Skip navigation links

Entrust

See: Description

Entrust Toolkit Packages 
Package Description
com.entrust.toolkit
Contains various high-level classes that provide Toolkit JCA cryptographic provider initialization, an Entrust User representation, a key/certificate source, a certificate set representation, JNI initialization capabilities, PKCS #7 encoding and decoding, CMS and PKCS#7 User related utilities, transaction counting, and an XML trust manager.
com.entrust.toolkit.archive
Contains classes for reading and writing files in the legacy Entrust Archive format.
com.entrust.toolkit.asn1
Contains classes that encode and decode ASN.1 structures.
com.entrust.toolkit.asn1.cardms
Contains classes used to create, parse, and manipulate ASN.1 structures used by Entrust's Card Management System (CardMS) API.
com.entrust.toolkit.asn1.cmpv1
Contains classes used to create, parse, and manipulate ASN.1 structures used with Certificate Management Protocol (CMP) version 1.
com.entrust.toolkit.asn1.cmpv1.gkm
Contains classes used to create, parse, and manipulate ASN.1 structures used with Certificate Management Protocol (CMP) version 1.
com.entrust.toolkit.asn1.crmf
Contains classes used to create, parse, and manipulate ASN.1 structures used with Certificate Request Message Format (CRMF).
com.entrust.toolkit.asn1.crmf.regCtrl
Contains classes used to create, parse, and manipulate ASN.1 structures used with Certificate Request Message Format (CRMF).
com.entrust.toolkit.asn1.crmf.regInfo
Contains classes used to create, parse, and manipulate ASN.1 structures used with Certificate Request Message Format (CRMF).
com.entrust.toolkit.asn1.structures
Contains classes used to create, parse, and manipulate general ASN.1 structures.
com.entrust.toolkit.asn1.tsp
Contains classes used to create, parse, and manipulate ASN.1 structures used with time-stamping.
com.entrust.toolkit.capi
Contains low-level classes for interfacing with Microsoft's Crypto API.
com.entrust.toolkit.cms
Contains the EntrustProvider class, which implements the IAIK's SecurityProvider interface for the JCA Entrust provider.
com.entrust.toolkit.credentials
Contains classes the enable creation, recovery, reading, and writing of digital identities using a variety of key sources, classes for implementing the Toolkit's KeyStore capabilities, and classes to support integration with a Smart Card Management System.
com.entrust.toolkit.exceptions  
com.entrust.toolkit.keychain  
com.entrust.toolkit.keystore
Contains classes used for reading and writing certificates to a KeyStore and for creating KeyStore initialization (.ini) files.
com.entrust.toolkit.permissions  
com.entrust.toolkit.pkcs11
Contains classes dealing with PKCS #11 (smart cards and hardware tokens) operations.
com.entrust.toolkit.resourcemonitor
Contains classes that provide resource monitoring capabilities.
com.entrust.toolkit.roaming
Contains Toolkit classes that support SSL and TLS communication with Entrust Authority™ Roaming Server (formerly Entrust/Roaming Server).
com.entrust.toolkit.roaming.speke
Contains classes that implement the simple password-authenticated exponential key exchange (SPEKE) protocol — required for the implementation of Entrust Authority Roaming Server.
com.entrust.toolkit.security.arithmetic.fields
Contains legacy classes for working with the mathematical structures that underlie elliptic curve cryptography; use classes from com.entrust.toolkit.security.crypto.ec instead.
com.entrust.toolkit.security.arithmetic.groups.ellipticCurve
Contains legacy classes for working with the mathematical structures that underlie elliptic curve cryptography; use classes from com.entrust.toolkit.security.crypto.ec instead.
com.entrust.toolkit.security.crypto
Contains general classes related to cryptography.
com.entrust.toolkit.security.crypto.cipher
Contains implementations of symmetric cipher and key-wrap algorithms.
com.entrust.toolkit.security.crypto.digest
Contains implementations of message digest algorithms.
com.entrust.toolkit.security.crypto.digest.sha3  
com.entrust.toolkit.security.crypto.dsa  
com.entrust.toolkit.security.crypto.ec  
com.entrust.toolkit.security.crypto.elgamal
Contains an implementation of the ElGamal public key cryptosystem and related functionality.
com.entrust.toolkit.security.crypto.key
Contains implementations of secret key generation algorithms and key material derivation algorithms.
com.entrust.toolkit.security.crypto.mac
Contains implementations of message authentication code (MAC) algorithms.
com.entrust.toolkit.security.crypto.params
Contains opaque cryptographic algorithm parameter implementations.
com.entrust.toolkit.security.crypto.random
Contains implementations of secure random number generation algorithms.
com.entrust.toolkit.security.crypto.rsa
Contains an implementation of the RSA public key cryptosystem and related functionality.
com.entrust.toolkit.security.crypto.signature
Contains implementations of digital signature algorithms.
com.entrust.toolkit.security.fips
Contains classes to enable FIPS 140-2 operation of the Toolkit.
com.entrust.toolkit.security.provider
Contains Entrust's JCA cryptographic service provider (CSP) implementation and initialization mechanism, various cryptographic algorithms, and various cryptographic key and parameter representations.
com.entrust.toolkit.security.smime
Contains a class that works around the problem of spaces in the name and file name parameters of MIME messages.
com.entrust.toolkit.security.spec
Contains transparent cryptographic algorithm parameter implementations.
com.entrust.toolkit.smproxy  
com.entrust.toolkit.timestamp
Contains classes used to communicate with a timestamp server.
com.entrust.toolkit.tracing
Classes that provide debug tracing in the Toolkit.
com.entrust.toolkit.util
Contains various utility classes.
com.entrust.toolkit.util.net
Contains networking utility classes (HTTP and LDAP).
com.entrust.toolkit.x509
Contains the Entrust certification validation mechanism as well as other classes related to X.509.
com.entrust.toolkit.x509.certstore
Contains the certificate stores and classes used during certificate path building.
com.entrust.toolkit.x509.directory
Contains LDAP Directory implementations and various supporting classes.
com.entrust.toolkit.x509.extensions
Contains classes that implement certificate extensions.
com.entrust.toolkit.x509.jsse
Contains classes that implement the Java Secure Sockets Extension (JSSE).
com.entrust.toolkit.x509.jsse.provider  
com.entrust.toolkit.x509.policies
Contains classes used to check security policies issued by an Entrust PKI — password rules and client settings, for example.
com.entrust.toolkit.x509.revocation
Contains the Entrust revocation checking mechanism and revocation stores.
com.entrust.toolkit.x509.revocation.ocsp.net
Contains classes that provide network related functionality required by OCSP (protocol handlers).
com.entrust.toolkit.x509.testlets
Contains classes used to validate certificate, CRL, and CRL Entry extensions.
com.entrust.toolkit.xencrypt.algorithms
Contains an interface and classes that define the behaviour of encryption algorithms used in XML encryption.
com.entrust.toolkit.xencrypt.core
Contains classes used to encrypt and decrypt XML elements and sets of XML elements.
com.entrust.toolkit.xencrypt.exceptions
Contains classes used to handle exceptions thrown by the Toolkit's XML encryption code.
com.entrust.toolkit.xencrypt.init
Contains classes used to encapsulate the Toolkit's XML encryption constants and for initializing the Toolkit in preparation for XML encryption and decryption operations.
com.entrust.toolkit.xml.dsig.keyinfo.tokenref
Contains classes used when creating and verifying XML Signatures.
com.entrust.toolkit.xml.util
Contains an interface and classes that allow you to work with Apache XML Processors and the JAXP API.
Low Level API Packages 
Package Description
iaik  
iaik.asn1  
iaik.asn1.structures  
iaik.cms  
iaik.ixsil.algorithms  
iaik.ixsil.core  
iaik.ixsil.exceptions  
iaik.ixsil.init  
iaik.ixsil.keyinfo  
iaik.ixsil.keyinfo.x509  
iaik.ixsil.util  
iaik.pkcs  
iaik.pkcs.pkcs10  
iaik.pkcs.pkcs12  
iaik.pkcs.pkcs5  
iaik.pkcs.pkcs7  
iaik.pkcs.pkcs8  
iaik.security.cipher  
iaik.security.dh  
iaik.security.dsa  
iaik.security.keystore  
iaik.security.mac  
iaik.security.md  
iaik.security.pbe  
iaik.security.provider  
iaik.security.random  
iaik.security.rsa  
iaik.security.smime  
iaik.security.spec  
iaik.smime  
iaik.smime.ess  
iaik.utils  
iaik.x509  
iaik.x509.attr  
iaik.x509.extensions  
iaik.x509.extensions.netscape  
iaik.x509.extensions.qualified  
iaik.x509.extensions.qualified.structures  
iaik.x509.ocsp  
iaik.x509.ocsp.extensions  
iaik.x509.qualified  

Entrust

Security Toolkit for Java

API Reference

Release 9.0

This document describes the application programming interface (API) reference for Entrust Security Toolkit for the Java Platform® (referred to as the Toolkit throughout this document). It is generated directly from the Toolkit's source code using the Oracle® Javadoc tool.

The Toolkit provides both high-level and low-level APIs that enable a Java application to perform security related tasks. The modular design of the Toolkit gives you the flexibility to include only those Toolkit classes that provide the capabilities you want to use in your application. Refer to the Programmer's Guide for a more comprehensive overview of the Toolkit and for procedures that explain some of the Toolkit's common uses.


Modular design

 [StartHere]

There are two ways to use the jar files included with the Toolkit:

  1. Include the single jar file enttoolkit.jar on the classpath. This jar file contains all of the classes in the toolkit, and using it will allow use of all the features of the Toolkit.
  2. For situations where space occupied by the jar files is a concern, the Toolkit's capabilities are divided among the jar files in the etjava/lib folder. You must include jar files in your class path that are appropriate for the capabilities you want your program to use. The jar files have certain dependencies upon each other. If you are developing an application that uses the XML capabilities of the Toolkit, for example, you must include the following jar files in your class path:

    entbase.jar, and entuser.jar
    Note
    When using the separate jar files, always include the entbase.jar and entuser.jar files in your classpath - they contain classes required by all the Toolkit-based applications and applets that you develop.

Jar file dependencies

 [StartHere]

The following list shows the dependencies of the Toolkit's jar files. Click on the name of a jar file to go to a table that lists the capabilities of the jar file and the packages it contains.

Application jar file Dependency
enttoolkit.jar No dependency
entbase.jar No dependency
entuser.jar1,2 entbase.jar
entarchive.jar entbase.jar
entuser.jar
entcapi.jar entbase.jar
entuser.jar
jnicapi_64.dll
entcardms.jar entbase.jar
entuser.jar
entp11.jar
entcms.jar entbase.jar
entuser.jar
entp5.jar
entjsse.jar entbase.jar
entuser.jar
entkeystore.jar - has additional dependencies
entkeystore.jar entbase.jar
entuser.jar
entp11.jar
entserverlogin.jar
entp12.jar - has additional dependencies
entmisc.jar entbase.jar
entp5.jar
entp12.jar - has additional dependencies
entp5.jar entbase.jar
entp7.jar2 entbase.jar
entuser.jar
entp5.jar
entp11.jar entbase.jar
entuser.jar
JNIPKCS11_64.dll or libJNIPKCS11_64.so
entp12.jar entbase.jar
entuser.jar
entp5.jar
entp7.jar
entpq.jar entbase.jar or enttoolkit.jar
entroaming.jar entbase.jar
entuser.jar
entjsse.jar - has additional dependencies
entserverlogin.jar entbase.jar
entuser.jar
UALJNI_64.dll or libualjni_64.so
entsmime.jar entbase.jar
entuser.jar
entp7.jar - has additional dependencies
jakarta.mail-api.jar - part of the Jakarta Mail™ API
entsmimev3.jar entbase.jar
entuser.jar
entcms.jar - has additional dependencies
entsmime.jar - has additional dependencies
jakarta.mail-api.jar - part of the Jakarta Mail™ API
enttunnel.jar entbase.jar
entuser.jar
enjsse.jar - has additional dependencies
jakarta.servlet-api.jar - part of the Jakarta Servlet™
entxml.jar entbase.jar
entuser.jar

1 When validating a certificate that contains a AuthorityInformationAccess (AIA) or SubjectInformationAccess (SIA) extension using Entrust's certificate validation mechanism, entp7.jar must be on the classpath.

2 When requesting a timestamp or processing messages that contain a timestamp, entcms.jar must be on the classpath.

3 This feature has been deprecated/obsoleted and is no longer imbedded as part of enttoolkit.jar, if you need this functionality for backwords compatibility, you must work with the individual jars.


Jar file capabilities and contents

 [StartHere ]

The following tables list the Toolkit's jar files, their capabilities, and the packages they contain.

enttoolkit.jar
 This jar file contains all of the classes in the toolkit, and gives access to all of the Toolkit's features.

entbase.jar
 com.entrust.toolkit Classes used to setup or initialize the Toolkit.
 com.entrust.toolkit.asn1 Classes used to encode and decode ASN.1 structures.
 com.entrust.toolkit.asn1.structures Classes used to create, parse, and manipulate general ASN.1 structures.
 com.entrust.toolkit.exceptions General Exceptions.
 com.entrust.toolkit.security.arithmetic.fields Packages containing classes that work with the mathematical structures underlying elliptic curve cryptography (ECC).
 com.entrust.toolkit.security.arithmetic.groups.ellipticCurve
 com.entrust.toolkit.security.crypto General classes related to cryptography.
 com.entrust.toolkit.security.crypto.cipher Entrust's implementations of various cipher algorithms.
 com.entrust.toolkit.security.crypto.digest Entrust's implementations of message digest algorithms.
 com.entrust.toolkit.security.crypto.elgamal Entrust's implementation of the ElGamal public key cryptosystem.
 com.entrust.toolkit.security.crypto.key Entrust's implementations of key generation and key derivation mechanisms.
 com.entrust.toolkit.security.crypto.mac Entrust's implementations of message authentication code algorithms.
 com.entrust.toolkit.security.crypto.params Classes that represent various types of cryptographic algorithm parameters.
 com.entrust.toolkit.security.crypto.random Entrust's implementations of various secure random number generators.
 com.entrust.toolkit.security.crypto.rsa Entrust's implementation of the RSA public key cryptosystem.
 com.entrust.toolkit.security.crypto.signature Entrust's implementations of various signature algorithms.
 com.entrust.toolkit.security.fips Classes to enable FIPS 140 operation of the Toolkit.
 com.entrust.toolkit.security.provider Classes that implement various cryptographic algorithms, keys, and parameters, and the Entrust JCA cryptographic service provider.
 com.entrust.toolkit.security.spec Cryptographic algorithm parameter implementations.
 com.entrust.toolkit.security.tracing Classes that provide debug tracing in the Toolkit.
 com.entrust.toolkit.util Utility classes.
 com.entrust.toolkit.x509.extensions Classes that implement certificate extensions.
 iaik Low level classes supporting the base capabilities of the Toolkit.
 iaik.asn1
 iaik.asn1.structures
 iaik.pkcs
 iaik.pkcs.pkcs8
 iaik.pkcs.pkcs10
 iaik.security.cipher
 iaik.security.dh
 iaik.security.dsa
 iaik.security.mac
 iaik.security.md
 iaik.security.provider
 iaik.security.random
 iaik.security.rsa
 iaik.utils
 iaik.x509
 iaik.x509.attr
 iaik.x509.extensions

entuser.jar
 com.entrust.toolkit Classes for Entrust User management and key/certificate containers.
 com.entrust.toolkit.asn1.cmpv1 Classes used to create, parse, and manipulate ASN.1 structures used with Certificate Management Protocol (CMP) version 1.
 com.entrust.toolkit.asn1.cmpv1.gkm
 com.entrust.toolkit.asn1.crmf Classes used to create, parse, and manipulate ASN.1 structures used with Certificate Request Message Format (CRMF).
 com.entrust.toolkit.asn1.crmf.regCtrl
 com.entrust.toolkit.asn1.crmf.regInfo
 com.entrust.toolkit.asn1.structures Classes used to create, parse, and manipulate general ASN.1 structures.
 com.entrust.toolkit.asn1.tsp Classes used to create, parse, and manipulate ASN.1 structures used with time-stamping.
 com.entrust.toolkit.credentials Classes for the creation and recovery of credentials in a variety of key sources.
 com.entrust.toolkit.exceptions Exceptions for the high-level API of the Toolkit.
 com.entrust.toolkit.resourcemonitor Classes that provide resource monitoring capabilities.
 com.entrust.toolkit.timestamp Classes used to communicate with a timestamp server.
 com.entrust.toolkit.util General utility classes.
 com.entrust.toolkit.util.net Utility classes containing network related functionality.
 com.entrust.toolkit.x509 Contains the Entrust certification validation mechanism as well as other classes related to X.509.
 com.entrust.toolkit.x509.certstore Contains the certificate stores and classes used during certificate path building.
 com.entrust.toolkit.x509.directory Contains LDAP Directory implementations and various supporting classes.
 com.entrust.toolkit.x509.extensions Classes that implement certificate extensions.
 com.entrust.toolkit.x509.policies Classes used to check security policies issued by an Entrust PKI - password rules, for example.
 com.entrust.toolkit.x509.revocation Contains the Entrust revocation checking mechanism and revocation stores.
 com.entrust.toolkit.x509.revocation.ocsp.net Classes that provide network related functionality required by OCSP.
 com.entrust.toolkit.x509.testlets Classes used to validate certificate, CRL, and CRL Entry extensions.

entarchive.jar
 com.entrust.toolkit.archive Classes for reading and writing files stored in the legacy Entrust Archive format.
 com.entrust.toolkit.exceptions Exceptions specific to the use of the Entrust Archive classes.

entcapi.jar
 com.entrust.toolkit.capi Classes for interfacing with Microsoft's Crypto API.
 com.entrust.toolkit.credentials Classes for reading keys and certificates from CAPI.
 com.entrust.toolkit.exceptions Exceptions specific to the use of the CAPI classes.
 com.entrust.toolkit.security.crypto.digest Classes that use CAPI to compute message digests.
 com.entrust.toolkit.security.crypto.signature Classes that use CAPI to compute signatures.
 com.entrust.toolkit.security.provider Classes that use CAPI to provide security operations.

entcardms.jar
 com.entrust.toolkit.credentials Classes for integrating Entrust User enrolment and recovery into a Smart Card Management System.
 com.entrust.toolkit.asn1.cardms Classes used to create, parse, and manipulate ASN.1 structures used with by the Card Management System API.

entcms.jar
 com.entrust.toolkit Classes for integrating Entrust User's with CMS.
 com.entrust.toolkit.asn1.tsp Classes used to create, parse, and manipulate ASN.1 structures used with time-stamping in CMS.
 com.entrust.toolkit.cms Contains the EntrustProvider class, which implements the SecurityProvider interface for the Entrust provider.
 iaik Classes that represent the data structures, content types, and types defined in the Cryptographic Message Syntax specification.
 iaik.cms
 iaik.smime.ess

entjsse.jar
 com.entrust.toolkit.x509.jsse Classes that implement the Java Secure Sockets Extension (JSSE).

entkeystore.jar
 com.entrust.toolkit.credentials Contains Entrust's KeyStore service provider interface and the EntrustKeyStore class that integrates the Java Security KeyStore model with an Entrust User object.
 com.entrust.toolkit.keystore Classes used for reading and writing certificates and keystore .ini files.

entmisc.jar
 com.entrust.toolkit.util Contains the TransactionCounter class for use with the transaction counting implementation.
 iaik.security.security.keystore Utility classes.
 iaik.security.security.random
 iaik.utils
 iaik.x509

entp5.jar
 iaik.pkcs.pkcs5 Classes used to provide the Toolkit's PKCS#5 capabilities.
 iaik.security.cipher
 iaik.security.pbe
 iaik.security.spec

entp7.jar
 com.entrust.toolkit High-level PKCS7 classes including PKCS7EncodeStream and PKCS7DecodeStream classes.
 com.entrust.toolkit.exceptions Exceptions that are specific to PKCS7.
 iaik.pkcs Classes used to provide the Toolkit's PKCS#7 capabilities.
 iaik.pkcs.pkcs7

entp11.jar
 com.entrust.toolkit.credentials Classes used to read (and write) credentials from (and to) hardware tokens (smart cards).
 com.entrust.toolkit.pkcs11 Classes used to provide access to the native PKCS #11 API.
 com.entrust.toolkit.security.crypto.rsa Classes that provide access to implementations of the RSA public key cryptosystem on PKCS #11 devices.
 com.entrust.toolkit.security.provider Classes that provide access to cryptographic algorithms on PKCS #11 devices.

entp12.jar
 com.entrust.toolkit.credentials Classes used to read, and write, credentials that conform to the format specified by PKCS#12.
 iaik.pkcs.pkcs12 Classes used to provide the Toolkit's PKCS#12 capabilities.
 iaik.pkcs.pkcs8


entpq.jar
 com.entrust.toolkit.security.crypto.composite Composite hybrid Signature implementation.
 com/entrust/toolkit/security/crypto/pq This package contains the PQUtil Command Line Utility

entroaming.jar
 com.entrust.toolkit.credentials Classes for reading credentials from and writing to a Roaming Server.
 com.entrust.toolkit.roaming Classes used to communicate with an Entrust Authority Roaming Server.
 com.entrust.toolkit.roaming.speke Classes that implement the simple password-authenticated exponential key exchange (SPEKE) protocol - required for the implementation of Entrust Roaming.

entserverlogin.jar
 com.entrust.toolkit.credentials Classes used to read and bind credentials using the Entrust Server Login.
 com.entrust.toolkit.exceptions Exceptions specific to the user of Entrust Server Login.

entsmime.jar
 com.entrust.toolkit.security.smime Contains the EntrustMimeMessage class, which corrects a known problem in S/MIME.
 iaik.smime Classes providing Secure Multipurpose Internet Mail Extensions (S/MIME) support.
 iaik.utils

entsmimev3.jar
 iaik.smime Classes used in the Toolkit's implementation of S/MIME version 3.

enttunnel.jar
 com.entrust.toolkit.util Contains pairs of client–server classes providing HTTP and HTTPS capabilities for tunneling LDAP and PKIX-CMP through a firewall.

entxml.jar
 com.entrust.toolkit Contains the Trustmanager class used to verify certificates in XML digital signatures and for encrypting XML elements.
 com.entrust.toolkit.xencrypt.algorithms Contains an interface and classes that define the behaviour of encryption algorithms used in XML encryption.
 com.entrust.toolkit.xencrypt.core Classes used to encrypt and decrypt XML elements and sets of XML elements.
 com.entrust.toolkit.xencrypt.exceptions Classes used to handle exceptions thrown by the Toolkit's XML encryption code.
 com.entrust.toolkit.xencrypt.init Classes used to encapsulate the Toolkit's XML encryption constants and for initializing the Toolkit in preparation for XML encryption and decryption operations.
 com.entrust.toolkit.xml.dsig.keyinfo.tokenref Classes used when creating and verifying XML Signatures.
 com.entrust.toolkit.xml.util Utility classes used to help work with Apache XML Processors and the JAXP API.
 iaik.ixsil.algorithms Packages containing the classes that provide the Toolkit's XML digital signature capabilities.
 iaik.ixsil.core
 iaik.ixsil.exceptions
 iaik.ixsil.init
 iaik.ixsil.keyinfo
 iaik.ixsil.keyinfo.x509
 iaik.ixsil.util


© 2024, Entrust. All rights reserved

Entrust and the hexagon design are trademarks, registered trademarks and/or service marks of Entrust Corporation in Canada and the United States and in other countries. All Entrust product names and logos are trademarks, registered trademarks and/or service marks of Entrust Corporation. All other company and product names and logos are trademarks, registered trademarks and/or service marks of their respective owners in certain countries.

Portions of this product are Copyright © 1997-2003 IAIK. All rights reserved. This product includes software developed by the Institute for Applied Information Processing and Communications Technology, an institute of the Graz Technical University.

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

This product includes software developed by the Apache Software Foundation (http://www.apache.org).

The information is subject to change as Entrust reserves the right to, without notice, make changes to its products as progress in engineering or manufacturing methods or circumstances may warrant.

Skip navigation links