|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
This interface specifies PKI Service Provider Programming
Interface (SPI) methods, such as
sendRequest
, that can be implemented by a
PKI service provider.
Method Summary |
|
void |
generateProofOfPossession(PKIRequestMessage request,
com.rsa.jsafe.JSAFE_PrivateKey privateKey,
POPGenerationInfo popGenerationInfo)
Generates a Proof-of-Possession of the indicated private key and attaches it to the message object. |
void |
provideProofOfPossession(PKIRequestMessage message,
int popType,
byte[] pop)
Provides a Proof-of-Possession for certificate requests from entities which do not provide direct access to the private key to certify. |
readCertificationResponseMessage(byte[] response,
ProtectInfo protectInfo)
Deprecated. Use |
|
requestCertification(PKIRequestMessage request,
ProtectInfo protectInfo,
DatabaseService db)
Deprecated. Replaced by |
|
sendMessage(byte[] request)
Deprecated. Use |
|
sendRequest(PKIRequestMessage request,
ProtectInfo protectInfo,
DatabaseService db)
Sends a request message to the specified PKI service, which receives and processes the request, and returns a response message. |
|
boolean |
validateProofOfPossession(PKIMessage message,
POPValidationInfo popValidationInfo)
Validates a Proof-of-Possession. |
byte[] |
writeCertificationRequestMessage(PKIRequestMessage request,
ProtectInfo protectInfo)
Deprecated. Use |
Method Detail |
public PKIResponseMessage readCertificationResponseMessage(byte[] response, ProtectInfo protectInfo) throws NotSupportedException, PKIException
sendRequest
.
Parameters
response | A | ||
protectInfo | A |
Returns
PKIResponseMessage
that contains
information extracted from the response message.
Throws
NotSupportedException
- If the provider
does not support this method for the given set of arguments.
PKIException
- If there is an
unrecoverable error in any PKI operation.See Also
sendRequest(com.rsa.certj.spi.pki.PKIRequestMessage, com.rsa.certj.spi.pki.ProtectInfo, com.rsa.certj.DatabaseService)
public byte[] writeCertificationRequestMessage(PKIRequestMessage request, ProtectInfo protectInfo) throws NotSupportedException, PKIException
sendRequest
.
Parameters
request | A | ||
protectInfo | A |
Returns
byte
array that contains a serialized
request message.
Throws
NotSupportedException
- If this provider
does not support this method for a given set of arguments.
PKIException
- If there is some
unrecoverable error in the PKI operations.See Also
sendRequest(com.rsa.certj.spi.pki.PKIRequestMessage, com.rsa.certj.spi.pki.ProtectInfo, com.rsa.certj.DatabaseService)
public PKIResponseMessage requestCertification(PKIRequestMessage request, ProtectInfo protectInfo, DatabaseService db) throws NotSupportedException, PKIException
sendRequest
.
Parameters
request | A | ||
protectInfo | A | ||
db | A |
Returns
PKIResponseMessage
object
corresponding to the certification request message.
The application can expect the service provider to fill in
at least the statusInfo
field of the
PKIResponseMessage
associated with the response
object.
Throws
NotSupportedException
- If the provider
does not support this method for the given set of arguments.
PKIException
- If there is an
unrecoverable error in any PKI operation.See Also
sendRequest(com.rsa.certj.spi.pki.PKIRequestMessage, com.rsa.certj.spi.pki.ProtectInfo, com.rsa.certj.DatabaseService)
public PKIResponseMessage sendRequest(PKIRequestMessage request, ProtectInfo protectInfo, DatabaseService db) throws NotSupportedException, PKIException
Parameters
request | A | ||
protectInfo | A | ||
db | A |
Returns
PKIResponseMessage
object
corresponding to the request message.
The application can expect
the service provider to fill in at least the
statusInfo
field of the
PKIResponseMessage
associated with the response
object.
Throws
NotSupportedException
- If the provider
does not support this method for the given set of arguments.
PKIException
- If there is an
unrecoverable error in any PKI operation.public PKIResult sendMessage(byte[] request) throws NotSupportedException, PKIException
sendRequest
.
writeCertificationRequestMessage
) to the
specified PKI service. The serialized response is returned to
the application. The application can read the response into a
PKIResponseMessage
using any of the
read*Message
methods,
such as readCertificationResponseMessage
.Parameters
request | A |
Returns
PKIResult
object that contains a serialized
response message and out-of-band status information.
Throws
NotSupportedException
- If the provider
does not support this method for the given set of arguments.
PKIException
- If there is an
unrecoverable error in any PKI operation.See Also
sendRequest(com.rsa.certj.spi.pki.PKIRequestMessage, com.rsa.certj.spi.pki.ProtectInfo, com.rsa.certj.DatabaseService)
public void generateProofOfPossession(PKIRequestMessage request, com.rsa.jsafe.JSAFE_PrivateKey privateKey, POPGenerationInfo popGenerationInfo) throws NotSupportedException, PKIException
Parameters
request | A | ||
privateKey | A | ||
popGenerationInfo | A |
Throws
NotSupportedException
- If the provider
does not support this method for the given set of arguments.
PKIException
- If there is an
unrecoverable error in any PKI operation.public boolean validateProofOfPossession(PKIMessage message, POPValidationInfo popValidationInfo) throws NotSupportedException, PKIException
PKI_POP_ENCRYPTION
and the POP method used is
encrypting the certificate, the application can
retrieve its certificate by supplying the corresponding
private key. The service provider would update the message
object with a decrypted copy of the certificate. (The service
provider may send a confirmation
message to the PKI server, but that would be a side effect.)
If the PKI server generates the private key on behalf
of the end-entity, the certification response message could
contain the private key.Parameters
message | A | ||
popValidationInfo | A |
Returns
boolean
indicating the result of
validation.
Throws
NotSupportedException
- If the provider
does not support this method for the given set of arguments.
PKIException
- If there is an
unrecoverable error in any PKI operation.public void provideProofOfPossession(PKIRequestMessage message, int popType, byte[] pop) throws NotSupportedException, PKIException
Parameters
request | A | ||
popType | An | ||
pop | A |
Throws
NotSupportedException
- If the provider
does not support this method for the given set of arguments.
PKIException
- If there is an
unrecoverable error in any PKI operation.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |