Package com.entrust.toolkit.credentials

Contains classes the enable creation, recovery, reading, and writing of digital identities using a variety of key sources, classes for implementing the Toolkit's KeyStore capabilities, and classes to support integration with a Smart Card Management System.

See: Description

Interface Summary

Interface	Description
CapiCertFilter	A CapiCertFilter is used by CapiIdentities to determine if a CertContext is acceptable based on criteria that is defined in method CapiCertFilter.acceptCertificate(CertContext, CertStore).
CapiIdentityFilter	A CapiIdentityFilter is used by CapiIdentities to determine if a certificate belongs to the same identity as another existing identity.
GenericCertificateFilter	A GenericCertificateFilter is used by GenericIdentities to determine if a Certificate in an Identity is acceptable based on criteria that is defined in method GenericCertificateFilter.acceptCertificate(X509Certificate).
GenericIdentityFilter	A GenericIdentityFilter is used by GenericIdentities to determine if an identity matches the identity sought after by the caller.
IdentityFilter	A CapiIdentityFilter is used by CapiIdentities to determine if a certificate belongs to the same identity as another existing identity.
KeychainCertFilter	A KeychainCertFilter is used by KeychainIdentities to determine if a Certificate in the keychain is acceptable based on criteria that is defined in method KeychainCertFilter.acceptCertificate(X509Certificate).
KeyGenerationUtil	An interface to a key generation utility that can be used to generate asymmetric key pairs.
LogoutListener	An interface to a logout-listener that can be used to force a certain action to occur on user logout.
TokenIdentityFilter	A TokenIdentityFilter is used by GenericIdentities to determine if a certificate belongs to the same identity as another existing identity.

Class Summary

Class	Description
CapiCertificateAndKeyInfo	Stores information about certificate and private key pairs stored in CAPI that would be acceptable for User login.
CapiCmpCredentialReader	This is the abstract super class of credential readers that can be used for creating/recovering Entrust Digital Identities in Microsoft CryptoAPI (MSCAPI) using PKIX-CMP.
CapiContainerName	Abstract class for CAPI key container names, to help with the process of matching different container names to identities.
CapiCredentialCreator	This credential reader is designed for creating an Entrust user's Digital Identity in Microsoft CryptoAPI (MSCAPI) using Entrust format.
CapiCredentialCreatorOrRecoverer	This credential reader is capable of creating or recovering an Entrust user's Digital Identity in Microsoft CryptoAPI (MSCAPI) using Entrust format.
CapiCredentialReader	A CredentialReader for reading a Digital Identity from CAPI.
CapiCredentialRecoverer	This credential reader is designed for recovering an Entrust user's Digital Identity in Microsoft CryptoAPI (MSCAPI) using Entrust format.
CapiCredentialWriter	A CredentialWriter to write certificates and private keys to Microsoft CAPI.
CapiCSPConfig	This class is used to configure the CSP used when generating keys in CAPI.
CapiCSPConfigDefault	This is the default CapiCSP Configuration that is used when no custom CapiCSPConfig object has been passed into the CapiCredentialWriter.
CapiCSPConfigESP	This is a CapiCSPConfig object which behaves similar to Entrust Security Provider (ESP).
CapiDsaPrivateKey	The CapiDsaPrivateKey class represents a DSA private key that is stored in CAPI.
CapiIdentities	This class stores a set of CapiIdentity objects, and can be used to find digital identities in CAPI.
CapiIdentity	This class stores information about a user identity in CAPI.
CapiPrivateKey	The CapiPrivateKey class represents a private key that is stored in Microsoft's CAPI.
CapiRsaPrivateKey	The CapiPrivateKey class represents an RSA private key that is stored in Microsoft's Crypto API.
CapiSearchFilter	The CapiSearchFilter object is a CapiCertFilter that allows multiple CapiCertFilter objects to be combined together to form a filter.
CardMSCertReqInfo	The class represents certificate request information that is injected into the Entrust Certificate Management Protocol (PKIX-CMP) by a Card Management System (CardMS).
CertIdentityCertFilter	A CertIdentityCertFilter is a CapiCertFilter that is used to find a specific identity in CAPI based on certificate criteria.
CertificateAndKeyInfo	This class is used to encapsulate information regarding an asymmetric key pair (a public key and a private key).
CMPCredentialReader	This is the abstract super class of credential readers that can be used for creating/recovering Entrust Digital Identities using PKIX-CMP.
CMPForCardMS	This class is designed to provide access to specific Certificate Management Protocol (CMP) operations required by a Card Management System (CardMS).
CMPSoftwareCredentialReader	This is the abstract super class of credential readers that can be used for creating/recovering Entrust Digital Identities in software using PKIX-CMP.
CMPTokenCredentialReader	This is the abstract super class of credential readers that can be used for creating/recovering Entrust Digital Identities using PKIX-CMP and PKCS#11 devices (tokens).
ContainerName	Abstract class for CAPI key container names, to help with the process of matching different container names to identities.
CredentialCreator	This credential reader is designed for creating an Entrust user's Digital Identity in software (not on a PKCS#11 device) using Entrust profile format version 4.
CredentialCreatorOrRecoverer	This credential reader is capable of creating or recovering an Entrust user's Digital Identity in software (not on a PKCS#11 device) using Entrust profile format version 4.
CredentialReader	This is the abstract super class all credential readers.
CredentialRecoverer	This credential reader is designed for recovering an Entrust user's Digital Identity in software (not on a PKCS#11 device) using Entrust profile format version 4.
CredentialWriter	This is the abstract super class all credential writers.
EntrustKeyStore	The EntrustKeyStore class wraps the Java Security KeyStore model around an instance of the Entrust User class.
EntrustKeyStoreSpi	The EntrustKeyStoreSpi class provides a common interface for the user to work with a variety of credentials.
EntrustP10CertReqInfo	A simple data structure that can be used in conjunction with EntrustP10CertRetriever to request issuance of unmanaged end user certificates from an Entrust Authority Security Manager (EASM) that supports PKIX-CMP in Administrator Authenticated (AA) mode (Supported on EASM 7.1 patch 96478 or later).
EntrustP10CertRetriever	Enables unmanaged end user certificates to be retrieved from an Entrust Authority Security Manager (EASM) when the key pair is generated externally.
EntrustPKIXCMPInjectedCertReqInfo	Represents certificate request information that can be injected into the Entrust Certificate Management Protocol (PKIX-CMP) implementation.
EntrustProfileProtectionAlgorithms	Contains constants for the supported Entrust profile protection algorithms.
ExtractedUALData	A data structure that represents data extracted from a UAL file; an 'extracted UAL data' structure.
FilenameProfileReader	This credential reader is designed for reading an Entrust Digital Identity from an Entrust profile format (EPF) file.
FilenameProfileWriter	This credential writer is designed for writing an Entrust Digital Identity to an Entrust profile format (EPF) file.
GeneralMessageInfo	GeneralMessageInfo encapsulates information contained in a PKIX CMP General Message.
GenericCertificateAndKeyInfo	GenericCertificateAndKeyInfo is a utility class used by GenericIdentity.
GenericIdentities	GenericIdentities is a utility class used by InternalGenericTokenReader.
GenericIdentity	GenericIdentity is a utility class used by GenericIdentities.
GenericTokenReader	This GenericTokenReader is designed for reading a X509Certificate and TokenPrivateKey from a PKCS#11 device (token).
GenericTokenReader.IdentityInfo	IdentityInfo is a bean object that provides metadata to GenericTokenReader.
Handle	This class represents a handle to an object.
Identity
InternalCapiCmpCredentialReader	This class does all the work involved with creating/recovering an Entrust Digital Identity using the PKIX-CMP protocol with an MSCAPI key-generation mechanism.
KeychainCertificateAndKeyInfo
KeychainCertProperties	A KeychainCertProperties is used by KeychainCertProperties to cache and retrieve the certificate properties in the Mac local machine.
KeychainContainerName	Abstract class for Keychain key container names, to help with the process of matching different container names to identities.
KeychainContainerName.V1ContainerId	This class represents container names in the format used for V1 digital IDs, that is, IDs created by Security Manager versions prior to 7.0.
KeychainContainerName.V2ContainerId	This class represents container names in the format used for V2 digital IDs, that is, IDs created by Security Manager version 7.0 and above.
KeychainCredentialReader	A CredentialReader for reading a Digital Identity from a Keychain.
KeychainCredentialWriter
KeychainEcPrivateKey	The KeychainEcPrivateKey models an Elliptic curve private key that resides in the Apple keychain.
KeychainIdentities
KeychainIdentity
KeychainIdentityCertFilter	A KeychainIdentityCertFilter is a KeychainCertFilter that is used to find a specific identity in the Keychain based on certificate criteria.
KeychainPrivateKey
KeychainRsaPrivateKey
KeychainSearchFilter	The KeychainSearchFilter object is a KeychainCertFilter that allows multiple KeychainCertFilter objects to be combined together to form a filter.
KeychainUnverifiedCertFilter	The UnverifiedCertFilter may be used for allowing unverified identities to be found when searching for Keychain identities.
KeyGenerationParams	Key generation parameters for a key pair generation utility that is used during digital identity management operations.
MacUtil
MscapiKeyContainer	This class is a software representation of a Microsoft CryptoAPI (MS-CAPI) key container.
P11DataObject	This class represents a PKCS #11 data object.
P11PrivateKeyObject	This class represents a PKCS #11 private key object.
P11StorageObject	This class represents a PKCS #11 storage object.
P11X509CertificateObject	This class represents a PKCS #11 X.509 certificate object.
PKCS12Reader	PKCS12Reader is a subclass of CredentialReader and reads a Digital Identity that conforms to the syntax specified in PKCS#12.
PKCS12Writer	A credential writer for writing a digital identity in the form of a PKCS#12 key file.
PKIXCMPUtils
RoamingCredentialReader	This credential reader is designed for reading a roaming Entrust Digital Identity from an Entrust Authority Roaming Server.
RoamingCredentialWriter	This Credential Writer is designed for writing a roaming Entrust Digital Identity to an Entrust Authority Roaming Server.
StreamProfileReader	This credential reader is designed for reading an Entrust Digital Identity from an Entrust profile format (EPF) input stream.
StreamProfileWriter	This credential writer is designed for writing an Entrust Digital Identity to an Entrust profile format (EPF) output stream.
TokenCredentialCreator	This credential reader is designed for creating an Entrust user's Digital Identity on a PKCS#11 device (token).
TokenCredentialCreatorOrRecoverer	This credential reader is capable of creating or recovering an Entrust user's Digital Identity on a PKCS#11 device (token).
TokenCredentialRecoverer	This credential reader is designed for recovering an Entrust user's Digital Identity on a PKCS#11 device (token).
TokenDeletionMechanism	This class contains the set of deletion mechanisms available for preparing a PKCS#11 device (token) for an Entrust Digital Identity.
TokenDSAPrivateKey	This class represents an DSA private key key that is stored on a PKCS#11 device.
TokenECPrivateKey	This class represents an EC private key key that is stored on a PKCS#11 device.
TokenInitializer	This credential writer is designed for writing an Entrust Digital Identity that currently exists in software to a PKCS#11 device (token).
TokenKey	The base class for all cryptographic keys that reside on a PKCS#11 device.
TokenPrivateKey	This class represents a private key that is stored on a PKCS#11 device.
TokenReader	This credential reader is designed for reading an Entrust Digital Identity from a PKCS#11 device (token).
TokenRSAPrivateKey	This class represents an RSA private key key that is stored on a PKCS#11 device.
TokenSymmetricKey	This class represents a symmetric (aka: secret) key that is stored on a PKCS#11 device.
TokenWriter	This credential writer is designed for writing an Entrust Digital Identity to a PKCS#11 device (token).
UALCreator	Implements a server login binder that binds a password to a set of machine information to create a .ual file.
UALCredentialReader	UALCredentialReader is a subclass of CredentialReader and reads an Entrust Digital Identity that has been bound to a computer using the Toolkit's Server Login feature.
UALUtil	Contains various utility APIs related to Entrust Unattended Login (UAL).
UnverifiedCertFilter	The UnverifiedCertFilter may be used for allowing unverified identities to be found when searching for CAPI identities.
UserConfigSettings	Contains a set of parameters that are used to configure the operation and behaviour of an Entrust User.
UserStatus	This class contains a set of status codes and messages which indicate the status of a User.

Enum Summary

Enum	Description
Identity.Format	An digital identity format.

Package com.entrust.toolkit.credentials Description

Contains classes the enable creation, recovery, reading, and writing of digital identities using a variety of key sources, classes for implementing the Toolkit's KeyStore capabilities, and classes to support integration with a Smart Card Management System.

© 2001 - 2010 Entrust. All rights reserved. Entrust is a trademark or a registered trademark of Entrust, Inc. in certain countries. All Entrust product names and logos are trademarks or registered trademarks of Entrust, Inc. in certain countries. All other company and product names and logos are trademarks or registered trademarks of their respective owners in certain countries. Portions of this product are Copyright © 1997-2003 IAIK. All rights reserved. This product includes software developed by the Institute for Applied Information Processing and Communications Technology, an institute of the Graz Technical University. The information is subject to change as Entrust reserves the right to, without notice, make changes to its products as progress in engineering or manufacturing methods or circumstances may warrant.