|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.rsa.certj.CertJ
This class collects a number of common parameters and state variables. It tracks are the lists of currently registered service providers and a random number object for use in Crypto-J API calls.
Copyright © RSA Security Inc., 1999-2001. All rights reserved.
Field Summary |
|
static String |
CERT_J_VERSION
Indicates the current version of Cert-J. |
static int |
SERVICE_ORDER_FIRST
Indicates that the service provider should be inserted before others of the same type. |
static int |
SERVICE_ORDER_LAST
Indicates that the service provider should be inserted after others of the same type. |
static int |
SPT_CERT_PATH
Denotes a certification path processing service provider. |
static int |
SPT_CERT_STATUS
Denotes a certificate revocation status service provider. |
static int |
SPT_DATABASE
Denotes a database service provider. |
static int |
SPT_PKI
Denotes a PKI service provider. |
static int |
SPT_RANDOM
Denotes a random service provider. |
Constructor Summary |
|
CertJ()
Constructs an instance of |
|
CertJ(Provider[] providers)
Constructs an instance of |
Method Summary |
|
void |
addProvider(Provider provider)
Adds a provider. |
void |
addProvider(Provider provider,
int order)
Adds a provider using a particular ordering. |
bindService(int type,
String name)
Creates a |
|
bindServices(int type)
Binds all the providers of a given type to a
|
|
bindServices(int type,
String[] names)
Creates a |
|
boolean |
buildCertPath(CertPathCtx pathCtx,
Object startObject,
Vector certPath,
Vector crlList,
Vector crlCerts,
Vector policyInfoList)
Constructs a path in certPath from startObject to one of the trusted certificates provided in pathCtx, the certification path context. |
checkCertRevocation(CertPathCtx pathCtx,
Certificate cert)
Determines whether a particular certificate is revoked or not based on the information provided in pathCtx. |
|
static String |
getDefaultDevice()
Returns the device string that will be used when an object of this class is instantiated. |
getDevice()
Returns a |
|
void |
getNextCertInPath(CertPathCtx pathCtx,
Object baseObject,
Vector certList)
Collects a set of candidate certificates that have public keys that can verify the signature of baseObject, using the path-processing options and conditions in pathCtx. |
com.rsa.jsafe.JSAFE_Session[] |
getPKCS11Sessions()
Returns the PKCS11 sessions collected before |
com.rsa.jsafe.JSAFE_SecureRandom |
getRandomObject()
Returns the random object associated with this object. |
void |
importPKCS12(File pkcs12File,
char[] password,
DatabaseService database)
Reads the contents of the PKCS #12 file, pkcs12File, using password as the password and stores it in the specified database service, database. |
void |
importPKCS12(String pkcs12File,
char[] password,
DatabaseService database)
Reads the contents of the PKCS #12 file, pkcs12File, using password as the password and stores it in the specified database service, database. |
String[] |
listAllProviders()
Returns a |
String[] |
listProviderNames(int providerType)
Returns a |
void |
registerService(Provider provider)
Registers an additional service provider given in
Provider, after a |
void |
registerService(Provider provider,
int order)
Registers an additional service provider given in
Provider, after a |
void |
removeProvider(int type,
String name)
Removes a provider. |
static String |
serviceTypeToString(int type)
Returns a |
static void |
setDefaultDevice(String device)
Sets the value of the default device string associated with this class. |
void |
setDevice(String device)
Keeps the |
void |
setPKCS11Sessions(com.rsa.jsafe.JSAFE_Session[] SessionArray)
Sets the value of the opened PKCS11 sessions |
void |
unbindService(Service service)
Unbinds service providers in the specified service. |
void |
unregisterAll()
Unregisters all currently registered service providers. |
void |
unregisterService(int type,
String name)
Unregisters a previously registered service provider. |
boolean |
validateCertificate(CertPathCtx pathCtx,
Certificate cert,
com.rsa.jsafe.JSAFE_PublicKey validationKey)
Verifies those aspects of the certification path processing policy that can be determined from the information available in the specified cert, using any parameters specified in pathCtx. |
boolean |
verifyCertPath(CertPathCtx pathCtx,
Object startObject)
Verifies a certification path from startObject to one of the trusted certificates provided in pathCtx, the certification path context, without returning the path verified. |
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static final int SPT_RANDOM
public static final int SPT_DATABASE
public static final int SPT_CERT_STATUS
public static final int SPT_CERT_PATH
public static final int SPT_PKI
public static final int SERVICE_ORDER_FIRST
public static final int SERVICE_ORDER_LAST
CertJ.registerService
uses this value as the default when the order is not specified.public static final String CERT_J_VERSION
Constructor Detail |
public CertJ() throws ProviderManagementException
CertJ
and initializes it
with only one service provider, a DefaultRandom
provider, which is created by
new DefaultRandom ("Default Random")
.
Throws
ProviderManagementException
- If any
service provider management API fails.public CertJ(Provider[] providers) throws ProviderManagementException
CertJ
and initializes
it with a list of service handlers given in providers.Parameters
providers | A |
Throws
ProviderManagementException
- If
registering any service provider fails.Method Detail |
public void setPKCS11Sessions(com.rsa.jsafe.JSAFE_Session[] SessionArray)
Parameters
SessionArray | an array of |
See Also
getPKCS11Sessions()
public com.rsa.jsafe.JSAFE_Session[] getPKCS11Sessions()
Returns
JSAFE_Session
indicating the
PKCS11 sessions used for sign/verify or encrypt/decrypt.
null can be returned.See Also
setPKCS11Sessions(JSAFE_Session[])
public static String getDefaultDevice()
Returns
String
indicating the default device
string.public static void setDefaultDevice(String device)
Parameters
device | A |
public void unregisterAll()
public void registerService(Provider provider) throws InvalidParameterException, ProviderManagementException
CertJ
object is
constructed. It adds an entry for the service provider at the end
of the list of service providers.
If the provider
is a random number provider and
if there is already a random number provider being registered,
it will throw a ProviderManagementException
.
Use unregisterSerive
first to remove the existing
random number provider.Parameters
provider | A |
Throws
InvalidParameterException
- If some of the
parameters are invalid.
ProviderManagementException
- If any
service provider management API fails.public void registerService(Provider provider, int order) throws InvalidParameterException, ProviderManagementException
CertJ
object is
constructed, using a particular ordering.
It adds an entry for the service provider in the list
of service providers in the order specified in order,
either, SERVICE_ORDER_FIRST
or
SERVICE_ORDER_LAST
.
If the provider
is a random number provider and
if there is already a random number provider being registered,
it will throw a ProviderManagementException
.
Use unregisterSerive
first to remove the existing
random number provider.Parameters
provider | A | ||
order | An |
Throws
InvalidParameterException
- If some of the
parameters are invalid.
ProviderManagementException
- If any
service provider management operation fails.public void unregisterService(int type, String name) throws InvalidParameterException
unregister
method is called. Since
CertJ
automatically unregisters all currently
registered service providers when the CertJ
is
shut down by unregisterAll
, the application does
not need to call this method if the next CertJ
call will be unregisterAll
. The application must
be careful to ensure that the service provider being
unregistered is not bound to any service handles.Parameters
type | An | ||
name | A |
Throws
InvalidParameterException
- If some of the
parameters are invalid.public void addProvider(Provider provider) throws InvalidParameterException, ProviderManagementException
registerService(Provider)
.Parameters
provider | A |
Throws
InvalidParameterException
- If some of the
parameters are invalid.
ProviderManagementException
- If any
service provider management API fails.
See Also
registerService(com.rsa.certj.Provider)
public void addProvider(Provider provider, int order) throws InvalidParameterException, ProviderManagementException
registerService(Provider, int)
.Parameters
provider | A | ||
order | An |
Throws
InvalidParameterException
- If some of the
parameters are invalid.
ProviderManagementException
- If any
service provider management API fails.
See Also
registerService(com.rsa.certj.Provider, int)
public void removeProvider(int type, String name) throws InvalidParameterException
unregisterService(int, Sting)
.Parameters
type | An | ||
name | A |
Throws
InvalidParameterException
- If some of
the parameters are invalid.
See Also
unregisterService(int, java.lang.String)
public Service bindService(int type, String name) throws InvalidParameterException, ProviderManagementException
Service
of type and
name that can be used as a parameter to
CertJ
API methods that target a specific service
provider or set of service providers. Certain Cert-J API
methods, such as database operations, are defined for an object
of a Service
class. To use those API methods,
call this method to create an appropriate service.Parameters
type | An | ||
name | A |
Returns
Service
consisting of a provider of given
type
and name
.
Throws
InvalidParameterException
- If some of the
parameters are invalid.
ProviderManagementException
- If any
service provider management API fails.
See Also
bindServices(int, java.lang.String[])
public Service bindServices(int type, String[] names) throws InvalidParameterException, ProviderManagementException
Service
consisting of one or more
currently-registered service providers. The type of service is
type and names contains a list of provider
names to be bound to the service. Certain Cert-J API methods,
such as database operations, are definedfor an object of a
Service
class. To use those API methods, call
this method to create an appropriate service. Some service types
(for example, SPT_DATABASE
) allow an ordered list
of instances to be specified in the service provider name
array. If null
is specified for names,
all of the provider instances of the given type are bound in
registration order.Parameters
type | An | ||
names | A |
Returns
Service
consisting of providers of the
giventype
and names
.
Throws
InvalidParameterException
- If some of the
parameters are invalid.
ProviderManagementException
- If any
service provider management API fails.
See Also
bindServices(int)
public Service bindServices(int type) throws InvalidParameterException, ProviderManagementException
Service
.Parameters
type | An |
Returns
Service
consisting of all the registered
providers of given type
.
Throws
InvalidParameterException
- If some of the
parameters are invalid.
ProviderManagementException
- If any
service provider management API fails.
See Also
bindServices(int, java.lang.String[])
public void unbindService(Service service)
Parameters
service | A |
public String[] listAllProviders()
String
array that contains a descriptive
string for each provider registered in this object.
Returns
String
array that contains a descriptive
string for each provider.public String[] listProviderNames(int providerType)
String
array that contains the names of
all the providers registered for a given type.Parameters
providerType | An |
Returns
String
array that contains the names of
the providers registered for a given type.public com.rsa.jsafe.JSAFE_SecureRandom getRandomObject() throws NoServiceException, RandomException
Returns
JSAFE_SecureRandom
object associated
with this object.
Throws
NoServiceException
- If unable to get
random object.public String getDevice()
String
that represents a device
associated with this object.
Returns
String
that represents a device.public void setDevice(String device)
device
string to be used for crypto
operations.Parameters
device | A |
public boolean verifyCertPath(CertPathCtx pathCtx, Object startObject) throws InvalidParameterException, NoServiceException, CertPathException
Parameters
pathCtx | A | ||
startObject | Either a |
Returns
true
if valid path is verified,
or false
otherwise.
Throws
InvalidParameterException
- If some of the
parameters are invalid.
NoServiceException
- If no provider is
found for Certification Path Processing Service.
CertPathException
- If a certification
path processing provider fails.
See Also
buildCertPath(com.rsa.certj.spi.path.CertPathCtx,
java.lang.Object, java.util.Vector, java.util.Vector,
java.util.Vector, java.util.Vector)
public boolean buildCertPath(CertPathCtx pathCtx, Object startObject, Vector certPath, Vector crlList, Vector crlCerts, Vector policyInfoList) throws InvalidParameterException, NoServiceException, CertPathException
null
values for the
certPath, crlList, crlCerts,
and policyInfoList parameters, because this method
will throw an exception if the path is not valid. Doing this is
equivalent to calling the verifyCertPath
method.Parameters
pathCtx | A | ||
startObject | Either a | ||
certPath | A | ||
crlList | A | ||
crlCerts | A | ||
policyInfoList | A |
Returns
true
if valid path is built,
false
otherwise.
Throws
InvalidParameterException
- If some of the
parameters are invalid.
NoServiceException
- If no provider is
found for Certification Path Processing Service.
CertPathException
- If a certification
path processing provider fails.
See Also
verifyCertPath(com.rsa.certj.spi.path.CertPathCtx,
java.lang.Object)
public void getNextCertInPath(CertPathCtx pathCtx, Object baseObject, Vector certList) throws InvalidParameterException, NoServiceException, CertPathException
certList
.Parameters
pathCtx | A | ||
baseObject | An | ||
certList | A |
Returns
Throws
InvalidParameterException
- If some of the
parameters are invalid.
NoServiceException
- If no provider is
found for Certification Path Processing Service.
CertPathException
- If a certification
path processing provider fails.public boolean validateCertificate(CertPathCtx pathCtx, Certificate cert, com.rsa.jsafe.JSAFE_PublicKey validationKey) throws InvalidParameterException, NoServiceException, CertPathException
buildCertPath
, this method
does not take the entire certificate chain into account.
It only looks at the provider information contained in
the cert and verifies the certificate based it.
Examples of certificate fields that may
be validated by this routine include:
pathOptions
field of the pathCtx can
selectively disable the above checks or any others that are
implemented by the service provider.Parameters
pathCtx | A | ||
cert | A | ||
validationKey | A |
Returns
true
if validation of the certificate
succeeds, false
otherwise.
Throws
InvalidParameterException
- If any of the
parameters are invalid or null
.
NoServiceException
- If no provider is
found for certification path processing service.
CertPathException
- If a certification
path processing provider fails.public CertRevocationInfo checkCertRevocation(CertPathCtx pathCtx, Certificate cert) throws InvalidParameterException, NoServiceException, CertStatusException
Parameters
pathCtx | A | ||
cert | A |
Returns
CertRevocationInfo
object that holds information
about the status of cert.
Throws
InvalidParameterException
- If any of the
parameters are invalid or null
.
NoServiceException
- If no provider is
found for Certificate Revocation Status Service.
CertStatusException
- If a certificate
revocation status provider fails.public void importPKCS12(String pkcs12File, char[] password, DatabaseService database) throws PKCS12Exception
Parameters
pkcs12File | A | ||
password | A | ||
database | A |
Throws
PKCS12Exception
- If any PKCS #12
operation fails.public void importPKCS12(File pkcs12File, char[] password, DatabaseService database) throws PKCS12Exception
Parameters
pkcs12File | A | ||
password | A | ||
database | A |
Throws
PKCS12Exception
- If any PKCS #12
operation fails.public static String serviceTypeToString(int type)
String
describing the specified service
type.Parameters
type | An |
Returns
String
describing the specified service
type.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |