| Package | Description |
|---|---|
| com.entrust.toolkit |
Contains various high-level classes that provide Toolkit JCA cryptographic provider initialization,
an Entrust User representation, a key/certificate source, a certificate set representation,
JNI initialization capabilities, PKCS #7 encoding and decoding, CMS and PKCS#7 User related
utilities, transaction counting, and an XML trust manager.
|
| com.entrust.toolkit.archive |
Contains classes for reading and writing files in the legacy Entrust Archive format.
|
| com.entrust.toolkit.asn1.cardms |
Contains classes used to create, parse,
and manipulate ASN.1 structures used by Entrust's Card Management System (CardMS) API.
|
| com.entrust.toolkit.asn1.cmpv1 |
Contains classes used to create, parse,
and manipulate ASN.1 structures used with Certificate Management Protocol (CMP)
version 1.
|
| com.entrust.toolkit.asn1.cmpv1.gkm |
Contains classes used to create, parse,
and manipulate ASN.1 structures used with Certificate Management Protocol (CMP)
version 1.
|
| com.entrust.toolkit.asn1.crmf |
Contains classes used to create, parse, and manipulate ASN.1 structures
used with Certificate Request Message Format (CRMF).
|
| com.entrust.toolkit.asn1.crmf.regCtrl |
Contains classes used to create, parse, and manipulate ASN.1 structures
used with Certificate Request Message Format (CRMF).
|
| com.entrust.toolkit.asn1.structures |
Contains classes used to create, parse, and manipulate general ASN.1
structures.
|
| com.entrust.toolkit.asn1.tsp |
Contains classes used to create, parse, and manipulate ASN.1 structures
used with time-stamping.
|
| com.entrust.toolkit.capi |
Contains low-level classes for interfacing with Microsoft's Crypto API.
|
| com.entrust.toolkit.credentials |
Contains classes the enable creation, recovery, reading, and writing of
digital identities using a
variety of key sources, classes for implementing the Toolkit's KeyStore
capabilities, and classes to support integration with a Smart Card
Management System.
|
| com.entrust.toolkit.exceptions | |
| com.entrust.toolkit.pkcs11 |
Contains classes dealing with PKCS #11 (smart cards and hardware
tokens) operations.
|
| com.entrust.toolkit.roaming |
Contains Toolkit classes that support SSL and TLS communication with
Entrust Authority™ Roaming Server (formerly Entrust/Roaming Server).
|
| com.entrust.toolkit.smproxy | |
| com.entrust.toolkit.timestamp |
Contains classes used to communicate with a timestamp server.
|
| com.entrust.toolkit.util |
Contains various utility classes.
|
| com.entrust.toolkit.x509 |
Contains the Entrust certification validation mechanism as well as
other classes related to X.509.
|
| com.entrust.toolkit.x509.certstore |
Contains the certificate stores and classes used during certificate path
building.
|
| com.entrust.toolkit.x509.directory |
Contains LDAP Directory implementations and various supporting classes.
|
| com.entrust.toolkit.x509.extensions |
Contains classes that implement certificate extensions.
|
| com.entrust.toolkit.x509.policies |
Contains classes used to check security policies issued by an Entrust PKI — password rules and client
settings, for example.
|
| com.entrust.toolkit.x509.revocation |
Contains the Entrust revocation checking mechanism and revocation
stores.
|
| com.entrust.toolkit.x509.testlets |
Contains classes used to validate certificate, CRL, and CRL Entry
extensions.
|
| com.entrust.toolkit.xencrypt.core |
Contains classes used to encrypt and decrypt XML elements and sets of
XML elements.
|
| com.entrust.toolkit.xml.dsig.keyinfo.tokenref |
Contains classes used when creating and verifying XML Signatures.
|
| iaik.cms | |
| iaik.pkcs | |
| iaik.pkcs.pkcs12 | |
| iaik.pkcs.pkcs7 | |
| iaik.security.smime | |
| iaik.smime | |
| iaik.smime.ess | |
| iaik.utils | |
| iaik.x509 | |
| iaik.x509.attr | |
| iaik.x509.ocsp | |
| iaik.x509.qualified |
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
User.getCaCertificate()
Returns the Certification Authority (CA) certificate stored in the credentials
if the user is logged in.
|
X509Certificate[] |
KeyAndCertContainer.getCaCertificateChain()
Returns an array of CA certificates forming a chain to the user's root
CA.
|
X509Certificate[] |
KeyAndCertificateSource.getCaCertificateChain()
Returns the CaCertificate chain that was added using the
KeyAndCertificateSource.setCaChain(X509Certificate[]) method. |
X509Certificate[] |
User.getCaCertificateChain()
Returns an array of CA certificates forming a chain to the user's root
CA.
|
X509Certificate |
KeyAndCertificateSource.getCertificate(Name issuerDN,
java.math.BigInteger serialNumber)
Returns the certificate that matches the given issuer DN and serial
number.
|
X509Certificate[] |
KeyAndCertificateSource.getCertificateChain()
Returns the certificate chain associated with this object.
|
X509Certificate[] |
CertificateSet.getCertificates()
Returns the content objects as an array of certificates.
|
X509Certificate |
KeyAndCertContainer.getEncryptionCertificate()
Returns the encryption certificate.
|
X509Certificate |
KeyAndCertificateSource.getEncryptionCertificate()
Returns the encryption certificate associated with this object.
|
X509Certificate |
User.getEncryptionCertificate()
Returns the user's encryption certificate.
|
X509Certificate |
CertificateSet.getLatest()
Returns the certificate that expires last in the set.
|
X509Certificate |
User.getRootCaCertificate()
Returns the top-level trusted root CA certificate for users in a CA
hierarchy.
|
X509Certificate |
PKCS7DecodeStream.getSignerCertificate(int index)
Returns the certificate that is used to verify the signature.
|
X509Certificate |
User.getUserCertificate(Name issuer,
java.math.BigInteger serialNumber)
Returns the user's certificate that corresponds to the specified issuer
DN and serial number.
|
X509Certificate[] |
User.getUserCertificates()
Returns all the user's current certificates (excludes superseded
certificates).
|
X509Certificate[] |
User.getUserCertificates(boolean includedSuperseded)
Returns all the user's certificates (includes superseded certificates)
|
X509Certificate[] |
User.getUserCertificates(KeyUsage keyUsage)
Returns the user's certificates that can be used for purposes indicated
by the key usage provided.
|
X509Certificate[] |
User.getUserCertificatesByExactKeyUsage(KeyUsage keyUsage)
Returns the user's certificates that can ONLY be used for purposes indicated
by the key usage provided.
|
X509Certificate |
KeyAndCertContainer.getVerificationCertificate()
Returns the verification certificate.
|
X509Certificate |
KeyAndCertificateSource.getVerificationCertificate()
Returns the verification certificate associated with this object.
|
X509Certificate |
User.getVerificationCertificate()
Returns the user's verification certificate.
|
X509Certificate[] |
User.keyUpdatesRequired()
Determines whether any of the user's keys/certificates need to be updated.
|
X509Certificate[] |
User.validate(X509Certificate certificate)
Validates an X.509 certificate.
|
| Modifier and Type | Method and Description |
|---|---|
void |
KeyAndCertificateSource.addDecryptionKeyInfo(java.security.PrivateKey decryptionKey,
X509Certificate encryptionCertificate)
Adds the given key as a decryption key.
|
void |
User.addTrustedCertificate(X509Certificate trustedCert)
Adds a trusted certificate — from an address book, for example.
|
void |
User.addTrustedCertificate(X509Certificate trustedCert,
boolean revcheck)
Adds a trusted certificate — from an address book, for example.
|
java.security.PrivateKey |
User.getUserPrivateKey(X509Certificate certificate)
Returns the user's private key that corresponds to the specified
certificate.
|
boolean |
User.keyUpdateRequired(X509Certificate certificate)
Determines whether the user's key/certificate that corresponds to the
specified certificate needs to be updated.
|
void |
KeyAndCertificateSource.setCaChain(X509Certificate[] certChain)
Sets the certificate chain.
|
void |
KeyAndCertificateSource.setEncryptionCertificate(X509Certificate encryptionCertificate)
Sets the encryption certificate to be used when encrypting a
message.
|
void |
KeyAndCertificateSource.setSigningInfo(java.security.PrivateKey signingKey,
X509Certificate verificationCertificate)
Sets the private signing key and verification certificate to be used
when signing a message.
|
void |
User.updateUserKeys(X509Certificate[] certificates)
Updates the user's keys/certificates that correspond to the indicated
certificates, which MUST NOT have been superseded.
|
X509Certificate[] |
User.validate(X509Certificate certificate)
Validates an X.509 certificate.
|
| Constructor and Description |
|---|
CertificateSet(X509Certificate[] certificates)
Creates a
CertificateSet that contains the specified
X.509 certificates. |
| Modifier and Type | Method and Description |
|---|---|
X509Certificate[] |
ArchiveCreator.addRecipients(X509Certificate[] recipients)
Adds each certificate in the given array as a message recipient.
|
X509Certificate |
PemParsedHeader.getOriginatorCertificate()
Returns an object containing the encryption certificate of the
message encryptor.
|
X509Certificate |
ArchiveResults.getOriginatorEncryptionCertificate()
Returns the encryption certificate of the message originator.
|
X509Certificate |
ArchiveResults.getOriginatorVerificationCertificate()
Returns the verification certificate of the message signer.
|
X509Certificate |
PemParsedHeader.getVerificationCertificate()
Returns an object containing the verification certificate of the
message signer.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate[] |
ArchiveCreator.addRecipients(X509Certificate[] recipients)
Adds each certificate in the given array as a message recipient.
|
void |
PemOutputStream.addRecipients(X509Certificate[] recipients)
Adds the certificates in the given array as message recipients.
|
void |
ArchiveCreator.addTrustedRecipients(X509Certificate[] recipients)
Adds each certificate in the given array as a message recipient.
|
| Constructor and Description |
|---|
PemOutputStream(java.security.PrivateKey signingKey,
X509Certificate verificationCertificate,
X509Certificate originatorCertificate,
PemOptions options,
java.io.OutputStream outStream,
java.io.OutputStream headerStream)
Creates a PEM message, signed with the given signing key, with the given
certificates used as those of the originator.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
CardMSKeyMgmtInfo.getLatestCert()
Returns the latest certificate in the certificate stream.
|
| Modifier and Type | Method and Description |
|---|---|
void |
CardMSKeyMgmtInfo.setLatestCert(X509Certificate latestCert)
Sets the latest certificate in the certificate stream.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate[] |
KeyRecRepContent.getCaCerts()
Returns all the CA certificates that this object contains as an array of
X509Certificate objects. |
X509Certificate |
CAProtEncCert.getCAProtEncCert()
Returns the CA protocol encryption certificate.
|
X509Certificate[] |
CertRepMessage.getCaPubs()
Returns all the CA certificates that this object contains as an array of
X509Certificate objects. |
X509Certificate[] |
PKIMessage.getExtraCerts()
Returns all the extra certificates this object contains as an array of
X509Certificate objects.
|
X509Certificate |
KeyRecRepContent.getNewSigCert()
Returns the user's verification certificate, if it has been set; otherwise
null is returned. |
| Modifier and Type | Method and Description |
|---|---|
void |
KeyRecRepContent.addCaCerts(X509Certificate caCerts)
Adds the specified CA certificate.
|
void |
CertRepMessage.addCaPubs(X509Certificate caPubs)
Adds the specified CA certificate.
|
void |
PKIMessage.addExtraCert(X509Certificate extraCert)
Adds the specified certificate to the extraCerts component.
|
void |
KeyRecRepContent.setNewSigCert(X509Certificate newSigCert)
Sets the user's verification certificate.
|
| Constructor and Description |
|---|
CAProtEncCert(X509Certificate caProtEncCert)
Creates a new
CAProtEncCert object with the specified
component. |
CertConfirmContent(X509Certificate cert,
java.math.BigInteger certRequestId,
PKIStatusInfo statusInfo)
Constructor for the CertConfirmContent object.
|
CertStatus(X509Certificate cert,
java.math.BigInteger certRequestId,
PKIStatusInfo statusInfo)
The constructor for the CertStatus object.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate[] |
EntrustCAProtEncCerts.getCAProtEncCerts()
Returns the CA protocol encryption certificates.
|
X509Certificate |
EntrustEventVerCert.getEventVerCert()
Returns the event verification certificate.
|
| Modifier and Type | Method and Description |
|---|---|
void |
EntrustCAProtEncCerts.addCAProtEncCert(X509Certificate caProtEncCert)
Adds a CA protocol encryption certificates.
|
| Constructor and Description |
|---|
EntrustCAProtEncCerts(X509Certificate[] caProtEncCerts)
Creates a new
EntrustCAProtEncCerts object with the
specified component. |
EntrustEventVerCert(X509Certificate eventVerCert)
Creates a new
EntrustEventVerCert object with the
specified component. |
EntrustProofOfRAInfo(X509Certificate raVerificationCert,
AlgorithmID hashAlg,
PKIHeader header,
PKIBody body)
Creates a new
EntrustProofOfRAInfo. |
| Constructor and Description |
|---|
CertId(X509Certificate cert)
Creates a new
CertId object from an
X509Certificate object. |
| Constructor and Description |
|---|
OldCertId(X509Certificate oldCert)
Creates a new
OldCertId regCtrl object from the given
certificate. |
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
CrossCertificatePair.getForwardCertificate()
Returns the forward cross certificate.
|
X509Certificate |
CrossCertificatePair.getReverseCertificate()
Returns the reverse cross certificate.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
TimeStampToken.getTsaCert()
Returns the TimeStamp Authority certificate if it was included in the
time-stamp token by the TimeStamp Authority, otherwise
null
is returned. |
| Modifier and Type | Method and Description |
|---|---|
abstract boolean |
TimeStampToken.isSigner(X509Certificate cert)
Determines whether the indicated certificate can be used to verify the
signature protection.
|
boolean |
CMSTimeStampToken.isSigner(X509Certificate cert)
Determines whether the indicated certificate can be used to verify the
signature protection.
|
abstract void |
TimeStampToken.verifySignature(X509Certificate tsaCert)
Verifies the signature protecting this TimeStampToken structure using the
TimeStamp Authority certificate provided.
|
void |
CMSTimeStampToken.verifySignature(X509Certificate tsaCert)
Verifies the signature protecting this TimeStampToken structure using the
TimeStamp Authority certificate provided.
|
| Constructor and Description |
|---|
CMSTimeStampToken(TSTInfo tstInfo,
X509Certificate tsaCert,
java.security.PrivateKey tsaSigningKey)
Creates a new
CMSTimeStampToken object that contains the
indicated time-stamp information and TimeStamp Authority certificate. |
CMSTimeStampToken(TSTInfo tstInfo,
X509Certificate tsaCert,
java.security.PrivateKey tsaSigningKey,
AlgorithmID digestAlgorithm,
boolean includeIssuerSerial,
boolean includeTsaCert)
Creates a new
CMSTimeStampToken object that contains the
indicated time-stamp information and TimeStamp Authority certificate. |
| Modifier and Type | Method and Description |
|---|---|
static CertContext |
CertContext.createCertificateContext(int encodingType,
X509Certificate cert)
Creates a CAPI
CertContext object from the given
certificate. |
static CertContext |
CertContext.createCertificateContext(X509Certificate cert)
Creates an MSCAPI certificate context for the given certificate.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
EntrustP10CertReqInfo.getCACertificate()
Returns the CA certificate when available for the Certificate Authority
that the user exists on.
|
X509Certificate |
MscapiKeyContainer.getCert()
Returns the user certificate that is to be stored in the MS-CAPI key
container.
|
X509Certificate |
CapiCertificateAndKeyInfo.getCertificate()
Returns the certificate associated with this object
|
X509Certificate[] |
CapiIdentity.getChainToRoot() |
X509Certificate |
EntrustP10CertReqInfo.getRootCACertificate()
Returns the CA certificate when available for the Certificate Authority
that is the root of trust for the user.
|
X509Certificate |
EntrustP10CertReqInfo.getUserCertificate()
Returns the end user certificate that was issued by an Entrust Authority
Security Manager for the public key.
|
| Modifier and Type | Method and Description |
|---|---|
java.util.List<X509Certificate> |
CapiCertificateAndKeyInfo.getChainToRoot()
Returns a
List of X509Certificate objects that
form a chain from the certificate up to a trusted root. |
java.util.List<X509Certificate> |
EntrustP10CertReqInfo.getIntermediateCACertificates()
Returns the intermediate CA certificates when available, for the
Certificate Authorities that are needed to build a certificate path from
the user's CA to the root CA.
|
| Modifier and Type | Method and Description |
|---|---|
void |
CMPForCardMS.certStoreSynch(X509Certificate cardMSProtocolEncrCert,
CardMSDigitalIDMgmtInfo digitalIdMgmtInfo)
Executes a certificate store synchronization transmission that requests
all backed up user keys and certificates from the server.
|
void |
CMPForCardMS.initializeAll(CardMSCertReqInfo[] injectedCertReqInfo,
X509Certificate cardMSProtocolEncrCert)
Executes an initialization transmission that initializes all keys and
certificates for a user.
|
void |
CMPForCardMS.initializeSelected(CardMSCertReqInfo[] injectedCertReqInfo,
X509Certificate cardMSProtocolEncrCert)
Executes an initialization transmission that initializes selected keys
and certificates for a user.
|
void |
CMPForCardMS.keyUpdateAndCertification(CardMSCertReqInfo[] injectedCertReqInfo,
X509Certificate cardMSProtocolEncrCert,
CardMSDigitalIDMgmtInfo digitalIdMgmtInfo)
Executes a key update/certification transmission for a user that updates
existing certificates and/or requests new certificates.
|
void |
CMPForCardMS.recoverAll(CardMSCertReqInfo[] injectedCertReqInfo,
X509Certificate cardMSProtocolEncrCert)
Executes a recovery transmission that recovers all keys and certificates
for a user.
|
void |
CMPForCardMS.recoverSelected(CardMSCertReqInfo[] injectedCertReqInfo,
X509Certificate cardMSProtocolEncrCert)
Executes a recovery transmission that recovers selected keys and
certificates for a user.
|
void |
CapiIdentity.setChainToRoot(X509Certificate[] chainToRoot)
This method is for injecting the chainToRoot into the CapiIdentity.
|
| Constructor and Description |
|---|
CertIdentityCertFilter(X509Certificate cert)
This constructor takes an X509Certificate and uses the SubjectName
as the criteria for filtering acceptable certificates.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
RevocationException.getCertificate()
Returns the revoked certificate if it was set,
null otherwise. |
| Constructor and Description |
|---|
RevocationException(java.lang.String message,
java.lang.Exception innerException,
X509Certificate revokedCert,
RevokedCertificate revokedCertInfo)
Creates a
RevocationException. |
RevocationException(java.lang.String message,
X509Certificate revokedCert,
RevokedCertificate revokedCertInfo)
Creates a
RevocationException. |
RevocationException(X509Certificate revokedCert,
RevokedCertificate revokedCertInfo)
Creates a
RevocationException. |
| Modifier and Type | Method and Description |
|---|---|
long |
JNIPKCS11.setCertificate(long sessionHandle,
boolean isPrivate,
java.lang.String label,
byte[] id,
X509Certificate certificate)
Creates a new X.509 public key certificate object on a token (a token
object).
|
long |
JNIPKCS11.setCertificate(long sessionHandle,
boolean isPrivate,
java.lang.String label,
X509Certificate certificate)
Creates a new X.509 public key certificate object on a token (a token
object).
|
| Constructor and Description |
|---|
RoamingFileUpdater(RoamingConfiguration configuration,
User user,
X509Certificate[] certChain,
java.security.PrivateKey signingKey)
Creates a
RoamingFileUpdater object when a User
object is available but is not logged in. |
| Modifier and Type | Method and Description |
|---|---|
protected boolean |
SMProxyHostnameVerifier.getTLSServerNameAndMatch(java.lang.String hostname,
X509Certificate cert)
Extract the TLS servername(s) from the certificate and compare it against the
hostname for a match.
|
boolean |
SMProxyHostnameVerifier.verifyServer(java.lang.String hostname,
X509Certificate[] certs)
Do the actual Hostname verification.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
TimeStampVerifier.verify(byte[] data,
TimeStampToken timeStampToken)
Verifies that the time-stamp token is valid.
|
X509Certificate |
TimeStampVerifier.verify(java.io.InputStream data,
TimeStampToken timeStampToken)
Verifies that the time-stamp token is valid.
|
| Modifier and Type | Method and Description |
|---|---|
void |
TimeStampVerifier.setTsaCert(X509Certificate tsaCert)
Sets the TimeStamp Authority certificate.
|
| Modifier and Type | Method and Description |
|---|---|
static X509Certificate[] |
IniCertReader.readPEMCerts(IniFile iniFile,
int size)
Read the certificates used for LDAPS from the specified Entrust.ini file.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
CertVerifier.getRootOfTrust()
Returns the root of trust.
|
X509Certificate |
ValidationInfo.getRootOfTrust() |
X509Certificate[] |
CertVerifier.getRootsOfTrust()
Returns all roots of trust.
|
X509Certificate[] |
CertVerifier.validate(X509Certificate certificate)
Validates an X.509 certificate.
|
X509Certificate[] |
CertVerifier.validate(X509Certificate certificate,
java.util.Date validationTime)
Validates an X.509 certificate at a given point in time.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate[] |
CertVerifier.validate(X509Certificate certificate)
Validates an X.509 certificate.
|
X509Certificate[] |
CertVerifier.validate(X509Certificate certificate,
java.util.Date validationTime)
Validates an X.509 certificate at a given point in time.
|
| Constructor and Description |
|---|
CertVerifier(X509Certificate[] rootsOfTrust,
LdapDirectory directory,
ClientSettings clientSettings)
Constructor with multiple roots of trust.
|
CertVerifier(X509Certificate[] rootsOfTrust,
LdapDirectory directory,
ClientSettings clientSettings,
UserRevocationInfo revInfo)
Constructor with multiple roots of trust.
|
CertVerifier(X509Certificate rootOfTrust,
LdapDirectory directory,
ClientSettings clientSettings)
Constructor.
|
CertVerifier(X509Certificate rootOfTrust,
LdapDirectory directory,
ClientSettings clientSettings,
UserRevocationInfo revInfo)
Constructor.
|
X509CertificateWrapper(X509Certificate c)
Instantiates a
CertificateWrapper object with the given
certificate. |
| Modifier and Type | Method and Description |
|---|---|
X509Certificate[] |
CertificateGraph.getCertificates()
This method returns all certificates that are currently in
the certificate graph.
|
X509Certificate[] |
CollectionCS.getRootsOfTrust()
Method getRootsOfTrust
|
X509Certificate[] |
CollectionCS.getTrustedCertificates()
Method getTrustedCertificates.
|
X509Certificate[] |
CollectionCS.validate(X509Certificate certificate)
Validates an X.509 certificate.
|
X509Certificate[] |
CollectionCS.validate(X509Certificate certificate,
java.util.Date validationTime)
Validates an X.509 certificate at a given point in time.
|
| Modifier and Type | Method and Description |
|---|---|
void |
ArchiveCertCache.addCertificate(X509Certificate cert)
Adds the specified certificate to this cache.
|
boolean |
CertificateGraph.addCertificate(X509Certificate cert)
Adds a certificate to the graph and connects it to all issuers and all
subjects.
|
void |
ArchiveCertCache.addCertificates(X509Certificate[] certs)
Adds the specified certificates to this cache.
|
void |
CollectionCS.addTrustedCertificate(X509Certificate trustedCert)
Adds a trusted certificate.
|
void |
CollectionCS.addTrustedCertificate(X509Certificate trustedCert,
boolean checkPABPolicy)
Adds a trusted certificate.
|
void |
CollectionCS.addTrustedCertificates(X509Certificate[] trustedCerts)
Adds trusted certificates, setting them as roots of trust.
|
CertificateSet |
CollectionCS.findExtensionCerts(X509Certificate certificate,
ObjectID accessMethod,
ObjectID infoAccess)
Search through all certificate stores for certificates located at the
AIA ca-Issuers accessLocation.
|
boolean |
CollectionCS.isTrustedCertificate(X509Certificate certificate)
Indicates whether or not the certificate is a trusted certificate.
|
void |
CertificateGraph.removeCertificate(X509Certificate cert)
Removes a certificate from the graph.
|
X509Certificate[] |
CollectionCS.validate(X509Certificate certificate)
Validates an X.509 certificate.
|
X509Certificate[] |
CollectionCS.validate(X509Certificate certificate,
java.util.Date validationTime)
Validates an X.509 certificate at a given point in time.
|
| Modifier and Type | Method and Description |
|---|---|
protected boolean |
EntrustHostnameVerifier.getTLSServerNameAndMatch(java.lang.String hostname,
X509Certificate cert)
Extract the TLS servername(s) from the certificate and compare it against the
hostname for a match.
|
boolean |
EntrustHostnameVerifier.verifyServer(java.lang.String hostname,
X509Certificate[] certs)
Do the actual Hostname verification.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
SignedCertificateTimestamp.verify(X509Certificate cert,
java.security.PublicKey key)
Verify this Signed Certificate Timestamp.
|
java.security.PublicKey[] |
SignedCertificateTimestampList.verify(X509Certificate PreCertOrFinal,
java.security.PublicKey[] logkeys,
java.security.PublicKey issuerKey)
Verify the list of Signed Certificate Timestamp.
|
boolean |
SignedCertificateTimestamp.verify(X509Certificate preCertorFinal,
java.security.PublicKey logkey,
java.security.PublicKey issuerKey)
Verify this Signed Certificate Timestamp.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
ClientSettings.getCaCertificate(boolean checkForUpdate)
Retrieves the CA certificate with which these
ClientSettings
were validated. |
X509Certificate |
ClientSettings.getRootCaCertificate(boolean checkForUpdate)
Returns the top-level trusted root CA certificate.
|
| Modifier and Type | Method and Description |
|---|---|
void |
ClientSettings.getFresh(User user,
X509Certificate caCert,
X509Certificate userCertificate,
X509Certificate rootCaCert)
Retrieves fresh settings from the Directory, not from the policy
certificate cache.
|
boolean |
ClientSettings.issuedByUpdatedCAkey(X509Certificate cert)
Checks an X509Certificate to determine if it was signed by the same key
that signed the main policy certificate.
|
| Constructor and Description |
|---|
ClientSettings(User user,
X509Certificate caCert,
java.math.BigInteger clientRoleId,
X509Certificate rootCaCert)
Creates a
ClientSettings object using and initializes it
using a User object and that user's certificates. |
ClientSettings(User user,
X509Certificate caCert,
X509Certificate userCert,
X509Certificate rootCaCert)
Creates a
ClientSettings object using and initializes it
using a User object and that user's certificates. |
ClientSettings(User user,
X509Certificate caCert,
X509Certificate userCert,
X509Certificate rootCaCert,
java.math.BigInteger clientRoleId)
Creates a
ClientSettings object and initializes it
using a User object, the user's certificates. |
ClientSettings(X509Certificate caCert,
X509Certificate rootCaCert)
Creates a
ClientSettings object using just the CA certs. |
| Modifier and Type | Method and Description |
|---|---|
X509Certificate[] |
OCSPConfiguration.getResponderCertificates()
Returns the trusted responders verfication certificate list if it was
set.
|
| Modifier and Type | Method and Description |
|---|---|
void |
RevocationTrustCache.addCertificate(X509Certificate cert)
Add a certificate into the RevocationTrustCache
|
void |
OCSPConfiguration.addResponderCertificate(X509Certificate responderCert)
Adds a trusted verficiation certificate of an OCSP responder to the
list of trusted responder certificates for this OCSPConfiguration.
|
void |
OCSPConfiguration.addResponderCertificates(X509Certificate[] responderCerts)
Adds an array of trusted verficiation certificates for each OCSP responder
which should be trusted by this OCSPConfiguration.
|
void |
CollectionRS.check(X509Certificate cert)
Checks the revocation status of the supplied certificate.
|
void |
MultiOCSPLocalRevocationChecker.check(X509Certificate cert)
This method checks revocation of the given certificate.
|
void |
OCSPRevocationChecker.check(X509Certificate certificate)
This method will check Revocation of the given certificate using OCSP.
|
void |
RevocationChecker.check(X509Certificate cert)
A method used to check revocation of a specific certificate.
|
void |
RevocationManager.check(X509Certificate cert)
Checks the revocation status of the given cert starting with the first revocation checker in the ordered
list of revocation checkers.
|
void |
RevocationTrustCache.check(X509Certificate cert)
Convienance method for checking revocation of a signle certificate
|
void |
CollectionRS.check(X509Certificate[] chain)
Determines whether any of the certifcates in the chain have been revoked.
|
void |
MultiOCSPLocalRevocationChecker.check(X509Certificate[] chain)
This method checks revocation of the given certificate chain.
|
void |
OCSPRevocationChecker.check(X509Certificate[] chain)
Given a certificate chain, this method will check Revocation on the chain
using OCSP.
|
void |
RevocationChecker.check(X509Certificate[] chain)
Determines whether any of the certifcates in the chain have been revoked.
|
void |
RevocationManager.check(X509Certificate[] chain)
Determines whether any of the certifcates in the chain have been revoked.
|
void |
RevocationTrustCache.check(X509Certificate[] chain)
Checks whether all certificates contained in the chain are in the
RevocationTrustCache.
|
void |
CollectionRS.check(X509Certificate cert,
X509Certificate[] chain)
Checks the revocation status of a certificate.
|
void |
CollectionRS.check(X509Certificate cert,
X509Certificate[] chain)
Checks the revocation status of a certificate.
|
void |
MultiOCSPLocalRevocationChecker.check(X509Certificate cert,
X509Certificate[] chain)
This method checks revocation of the given certificate.
|
void |
MultiOCSPLocalRevocationChecker.check(X509Certificate cert,
X509Certificate[] chain)
This method checks revocation of the given certificate.
|
void |
OCSPRevocationChecker.check(X509Certificate cert,
X509Certificate[] chain)
The Main method of checking whether the certificate is revoked in the OCSP revocation checkers.
|
void |
OCSPRevocationChecker.check(X509Certificate cert,
X509Certificate[] chain)
The Main method of checking whether the certificate is revoked in the OCSP revocation checkers.
|
void |
RevocationChecker.check(X509Certificate cert,
X509Certificate[] chain)
Determines whether the given certificate has been revoked.
|
void |
RevocationChecker.check(X509Certificate cert,
X509Certificate[] chain)
Determines whether the given certificate has been revoked.
|
void |
RevocationManager.check(X509Certificate cert,
X509Certificate[] chain)
Checks the revocation status of the given cert starting with the first revocation checker in the ordered
list of revocation checkers.
|
void |
RevocationManager.check(X509Certificate cert,
X509Certificate[] chain)
Checks the revocation status of the given cert starting with the first revocation checker in the ordered
list of revocation checkers.
|
void |
RevocationTrustCache.check(X509Certificate cert,
X509Certificate[] chain)
Checks whether the given certificate is in the RevocationTrustCache.
|
void |
RevocationTrustCache.check(X509Certificate cert,
X509Certificate[] chain)
Checks whether the given certificate is in the RevocationTrustCache.
|
void |
CollectionRS.check(X509Certificate cert,
X509Certificate[] chain,
int position)
Checks the revocation status of a certificate.
|
void |
CollectionRS.check(X509Certificate cert,
X509Certificate[] chain,
int position)
Checks the revocation status of a certificate.
|
void |
MultiOCSPLocalRevocationChecker.check(X509Certificate cert,
X509Certificate[] chain,
int position)
This method checks revocation of the given certificate.
|
void |
MultiOCSPLocalRevocationChecker.check(X509Certificate cert,
X509Certificate[] chain,
int position)
This method checks revocation of the given certificate.
|
void |
OCSPRevocationChecker.check(X509Certificate certificate,
X509Certificate[] chain,
int position)
This method will check Revocation of the given certificate using OCSP.
|
void |
OCSPRevocationChecker.check(X509Certificate certificate,
X509Certificate[] chain,
int position)
This method will check Revocation of the given certificate using OCSP.
|
void |
RevocationChecker.check(X509Certificate cert,
X509Certificate[] chain,
int position)
A convience method that carries the position of the certificate in the chain,
May be useful for speeding up Issuer certificate searches depending which
revocation checker is in use.
|
void |
RevocationChecker.check(X509Certificate cert,
X509Certificate[] chain,
int position)
A convience method that carries the position of the certificate in the chain,
May be useful for speeding up Issuer certificate searches depending which
revocation checker is in use.
|
void |
RevocationManager.check(X509Certificate cert,
X509Certificate[] chain,
int position)
Checks the revocation status of the given cert starting with the first revocation checker in the ordered
list of revocation checkers.
|
void |
RevocationManager.check(X509Certificate cert,
X509Certificate[] chain,
int position)
Checks the revocation status of the given cert starting with the first revocation checker in the ordered
list of revocation checkers.
|
void |
RevocationTrustCache.check(X509Certificate cert,
X509Certificate[] chain,
int position)
This method does not need to use the position of certificate in the chain.
|
void |
RevocationTrustCache.check(X509Certificate cert,
X509Certificate[] chain,
int position)
This method does not need to use the position of certificate in the chain.
|
void |
OCSPConfiguration.removeResponderCertificate(X509Certificate responderCert)
Removes a trusted Responder verification certificate from the list of
trusted responder verification certificates.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
TestletDataSet.getTargetCertificate()
Returns the target of the certificate validation procedure.
|
| Modifier and Type | Method and Description |
|---|---|
void |
BasicConstraintsCertTestlet.init(X509Certificate[] certChain,
TestletDataSet dataSet)
Initialize the testlet with the given chain.
|
void |
CertTestlet.init(X509Certificate[] chain,
TestletDataSet dataSet)
Initializes the certificate extension testlet when a new certificate
chain is to be validated.
|
void |
CertificatePoliciesCertTestlet.init(X509Certificate[] certChain,
TestletDataSet dataSet)
Initialize the testlet with the given chain.
|
void |
ExtendedKeyUsageCertTestlet.init(X509Certificate[] chain,
TestletDataSet dataSet)
Initializes this CertTestlet.
|
void |
InhibitAnyPolicyCertTestlet.init(X509Certificate[] certChain,
TestletDataSet dataSet) |
void |
KeyUsageCertTestlet.init(X509Certificate[] chain,
TestletDataSet dataSet) |
void |
NameConstraintsCertTestlet.init(X509Certificate[] certChain,
TestletDataSet dataSet)
Initialize the testlet with the given chain.
|
void |
NullCertTestlet.init(X509Certificate[] certificateSet,
TestletDataSet dataSet) |
void |
OldBasicConstraintsCertTestlet.init(X509Certificate[] chain,
TestletDataSet dataSet)
During the initialization phase, we add a BasicConstraintsTestletData
object to the TestletDataSet, if it doesn't already exist.
|
void |
PolicyConstraintsCertTestlet.init(X509Certificate[] certChain,
TestletDataSet dataSet)
Deprecated.
|
void |
SubjectAltNameCertTestlet.init(X509Certificate[] certChain,
TestletDataSet dataSet) |
void |
AuthorityKeyIdentifierCRLTestlet.init(X509Certificate caCert,
TestletDataSet dataSet) |
void |
CRLTestlet.init(X509Certificate caCert,
TestletDataSet dataSet)
Initializes the CRL extension testlet when a new CRL is to be validated.
|
void |
IssuingDistributionPointCRLTestlet.init(X509Certificate caCert,
TestletDataSet dataSet) |
void |
NullCRLTestlet.init(X509Certificate caCert,
TestletDataSet dataSet) |
void |
ExtensionTester.validate(X509Certificate[] chain)
Validates the certificate extensions in each certificate of the chain.
|
void |
BasicConstraintsCertTestlet.validate(X509Certificate cert,
TestletDataSet dataSet)
Validate that the given certificate does not invalidate the certificate
chain.
|
void |
CertTestlet.validate(X509Certificate cert,
TestletDataSet dataSet)
Validates the certificate based on the certificate extensions found in
this, or previous, certificates.
|
void |
CertificatePoliciesCertTestlet.validate(X509Certificate cert,
TestletDataSet dataSet)
Validate that the given certificate does not invalidate the certificate
chain.
|
void |
ExtendedKeyUsageCertTestlet.validate(X509Certificate cert,
TestletDataSet dataSet)
This is the method that validates the ExtendedKeyUsage.
|
void |
InhibitAnyPolicyCertTestlet.validate(X509Certificate cert,
TestletDataSet dataSet) |
void |
KeyUsageCertTestlet.validate(X509Certificate cert,
TestletDataSet dataSet) |
void |
NameConstraintsCertTestlet.validate(X509Certificate cert,
TestletDataSet dataSet)
Validate that the given certificate does not invalidate the certificate
chain.
|
void |
NullCertTestlet.validate(X509Certificate cert,
TestletDataSet dataSet) |
void |
OldBasicConstraintsCertTestlet.validate(X509Certificate cert,
TestletDataSet dataSet) |
void |
PolicyConstraintsCertTestlet.validate(X509Certificate cert,
TestletDataSet dataSet)
Deprecated.
|
void |
SubjectAltNameCertTestlet.validate(X509Certificate cert,
TestletDataSet dataSet) |
void |
ExtensionTester.validate(X509Certificate target,
X509Certificate[] chain)
Validates the certificate extensions in each certificate of the chain.
|
void |
ExtensionTester.validate(X509Certificate target,
X509Certificate[] chain)
Validates the certificate extensions in each certificate of the chain.
|
void |
ExtensionTester.validate(X509CRL crl,
X509Certificate caCert)
Validates the CRL extensions and CRL entry extensions in the CRL.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate[] |
EncryptedElementSet.getRecipients()
Identifies the recipients attached to this set.
|
X509Certificate[] |
Encryptor.getRecipients(java.lang.Object element)
Identifies the recipients for whom a particular DOM element has been encrypted —
all the users who will be able to decrypt the element.
|
| Modifier and Type | Method and Description |
|---|---|
void |
EncryptedElementSet.addRecipient(X509Certificate certificate)
Adds a recipient to a set of elements.
|
void |
Encryptor.setRecipient(java.lang.Object element,
X509Certificate certificate)
Sets a certificate whose public key will be used to encrypt this particular
DOM element or its content.
|
| Modifier and Type | Field and Description |
|---|---|
protected X509Certificate |
KeyProviderImplSecurityTokenRef.verificationCert_
The verification certificate.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
KeyProviderImplSecurityTokenRef.getVerificationCertificate()
Provides the verification certificate.
|
| Constructor and Description |
|---|
KeyProviderImplSecurityTokenRef(org.w3c.dom.Document signatureDOMDoc,
X509Certificate verificationCert)
Constructor.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
OriginatorInfo.getCertificate(CertificateIdentifier certificateIdentifier)
Tries to find the originator certificate specified by the given CertificateIdentidier.
|
X509Certificate |
SignedDataStream.getCertificate(CertificateIdentifier signerIdentifier)
Tries to find the signer certificate specified by the given CertificateIdentidier.
|
X509Certificate |
CertificateSet.getX509Certificate(CertificateIdentifier certID)
Gets the X.509 certificate identified by the given CertIdentifier.
|
X509Certificate[] |
CMSCertList.getX509Certificates()
Returns the X.509 public key certificates included.
|
X509Certificate[] |
CertificateSet.getX509Certificates()
Gets all included X.509 certificates from this CertificateSet.
|
X509Certificate[] |
OriginatorInfo.getX509Certificates()
Returns the X.509 public key certificates included.
|
X509Certificate[] |
SignedDataStream.getX509Certificates()
Returns the X.509 public key certificates included.
|
X509Certificate |
SignedDataStream.verify(int signerInfoIndex)
Verifies the signature that has been created by the
signerInfoIndex´th
signer. |
X509Certificate |
SignedDataStream.verifyAndValidate(int signerInfoIndex,
CertVerifier certVerifier)
Verifies and validates the SignerInfo structure that exists in this
SignedDataStream object at the indicated index. |
| Modifier and Type | Method and Description |
|---|---|
java.security.KeyPair |
KeyAgreeRecipientInfo.addRecipient(X509Certificate recipientCertificate,
int recipientIdentifierType)
Adds a recipient with the given certificate.
|
javax.crypto.SecretKey |
KeyAgreeRecipientInfo.decryptKey(java.security.PrivateKey privateKey,
X509Certificate recipientCertificate)
Uses the given private key to decrypt the encrypted content-encryption key for
the recipient with the given recipient certificate.
|
javax.crypto.SecretKey |
KeyAgreeRecipientInfo.decryptKey(java.security.PrivateKey privateKey,
X509Certificate recipientCertificate,
java.security.PublicKey originatorPublicKey)
Uses the given private key and originator public key to decrypt the encrypted
content-encryption key for the recipient with the given recipient certificate.
|
RecipientInfo |
AuthenticatedDataStream.getRecipientInfo(X509Certificate recipientCertificate) |
RecipientInfo |
EnvelopedDataStream.getRecipientInfo(X509Certificate recipientCertificate)
Returns the recipient info matching to the supplied recipient certificate.
|
boolean |
CertificateIdentifier.identifiesCert(X509Certificate cert)
Checks if the given certificate is identified by this CertificateIdentifier.
|
boolean |
IssuerAndSerialNumber.identifiesCert(X509Certificate certificate)
Checks if the given certificate is identified by this IssuerAndSerialNumber.
|
boolean |
RecipientKeyIdentifier.identifiesCert(X509Certificate cert)
Checks if the given certificate is identified by this RecipientKeyIdentifier.
|
boolean |
SignerRecipientIdentifier.identifiesCert(X509Certificate cert)
Checks if the given certificate is identified by this CertificateIdentifier.
|
boolean |
SubjectKeyID.identifiesCert(X509Certificate certificate)
Checks if the given certificate is identified by this SubjectKeyID.
|
boolean |
IssuerAndSerialNumber.isIssuerOf(X509Certificate certificate)
Checks if the issuer of this
IssuerAndSerialNumber has issued
the given certificate. |
CertificateIdentifier |
KEKRecipientInfo.isRecipientInfoFor(X509Certificate recipientCertificate)
Always returns
null indicating that a KEKRecipientInfo does not use
certificates. |
CertificateIdentifier |
KeyAgreeRecipientInfo.isRecipientInfoFor(X509Certificate recipientCertificate)
Checks if this is a RecipientInfo for the given recipient certificate.
|
CertificateIdentifier |
KeyTransRecipientInfo.isRecipientInfoFor(X509Certificate recipientCertificate)
Checks if this is a RecipientInfo for the given recipient certficate.
|
CertificateIdentifier |
PasswordRecipientInfo.isRecipientInfoFor(X509Certificate recipientCertificate)
Always returns
null indicating that a PasswordRecipientInfo
does not use certificates as it uses a secret key (KEK to decrypt the CEK. |
abstract CertificateIdentifier |
RecipientInfo.isRecipientInfoFor(X509Certificate recipientCertificate)
Checks if this is a RecipientInfo for the given recipient certificate.
|
boolean |
SignerInfo.isSignerCertificate(X509Certificate cert)
Checks whether the supplied certificate actually is the certificate
of the signer.
|
void |
EnvelopedDataStream.setupCipher(java.security.Key recipientKey,
X509Certificate recipientCertificate)
Uses the specified key for decrypting the content-encryption key to setup the
cipher for decrypting the encrypted content of this
EnvelopedDataStream
object for the requesting recipient, specified by the given recipient certificate. |
javax.crypto.SecretKey |
AuthenticatedDataStream.setupMac(java.security.Key recipientKey,
X509Certificate recipientCertificate)
Uses the specified key for decrypting the MAC key and setup the MAC calculation for the
requesting recipient, specified by the given recipient identifier.
|
SignerInfo |
SignedDataStream.verify(X509Certificate signerCertificate)
Uses the provided signer certificate for verifying the signature that has been created
by the signer being owner of the certificate.
|
SignerInfo |
SignedDataStream.verifyAndValidate(X509Certificate signerCert,
CertVerifier certVerifier)
Verifies and validates the SignerInfo structure that exists in this
SignedDataStream object and corresponds to the indicated
signer certificate. |
| Constructor and Description |
|---|
IssuerAndSerialNumber(X509Certificate cert)
Creates a new
IssuerAndSerialNumber from a certificate. |
KeyAgreeRecipientInfo(X509Certificate originatorCertificate,
java.security.PrivateKey originatorPrivateKey,
int originatorIdentifierType,
AlgorithmID keyEA,
AlgorithmID keyWrapAlg,
int kekLength,
byte[] ukm)
Creates a KeyAgreeRecipientInfo object from the given originator certificate.
|
KeyTransRecipientInfo(X509Certificate recipientCertificate,
AlgorithmID keyEA)
Creates a version 0 KeyTransRecipientInfo object from the given
recipient certificate.
|
KeyTransRecipientInfo(X509Certificate recipientCertificate,
int ridType,
AlgorithmID keyEA)
Creates a KeyTransRecipientInfo object from the given recipient certificate.
|
RecipientKeyIdentifier(X509Certificate recipientCertificate)
Creates a RecipientKeyIdentifier from the given recipient certificate.
|
SubjectKeyID(X509Certificate cert)
Creates a new
SubjectKeyID from a certificate. |
| Modifier and Type | Method and Description |
|---|---|
X509Certificate[] |
NetscapeCertList.getCertificateList()
Returns the certificates included in this NetscapeCertList object.
|
X509Certificate[] |
PKCS7CertList.getCertificateList()
Returns the certificates included in this PKCS7CertList object.
|
| Modifier and Type | Method and Description |
|---|---|
void |
NetscapeCertList.setCertificateList(X509Certificate[] certificateList)
Set the certificates for this NetscapeCertList object.
|
void |
PKCS7CertList.setCertificateList(X509Certificate[] certificateList)
Set the certificates for this PKCS#7 SignedData object.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
CertificateBag.getCertificate()
Returns the certificate of this CertificateBag.
|
static X509Certificate[] |
CertificateBag.getCertificates(CertificateBag[] certificates)
This method can be used to convert a CertificateBag array to
a Certificate array.
|
| Constructor and Description |
|---|
CertificateBag(X509Certificate certificate)
Creates a new CertificateBag from an alreay existing
certificate.
|
CertificateBag(X509Certificate certificate,
java.lang.String friendlyName,
byte[] localKeyID)
Creates a new CertificateBag from an alreay existing
certificate, a friendlyName and a locakKeyID.
|
| Modifier and Type | Field and Description |
|---|---|
protected X509Certificate[] |
SignedDataStream.certificates
Repository for the signer certificates.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
SignedDataStream.getCertificate(IssuerAndSerialNumber issuer)
Tries to find the certificate specified by an IssuerAndSerialNumber.
|
X509Certificate[] |
SignedDataStream.getCertificates()
Returns the certificates of the signers.
|
X509Certificate |
SignedDataStream.verify(int signerInfoIndex)
Verifies the signature that has been created by the
signerInfoIndex´th
signer. |
X509Certificate |
SignedDataStream.verifyAndValidate(int signerInfoIndex,
CertVerifier certVerifier)
Verifies and validates the SignerInfo structure that exists in this
SignedDataStream object at the indicated index. |
| Modifier and Type | Method and Description |
|---|---|
void |
SignedDataStream.setCertificates(X509Certificate[] certificates)
Sets the certificates of the several signers.
|
SignerInfo |
SignedDataStream.verify(X509Certificate signerCertificate)
Uses the provided signer certificate for verifying the signature that has been created
by the signer being owner of the certificate.
|
SignerInfo |
SignedDataStream.verifyAndValidate(X509Certificate signerCert,
CertVerifier certVerifier)
Verifies and validates the SignerInfo structure that exists in this
SignedDataStream object and corresponds to the indicated
signer certificate. |
| Modifier and Type | Method and Description |
|---|---|
X509Certificate[] |
SignedContent.getCertificates()
Returns the certificates included in this S/MIME messages.
|
X509Certificate |
SMimeSigned.verify()
Verifies the signature and returns the certificate of the signer.
|
X509Certificate |
SignedContent.verify()
Verifies this S/MIME signed content and returns the certificate
of the signer.
|
X509Certificate |
SignedContent.verifyAndValidate(CertVerifier certVerifier)
Verifies and validates the SignerInfo structure that exists in this
SignedContent object. |
| Modifier and Type | Method and Description |
|---|---|
void |
SMimeMailer.addBcc(java.lang.String realName,
java.lang.String emailAddress,
X509Certificate recipientCert,
AlgorithmID keyEncAlg)
Adds one receiver (Bcc: field) of the S/MIME email message.
|
void |
SMimeMailer.addCc(java.lang.String realName,
java.lang.String emailAddress,
X509Certificate recipientCert,
AlgorithmID keyEncAlg)
Adds one receiver (Cc: field) of the S/MIME email message.
|
void |
EncryptedContent.addRecipient(X509Certificate certificate,
AlgorithmID keyEncAlg)
Adds one recipient.
|
void |
SMimeMailer.addTo(java.lang.String realName,
java.lang.String emailAddress,
X509Certificate recipientCert,
AlgorithmID keyEncAlg)
Adds one receiver (To: field) of the S/MIME email message.
|
int |
EncryptedContent.getRecipientInfoIndex(X509Certificate recipientCertificate)
Returns the recipient info index matching to the supplied recipient certificate.
|
void |
SignedContent.setCertificates(X509Certificate[] certificates)
Sets the certificates to be included in the S/MIME message.
|
void |
SMimeMailer.setFrom(java.lang.String realName,
java.lang.String emailAddress,
X509Certificate senderCert,
AlgorithmID keyEncAlg)
Sets the from field of the S/MIME email message.
|
void |
SignedContent.setSigner(java.security.PrivateKey privateKey,
X509Certificate signerCertificate)
Uses the given private key to sign this SignedContent.
|
SignerInfo |
SignedContent.verifyAndValidate(X509Certificate signerCert,
CertVerifier certVerifier)
Verifies and validates the SignerInfo structure that exists in this
SignedContent using the indicated signer certificate. |
| Modifier and Type | Method and Description |
|---|---|
X509Certificate |
SMimeSigned.verify()
Verifies the signature and returns the certificate of the signer (i.e.
|
X509Certificate |
SignedContent.verify()
Verifies this S/MIME signed content and returns the certificate
of the signer (i.e.
|
X509Certificate |
SignedContent.verify(int signerInfoIndex)
Verifies this S/MIME signed content for the
signerInfoIndex´th
signer. |
X509Certificate |
SignedContent.verifyAndValidate(int signerInfoIndex,
CertVerifier certVerifier)
Verifies and validates the SignerInfo structure that exists in this
SignedContent object at the indicated index. |
| Modifier and Type | Method and Description |
|---|---|
void |
SMimeMailer.addBcc(java.lang.String realName,
java.lang.String emailAddress,
X509Certificate recipientCert,
AlgorithmID keyEncAlg)
Adds one receiver (Bcc: field) of the S/MIME email message.
|
void |
SMimeMailer.addCc(java.lang.String realName,
java.lang.String emailAddress,
X509Certificate recipientCert,
AlgorithmID keyEncAlg)
Adds one receiver (Cc: field) of the S/MIME email message.
|
void |
EncryptedContent.addRecipient(X509Certificate recipientCertificate,
AlgorithmID keyEncAlg)
Adds one recipient.
|
void |
SMimeEncrypted.addRecipient(X509Certificate recipientCertificate,
AlgorithmID keyEA)
Adds one recipient to this S/MIME EnvelopedData object.
|
void |
SignedContent.addSigner(java.security.PrivateKey privateKey,
X509Certificate signerCertificate)
Uses the given private key to sign the content.
|
void |
SignedContent.addSigner(java.security.PrivateKey privateKey,
X509Certificate signerCertificate,
AlgorithmID digestAlgorithm,
AlgorithmID signatureAlgorithm)
Uses the given private key to sign the content with the given
signature algorithm.
|
void |
SignedContent.addSigner(java.security.PrivateKey privateKey,
X509Certificate signerCertificate,
AlgorithmID digestAlgorithm,
AlgorithmID signatureAlgorithm,
Attribute[] signedAttributes)
Signs this content using the supplied signer´s private key with the
given signature algorithm.
|
void |
SignedContent.addSigner(java.security.PrivateKey privateKey,
X509Certificate signerCertificate,
AlgorithmID digestAlgorithm,
AlgorithmID signatureAlgorithm,
X509Certificate encryptionCertificate,
boolean includeEncryptionCertIDForMSOE)
Uses the given private key to sign the content with the given
signature algorithm.
|
void |
SignedContent.addSigner(java.security.PrivateKey privateKey,
X509Certificate signerCertificate,
X509Certificate encryptionCertificate,
boolean includeEncryptionCertIDForMSOE)
Uses the given private key to sign the content.
|
void |
SMimeMailer.addTo(java.lang.String realName,
java.lang.String emailAddress,
X509Certificate recipientCert,
AlgorithmID keyEncAlg)
Adds one receiver (To: field) of the S/MIME email message.
|
void |
EncryptedContent.decryptSymmetricKey(java.security.Key recipientKey,
X509Certificate recipientCertificate)
Uses the specified key for decrypting the content-encryption key to setup the
cipher for decrypting the encrypted content of this
EncryptedContent
object for the requesting recipient, specified by the given recipient certificate. |
void |
SMimeEncrypted.decryptSymmetricKey(java.security.Key recipientKey,
X509Certificate recipientCertificate)
Uses the specified key for decrypting the content-encryption key to setup the
cipher for decrypting the encrypted content of this
SMimeEncrypted
object for the requesting recipient, specified by the given recipient certificate. |
int |
EncryptedContent.getRecipientInfoIndex(X509Certificate recipientCertificate)
Returns the recipient info index matching to the supplied recipient certificate.
|
int |
SMimeEncrypted.getRecipientInfoIndex(X509Certificate recipientCertificate)
Returns the recipient info index matching to the supplied recipient certificate.
|
void |
SMimeMailer.setFrom(java.lang.String realName,
java.lang.String emailAddress,
X509Certificate senderCert,
AlgorithmID keyEncAlg)
Sets the from field of the S/MIME email message.
|
SignerInfo |
SignedContent.verify(X509Certificate signerCertificate)
Uses the provided signer certificate for verifying the signature that has been created
by the signer being owner of the certificate.
|
SignerInfo |
SignedContent.verifyAndValidate(X509Certificate signerCert,
CertVerifier certVerifier)
Verifies and validates the SignerInfo structure that exists in this
SignedContent object and corresponds to the indicated
signer certificate. |
| Modifier and Type | Method and Description |
|---|---|
boolean |
SigningCertificate.isSignerCertificate(X509Certificate certificate)
Checks if this SigningCertificate identifies the given certificate
as certificate of the signer to whom this SigningCertificate belongs.
|
| Modifier and Type | Method and Description |
|---|---|
static X509Certificate[] |
Util.arrangeCertificateChain(X509Certificate[] certArray,
boolean topdown)
Tries to construct a certificate chain from an array of certificates.
|
static X509Certificate[] |
Util.convertCertificateChain(java.security.cert.Certificate[] certificateChain)
This method converts an array of Certificates into an array of X509Certificates.
|
static X509Certificate[] |
Util.readCertificateChain(java.io.InputStream is)
Tries to read a certificate chain from the given input stream.
|
static X509Certificate[] |
Util.readPEMCerts(java.io.InputStream location,
int MaxSize)
Reads X509Certificates in a PEM format into an array of
X509Certificates.
|
| Modifier and Type | Method and Description |
|---|---|
static X509Certificate[] |
Util.arrangeCertificateChain(X509Certificate[] certArray,
boolean topdown)
Tries to construct a certificate chain from an array of certificates.
|
static void |
Util.writePEMCerts(java.io.OutputStream os,
X509Certificate[] x509certs)
Write the specifed array of certificates to the specified file location.
|
| Modifier and Type | Method and Description |
|---|---|
void |
X509CRL.addCertificate(X509Certificate cert,
java.util.Date revocationDate)
Adds a certificate to the CRL to be revoked on the given date.
|
RevokedCertificate |
X509CRL.containsCertificate(X509Certificate cert)
Checks, if the CRL contains revocation information for the given X509Certificate.
|
java.security.cert.X509CRLEntry |
X509CRL.getRevokedCertificate(X509Certificate certificate)
Searches the CRL for the specified certificate's serial number.
|
static boolean |
X509Certificate.isCertIssuingCaCert(X509Certificate cert,
boolean forceV1CertAsCA)
Checks if this certificate is a CA Certificate that is good
for issuing certificates according to RFC 3280.
|
static boolean |
X509Certificate.isIssuer(X509Certificate issuerCert,
X509Certificate subjectCert)
Return true if issuerCert is an issuer certificate of subjectCert.
|
boolean |
X509CRL.removeCertificate(X509Certificate certificate)
Removes the certificate with the given serial number from the CRL.
|
| Constructor and Description |
|---|
RevokedCertificate(X509Certificate cert,
java.util.Date revocationDate)
Creates a revoked certificate from a certificate and a date.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
Holder.identifiesCert(X509Certificate cert)
Checks if this Holder identifies the certificate.
|
boolean |
IssuerSerial.identifiesCert(X509Certificate baseCertificate)
Checks if this IssuerSerial identifies the given base certificate.
|
| Constructor and Description |
|---|
IssuerSerial(X509Certificate baseCertificate)
Creates an IssuerSerial from the given base certificate.
|
| Modifier and Type | Method and Description |
|---|---|
X509Certificate[] |
OCSPRequest.getCertifcates()
Returns the signer certificates that may be included in this request.
|
X509Certificate[] |
BasicOCSPResponse.getCertificates()
Returns the signer certificates that may be included in this response.
|
X509Certificate |
BasicOCSPResponse.verify()
Verifies this BasicOCSPResponse using the included signer certificates.
|
X509Certificate |
OCSPRequest.verify()
Verifies this request using the included signer certificates.
|
| Modifier and Type | Method and Description |
|---|---|
CertificateResponse |
BasicOCSPResponse.getCertificateResponse(X509Certificate targetCert,
X509Certificate issuerCert)
Searches this BasicOCSPReponse for status information about the certificate
identified by the given certificate information.
|
abstract CertificateResponse |
Response.getCertificateResponse(X509Certificate targetCert,
X509Certificate issuerCert)
Searches this Reponse for status information about the certificate
identified by the given certificate information.
|
SingleResponse |
BasicOCSPResponse.getSingleResponse(X509Certificate targetCert,
X509Certificate issuerCert)
Searches this BasicOCSPReponse for status information about the certificate
identified by the given certificate information.
|
boolean |
ResponderID.isResponderIdFor(X509Certificate responderCert)
Checks if this is a responder id for the given certificate.
|
boolean |
CertificateResponse.isResponseFor(X509Certificate targetCert,
X509Certificate issuerCert)
Checks if this is a certificate response for the given certificate identifying
information.
|
boolean |
SingleResponse.isResponseFor(X509Certificate targetCert,
X509Certificate issuerCert)
Checks if this is a single response for the given certificate identifying
information.
|
void |
BasicOCSPResponse.setCertificates(X509Certificate[] signerCerts)
Sets the certificates to be included into this BasicOCSPResponse.
|
void |
OCSPRequest.setCertificates(X509Certificate[] signerCerts)
Sets the certificates to be included into this OCSPRequest.
|
| Constructor and Description |
|---|
CertID(AlgorithmID hashAlgorithm,
X509Certificate issuerCert,
java.math.BigInteger serialNumber)
Creates a new CertID from hashAlgorithm, issuer certificate and
target certificate serial number.
|
CertID(AlgorithmID hashAlgorithm,
X509Certificate issuerCert,
X509Certificate targetCert)
Creates a new CertID from hashAlgorithm, issuer certificate and
target certificate.
|
| Modifier and Type | Class and Description |
|---|---|
class |
QualifiedCertificate
This class represents a QualifiedCertificate according to PKIX Qualified
Certificate Profile.
|
| Modifier and Type | Method and Description |
|---|---|
static QualifiedCertificate |
QualifiedCertificate.isQualifedCertificate(X509Certificate cert)
Deprecated.
Use
QualifiedCertificate.isQualifiedCertificate(X509Certificate); since 7.2 |
static QualifiedCertificate |
QualifiedCertificate.isQualifiedCertificate(X509Certificate cert)
Checks if the given certificate is a qualified one.
|