API changes
See below the significant API changes in the Security Toolkit 9.0 for Java release compared to 8.1.
Due to these changes, an application written for a previous Toolkit release may no longer compile or may not work correctly with this release of the Toolkit.
Packages added by the Security Toolkit 9.0 for Java
The Security Toolkit 9.0 for Java adds the following packages.
com.entrust.toolkit.security.crypto.composite
Interface Summary
|
Interface |
Description |
|
CompositeKey |
|
Class Summary
|
Class |
Description |
|
Class |
Description |
|
CompositeConfinedPrivateKey |
A confined Composite private key. |
|
CompositeConfinedPrivateKey.Exportable |
An exportable confined Composite private key. |
|
CompositeConfinedPrivateKey.Unexportable |
An unexportable confined Composite private key. |
|
CompositeKeyFactory |
This class converts Composite keys (opaque representation) in their KeySpecs (transparent representation) and vice versa. |
|
CompositeKeyGenParameterSpec |
This class specifies the set of component Algorithms used to make up a software-based |
|
CompositeKeyPairGenerator |
A software-based implementation of the Composite key pair generation algorithm. |
|
CompositeParameters |
The Composite Parameters class encapsulates the parameters used by the Composite Spec for wrapping around Post Quantum Signature Algorithms The ASN.1 Encoding used will be as follows CompositeParams ::= SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier |
|
CompositeParameterSpec |
This class specifies the set of component Algorithms used to make up a CompositeKey |
|
CompositePrivateKey |
A CompositePrivate Key is an ASN.1 structure that defines a Composite Private Key |
|
CompositePublicKey |
A CompositePublic Key is an ASN.1 structure representing a Composite Public Key |
|
CompositeSignature |
A CompositeSignature is an ASN.1 structure that defines a Composite Signature |
|
CompositeSignatureImplSoft |
The super-class of all software-based implementations of the Composite digital signature algorithm that use an underlying software-based message digest algorithm; contains all the common functionality used by these algorithm implementations. |
|
CompositeSignatureUtil |
This class contains a number of useful definitions and functions for use with Composite Signatures |
|
CompositeWithNoneSignature |
The Composite signature algorithm implemented with no underlying hash function (hashing must be done externally). |
|
CompositeWithNoneSignatureImplSoft |
A software-based implementation of the Composite with NONE digital signature algorithm. |
|
CompositeWithSha256Signature |
The Composite signature algorithm with SHA-256 as the underlying hash function. |
|
CompositeWithSha256SignatureImplSoft |
A software-based implementation of the Composite with SHA-256 digital signature algorithm. |
|
CompositeWithSha512Signature |
The Composite signature algorithm with SHA-512 as the underlying hash function. |
|
CompositeWithSha512SignatureImplSoft |
A software-based implementation of the Composite with SHA-512 digital signature algorithm. |
com.entrust.toolkit.security.crypto.digest.sha3
Class Summary
|
KeccakPermutation |
These are the step mappings. |
|
SHA224 |
|
|
SHA256 |
|
|
SHA3 |
This is the implementation of KECCAK-p[1600, 24] where 1600 is the width (b) of the permutation in bits, and 24 is the number or Keccak rounds. |
|
SHA384 |
|
|
SHA3Digest |
|
|
SHA512 |
|
com.entrust.toolkit.security.crypto.pq.pkiutil
Class Summary
|
Class |
Description |
|
PKIUtil |
A Utility class used to demonstrate create of keys, Certs, CA's, CSR's and CRL files Additional types of crypto can be plugged in |
|
PQPluginAlg |
An interface used to define a PQ plugin algorithm |
Exception Summary
|
Exception |
Description |
|
PQPluginException |
An exception defined for use with the PKIUtil demo application |
Classes added by the Security Toolkit 9.0 for Java
The Security Toolkit 9.0 for Java adds the following classes.
|
Package |
Class |
Summary |
|
com.entrust.toolkit.security.crypto.cipher |
AesKeyWrapPad |
An implementation of the AES key wrap algorithm, as defined in the AES Key Wrap Specification. |
|
com.entrust.toolkit.security.crypto.dsa |
DsaWithSha224Signature |
The DSA signature algorithm with SHA-224 as the underlying hash function. |
|
com.entrust.toolkit.security.crypto.dsa |
DsaWithSha256Signature |
The DSA signature algorithm with SHA-256 as the underlying hash function. |
|
com.entrust.toolkit.security.crypto.ec |
EcParameterFactory.SupportedEcDomain |
Identifies all supported named EC domains. |
|
com.entrust.toolkit.security.crypto.rsa |
RsaCipherUtils |
A Utility class for common functions used by the PKCS#11 based implementation of the RSA asymmetric cipher algorithm. |
|
com.entrust.toolkit.x509.directory |
KerberosAuthentication |
This class can be passed to JNDIDirectory using setAuthenticationType() and allows you to set Kerberos parameters. |
|
com.entrust.toolkit.x509.extensions |
DeltaCertificateDescriptor |
A Delta Certificate Descriptor is used to reconstruct a delta certificate from a base certificate. |
|
com.entrust.toolkit.x509.policies |
AttributeCertificate |
This class represents an attribute certificate from a PKI 4.0. |
|
com.entrust.toolkit.x509.policies |
EntrustPolicyCertificate |
This class represents a policy certificate. |
|
iaik.pkcs.pkcs8 |
WrappedPrivateKey |
|
|
iaik.security.cipher |
PBES2 |
This class represents password-based encryption as defined by the PKCS #5 standard. |
|
iaik.security.cipher |
PBES2Cipher |
This class represents password-based encryption as defined by the PKCS #5 standard using PBES2 with the default combination of PBKDF2 with HmacSHA256 and AES-256-CBC as the underlying encryption scheme. |
|
iaik.security.pbe |
PBES2Parameters |
This class implements the parameter set used with password-based encryption scheme 2 (PBES2), which is defined in PKCS#5. |
|
iaik.smime.ess |
ESSCertIDv2 |
This class implements the S/MIMEv3 ESSCertIDv2 type. |
|
iaik.smime.ess |
SigningCertificateV2 |
This class implements the S/MIMEv3 SigningCertificateV2 type. |
|
iaik.x509 |
WrappedPublicKey |
|
Classes deprecated by the Security Toolkit 9.0 for Java
The Security Toolkit 9.0 for Java deprecates the following classes.
|
Class |
Alternative |
|
com.entrust.toolkit.security.crypto.signature.DsaCapi |
com.entrust.toolkit.security.crypto.dsa/DsaWithSha1Signature |
Interfaces deprecated by the Security Toolkit 9.0 for Java
The Security Toolkit 9.0 for Java deprecates the following interfaces.
|
Class |
Alternative |
|
com.entrust.toolkit.security.crypto.signature.ExtendedSignature |
None. This feature is not compatible with all Java implementations. |
Methods deprecated by the Security Toolkit 9.0 for Java
The Security Toolkit 9.0 for Java deprecates the following methods.
|
Class |
Method |
Alternative |
|
com.entrust.toolkit.credentials.FilenameProfileWriter |
FilenameProfileWriter(String, String, int) |
FilenameProfileWriter#FilenameProfileWriter(String, int) |
|
com.entrust.toolkit.credentials.StreamProfileWriter |
StreamProfileWriter(OutputStream, String, int) |
StreamProfileWriter(OutputStream, int) |
|
com.entrust.toolkit.credentials.StreamProfileWriter |
StreamProfileWriter(OutputStream, String, int, String, String) |
StreamProfileWriter(OutputStream, int, String, String) |
|
com.entrust.toolkit.credentials.TokenWriter |
TokenWriter(String, String, String, int) |
TokenWriter(String, String, int) |
|
com.entrust.toolkit.security.crypto.signature.DigitalSignature |
DigitalSignature(String, boolean, String, String, String, String) |
Change in type from (String, boolean, String, String, String) to (String, boolean, String, String, String, String). |
|
com.entrust.toolkit.x509.extensions.EntrustVersInfo |
byte getEntrustInfo() |
getEntrustInfoAsBytes() |
|
iaik.asn1.structures.GeneralNames |
Enumeration<GeneralName> getNames() |
Change in return type from Enumeration to Enumeration<GeneralName> |
|
iaik.utils.CryptoUtils |
byte[] resizeArray(byte[], int) |
Use the method in iaik.utils.Util instead. |
Packages removed by the Security Toolkit 9.0 for Java
The Security Toolkit 9.0 for Java deprecates the following packages:
deprecated-ssl
deprecated-jsse
deprecated-http
Classes removed by the Security Toolkit 9.0 for Java
The Security Toolkit 9.0 for Java removes the following classes.
|
Package |
Class |
|
com.entrust.toolkit.x509.jsse |
JSSEX509KeyManagerExtension |
|
com.entrust.toolkit.x509.jsse |
JSSEX509KeyManagerFactoryExtension |
|
com.entrust.toolkit.x509.jsse |
JSSEX509TrustManagerExtension |
|
com.entrust.toolkit.x509.jsse |
JSSEX509TrustManagerFactoryExtension |
|
com.entrust.toolkit.x509.jsse |
JSSEX509Wrapper |
|
com.entrust.toolkit.credentials |
CapiIdentity.Format |
Methods removed by the Security Toolkit 9.0 for Java
The Security Toolkit 9.0 for Java removes the following method
|
Class |
Method |
|
com.entrust.toolkit.credentials.IdentityFilter |
boolean matchIdentity(CapiIdentity, CapiCertificateAndKeyInfo) |
Other significant API changes of the Security Toolkit 9.0 for Java
Contact Entrust customer support if you require access to the deprecated packages.
|
Package |
Old Imports |
New Imports |
|
com.entrust.toolkit.security.smime |
javax.mail.* |
jakarta.mail.* |
|
iaik.smimev3 |
javax.mail.* |
jakarta.mail.* |
|
com.entrust.toolkit.util |
javax.servlet.* |
jakarta.servlet.* |