| Package | Description |
|---|---|
| com.entrust.toolkit |
Contains various high-level classes that provide Toolkit JCA cryptographic provider initialization,
an Entrust User representation, a key/certificate source, a certificate set representation,
JNI initialization capabilities, PKCS #7 encoding and decoding, CMS and PKCS#7 User related
utilities, transaction counting, and an XML trust manager.
|
| com.entrust.toolkit.credentials |
Contains classes the enable creation, recovery, reading, and writing of
digital identities using a
variety of key sources, classes for implementing the Toolkit's KeyStore
capabilities, and classes to support integration with a Smart Card
Management System.
|
| com.entrust.toolkit.keystore |
Contains classes used for reading and writing certificates to a
KeyStore and for creating KeyStore initialization (
.ini) files. |
| com.entrust.toolkit.roaming |
Contains Toolkit classes that support SSL and TLS communication with
Entrust Authority™ Roaming Server (formerly Entrust/Roaming Server).
|
| com.entrust.toolkit.util |
Contains various utility classes.
|
| com.entrust.toolkit.x509.directory |
Contains LDAP Directory implementations and various supporting classes.
|
| com.entrust.toolkit.x509.jsse |
Contains classes that implement the Java Secure Sockets Extension
(JSSE).
|
| com.entrust.toolkit.x509.policies |
Contains classes used to check security policies issued by an Entrust PKI — password rules and client
settings, for example.
|
| iaik.cms | |
| iaik.security.cipher | |
| iaik.security.spec | |
| iaik.smime |
| Modifier and Type | Method and Description |
|---|---|
void |
User.changePassword(SecureStringBuffer oldPassword,
SecureStringBuffer newPassword)
Changes the password protecting the Digital Identity.
|
boolean |
User.isDuplicatePassword(SecureStringBuffer password)
This method may be used to determine if the supplied password
is contained in the User's password history.
|
int |
User.login(CredentialReader credentialReader,
SecureStringBuffer password)
Logs in a user.
|
| Constructor and Description |
|---|
User(java.lang.String profile,
SecureStringBuffer password,
java.lang.String inifile)
Creates a new
User object and automatically logs in using
settings retrieved from the user's entrust.ini file. |
| Modifier and Type | Method and Description |
|---|---|
SecureStringBuffer |
ExtractedUALData.getPassword()
Returns the password that was extracted from the UAL file.
|
| Modifier and Type | Method and Description |
|---|---|
static void |
UALUtil.bind(SecureStringBuffer password,
java.io.OutputStream ual)
Binds the given password to the machine by generating an Entrust Unattended
Login (UAL) file.
|
void |
CredentialReader.checkPwd(User user,
SecureStringBuffer password)
Checks the user's password to ensure it obeys the password rules found in
the user's policy settings.
|
void |
CMPForCardMS.generalMessage(SecureStringBuffer refNum,
AuthorizationCode authCode)
Executes a general message transmission for an uninitialized user (has
yet to be created) or an initialized user that will be recovered.
|
P11StorageObject[] |
CMPForCardMS.getDigitalIdRepresentation(SecureStringBuffer password)
Returns a representation of an Entrust digital identity in Entrust PKCS
#11 format.
|
GeneralMessageInfo |
PKIXCMPUtils.getGeneralMessageInfo(SecureStringBuffer refNum,
AuthorizationCode authCode)
This API performs a PKIX general message transaction using the supplied
reference number and authorization code.
|
void |
EntrustP10CertRetriever.retrieveUserCert(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
EntrustP10CertReqInfo certReqInfo)
Requests and retrieves a single unmanaged certificate for an end user
using the provided injected public key information.
|
void |
EntrustP10CertRetriever.retrieveUserCerts(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
EntrustP10CertReqInfo[] certReqInfo)
Requests and retrieves one or more unmanaged certificates for an end user
using the provided certificate request information.
|
| Constructor and Description |
|---|
CapiCredentialCreator(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode)
A constructor; creates a new
CapiCredentialCreator object. |
CapiCredentialCreatorOrRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode)
A constructor; creates a new
CapiCredentialCreatorOrRecoverer object. |
CapiCredentialRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode)
A constructor; creates a new
CapiCredentialRecoverer object. |
CredentialCreator(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode)
A constructor; create a new
CredentialCreator object. |
CredentialCreator(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
java.security.spec.AlgorithmParameterSpec clientKeyGenerationParameter)
A constructor; creates a new
CredentialCreator object and
configures it for operation with custom key generation parameters. |
CredentialCreator(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
int signingKeyAlgorithm,
java.security.spec.AlgorithmParameterSpec clientKeyGenerationParameter,
int pkixVersion)
Deprecated.
this constructor contains obsolete parameters; use another
constructor that does not
|
CredentialCreator(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
int signingKeyAlgorithm,
int signingKeyStrength,
int pkixVersion)
Deprecated.
this constructor contains obsolete parameters; use another
constructor that does not
|
CredentialCreatorOrRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode)
A constructor; creates a new
CredentialCreatorOrRecoverer
object. |
CredentialRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode)
A constructor; create a new
CredentialRecoverer object. |
CredentialRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
java.security.spec.AlgorithmParameterSpec clientKeyGenerationParameter)
A constructor; creates a new
CredentialRecoverer object and
configures it for operation with custom key generation parameters. |
CredentialRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
int signingKeyAlgorithm,
java.security.spec.AlgorithmParameterSpec clientKeyGenerationParameter,
int pkixVersion)
Deprecated.
this constructor contains obsolete parameters; use another
constructor that does not.
|
CredentialRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
int signingKeyAlgorithm,
int signingKeyStrength,
int pkixVersion)
Deprecated.
this constructor contains obsolete parameters; use another
constructor that does not
|
InternalCapiCmpCredentialReader(SecureStringBuffer refNum,
AuthorizationCode authCode,
com.entrust.toolkit.credentials.CMPCredentialReader.CmpOperationType cmpOperationType)
The constructor; creates an new
InternalCapiCmpCredentialReader. |
TokenCredentialCreator(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
int signingKeyAlgorithm,
int signingKeyStrength,
int pkixVersion,
long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer currentSoPin,
SecureStringBuffer newSoPin)
Deprecated.
this constructor contains obsolete parameters; use another constructor
that does not
|
TokenCredentialCreator(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
int signingKeyAlgorithm,
int signingKeyStrength,
int pkixVersion,
long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer soPin,
java.lang.String label)
Deprecated.
this constructor contains obsolete parameters; use another constructor
that does not
|
TokenCredentialCreator(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection)
A constructor; create a new
TokenCredentialCreator object
configured for use with a PKCS#11 device that has already been
initialized. |
TokenCredentialCreator(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer currentSoPin,
SecureStringBuffer newSoPin)
A constructor; create a new
TokenCredentialCreator object
configured for use with a PKCS#11 device that has already been
initialized and allows Security Officer PIN change. |
TokenCredentialCreator(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer soPin,
java.lang.String label)
A constructor; create a new
TokenCredentialCreator object
configured for use with a PKCS#11 device that has not yet been
initialized. |
TokenCredentialCreatorOrRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection)
A constructor; creates a new
TokenCredentialCreatorRecoverer
object configured for use with a PKCS#11 device that has already been
initialized. |
TokenCredentialCreatorOrRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer currentSoPin,
SecureStringBuffer newSoPin)
A constructor; creates a new
TokenCredentialCreatorRecoverer
object configured for use with a PKCS#11 device that has already been
initialized and allows Security Officer PIN change. |
TokenCredentialCreatorOrRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer soPin,
java.lang.String label)
A constructor; creates a new
TokenCredentialCreatorRecoverer
object configured for use with a PKCS#11 device that needs to be
initialized (or re-initialized). |
TokenCredentialRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
int signingKeyAlgorithm,
int signingKeyStrength,
int pkixVersion,
long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer currentSoPin,
SecureStringBuffer newSoPin)
Deprecated.
this constructor contains obsolete parameters; use another constructor
that does not
|
TokenCredentialRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
int signingKeyAlgorithm,
int signingKeyStrength,
int pkixVersion,
long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer soPin,
java.lang.String label)
Deprecated.
this constructor contains obsolete parameters; use another constructor
that does not
|
TokenCredentialRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection)
A constructor; create a new
TokenCredentialRecoverer object
configured for use with a PKCS#11 device that has already been
initialized. |
TokenCredentialRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer currentSoPin,
SecureStringBuffer newSoPin)
A constructor; create a new
TokenCredentialRecoverer object
configured for use with a PKCS#11 device that has already been
initialized and allows Security Officer PIN change. |
TokenCredentialRecoverer(SecureStringBuffer referenceNumber,
AuthorizationCode authorizationCode,
long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer soPin,
java.lang.String label)
A constructor; create a new
TokenCredentialRecoverer object
configured for use with a PKCS#11 device that has not yet been
initialized. |
TokenInitializer(long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer currentSoPin,
SecureStringBuffer newSoPin,
java.lang.String entrustPath,
java.lang.String entrustUser)
Creates a
TokenInitializer object. |
TokenInitializer(long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer currentSoPin,
SecureStringBuffer newSoPin,
java.lang.String entrustPath,
java.lang.String entrustUser,
int hashCount)
Creates a
TokenInitializer object. |
TokenInitializer(long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer currentSoPin,
SecureStringBuffer newSoPin,
java.lang.String entrustPath,
java.lang.String entrustUser,
java.lang.String protectionAlgorithm,
int hashCount)
Deprecated.
use {@link TokenInitializer#TokenInitializer(long, PKCS11LibraryConnection, SecureStringBuffer, SecureStringBuffer, String, String, int)
|
TokenInitializer(long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer soPin,
java.lang.String label,
java.lang.String entrustPath,
java.lang.String entrustUser)
Creates a
TokenInitializer object. |
TokenInitializer(long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer soPin,
java.lang.String label,
java.lang.String entrustPath,
java.lang.String entrustUser,
int hashCount)
Creates a
TokenInitializer object. |
TokenInitializer(long slotId,
PKCS11LibraryConnection pkcs11LibraryConnection,
SecureStringBuffer soPin,
java.lang.String label,
java.lang.String entrustPath,
java.lang.String entrustUser,
java.lang.String protectionAlgorithm,
int hashCount)
|
UALCreator(CredentialReader credentialReader,
SecureStringBuffer password)
Instantiates a
UALCreator using a user's credential
reader. |
UALCreator(java.lang.String entrustIniFile,
java.lang.String epf,
SecureStringBuffer password)
Instantiates a
UALCreator using a user's EPF and Entrust
INI file. |
UALCreator(User user,
SecureStringBuffer password)
Instantiates a
UALCreator using an already logged in user. |
| Modifier and Type | Method and Description |
|---|---|
SecureStringBuffer |
ProtectedPassword.getPassword()
This is the only method required by the interface.
|
static SecureStringBuffer |
KSIniFileCreator.readPasswordFromKeystore(IniFile iniFile)
This is a convenience method that reads the Password bound to the
KeyStore INI file.
|
| Modifier and Type | Method and Description |
|---|---|
void |
KSIniFileCreator.addReadCertificateStore(java.lang.String path,
SecureStringBuffer password)
Adds a read-only certificate store to this KeyStore-Ini-File.
|
void |
KSIniFileCreator.addWriteCertificateStore(java.lang.String path,
SecureStringBuffer password)
Adds a read/write certificate store to this KeyStore-Ini-File.
|
void |
CertStore.store(java.io.OutputStream os,
SecureStringBuffer pwd)
Writes this certificate store to the given output stream and protects it
with the given password.
|
void |
KSIniFileCreator.store(java.io.OutputStream ksIniFile,
SecureStringBuffer password)
Stores the current settings to a KeyStore-Ini-file.
|
void |
KSIniFileCreator.store(java.lang.String ksIniFile,
SecureStringBuffer password)
Stores the current settings to a KeyStore-Ini-file.
|
| Constructor and Description |
|---|
CertStore(java.lang.String path,
SecureStringBuffer password,
boolean write)
Creates a new
CertStore object. |
KSIniFileCreator(java.io.InputStream ksIniFile,
SecureStringBuffer password)
Creating a
KSIniFileCreator by reading an already existing
KeyStore-Ini-File. |
KSIniFileCreator(java.lang.String ksIniFile,
SecureStringBuffer password)
Creating a
KSIniFileCreator |
| Modifier and Type | Method and Description |
|---|---|
void |
RoamingUser.changePassword(SecureStringBuffer oldPassword,
SecureStringBuffer newPassword)
Deprecated.
As of 7.0, use
User.changePassword() with a
RoamingCredentialWriter object set to perform this task. |
void |
RoamingUser.create(java.lang.String userId,
SecureStringBuffer password,
CredentialCreator creator)
Deprecated.
As of 7.0, use a
CredentialCreator with a
RoamingCredentialWriter object to perform this task. |
int |
RoamingUser.login(java.lang.String userid,
SecureStringBuffer password)
Deprecated.
as of 7.0,
RoamingCredentialReader and
RoamingCredentialWriter should be used with a User
object to perform this function. |
void |
RoamingUser.recover(java.lang.String userId,
SecureStringBuffer password,
CredentialRecoverer recoverer)
Deprecated.
As of 7.0, use a
CredentialRecoverer with a
RoamingCredentialWriter object to perform this task. |
void |
RoamingUser.register(java.lang.String profilePath,
java.lang.String roamingUserID,
SecureStringBuffer password)
Registers a user.
|
EntrustFiles |
RoamingFileRetriever.retrieveFiles(SecureStringBuffer password)
Retrieve and decrypt roaming files.
|
void |
RoamingFileUpdater.setPasswordInfo(java.lang.String roamingUserId,
SecureStringBuffer password,
boolean includeUserId)
Sets the information required to generate the shared secret.
|
| Modifier and Type | Class and Description |
|---|---|
class |
AuthorizationCode
Validates the authorization code used when user credentials are created.
|
| Modifier and Type | Method and Description |
|---|---|
SecureStringBuffer |
AuthorizationCode.getValidatedAuthorizationCode()
Accessor method that returns the validated authorization code.
|
| Modifier and Type | Method and Description |
|---|---|
GeneralMessageInfo |
ManagerTransport.getGeneralMessageInfo(SecureStringBuffer refNum,
AuthorizationCode authCode)
This is a convenience method used to retrieve information about a
User that has not yet been created.
|
GeneralMessageInfo |
ManagerTransportWithSMProxy.getGeneralMessageInfo(SecureStringBuffer refNum,
AuthorizationCode authCode) |
void |
HttpsLdapServer.initActiveDirectory(java.lang.String securityLevel,
java.lang.String userName,
SecureStringBuffer password)
Performs Simple Authentication to the Microsoft Active Directory
that was set by a prior call to the
setDirectory
method. |
| Constructor and Description |
|---|
SecureStringBuffer(SecureStringBuffer ssb)
Copy constructor — used to create a new instance of
SecureStringBuffer that is identical to the specified
SecureStringBuffer. |
| Modifier and Type | Method and Description |
|---|---|
void |
JNDIDirectory.setAuthentication(java.lang.String securityLevel,
java.lang.String userName,
SecureStringBuffer password)
Sets the parameters required for authenticating to Microsoft Active Directory.
|
| Constructor and Description |
|---|
JSSEEntrustManagerFactoryParameters(java.security.KeyStore ks,
java.io.InputStream KSIniFile,
SecureStringBuffer password)
Get the directory setting from the KSIniFile.
|
| Modifier and Type | Method and Description |
|---|---|
void |
PasswordRuleTester.checkHistory(SecureStringBuffer password,
byte[][] passwordHistoryDigests) |
void |
PasswordRuleTester.validatePassword(SecureStringBuffer password)
Validates a given password according to the rules set on the PKI.
|
void |
PasswordRuleTester.validatePassword(SecureStringBuffer password,
ByteArray[] history)
Validates a given password according to the rules set on the PKI,
checking the length, character content, and password history.
|
| Modifier and Type | Method and Description |
|---|---|
javax.crypto.SecretKey |
PasswordRecipientInfo.decryptKey(SecureStringBuffer password)
Uses the given password to derive the KEK to be used to unwrap the CEK.
|
javax.crypto.SecretKey |
PasswordRecipientInfo.decryptKey(SecureStringBuffer password,
java.lang.String cekAlgorithmName)
Uses the given password to derive the key to decrypt the encrypted
content-encryption key.
|
javax.crypto.SecretKey |
PasswordRecipientInfo.decryptKey(SecureStringBuffer password,
java.lang.String cekAlgorithmName,
AlgorithmID keyDerivationAlgorithm)
Uses the given password to derive the KEK to be used to unwrap the CEK.
|
void |
EnvelopedDataStream.setupCipher(SecureStringBuffer password,
int recipientInfoIndex)
Uses the specified password to derive a key for decrypting the content-encryption key to setup the
cipher for decrypting the encrypted content of this
EnvelopedDataStream
object for the requesting recipient, specified by its recipientInfoIndex. |
void |
EnvelopedDataStream.setupCipher(SecureStringBuffer password,
RecipientInfo recipient)
Uses the specified password to derive a key for decrypting the content-encryption key to setup the
cipher for decrypting the encrypted content of this
EnvelopedDataStream
object for the requesting recipient, specified by its recipientInfoIndex. |
| Constructor and Description |
|---|
PasswordRecipientInfo(SecureStringBuffer password,
AlgorithmID keyDerivationAlgorithm,
java.security.spec.AlgorithmParameterSpec keyDerivationAlgorithmParams,
AlgorithmID kekEncryptionAlgorithm,
java.security.AlgorithmParameters kekEncryptionAlgorithmParams)
Creates a PasswordRecipientInfo object for deriving key encryption key
(KEK) from the supplied password.
|
| Constructor and Description |
|---|
PBEKey(SecureStringBuffer password) |
| Modifier and Type | Method and Description |
|---|---|
SecureStringBuffer |
PBKDF2KeyAndParameterSpec.getSecurePassword() |
| Constructor and Description |
|---|
PBKDF2KeyAndParameterSpec(ASN1Object algorithmParameter,
SecureStringBuffer password,
int keyLength)
Creates a PBEKDF2 parameter specification from an ASN1Object.
|
PBKDF2KeyAndParameterSpec(SecureStringBuffer password)
The constructor with recommended parameter settings.
|
PBKDF2KeyAndParameterSpec(SecureStringBuffer password,
byte[] inputSalt,
int iterationCount,
int keyLength,
AlgorithmID kdfAlg)
The PBKDF2KeyAndParameterSpec constructor.
|
| Modifier and Type | Method and Description |
|---|---|
void |
EncryptedContent.decryptSymmetricKey(SecureStringBuffer password,
int recipientInfoIndex)
Uses the specified password to derive a key for decrypting the content-encryption key to setup the
cipher for decrypting the encrypted content of this
EncryptedContent
object for the requesting recipient, specified by its recipientInfoIndex. |
void |
SMimeEncrypted.decryptSymmetricKey(SecureStringBuffer password,
int recipientInfoIndex)
Uses the specified password to derive a key for decrypting the content-encryption key to setup the
cipher for decrypting the encrypted content of this
SMimeEncrypted
object for the requesting recipient, specified by its recipientInfoIndex. |