| Package | Description |
|---|---|
| com.entrust.toolkit |
Contains various high-level classes that provide Toolkit JCA cryptographic provider initialization,
an Entrust User representation, a key/certificate source, a certificate set representation,
JNI initialization capabilities, PKCS #7 encoding and decoding, CMS and PKCS#7 User related
utilities, transaction counting, and an XML trust manager.
|
| com.entrust.toolkit.credentials |
Contains classes the enable creation, recovery, reading, and writing of
digital identities using a
variety of key sources, classes for implementing the Toolkit's KeyStore
capabilities, and classes to support integration with a Smart Card
Management System.
|
| com.entrust.toolkit.exceptions | |
| com.entrust.toolkit.keystore |
Contains classes used for reading and writing certificates to a
KeyStore and for creating KeyStore initialization (
.ini) files. |
| com.entrust.toolkit.pkcs11 |
Contains classes dealing with PKCS #11 (smart cards and hardware
tokens) operations.
|
| com.entrust.toolkit.roaming |
Contains Toolkit classes that support SSL and TLS communication with
Entrust Authority™ Roaming Server (formerly Entrust/Roaming Server).
|
| com.entrust.toolkit.util |
Contains various utility classes.
|
| com.entrust.toolkit.x509.certstore |
Contains the certificate stores and classes used during certificate path
building.
|
| com.entrust.toolkit.x509.directory |
Contains LDAP Directory implementations and various supporting classes.
|
| com.entrust.toolkit.x509.jsse |
Contains classes that implement the Java Secure Sockets Extension
(JSSE).
|
| com.entrust.toolkit.x509.revocation |
Contains the Entrust revocation checking mechanism and revocation
stores.
|
| Modifier and Type | Method and Description |
|---|---|
void |
User.changePassword(SecureStringBuffer oldPassword,
SecureStringBuffer newPassword)
Changes the password protecting the Digital Identity.
|
void |
User.completeUserExport(LdapDirectory directory,
ManagerTransport managerTransport)
Completes a user export operation.
|
void |
User.doRequiredKeyManagement()
Does all required key management for a user.
|
X509Certificate[] |
KeyAndCertContainer.getCaCertificateChain()
Returns an array of CA certificates forming a chain to the user's root
CA.
|
X509Certificate[] |
User.getCaCertificateChain()
Returns an array of CA certificates forming a chain to the user's root
CA.
|
java.util.Date |
User.getPasswordExpiryDate()
Returns the date/time at which the user's password expires.
|
boolean |
User.isDuplicatePassword(SecureStringBuffer password)
This method may be used to determine if the supplied password
is contained in the User's password history.
|
int |
User.login(CredentialReader credentialReader,
SecureStringBuffer password)
Logs in a user.
|
void |
User.setConnections(java.io.InputStream entrustIniFile)
Sets the connections to the Entrust Authority Security Manager (EASM) using
settings retrieved from the user's
entrust.ini file. |
void |
User.setConnections(java.io.InputStream entrustIniFile,
boolean enableSMProxy)
Sets the connections to the Entrust Authority Security Manager (EASM) using
settings retrieved from the user's
entrust.ini file. |
void |
User.setConnections(LdapDirectory directory,
ManagerTransport managerTransport)
Sets the connections to a Public Key Infrastructure (PKI).
|
void |
User.setConnections(java.lang.String entrustIniFile)
Sets the connections to the Entrust Authority Security Manager (EASM) using
settings retrieved from the user's
entrust.ini file. |
void |
User.setConnections(java.lang.String entrustIniFile,
boolean smProxyEnabled)
Sets the connections to the Entrust Authority Security Manager (EASM) using
settings retrieved from the user's
entrust.ini file. |
void |
User.updateAllKeys()
Updates all the user's keys/certificates, which HAVE NOT been superseded.
|
void |
User.updateUserKeys(X509Certificate[] certificates)
Updates the user's keys/certificates that correspond to the indicated
certificates, which MUST NOT have been superseded.
|
void |
User.write()
Writes a user's credentials to the
CredentialWriter
that was set in setCredentialWriter(). |
| Constructor and Description |
|---|
KeyAndCertificateSource(User user)
Create a new
KeyAndCertificateSource object. |
User(java.lang.String profile,
SecureStringBuffer password,
java.lang.String inifile)
Creates a new
User object and automatically logs in using
settings retrieved from the user's entrust.ini file. |
| Modifier and Type | Method and Description |
|---|---|
void |
UALCreator.bind(java.io.OutputStream ual)
Binds the user's password and writes the
.ual credentials
file to the given output stream. |
void |
UALCreator.setConnections(LdapDirectory directory,
ManagerTransport managerTransport)
Sets the connections to a Public Key Infrastructure (PKI).
|
void |
UALCreator.setConnections(java.lang.String entrustIniFile)
Sets the connections to the Entrust Authority Security Manager (EASM)
using settings retrieved from the user's
entrust.ini file. |
| Constructor and Description |
|---|
UALCreator(java.lang.String entrustIniFile,
java.lang.String epf,
SecureStringBuffer password)
Instantiates a
UALCreator using a user's EPF and Entrust
INI file. |
UALCredentialReader(CredentialReader credentials,
java.io.InputStream passwordCache)
Creates a
UALCredentialReader that lets you use the Server
Login feature with any other type of Digital Identity store. |
UALCredentialReader(CredentialReader credentials,
java.io.InputStream passwordCache,
java.lang.String updatedUalFileName)
Instantiates a
UALCredentialReader. |
UALCredentialReader(java.io.InputStream credentials,
java.io.InputStream passwordCache)
Deprecated.
use
UALCredentialReader(CredentialReader, InputStream )
instead |
UALCredentialReader(java.io.InputStream credentials,
java.io.InputStream passwordCache,
java.lang.String updatedUalFileName)
Deprecated.
use
UALCredentialReader(CredentialReader, InputStream, String)
instead |
| Modifier and Type | Class and Description |
|---|---|
class |
UALException
This exception is thrown when a non-recoverable error occurs while using
Entrust Unattended Login (UAL).
|
class |
UserRecoverException
This exception is thrown when a fatal error occurs while performing
operations on a
User object, which MAY require that the user
be recovered. |
| Modifier and Type | Method and Description |
|---|---|
void |
KSIniFileCreator.store(java.io.OutputStream ksIniFile,
java.lang.String ualFile)
Method store.
|
void |
KSIniFileCreator.store(java.lang.String ksIniFile,
ProtectedPassword password)
Method store.
|
void |
KSIniFileCreator.store(java.lang.String ksIniFile,
java.lang.String ualFile)
Method store.
|
| Modifier and Type | Method and Description |
|---|---|
long |
JNIPKCS11.addDecryptionKey(long sessionHandle,
byte[] id,
byte[] modulus,
byte[] publicExponent,
byte[] privateExponent,
byte[] prime1,
byte[] prime2,
byte[] exponent1,
byte[] exponent2,
byte[] coefficient)
Creates a new RSA decryption key object on a token (a token object).
|
long |
JNIPKCS11.addDecryptionKeySecure(long sessionHandle,
SecretKey wrappingKey,
long wrappingKeyHandle,
byte[] decryptionKey,
byte[] id)
Creates a new decryption key object on a token by transferring it to the
token securely.
|
void |
JNIPKCS11.closeAllSessions(long slotID)
Closes all sessions an application has with a token.
|
void |
PKCS11LibraryConnection.closeConnection()
Closes the connection to the PKCS11 library.
|
void |
JNIPKCS11.closeSession(long sessionHandle)
Closes a session between an application and a token.
|
void |
JNIPKCS11.closeTemporarySessions(long slotID)
Closes all released temporary session handles for a particular slot.
|
long |
JNIPKCS11.create3DESKey(long sessionHandle)
Generates an DESede unwrapping key on the token.
|
long[] |
JNIPKCS11.createDSASigningKeys(long sessionHandle,
byte[] prime,
byte[] subprime,
byte[] base)
Generates an DSA signing key pair on the token.
|
long[] |
JNIPKCS11.createDSASigningKeys(long sessionHandle,
int strength)
Generates an DSA signing key pair on the token.
|
long[] |
JNIPKCS11.createECSigningKeys(long sessionHandle,
java.security.spec.ECParameterSpec ecDomainParams)
Generates an EC signing key pair on the token.
|
long[] |
JNIPKCS11.createRSADecryptionKeys(long sessionHandle,
int strength)
Generates an RSA encryption key pair on the token.
|
long[] |
JNIPKCS11.createRSADecryptionKeys(long sessionHandle,
int strength,
byte[] publicExponent)
Generates an RSA decryption key pair on the token.
|
long[] |
JNIPKCS11.createRSASigningKeys(long sessionHandle,
int strength)
Generates an RSA signing key pair on the token.
|
long[] |
JNIPKCS11.createRSASigningKeys(long sessionHandle,
int strength,
byte[] publicExponent)
Generates an RSA signing key pair on the token.
|
long |
JNIPKCS11.createSymmetricKey(long sessionHandle,
java.lang.String label,
SymmetricKeyType keyType,
int keySizeInBytes,
boolean tokenObject,
boolean extractable,
boolean forEncrypt,
boolean forMac)
Creates a symmetric key object of the given type, return the handle to
it.
|
byte[] |
JNIPKCS11.decrypt(long sessionHandle,
byte[] ciphertext)
Decrypts encrypted data in a single part.
|
byte[] |
JNIPKCS11.decryptFinal(long sessionHandle)
Finishes a multiple-part decryption operation.
|
void |
JNIPKCS11.decryptInit(long sessionHandle,
long mechanism,
long keyHandle)
Initializes a decryption operation.
|
void |
JNIPKCS11.decryptInit(long sessionHandle,
long mechanism,
long keyHandle,
byte[] iv)
Initializes a decryption operation, passing in a byte array to use as an
initialization vector with a symmetric cipher.
|
byte[] |
JNIPKCS11.decryptUpdate(long sessionHandle,
byte[] ciphertext)
Continues a multiple-part decryption operation, processing another
encrypted data part.
|
int |
JNIPKCS11.decryptUpdate(long sessionHandle,
byte[] input,
int inputOffset,
int inputLength,
byte[] output,
int outputOffset)
Continues a multiple-part decryption operation, processing another
encrypted data part and placing the result in a pre-allocated array.
|
void |
JNIPKCS11.destroyObject(long sessionHandle,
long objectHandle)
Destroys (deletes) an object on the token.
|
byte[] |
JNIPKCS11.encrypt(long sessionHandle,
byte[] plaintext)
Encrypts single-part data.
|
byte[] |
JNIPKCS11.encryptFinal(long sessionHandle)
Finishes a multiple-part encryption operation.
|
void |
JNIPKCS11.encryptInit(long sessionHandle,
long mechanism,
long keyHandle)
Initializes an encryption operation.
|
void |
JNIPKCS11.encryptInit(long sessionHandle,
long mechanism,
long keyHandle,
byte[] iv)
Initializes an encryption operation, passing in a byte array to use as an
initialization vector with a symmetric cipher.
|
byte[] |
JNIPKCS11.encryptUpdate(long sessionHandle,
byte[] plaintext)
Continues a multiple-part encryption operation, processing another data
part.
|
int |
JNIPKCS11.encryptUpdate(long sessionHandle,
byte[] input,
int inputOffset,
int inputLength,
byte[] output,
int outputOffset)
Continues a multiple-part encryption operation, processing another data
part and placing the result in a pre-allocated array.
|
long[] |
JNIPKCS11.generateDSAKeyPair(long sessionHandle,
java.lang.String label,
boolean encryptAllowed,
boolean signAllowed,
byte[] prime,
byte[] subprime,
byte[] base)
Generates an DSA key pair on the token.
|
long[] |
JNIPKCS11.generateECKeyPair(long sessionHandle,
java.lang.String label,
boolean encryptAllowed,
boolean signAllowed,
java.security.spec.ECParameterSpec ecDomainParams)
Generates an EC key pair on the token.
|
long[] |
JNIPKCS11.generateRSAKeyPair(long sessionHandle,
java.lang.String label,
boolean encryptAllowed,
boolean signAllowed,
int strength,
byte[] publicExponent)
Generates an RSA key pair on the token.
|
SecretKey |
JNIPKCS11.get3DESKeySecure(long sessionHandle,
long keyHandle)
Securely obtains a DESede secret key from a token using RSA wrapping.
|
long[] |
JNIPKCS11.getAllDecryptionKeyHandles(long sessionHandle)
Obtains the object handles for a all decryption key objects stored on a
token.
|
long[] |
JNIPKCS11.getAllObjectHandles(long sessionHandle)
Obtains the object handles for all objects stored on a token.
|
long |
JNIPKCS11.getByteArrayHandle(long sessionHandle,
boolean isPrivate,
java.lang.String label)
Obtains the object handle for a byte array object stored on a token.
|
byte[] |
JNIPKCS11.getByteArrayObject(long sessionHandle,
long objectHandle)
Obtains a byte array object from a token by reading the CKA_VALUE
attribute an object.
|
byte[] |
JNIPKCS11.getCertificate(long sessionHandle,
long objectHandle)
Obtains a certificate object from a token by reading the CKA_VALUE
attribute an object.
|
long |
JNIPKCS11.getCertificateHandle(long sessionHandle,
boolean isPrivate,
java.lang.String label)
Obtains the object handle for a certificate object stored on a token.
|
long |
JNIPKCS11.getCertificateHandle(long sessionHandle,
boolean isPrivate,
java.lang.String label,
byte[] id)
Obtains the object handle for a certificate object stored on a token.
|
long[] |
JNIPKCS11.getCertificateHandles(long sessionHandle,
boolean isPrivate,
java.lang.String label)
Obtains the object handles for a set certificate objects stored on a
token.
|
long |
JNIPKCS11.getDataObjectHandle(long sessionHandle,
boolean isPrivate,
java.lang.String label)
Obtains the object handle for a data object stored on a token.
|
long[] |
JNIPKCS11.getDataObjectHandles(long sessionHandle,
boolean isPrivate,
java.lang.String label)
Obtains the object handles for a set data objects stored on a token.
|
long[] |
JNIPKCS11.getDataObjectHandles(long sessionHandle,
java.lang.String application)
Obtains the object handles for a set data objects stored on a token.
|
long |
JNIPKCS11.getDecryptionKeyHandle(long sessionHandle,
byte[] id)
Obtains the object handle for a decryption key object stored on a token.
|
int |
JNIPKCS11.getDecryptUpdateLength(long sessionHandle,
byte[] input,
int inputLength)
When performing a multiple-part decryption operation, this call returns
the number of bytes that would be required in an array passed to
decryptUpdate to hold the output. |
java.security.spec.DSAParameterSpec |
JNIPKCS11.getDSAParams(long sessionHandle,
long objectHandle)
Extracts the DSA parameters from a DSA key object stored on a PKCS#11
device.
|
byte[] |
JNIPKCS11.getDSAPublicKeyY(long sessionHandle,
long objectHandle)
Obtains the public value from a DSA key object stored on a token by
reading the CKA_VALUE attribute of the object.
|
java.security.spec.ECParameterSpec |
JNIPKCS11.getECDomainParams(long sessionHandle,
long objectHandle)
Extracts the EC domain parameters from an EC key object stored on a
PKCS#11 device.
|
JNIPKCS11.EcdsaDigestFormat |
JNIPKCS11.getEcdsaDigestFormat(long slotId)
Determines the ECDSA digest format used by the PKCS#11 device.
|
java.security.spec.ECPoint |
JNIPKCS11.getECPublicPoint(long sessionHandle,
long objectHandle,
java.security.spec.ECParameterSpec ecDomainParams)
Extracts the EC public point from an EC public key object stored on a
PKCS#11 device.
|
int |
JNIPKCS11.getEncryptUpdateLength(long sessionHandle,
byte[] input,
int inputLength)
When performing a multiple-part encryption operation, this call returns
the number of bytes that would be required in an array passed to
encryptUpdate to hold the output. |
Info |
JNIPKCS11.getInfo()
Returns general information about Cryptoki.
|
Info |
PKCS11Information.getInfo()
Returns an
Info object. |
JNIPKCS11 |
PKCS11LibraryConnection.getJNIPKCS11()
This method returns the
JNIPKCS11 object. |
java.lang.String |
JNIPKCS11.getKeyID(long sessionHandle,
long objectHandle)
Obtains the key identifier from a key object on the token by reading the
CKA_ID attribute of the object.
|
int |
JNIPKCS11.getKeyType(long sessionHandle,
long objectHandle)
Obtains the key type from a key object on the token by reading the
CKA_KEY_TYPE attribute of the object.
|
java.lang.String |
JNIPKCS11.getLabel(long sessionHandle,
long objectHandle)
Obtains the label of an object on the token by reading the CKA_LABEL
attribute of the object.
|
MechanismInfo |
JNIPKCS11.getMechanismInfo(long slotID,
long mechanismType)
Used to obtain information about a particular mechanism possibly
supported by a token.
|
MechanismInfo |
PKCS11Information.getMechanismInfo(long slotID,
long mechanismType)
Returns information about a specific mechanism supported by the token
located at a specific slot ID.
|
MechanismList |
JNIPKCS11.getMechanismList(long slotID)
Used to obtain a list of mechanism types supported by a token.
|
MechanismList |
PKCS11Information.getMechanismList(long slotID)
Returns a list of all the mechanisms (cryptographic operations) supported
by the token located at a specific slot ID.
|
long |
JNIPKCS11.getOldSigningKeyHandle(long sessionHandle)
Obtains the object handle for an "old" signing key object stored on a
token.
|
long |
JNIPKCS11.getPrivateKeyHandle(long sessionHandle,
byte[] id)
Obtains the object handle for a private key object stored on a token.
|
long |
JNIPKCS11.getPrivateKeyHandle(long sessionHandle,
java.lang.String label)
Obtains the object handle for a private key object stored on a token.
|
long[] |
JNIPKCS11.getPrivateKeyHandles(long sessionHandle,
java.lang.String label)
Obtains the object handles for a set private key objects stored on a
token.
|
byte[] |
JNIPKCS11.getRSAPrivateKeyModulus(long sessionHandle,
long objectHandle)
Obtains the modulus from an RSA private key object stored on a token by
reading the CKA_MODULUS attribute of the object.
|
byte[] |
JNIPKCS11.getRSAPublicKeyModulus(long sessionHandle,
long objectHandle)
Obtains the modulus from an RSA key object stored on a token by reading
the CKA_MODULUS attribute of the object.
|
byte[] |
JNIPKCS11.getRSAPublicKeyPublicExp(long sessionHandle,
long objectHandle)
Obtains the public exponent from an RSA key object stored on a token by
reading the CKA_PUBLIC_EXPONENT attribute of the object.
|
int |
JNIPKCS11.getSecretKeyLength(long sessionHandle,
long objectHandle)
Obtains the key length from a secret key object stored on a token by
reading the CKA_VALUE_LEN attribute of the object.
|
SessionInfo |
JNIPKCS11.getSessionInfo(long sessionHandle)
Obtains information about a session.
|
SessionInfo |
PKCS11Information.getSessionInfo(long sessionHandle)
Returns information about a session.
|
long |
JNIPKCS11.getSigningKeyHandle(long sessionHandle)
Obtains the object handle for a signing key object stored on a token.
|
int |
JNIPKCS11.getSigningKeyType(long sessionHandle,
long objectHandle)
Obtains the key type from a signing key object on the token by reading
the CKA_KEY_TYPE attribute of the object.
|
SlotInfo |
JNIPKCS11.getSlotInfo(long slotID)
Obtains information about a particular slot in the system.
|
SlotInfo |
PKCS11Information.getSlotInfo(long slotID)
Returns information about a slot located at a specific slot ID.
|
SlotList |
JNIPKCS11.getSlotList(boolean tokenPresent)
Used to obtain a list of slots in the system.
|
SlotList |
PKCS11Information.getSlotList(boolean tokenPresent)
Returns the slot list found by a PKCS #11 library.
|
long |
JNIPKCS11.getStringHandle(long sessionHandle,
boolean isPrivate,
java.lang.String label)
Obtains the object handle for a string object stored on a token.
|
java.lang.String |
JNIPKCS11.getStringObject(long sessionHandle,
long objectHandle)
Obtains a string object from a token by reading the CKA_VALUE attribute
an object.
|
long |
JNIPKCS11.getTemporarySession(long slotID)
Gets a temporary session handle from the PKCS11 library, to be used when
crypto operations may be executed by multiple threads simultaneously.
|
TokenInfo |
JNIPKCS11.getTokenInfo(long slotID)
Obtains information about a particular token in the system.
|
TokenInfo |
PKCS11Information.getTokenInfo(long slotID)
Returns information about a token located at a specific slot ID.
|
void |
JNIPKCS11.initPin(long sessionHandle,
java.lang.String userPin)
Initializes the Normal User's PIN.
|
void |
JNIPKCS11.initToken(long slotID,
java.lang.String soPin,
java.lang.String label)
Initializes a token.
|
void |
JNIPKCS11.login(long sessionHandle,
int userType,
java.lang.String pin)
Logs a user into a token.
|
void |
JNIPKCS11.logout(long sessionHandle)
Logs a user out from a token.
|
long |
JNIPKCS11.openSession(long slotID,
boolean readWrite)
This function opens a session between an application and a token in a
particular slot.
|
long |
JNIPKCS11.setByteArrayObject(long sessionHandle,
boolean isPrivate,
java.lang.String label,
byte[] value)
Creates a new byte array object on a token (a token object).
|
long |
JNIPKCS11.setByteArrayObject(long sessionHandle,
boolean isPrivate,
java.lang.String label,
java.lang.String application,
byte[] value)
Creates a new byte array object on a token (a token object), setting the
CKA_APPLICATION attribute.
|
long |
JNIPKCS11.setCertificate(long sessionHandle,
boolean isToken,
boolean isPrivate,
boolean isModifiable,
java.lang.String label,
byte[] subject,
byte[] id,
byte[] issuer,
byte[] serialNumber,
byte[] value)
Creates a new X.509 public key certificate object on a token (a token
object).
|
long |
JNIPKCS11.setCertificate(long sessionHandle,
boolean isPrivate,
java.lang.String label,
byte[] subject,
byte[] value)
Creates a new X.509 public key certificate object on a token (a token
object).
|
long |
JNIPKCS11.setCertificate(long sessionHandle,
boolean isPrivate,
java.lang.String label,
byte[] id,
X509Certificate certificate)
Creates a new X.509 public key certificate object on a token (a token
object).
|
long |
JNIPKCS11.setCertificate(long sessionHandle,
boolean isPrivate,
java.lang.String label,
X509Certificate certificate)
Creates a new X.509 public key certificate object on a token (a token
object).
|
long |
JNIPKCS11.setDSAPrivateKey(long sessionHandle,
java.lang.String label,
byte[] id,
boolean encryptAllowed,
boolean signAllowed,
byte[] prime,
byte[] subprime,
byte[] base,
byte[] value)
Creates a new DSA private key object on a token (a token object).
|
long |
JNIPKCS11.setDSAPrivateKeySecure(long sessionHandle,
long wrappingKeyHandle,
SecretKey wrappingKey,
java.lang.String label,
byte[] id,
boolean encryptAllowed,
boolean signAllowed,
byte[] privateKey)
Creates a new DSA private key object on a token by transferring it to the
token securely.
|
long |
JNIPKCS11.setDSASigningKey(long sessionHandle,
byte[] prime,
byte[] subprime,
byte[] base,
byte[] value)
Creates a new DSA signing key object on a token (a token object).
|
long |
JNIPKCS11.setECPrivateKey(long sessionHandle,
java.lang.String label,
byte[] id,
boolean encryptAllowed,
boolean signAllowed,
byte[] d,
java.security.spec.ECParameterSpec ecDomainParams)
Creates a new EC private key object on a token (a token object).
|
long |
JNIPKCS11.setECPrivateKeySecure(long sessionHandle,
long wrappingKeyHandle,
SecretKey wrappingKey,
java.lang.String label,
byte[] id,
boolean encryptAllowed,
boolean signAllowed,
byte[] privateKey)
Creates a new EC private key object on a token by transferring it to the
token securely.
|
long |
JNIPKCS11.setIntObject(long sessionHandle,
boolean isPrivate,
java.lang.String label,
int value)
Creates a new integer object on a token (a token object).
|
void |
JNIPKCS11.setKeyID(long sessionHandle,
long objectHandle,
java.lang.String keyId)
Sets the key identifier of a key object that already exists on the token
by writing the CKA_ID attribute of the object.
|
void |
JNIPKCS11.setNewLabel(long sessionHandle,
long objectHandle,
java.lang.String label)
Sets the label of an object that already exists on the token by writing
the CKA_LABEL attribute of the object.
|
void |
JNIPKCS11.setPin(long sessionHandle,
java.lang.String oldPin,
java.lang.String newPin)
Modifies the PIN of the user currently logged in.
|
long |
JNIPKCS11.setRSAPrivateKey(long sessionHandle,
java.lang.String label,
byte[] id,
boolean encryptAllowed,
boolean signAllowed,
byte[] modulus,
byte[] publicExponent,
byte[] privateExponent,
byte[] prime1,
byte[] prime2,
byte[] exponent1,
byte[] exponent2,
byte[] coefficient)
Creates a new RSA private key object on a token (a token object).
|
long |
JNIPKCS11.setRSAPrivateKeySecure(long sessionHandle,
long wrappingKeyHandle,
SecretKey wrappingKey,
java.lang.String label,
byte[] id,
boolean encryptAllowed,
boolean signAllowed,
byte[] privateKey)
Creates a new RSA private key object on a token by transferring it to the
token securely.
|
long |
JNIPKCS11.setRSASigningKey(long sessionHandle,
byte[] modulus,
byte[] publicExponent,
byte[] privateExponent,
byte[] prime1,
byte[] prime2,
byte[] exponent1,
byte[] exponent2,
byte[] coefficient)
Creates a new RSA signing key object on a token (a token object).
|
long |
JNIPKCS11.setStringObject(long sessionHandle,
boolean isPrivate,
java.lang.String label,
java.lang.String value)
Creates a new string object on a token (a token object).
|
long |
JNIPKCS11.setStringObject(long sessionHandle,
boolean isPrivate,
java.lang.String label,
java.lang.String application,
java.lang.String value)
Creates a new string object on a token (a token object).
|
byte[] |
JNIPKCS11.sign(long sessionHandle,
byte[] data)
Signs data in a single part, where the signature is an appendix to the
data.
|
byte[] |
JNIPKCS11.signFinal(long sessionHandle)
Finishes a multiple-part signature operation, returning the signature.
|
void |
JNIPKCS11.signInit(long sessionHandle,
long mechanism,
long keyHandle)
Initializes a signature operation, where the signature is an appendix to
the data.
|
void |
JNIPKCS11.SignInitWithRSAPSSParameters(long sessionHandle,
long mechanism,
long keyHandle,
long hashAlg,
long mgfType,
long saltLength)
Initializes a signature operation, where the signature is an appendix to
the data.
|
void |
JNIPKCS11.signUpdate(long sessionHandle,
byte[] part)
Continues a multiple-part signature operation, processing another data
part.
|
void |
JNIPKCS11.signUpdate(long sessionHandle,
byte[] part,
int offset,
int length)
Continues a multiple-part signature operation, processing another data
part.
|
long |
JNIPKCS11.unwrapDecryptionKey(long sessionHandle,
long wrappingKeyHandle,
byte[] wrappedKey,
byte[] id)
Unwraps an RSA decryption key on the token using the specified DESede
secret key.
|
long |
JNIPKCS11.unwrapDSAPrivateKey(long sessionHandle,
long wrappingKeyHandle,
java.lang.String label,
byte[] id,
boolean encryptAllowed,
boolean signAllowed,
byte[] wrappedKey)
Unwraps an DSA private key on the token using the specified DESede secret
key.
|
long |
JNIPKCS11.unwrapECPrivateKey(long sessionHandle,
long wrappingKeyHandle,
java.lang.String label,
byte[] id,
boolean encryptAllowed,
boolean signAllowed,
byte[] wrappedKey)
Unwraps an EC private key on the token using the specified DESede secret
key.
|
long |
JNIPKCS11.unwrapRSAPrivateKey(long sessionHandle,
long wrappingKeyHandle,
java.lang.String label,
byte[] id,
boolean encryptAllowed,
boolean signAllowed,
byte[] wrappedKey)
Unwraps an RSA private key on the token using the specified DESede secret
key.
|
boolean |
JNIPKCS11.verify(long sessionHandle,
byte[] data,
byte[] signature)
Verifies a signature in a single-part operation, where the signature is
an appendix to the data.
|
boolean |
JNIPKCS11.verifyFinal(long sessionHandle,
byte[] signature)
Finishes a multiple-part verification operation, checking the signature.
|
void |
JNIPKCS11.verifyInit(long sessionHandle,
long mechanism,
long keyHandle)
Initializes a verification operation, where the signature is an appendix
to the data.
|
void |
JNIPKCS11.verifyUpdate(long sessionHandle,
byte[] part)
Continues a multiple-part verification operation, processing another data
part.
|
byte[] |
JNIPKCS11.wrapKeyRSA(long sessionHandle,
long keyHandle,
byte[] modulus,
byte[] publicExponent)
Wraps a DESede key on the token with the provided RSA public key.
|
| Constructor and Description |
|---|
DSAParams(int strength) |
PKCS11Information(PKCS11LibraryConnection pkcs11LibraryConnection)
Creates a
PKCS11Information object for a specific connection
to a PKCS11 library. |
PKCS11LibraryConnection(java.lang.String pkcs11LibraryPath)
Creates a
PKCS11LibraryConnection object and opens a
connection to the specified PKCS11 library. |
| Modifier and Type | Method and Description |
|---|---|
void |
RoamingUser.changePassword(SecureStringBuffer oldPassword,
SecureStringBuffer newPassword)
Deprecated.
As of 7.0, use
User.changePassword() with a
RoamingCredentialWriter object set to perform this task. |
void |
RoamingUser.create(java.lang.String userId,
SecureStringBuffer password,
CredentialCreator creator)
Deprecated.
As of 7.0, use a
CredentialCreator with a
RoamingCredentialWriter object to perform this task. |
int |
RoamingUser.login(java.lang.String userid,
SecureStringBuffer password)
Deprecated.
as of 7.0,
RoamingCredentialReader and
RoamingCredentialWriter should be used with a User
object to perform this function. |
void |
RoamingUser.recover(java.lang.String userId,
SecureStringBuffer password,
CredentialRecoverer recoverer)
Deprecated.
As of 7.0, use a
CredentialRecoverer with a
RoamingCredentialWriter object to perform this task. |
void |
RoamingUser.register(java.lang.String profilePath,
java.lang.String roamingUserID,
SecureStringBuffer password)
Registers a user.
|
boolean |
RoamingUser.updateEncryptionKeys()
Deprecated.
As of 7.0, use a
RoamingCredentialReader and
RoamingCredentialWriter object with a User
object, and let the User perform key management automtically. |
boolean |
RoamingUser.updateSigningKeys()
Deprecated.
As of 7.0, use a
RoamingCredentialReader and
RoamingCredentialWriter object with a User
object, and let the User perform key management automtically. |
| Constructor and Description |
|---|
RoamingUser(java.lang.String iniFileName)
Creates an instance of
RoamingUser |
| Constructor and Description |
|---|
HttpsLdapServer(java.lang.String propertiesfile,
User user)
Creates in instance of the
HttpsLdapServer class. |
| Modifier and Type | Method and Description |
|---|---|
void |
ArchiveCertCache.parse(java.io.InputStream cacheFile)
Adds the contents of an archive cache (
.CCH or
.XCC) to the cache object. |
void |
ArchiveCertCache.write(java.io.OutputStream os,
int writeMode)
Writes the certificates contained in this cache object to a stream,
in the Entrust certificate cache format.
|
| Constructor and Description |
|---|
ArchiveCertCache(java.io.InputStream is)
Creates an archive cache, and initializes
it with the contents of the cache file specified by the
InputStream
argument. |
| Constructor and Description |
|---|
LDAPSTrustManager(KeyAndCertContainer keyAndCertContainer)
Creates a
LDAPSTrustManager instance that uses an
Entrust key/certificate container's certificate validation mechanism for
trust decisions. |
| Constructor and Description |
|---|
JSSEX509KeyManager(User user)
Creates a
JSSEX509KeyManager instance that uses an
Entrust User object as the key store. |
| Modifier and Type | Method and Description |
|---|---|
void |
ArchiveBinaryCRLCache.parse(java.io.InputStream inputStream)
Parses an input stream containing an archive CRL cache in Entrust revocation
list cache format.
|
void |
ArchiveCRLCache.parse(java.io.InputStream inputStream)
Parses an input stream containing an archive CRL cache in Entrust revocation
list cache format.
|
| Constructor and Description |
|---|
ArchiveBinaryCRLCache(java.io.InputStream is,
ValidationInfo validationInfo)
The constructor; creates a new
ArchiveCRLCache object
initializing it with data read from the provided input stream. |
ArchiveCRLCache(java.io.InputStream is,
ValidationInfo validationInfo)
The constructor; creates a new
ArchiveCRLCache object
initializing it with data read from the provided input stream. |