|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.rsa.certj.Service | +--com.rsa.certj.PKIService
This class represents a PKI service. All the PKI APIs, such
as sendRequest
, are defined as methods
for this class. Create an object of this
class to perform PKI operations. The bindService
method
of the CertJ
class creates an object of this class.
See Also
CertJ.bindService(int, java.lang.String)
Constructor Summary |
|
PKIService(CertJ certJ)
Constructs a |
Method Summary |
|
void |
generateProofOfPossession(PKIRequestMessage request,
com.rsa.jsafe.JSAFE_PrivateKey privateKey,
POPGenerationInfo popGenerationInfo)
Generates a proof-of-possession (POP) for the indicated private key and attaches it to the message object. |
void |
provideProofOfPossession(PKIRequestMessage request,
int popType,
byte[] pop)
Provides proof-of-possession for certificate requests for entities that do not provide direct access to the private key to be certified. |
readCertificationResponseMessage(byte[] response,
ProtectInfo protectInfo)
Deprecated. Use the |
|
requestCertification(PKIRequestMessage request,
ProtectInfo protectInfo,
DatabaseService db)
Deprecated. Use the |
|
sendMessage(byte[] request)
Sends a serialized request message (for example, as returned
by |
|
sendRequest(PKIRequestMessage request,
ProtectInfo protectInfo,
DatabaseService db)
Sends a request message to the specified PKI service provider. |
|
boolean |
validateProofOfPossession(PKIMessage message,
POPValidationInfo popValidationInfo)
Validates a proof-of-possession. |
byte[] |
writeCertificationRequestMessage(PKIRequestMessage request,
ProtectInfo protectInfo)
Deprecated. Use the |
Methods inherited from class com.rsa.certj.Service |
getInstance, listProviderNames, toString, unbind |
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Constructor Detail |
public PKIService(CertJ certJ)
PKIService
object for certJ.Parameters
certJ | The |
Method Detail |
public PKIResponseMessage readCertificationResponseMessage(byte[] response, ProtectInfo protectInfo) throws InvalidParameterException, NoServiceException, PKIException
sendRequest
method instead of
this method.
Parameters
response | A | ||
protectInfo | A |
Returns
PKIResponseMessage
that contains
information extracted from response.
Throws
InvalidParameterException
- If the
response argument is null
.
NoServiceException
- If the service provider does not
provide readCertificationResponseMessage
service.
PKIException
- If the PKI service
provider fails.See Also
sendRequest(com.rsa.certj.spi.pki.PKIRequestMessage, com.rsa.certj.spi.pki.ProtectInfo, com.rsa.certj.DatabaseService)
public byte[] writeCertificationRequestMessage(PKIRequestMessage request, ProtectInfo protectInfo) throws InvalidParameterException, NoServiceException, PKIException
sendRequest
method instead of
this method.
Parameters
request | A | ||
protectInfo | A |
Returns
byte
array that contains the
serialized request message.
Throws
InvalidParameterException
- If the
request argument is null
, or the
protectInfo
argument is null
.
NoServiceException
- If the service provider does not
provide a writeCertificationRequestMessage
service.
PKIException
- If the PKI service
provider fails.See Also
sendRequest(com.rsa.certj.spi.pki.PKIRequestMessage, com.rsa.certj.spi.pki.ProtectInfo, com.rsa.certj.DatabaseService)
public PKIResponseMessage requestCertification(PKIRequestMessage request, ProtectInfo protectInfo, DatabaseService db) throws InvalidParameterException, NoServiceException, PKIException
sendRequest
method
instead of this method.
Parameters
request | A | ||
protectInfo | A | ||
db | A |
Returns
PKIResponseMessage
object that contains
a response
message corresponding to the certification request message.
You can expect the service provider to fill in at least the
statusInfo
field of the
PKIResponseMessage
.
Throws
InvalidParameterException
- If the
request argument is null
.
NoServiceException
- If the service provider does not
provide a requestCertification
service.
PKIException
- If the PKI service
provider fails.See Also
sendRequest(com.rsa.certj.spi.pki.PKIRequestMessage, com.rsa.certj.spi.pki.ProtectInfo, com.rsa.certj.DatabaseService)
public PKIResponseMessage sendRequest(PKIRequestMessage request, ProtectInfo protectInfo, DatabaseService db) throws InvalidParameterException, NoServiceException, PKIException
Parameters
request | A | ||
protectInfo | A | ||
db | A |
Returns
PKIResponseMessage
object that contains
a response
message corresponding to the certification request message.
You can expect the service provider to fill in at least the
statusInfo
field of the
PKIResponseMessage
.
Throws
InvalidParameterException
- If the
request argument is null
.
NoServiceException
- If the service provider does not
provide a requestCertification
service.
PKIException
- If the PKI service
provider fails.public PKIResult sendMessage(byte[] request) throws InvalidParameterException, NoServiceException, PKIException
writeCertificationRequestMessage
) to the
specified PKI service provider. The serialized response is
returned to your PKI-client application. Your PKI-client
application can read the response into a
PKIResponseMessage
object using a
readMessage
method (for example,
readCertificationResponseMessage
).Parameters
request | A |
Returns
PKIResult
object that contains status
information about sending the request and the serialized
response message received.
Throws
InvalidParameterException
- If
request argument is null
.
NoServiceException
- If it does not
provide sendMessage
service.
PKIException
- If the PKI service
provider fails.public void generateProofOfPossession(PKIRequestMessage request, com.rsa.jsafe.JSAFE_PrivateKey privateKey, POPGenerationInfo popGenerationInfo) throws InvalidParameterException, NoServiceException, PKIException
Parameters
request | A | ||
privateKey | A | ||
popGenerationInfo | A |
Throws
InvalidParameterException
- If the
request argument is null
.
NoServiceException
- If the service provider does not
provide a generateProofOfPossession
service.
PKIException
- If the PKI service
provider fails.public boolean validateProofOfPossession(PKIMessage message, POPValidationInfo popValidationInfo) throws InvalidParameterException, NoServiceException, PKIException
PKI_POP_ENCRYPTION
and the POP method is POP_METHOD_ENCRYPT_CERT
,
the application can retrieve its certificate by supplying the
corresponding private key. The service provider would update
the message object with a decrypted copy of the certificate.
(The service provider can also send a
confirmation message to the PKI service provider.) If the PKI
service provider generates the private key on behalf of the
end entity, the certification
response message can contain the private key.Parameters
message | A | ||
popValidationInfo | A |
Returns
true
if the proof-of-possession is
validated, false
otherwise.
Throws
InvalidParameterException
- If the
message argument is null
.
NoServiceException
- If the service provider does not
provide validateProofOfPossession
service.
PKIException
- If the PKI service
provider fails.public void provideProofOfPossession(PKIRequestMessage request, int popType, byte[] pop) throws InvalidParameterException, NoServiceException, PKIException
Parameters
request | A | ||
popType | An | ||
pop | A |
Throws
InvalidParameterException
- If the
request argument is null
.
NoServiceException
- If the service provider does not
provide provideProofOfPossession
service.
PKIException
- If the
PKI service provider fails.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |