.Handler161hashCode()

of com.iplanet.trustbase.security.store.Key-Usages.KeyUsageI123

hasUsage(KeyUsages.KeyUsageI)of com.iplanet.trustbase.security.store.Key-

Usages119HttpsClient

of com.iplanet.trustbase.xurl162httpsClient(Argv)

of com.iplanet.trustbase.security.store.Token-KeyTool 149

HttpsClient(URL)of com.iplanet.trustbase.xurl.HttpsClient163

HttpsClient(URL, String, int)of com.iplanet.trustbase.xurl.HttpsClient163

HttpsConfigurationof com.iplanet.trustbase.xurl164

HttpsConfigurationPropertiesof com.iplanet.trustbase.xurl167

HttpsConfigurationProperties()of com.iplanet.trustbase.xurl.HttpsConfigura-

tionProperties168httpsServer(Argv)


HttpsURLConnectionof com.iplanet.trustbase.xurl169

HttpsURLConnection(URL, Handler)of com.iplanet.trustbase.xurl.HttpsURLCon-

nection170HTTPTransportAdapter

of com.iplanet.trustbase.initiator.transport98HTTPTransportAdapter(ConfigAdapter)

of com.iplanet.trustbase.initiator.transport.HT-TPTransportAdapter98

IIDENTRUS_OID


IDENTRUS_PROTOCOLof com.iplanet.trustbase.initia-

tor.dsms.CSCEngine65importKey(Argv)


importKeyChain(Argv)of com.iplanet.trustbase.security.store.Token

KeyTool 149importPKCS12KeyEntry(String, byte[], Pass-

wordCallback)of com.iplanet.trustbase.security.store.Token

KeyStore138importTrustedCerts(Argv)


IncompleteChainExceptionof com.iplanet.trustbase.security.store107

IncompleteChainException(X509Certificate[])of com.iplanet.trustbase.security.store.Incom

pleteChainException108IncorrectPasswordException

of com.iplanet.trustbase.security.store109IncorrectPasswordException()

of com.iplanet.trustbase.security.store.Incor-rectPasswordException109

INITIALISATION_EXCEPTIONof com.iplanet.trustbase.xurl.HttpsConfigura-

tionProperties167INITIATOR_ENGINE_LOGGER


INITIATOR_KEYSTORE_DOMAIN_SPACEof com.iplanet.trustbase.initiator.Property-

Codes28INITIATOR_KEYSTORE_PASSWORD


INITIATOR_KEYSTORE_SIGNING_CERTIFICATE


INITIATOR_KEYSTORE_SSLSIGNING_CERTIFICATE

of com.iplanet.trustbase.initiator.Property-

243

Index

-

Codes28INITIATOR_KEYSTORE_VERIFICATION_

CERTIFICATEof com.iplanet.trustbase.initiator.Property-

Codes28INITIATOR_LOCATION_DEFAULT


INITIATOR_LOCATION_FORCE_DEFAULT




INITIATOR_RESOURCE_TRANSPORT_ADAPTER_DEFAULT


INITIATOR_TRANSPORT_ADAPTERof com.iplanet.trustbase.initiator.Property-

Codes29INITIATOR_TRANSPORT_DEFAULT_PRO

TOCOLof com.iplanet.trustbase.initiator.Property-

Codes29InitiatorException

of com.iplanet.trustbase.initiator21InitiatorException(String)


InitiatorException(String, Throwable)of com.iplanet.trustbase.initiator.InitiatorEx-

ception22InitiatorException(String, Throwable, Object[])


InitiatorException(Throwable)of com.iplanet.trustbase.initiator.InitiatorEx-

ception22isCheckedCertificate(X509Certificate,

X509Certificate)of com.iplanet.trustbase.initiator.dsms.Cert-

Status58isFreshnessProof()


isRegistered(String)of uk.co.jcp.util.properties.JCPPropertyFacto-


187

Jjava.applet - package207JCPProperties

of uk.co.jcp.util.properties176JCPPropertyFactory

of uk.co.jcp.util.properties178JCPPropertyFactoryRegistry

of uk.co.jcp.util.properties180

KKEY_AGREEMENT


KEY_CERT_SIGNof com.iplanet.trustbase.security.store.Key-

Usages117KEY_ENCIPHERMENT


KEY_USAGESof com.iplanet.trustbase.security.store.Key-

Usages117KeyEntry

of com.iplanet.trustbase.security.store110KeyEntry(PrivateKey, X509Certificate[], Key-

Usages)of com.iplanet.trustbase.security.store.KeyEn

try 111KeyUsages

of com.iplanet.trustbase.security.store113KeyUsages()


KeyUsages(boolean[], String[])of com.iplanet.trustbase.security.store.Key-

Usages118KeyUsages(KeyUsages.KeyUsage[], KeyUsag-

es.ExtendedKeyUsage[])of com.iplanet.trustbase.security.store.Key-

Usages118KeyUsages.ExtendedKeyUsage

of com.iplanet.trustbase.security.store120KeyUsages.KeyUsage

of com.iplanet.trustbase.security.store121

244

Index

-

-

KeyUsages.KeyUsageIof com.iplanet.trustbase.security.store122

KeyUsageSpecificationof com.iplanet.trustbase.security.store124

KeyUsageSpecification()of com.iplanet.trustbase.security.store.Key-

UsageSpecification124KU_CRL_SIGN


KU_DECIPHER_ONLYof com.iplanet.trustbase.security.store.Key-

Usages117KU_DIGITAL_SIGNATURE


KU_ENCIPHER_ONLYof com.iplanet.trustbase.security.store.Key-

Usages117KU_KEY_AGREEMENT


KU_KEY_CERT_SIGNof com.iplanet.trustbase.security.store.Key-

Usages117KU_KEY_ENCIPHERMENT


KU_NON_REPUDIATIONof com.iplanet.trustbase.security.store.Key-

Usages118

LlistAliases(Argv)


listCerts(Argv)of com.iplanet.trustbase.security.store.Token-

KeyTool 149listKeys(Argv)


listProviders(Argv)of com.iplanet.trustbase.security.store.Token-

KeyTool 150load(String)

of uk.co.jcp.util.properties.PropertySource201


of com.iplanet.trustbase.initiator.EngineLog-ger11

of com.iplanet.trustbase.initiator.logger.De-faultEngineLogger95

Mmain(String[])



makeAdapter(String, String)of com.iplanet.trustbase.initiator.dsms.Proto-

colAdapterFactory88makeAdapterList(String)


makeHumanReadableRequest(byte[])of com.iplanet.trustbase.initiator.dsms.Data-

ConverterClient77makeHumanReadableResponse(byte[])

of com.iplanet.trustbase.initiator.dsms.Data-ConverterClient77

MalformedPropertyExceptionof uk.co.jcp.util.properties183

MalformedPropertyException(String)of uk.co.jcp.util.properties.MalformedProper-

tyException183MessageData

of com.iplanet.trustbase.initiator.dsms78MessageData(byte[], byte[])

of com.iplanet.trustbase.initiator.dsms.Mes-sageData78

MessageFactoryof com.iplanet.trustbase.initiator.dsms80

NNew(URL)

of com.iplanet.trustbase.xurl.HttpsClient163NewOCSPUtil

of com.iplanet.trustbase.initiator.dsms82NewOCSPUtil()


NoKeyUsageExceptionof com.iplanet.trustbase.security.store125

NoKeyUsageException(KeyUsages.KeyUsageI,X509Certificate[])

245

Index

of com.iplanet.trustbase.security.store.NoKey-UsageException126

NON_REPUDIATIONof com.iplanet.trustbase.security.store.Key-

Usages118NoSuchEntryException

of com.iplanet.trustbase.security.store127NoSuchEntryException(String)

of com.iplanet.trustbase.securi-ty.store.NoSuchEntryException127

OOCSP_OID


OCSP_PROTOCOLof com.iplanet.trustbase.initia-

tor.dsms.CSCEngine65openConnection()

of com.iplanet.trustbase.xurl.XURL173openConnection(URL)

of com.iplanet.trustbase.xurl.Handler161

PparseMessage(X509Certificate[], MessageData,

boolean)of com.iplanet.trustbase.initiator.dsms.Mes-

sageFactory80Password

of com.iplanet.trustbase.security.store128Password(char[])

of com.iplanet.trustbase.security.store.Pass-word 128

PasswordCallbackof com.iplanet.trustbase.security.store130

PasswordCallback.GiveUpExceptionof com.iplanet.trustbase.security.store131

PasswordCallback.GiveUpException(String)of com.iplanet.trustbase.security.store.Pass-

wordCallback.GiveUpException131printStackTrace()

of com.iplanet.trustbase.security.store.Token-KeyStoreException143

printStackTrace(PrintStream)of com.iplanet.trustbase.security.store.Token-

KeyStoreException143printStackTrace(PrintWriter)

of com.iplanet.trustbase.security.store.Token-

KeyStoreException143PROPERTIES_FILE


PropertyCodesof com.iplanet.trustbase.initiator24

PropertyCodes()of com.iplanet.trustbase.initiator.Property-

Codes29PropertyConfigAdapter

of com.iplanet.trustbase.initiator.config45PropertyConfigAdapter()


PropertyConfigAdapter(Properties, Map, Pri-vateKey, X509Certificate[],X509Certificate[][])


PropertyConfigAdapter(Properties, Map,String, String, String[], TokenKeyStore)


PropertyConfigAdapter(Properties, Map,String, String[], TokenKeyStore)


PropertyConfigAdapter(Properties, Pri-vateKey, X509Certificate[],X509Certificate[][])


PropertyConfigAdapter(Properties, String,String, String[], TokenKeyStore)


PropertyConfigAdapter(Properties, String,String[], TokenKeyStore)


PropertyExceptionof uk.co.jcp.util.properties184

PropertyException(String)of uk.co.jcp.util.properties.PropertyException

184PropertyManager

of uk.co.jcp.util.properties185PropertyNotFoundException

of uk.co.jcp.util.properties188PropertyNotFoundException(String)

246

Index

-

-

-


PropertySectionof uk.co.jcp.util.properties190

PropertySourceof uk.co.jcp.util.properties200

ProtocolAdapterof com.iplanet.trustbase.initiator.dsms84

ProtocolAdapterFactoryof com.iplanet.trustbase.initiator.dsms86

ProtocolAdapterFactory(ConfigAdapter)of com.iplanet.trustbase.initiator.dsms.Proto-

colAdapterFactory87PROVIDER_PROPERTY


proxyof com.iplanet.trustbase.xurl.Handler161

proxyPortof com.iplanet.trustbase.xurl.Handler161

RreadPassword(String)

of com.iplanet.trustbase.security.store.Pass-word 129

of com.iplanet.trustbase.security.store.Pass-wordCallback130

readPasswordAgain(String)of com.iplanet.trustbase.security.store.Pass-

word 129of com.iplanet.trustbase.security.store.Pass-

wordCallback130registerPropertyFactory(JCPPropertyFactory)



removeAlias(Argv)of com.iplanet.trustbase.security.store.Token-

KeyTool 150removeAlias(String)


removeUsage(KeyUsages.KeyUsageI)of com.iplanet.trustbase.security.store.Key-

Usages119retrieveOCSPResponse(CSCResponse)


REVOKEDof com.iplanet.trustbase.initiator.dsms.Cert-

Status56

Ssave()

of uk.co.jcp.util.properties.JCPProperties177of uk.co.jcp.util.properties.WritableProperty-

Source205SectionAlreadyDefinedException

of uk.co.jcp.util.properties202SectionAlreadyDefinedException(String)

of uk.co.jcp.util.properties.SectionAlreadyDe-finedException202

SectionNotFoundExceptionof uk.co.jcp.util.properties203

SectionNotFoundException(String)of uk.co.jcp.util.properties.SectionNotFoun-

dException204sendReceive(byte[], String, String)

of com.iplanet.trustbase.initiator.transport.HTTPTransportAdapter99

of com.iplanet.trustbase.initiator.trans-port.XURLTransportAdapter102

of com.iplanet.trustbase.initiator.Transport-Adapter30

SERVER_AUTHof com.iplanet.trustbase.security.store.Key-

Usages118SERVER_CERT_ALIAS

of com.iplanet.trustbase.xurl.HttpsConfigura-tionProperties167

setBooleanProperty(String, boolean)of uk.co.jcp.util.properties.PropertySection

197setCertificateChain(X509Certificate[])

of com.iplanet.trustbase.security.store.KeyEntry 112

setCertificateChainImpl(X509Certificate[])of com.iplanet.trustbase.security.store.KeyEn

try 112setClientCert(X509Certificate)


setClientCertAlias(String)of com.iplanet.trustbase.xurl.HttpsConfigura-

tion 165setClientCertSelector(SSLClientCertSelector)

of com.iplanet.trustbase.xurl.HttpsConfigura-

247

Index

-

-

tion 165setDateProperty(String, Date)


setDateProperty(String, Date, String)of uk.co.jcp.util.properties.PropertySection

198setDefaultPropertyFactory(JCPPropertyFacto-

ry)of uk.co.jcp.util.properties.JCPPropertyFacto-


187setDoubleProperty(String, double)


setEnumeratedProperty(String, Enumeration)of uk.co.jcp.util.properties.PropertySection

198setFloatProperty(String, float)


setIntProperty(String, int)of uk.co.jcp.util.properties.PropertySection

199setKeyUsages(KeyUsages)

of com.iplanet.trustbase.security.store.KeyEn-try 112

setLongProperty(String, long)of uk.co.jcp.util.properties.PropertySection

199setObjectProperty(String, Object)


setParentProperties(JCPProperties)of uk.co.jcp.util.properties.JCPProperties177

setProperty(String, String, Object)of uk.co.jcp.util.properties.PropertySource

201setRegistry(JCPPropertyFactoryRegistry)


setServerCertAlias(String)of com.iplanet.trustbase.xurl.HttpsConfigura-

tion 165setStringProperty(String, String)


setSubject(String, String, BigInteger)of com.iplanet.trustbase.security.store.Token-

KeyStoreEntry141setTokenKeyStore(TokenKeyStore)


shell(Argv)of com.iplanet.trustbase.security.store.Token

KeyTool 150sign(Argv)


STATUS_IDENTRUS_CANNOT_VALIDATEof com.iplanet.trustbase.initiator.dsms.Cert-

StatusCodes61STATUS_IDENTRUS_CSC_ERROR


STATUS_IDENTRUS_CSC_EXCEPTIONof com.iplanet.trustbase.initiator.dsms.Cert-

StatusCodes61STATUS_IDENTRUS_INVALID_SIGNING_C

HAINof com.iplanet.trustbase.initiator.dsms.Cert-

StatusCodes61STATUS_IDENTRUS_NO_RESPONSE_FOU

NDof com.iplanet.trustbase.initiator.dsms.Cert-

StatusCodes61STATUS_IDENTRUS_NO_TRUSTED_ROOT

Sof com.iplanet.trustbase.initiator.dsms.Cert-

StatusCodes61STATUS_IDENTRUS_SIGNATURE_INVALI

Dof com.iplanet.trustbase.initiator.dsms.Cert-

StatusCodes61STATUS_IDENTRUS_SIGNING_CERT_NOT

_TRUSTEDof com.iplanet.trustbase.initiator.dsms.Cert-

StatusCodes62STATUS_IDENTRUS_TRANSPORT_ERROR


STATUS_OCSP_INTERNAL_ERRORof com.iplanet.trustbase.initiator.dsms.Cert-

StatusCodes62STATUS_OCSP_MALFORMED_REQUEST


STATUS_OCSP_SIGNATURE_REQUIREDof com.iplanet.trustbase.initiator.dsms.Cert-

248

Index

-

-

-

-

-

d-

StatusCodes62STATUS_OCSP_TRY_LATER


STATUS_OCSP_UNAUTHORISEDof com.iplanet.trustbase.initiator.dsms.Cert-

StatusCodes62STATUS_OCSP_UNKNOWN_RESPONSE_E

RRORof com.iplanet.trustbase.initiator.dsms.Cert-

StatusCodes62STATUS_OCSP_VERIFICATION_FAILED


StatusCheckDataof com.iplanet.trustbase.initiator.dsms89

StatusCheckData(CertStatus[], Date, byte[],byte[], byte[], String, DataConverterCli-ent)

of com.iplanet.trustbase.initiator.dsms.Status-CheckData90

SWITCH_RESOURCEof com.iplanet.trustbase.security.store.Token-

KeyTool 147

TTIME_STAMPING


TOKEN_KEY_STOREof com.iplanet.trustbase.xurl.HttpsConfigura-

tionProperties167TokenKeyStore

of com.iplanet.trustbase.security.store132TokenKeyStore()


TokenKeyStoreEntryof com.iplanet.trustbase.security.store140

TokenKeyStoreExceptionof com.iplanet.trustbase.security.store142

TokenKeyStoreException(String)of com.iplanet.trustbase.security.store.Token-

KeyStoreException143TokenKeyStoreException(Throwable)

of com.iplanet.trustbase.security.store.Token-KeyStoreException143

TokenKeyStoreInstantiationExceptionof com.iplanet.trustbase.security.store144

TokenKeyStoreInstantiationException(String)of com.iplanet.trustbase.security.store.Token

KeyStoreInstantiationException145TokenKeyStoreInstantiationException(Throw-

able)of com.iplanet.trustbase.security.store.Token

KeyStoreInstantiationException145TokenKeyTool

of com.iplanet.trustbase.security.store146TokenKeyTool()


toString()of com.iplanet.trustbase.initiator.dsms.CertId

Container53of com.iplanet.trustbase.initiator.dsms.Cert-

Status58of com.iplanet.trustbase.initiator.dsms.Cert-

Status.CS59of com.iplanet.trustbase.security.store.Token

KeyStoreException143TransportAdapter

of com.iplanet.trustbase.initiator30TransportAdapterException

of com.iplanet.trustbase.initiator31TransportAdapterException(String)

of com.iplanet.trustbase.initiator.Transport-AdapterException32

TransportAdapterException(String, Throw-able)


TransportAdapterException(String, Throw-able, Object[])


TransportAdapterException(Throwable)of com.iplanet.trustbase.initiator.Transport-

AdapterException32TransportAdapterFactory

of com.iplanet.trustbase.initiator33TransportAdapterFactory()


TrustedCertificateEntryof com.iplanet.trustbase.security.store152

TrustedCertificateEntry(X509Certificate)of com.iplanet.trustbase.security.store.Truste

CertificateEntry153TrustException

249

Index

-
of com.iplanet.trustbase.security.store154TrustException(X509Certificate[], String)
of com.iplanet.trustbase.security.store.Trust-Exception155

Uuk.co.jcp.util.properties

package175UNKNOWN


UnmatchedSubjectCertExceptionof com.iplanet.trustbase.security.store156

UnmatchedSubjectCertExcep-tion(X509Certificate, X509Certificate)


UNRECOGNIZEDof com.iplanet.trustbase.initiator.dsms.Cert-

Status56updateEntry(TokenKeyStoreEntry)


Vvalidate(Argv)


validate(X509Certificate[], Date)of com.iplanet.trustbase.security.store.Token-

KeyStore139validate(X509Certificate[], KeyUsages, Date)


validateChain(X509Certificate[])of com.iplanet.trustbase.initiator.config.Confi-

gAdapterImpl38of com.iplanet.trustbase.initiator.config.Prop-


er 8validateStatus(StatusCheckData[],

X509Certificate[], boolean, byte[])of com.iplanet.trustbase.initia-

tor.dsms.CSCEngine69of com.iplanet.trustbase.initiator.dsms.Proto-

colAdapter85verify(Argv)


WWritablePropertySource

of uk.co.jcp.util.properties205

XXURL

of com.iplanet.trustbase.xurl172XURL(String)

of com.iplanet.trustbase.xurl.XURL172XURLTransportAdapter

of com.iplanet.trustbase.initiator.transport101XURLTransportAdapter(ConfigAdapter)

of com.iplanet.trustbase.initiator.trans-port.XURLTransportAdapter101

250

Documents

iWS: Plugin for Trustbase Services Java API Documentation · Get the set of certiﬁcate paths that will be used to verify the response message. Returns: the veriﬁcation paths or