Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

com.rsa.certj.crmf

Class POPOSigningKeyInput

java.lang.Object
  |
  +--com.rsa.certj.crmf.POPOSigningKeyInput
All Implemented Interfaces:
Cloneable, Serializable
public class POPOSigningKeyInput
extends Object
implements Cloneable, Serializable

This class contains the POPOSigningKeyInput field from the POPOSigning Key. 

 POPOSigningKeyInput ::= SEQUENCE {
      authInfo            CHOICE {
          sender              [0] GeneralName,
          -- used only if an authenticated identity has been
          -- established for the sender (e.g., a DN from a
          -- previously-issued and currently-valid certificate)
          publicKeyMAC        PKMACValue },
          -- used if no authenticated GeneralName currently exists for
          -- the sender; publicKeyMAC contains a password-based MAC
          -- on the DER-encoded value of publicKey
      publicKey           SubjectPublicKeyInfo }  -- from CertTemplate

  PKMACValue ::= SEQUENCE {
     algId  AlgorithmIdentifier,
     -- the algorithm value shall be PasswordBasedMac
     --     {1 2 840 113533 7 66 13}
     -- the parameter value is PBMParameter
     value  BIT STRING }

Copyright © RSA Security Inc., 2000-2001. All rights reserved.

See Also

Serialized Form

Constructor Summary
POPOSigningKeyInput()

Constructs an empty object.POPOSigningKeyInput.
POPOSigningKeyInput(byte[] dataBER, int offset)

Constructs a POPOSigningKeyInput object and initializes it with the given values.by dataBER beginning at offset, the BER encoding of the POPOSigningKeyInput data.
 

Method Summary

 Object

 clone()

Overrides the default clone method to get a deeper clone.

 boolean

 equals(Object obj)

Returns true if this object and obj contain the same ProofOfPossesion, returns false otherwise.

 int

 getDEREncoding(byte[] encoding, int offset)

Places the DER encoding of the POPOSigningKeyInput object into encoding, beginning at offset.

 int

 getDERLen()

Returns the number of bytes that will be used by the DER encoding of the POPOSigningKeyInput.

 int

 getIterationCount()

Gets the iteration count for Password-Based MAC

static int

 getNextBEROffset(byte[] popBER, int offset)

Finds the index of the next element to encode, given popBER, the BER of a POPOSigningKeyInput beginning at offset.

 byte[]

 getPKMACValue()

Gets a password-based MAC on the DER-encoded value of public key

 byte[]

 getSalt()

This method returns the salt in a new byte array.

 GeneralName

 getSenderName()

Gets the authenticated sender name

 com.rsa.jsafe.JSAFE_PublicKey

 getSubjectPublicKey()

Gets the public key out of the POP.

 byte[]

 getSubjectPublicKeyBER()

Gets the public key BER out of the POP.

 void

 setIterationCount(int count)

Sets the iteration count for Password-Based MAC

 void

 setSalt(byte[] salt, int offset, int len)

Sets the PBE salt value for Password-Based MAC to the first len bytes of salt, beginning at offset.

 void

 setSenderName(GeneralName sender)

Sets the Sender's name to sender.

 void

 setSharedSecret(char[] secret, int offset, int len)

Sets the shared secret

 void

 setSubjectPublicKey(byte[] publicKeyBER, int offset)

Sets the public key in this POP to be the public key represented by the BER encoding publicKeyBER.

 void

 setSubjectPublicKey(com.rsa.jsafe.JSAFE_PublicKey publicKey)

Sets the public key in this POP to be publicKey.

 boolean

 verifyPKMACValue()

Verifies the MAC of the public key.
 
Methods inherited from class java.lang.Object
getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

POPOSigningKeyInput

public POPOSigningKeyInput()
Constructs an empty object.POPOSigningKeyInput.

POPOSigningKeyInput

public POPOSigningKeyInput(byte[] dataBER,
                           int offset)
                    throws CRMFException
Constructs a POPOSigningKeyInput object and initializes it with the given values.by dataBER beginning at offset, the BER encoding of the POPOSigningKeyInput data.

This constructor only reads the POPOSigningKeyInput data, it does not perform any verification.

Parameters

         dataBER  

The BER encoding of a POPOSigningKeyInput data

         offset  

The offset into dataBER where the encoding begins

Throws

CRMFException - If the BER is not a valid POPOSigningKeyInput data
Method Detail

verifyPKMACValue

public boolean verifyPKMACValue()
                         throws CRMFException
Verifies the MAC of the public key. Set the secret value before calling this method. Use this method only if no authenticated GeneralName currently exists for the sender.

Returns

True if publicKey's MAC verified; false otherwise.

Throws

CRMFException - If publicKeyMAC is not set, or secret is not set, or if there is a MAC error.

setSharedSecret

public void setSharedSecret(char[] secret,
                            int offset,
                            int len)
                     throws CRMFException
Sets the shared secret

Parameters

         secret  

A char array containg a shared secret distributed in a trusted fashion between CA/RA and end-entity.

         offset  

An offset into secret array.

         len  

The length of the shared secret data.

Throws

CRMFException - if secret is null

setSalt

public void setSalt(byte[] salt,
                    int offset,
                    int len)
             throws CRMFException
Sets the PBE salt value for Password-Based MAC to the first len bytes of salt, beginning at offset. If an object already possesses a salt, this method replaces it.

Parameters

         salt  

Salt bytes

         offset  

The offset into salt

         len  

The length of the salt value

Throws

CRMFException - if salt is null

getSalt

public byte[] getSalt()
This method returns the salt in a new byte array. If the salt has not been set yet, this method returns null.

Returns

The salt value for Password-Based MAC

getIterationCount

public int getIterationCount()
Gets the iteration count for Password-Based MAC

Returns

The iteration count. if it is not set, return 0.

setIterationCount

public void setIterationCount(int count)
Sets the iteration count for Password-Based MAC

Parameters

         count  

The iteration count

getSenderName

public GeneralName getSenderName()
                          throws CRMFException
Gets the authenticated sender name

Returns

The Sender's name; if it is not set, returns null

Throws

CRMFException - If there is an error in cloning

setSenderName

public void setSenderName(GeneralName sender)
                   throws CRMFException
Sets the Sender's name to sender. Use this method only if an authenticated identity has been established for the sender.

Parameters

         sender  

The Sender's name

Throws

CRMFException - If there is an error in cloning; if the passed value is null.

setSubjectPublicKey

public void setSubjectPublicKey(com.rsa.jsafe.JSAFE_PublicKey publicKey)
                         throws CRMFException
Sets the public key in this POP to be publicKey. If the public key's algorithm requires system parameters, they must be in the key object for security reasons as specified in PKIX.

Parameters

         publicKey  

A JSAFE_PublicKey object that contains the public key

Throws

CRMFException - If the public key object is not valid

setSubjectPublicKey

public void setSubjectPublicKey(byte[] publicKeyBER,
                                int offset)
                         throws CRMFException
Sets the public key in this POP to be the public key represented by the BER encoding publicKeyBER. If the public key's algorithm requires system parameters, they must be in the key object for security reasons as specified in PKIX. This method expects the input to follow the ASN.1 definition SubjectPublicKeyInfo. 

   SubjectPublicKeyInfo ::= SEQUENCE {
     algorithmID       AlgorithmIdentifier,
     subjectPublicKey  BIT STRING }

Parameters

         publicKeyBER  

The BER encoding of a public key

         offset  

The offset into publicKeyBER where the encoding begins

Throws

CRMFException - If the public key BER is not a valid public key

getSubjectPublicKey

public com.rsa.jsafe.JSAFE_PublicKey getSubjectPublicKey()
                                                  throws CRMFException
Gets the public key out of the POP.

Returns

A JSAFE_PublicKey object that contains the public key

Throws

CRMFException - If there is ASN.1 error

getSubjectPublicKeyBER

public byte[] getSubjectPublicKeyBER()
Gets the public key BER out of the POP.

Returns

A byte array that contains the public key BER

getPKMACValue

public byte[] getPKMACValue()
Gets a password-based MAC on the DER-encoded value of public key

Returns

The password-based MAC value

clone

public Object clone()
             throws CloneNotSupportedException
Overrides the default clone method to get a deeper clone.

Returns

A new ProofOfPossesionobject, a copy of this object

Throws

CloneNotSupportedException - If the cloning operation is not successful.

equals

public boolean equals(Object obj)
Returns true if this object and obj contain the same ProofOfPossesion, returns false otherwise.

Overrides

equals in class Object

Parameters

         obj  

The instance of ProofOfPossesion object

Returns

A boolean that indicates whether these objects are equal.

getNextBEROffset

public static int getNextBEROffset(byte[] popBER,
                                   int offset)
                            throws CRMFException
Finds the index of the next element to encode, given popBER, the BER of a POPOSigningKeyInput beginning at offset. In other words, gets the next offset after the POP.

For example, if the offset is 120 and POP's BER encoding is 1819 bytes, this method returns 1939, the index immediately following the POPOSigningKeyInput. That is, popBER[120] is the first byte in the encoding of the POPOSigningKeyInput, popBER[1938] is the last byte in the encoding of the POP and the next element begins at index 1939.

Parameters

         popBER  

The BER encoding of a POPOSigningKeyInput

         offset  

The offset into popBER where the encoding begins

Returns

An int that indicates the index to the next element in the BER encoding

Throws

CRMFException - If the method cannot read the BER encoding

getDERLen

public int getDERLen()
              throws CRMFException
Returns the number of bytes that will be used by the DER encoding of the POPOSigningKeyInput. If this object is not set with values, returns 0.

Returns

The number of bytes that will be used by the DER encoding of the POPOSigningKeyInput.

getDEREncoding

public int getDEREncoding(byte[] encoding,
                          int offset)
                   throws CRMFException
Places the DER encoding of the POPOSigningKeyInput object into encoding, beginning at offset. To determine how long the encoding will be, call getDERLen. If this object is not yet set with values, this method places nothing into the array and returns 0. To indicate that the DER encoding should follow any special instructions, use the special argument. For instance, to indicate 

   data   [1] IMPLICIT INTEGER
pass in special = (ASN1.CONTEXT_IMPLICIT | 1);

Of course, if there are no special circumstances, pass in special = 0. The following ASN.1 constants are possible values for special: APP_IMPLICIT, APP_EXPLICIT, PRIVATE_IMPLICIT, PRIVATE_EXPLICIT, OPTIONAL, DEFAULT, CONTEXT_IMPLICIT, or CONTEXT_EXPLICIT.

Parameters

         encoding  

The byte array into which the result will be placed.

         offset  

The offset into encoding where the writing is to begin.

Returns

The number of bytes actually placed into encoding.
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD
RSA BSAFE ® Cert-J 2.1.1 001-047007-211-001-000