|
Oracle Security Developer Tools PKI SDK CMP Java API Reference 10g (10.1.4.0.1) B28166-01 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object
oracle.security.crypto.cmp.ProofOfPossession
oracle.security.crypto.cmp.SignaturePOP
CRMF proof-of-possession structure of type signature
.
ProofOfPossession
, RAVerifiedPOP
, KeyEnciphermentPOP
, KeyAgreementPOP
Nested Class Summary |
Nested classes inherited from class oracle.security.crypto.cmp.ProofOfPossession |
ProofOfPossession.SubsequentMsg, ProofOfPossession.Type |
Constructor Summary | |
SignaturePOP() Create an empty SignaturePOP . |
|
SignaturePOP(oracle.security.crypto.core.AlgorithmIdentifier sigAlgID) Create a SignaturePOP with the given signature algorithm to sign the CertRequest from the enclosing CertReqMsg . |
|
SignaturePOP(oracle.security.crypto.core.AlgorithmIdentifier sigAlgID, oracle.security.crypto.core.PublicKey pubKey, byte[] password) Create a SignaturePOP with the given signature algorithm to sign the given public key and a PasswordBasedMAC of the public key using the given password bytes. |
|
SignaturePOP(oracle.security.crypto.core.AlgorithmIdentifier sigAlgID, oracle.security.crypto.core.PublicKey pubKey, byte[] password, oracle.security.crypto.core.RandomBitsSource rbs) |
|
SignaturePOP(oracle.security.crypto.core.AlgorithmIdentifier sigAlgID, oracle.security.crypto.core.PublicKey pubKey, oracle.security.crypto.cert.GeneralName sender) Create a SignaturePOP with the given signature algorithm to sign the given public key and sender name. |
|
SignaturePOP(java.io.InputStream is) |
Method Summary | |
oracle.security.crypto.core.AlgorithmIdentifier |
getMacAlgID() Returns the password-based-MAC algorithm identifier. |
byte[] |
getMacBytes() Returns the bytes of the public key password-based-MAC. |
oracle.security.crypto.core.PublicKey |
getPublicKey() Returns the public key if it was provided separately from the CertRequest 's CertTemplate . |
oracle.security.crypto.cert.GeneralName |
getSenderName() Returns the sender's name if it was provided separately from the CertRequest 's CertTemplate . |
oracle.security.crypto.core.AlgorithmIdentifier |
getSignatureAlgID() Returns the algorithm identifier for the signature. |
byte[] |
getSignatureBytes() |
ProofOfPossession.Type |
getType() Returns one of the values defined in ProofOfPossession.Type . |
void |
input(java.io.InputStream is) |
void |
sign(CertRequest certReq, oracle.security.crypto.core.PrivateKey privKey, oracle.security.crypto.core.RandomBitsSource rbs) Computes the signature for this SignaturePOP using the the enclosing CertReqMsg 's CertRequest . |
void |
sign(oracle.security.crypto.core.PrivateKey privKey, oracle.security.crypto.core.RandomBitsSource rbs) Computes the signature for this SignaturePOP using the public key and sender name or the password-based MAC of the public key. |
java.lang.String |
toString() |
boolean |
verify(oracle.security.crypto.core.PublicKey pubKey, byte[] password) Verify the public key MAC in this POP's <coce>POPOSigningKeyInput structure and the signature on the structure. |
boolean |
verify(oracle.security.crypto.core.PublicKey pubKey, CertRequest certReq) Verify the POP signature on the enclosing CertReqMsg 's CertRequest . |
boolean |
verify(oracle.security.crypto.core.PublicKey pubKey, oracle.security.crypto.cert.GeneralName sender) Verify the sender name in this POP's <coce>POPOSigningKeyInput structure and the signature on the structure. |
Methods inherited from class oracle.security.crypto.cmp.ProofOfPossession |
inputInstance, length, output |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Constructor Detail |
public SignaturePOP()
SignaturePOP
. The resulting object is not a valid proof-of-possession structure, and is intended primarily for use in conjunction with the input(java.io.InputStream)
method.public SignaturePOP(oracle.security.crypto.core.AlgorithmIdentifier sigAlgID)
SignaturePOP
with the given signature algorithm to sign the CertRequest
from the enclosing CertReqMsg
.
Note: This constructor must be used when the CertRequest
's CertTemplate
contains both the public key and subject name. Otherwise, use either the SignaturePOP(AlgorithmIdentifier, PublicKey, GeneralName)
or the SignaturePOP(AlgorithmIdentifier, PublicKey, byte[])
constructor.
sigAlgID
- The signature algorithm to use.public SignaturePOP(oracle.security.crypto.core.AlgorithmIdentifier sigAlgID, oracle.security.crypto.core.PublicKey pubKey, oracle.security.crypto.cert.GeneralName sender)
SignaturePOP
with the given signature algorithm to sign the given public key and sender name.
Note: This constructor (or SignaturePOP(AlgorithmIdentifier, PublicKey, byte[])
) must be used only when the CertRequest
's CertTemplate
does not contain both the public key and subject name. If neither value is missing from the template use the constructor SignaturePOP(AlgorithmIdentifier)
.
sigAlgID
- The signature algorithm to use.pubKey
- The subject public key of the certificate request.sender
- The sender's GeneralName
.public SignaturePOP(oracle.security.crypto.core.AlgorithmIdentifier sigAlgID, oracle.security.crypto.core.PublicKey pubKey, byte[] password) throws oracle.security.crypto.core.AlgorithmIdentifierException
SignaturePOP
with the given signature algorithm to sign the given public key and a PasswordBasedMAC
of the public key using the given password bytes.
Note: This constructor (or SignaturePOP(AlgorithmIdentifier, PublicKey pubKey, GeneralName sender)
) must be used only when the CertRequest
's CertTemplate
does not contain both the public key and subject name. If neither value is missing from the template, use the constructor SignaturePOP(AlgorithmIdentifier)
.
sigAlgID
- The signature algorithm to use.pubKey
- The subject public key of the certificate request.password
- The bytes of the shared secret to be used in computing a password-based MAC. It is recommended (PKCS #5) that the password be at least 12 bytes, to complement a default salt length of 8 bytes and a hash value length of 20 bytes (SHA-1).public SignaturePOP(oracle.security.crypto.core.AlgorithmIdentifier sigAlgID, oracle.security.crypto.core.PublicKey pubKey, byte[] password, oracle.security.crypto.core.RandomBitsSource rbs) throws oracle.security.crypto.core.AlgorithmIdentifierException
public SignaturePOP(java.io.InputStream is) throws java.io.IOException
Method Detail |
public ProofOfPossession.Type getType()
ProofOfPossession
ProofOfPossession.Type
.getType
in class ProofOfPossession
public void sign(oracle.security.crypto.core.PrivateKey privKey, oracle.security.crypto.core.RandomBitsSource rbs) throws oracle.security.crypto.core.SignatureException
SignaturePOP
using the public key and sender name or the password-based MAC of the public key. If this method is not invoked explicitly on the SignaturePOP
instance, it will be called by the enclosing CertReqMsg
's constructor.
Note: This method must be used only when the CertRequest
's CertTemplate
does not contain both the public key and subject name. If neither value is missing from the template use the SignaturePOP(AlgorithmIdentifier)
constructor and the signing method sign(CertRequest, PrivateKey, RandomBitsSource)
.
oracle.security.crypto.core.SignatureException
public void sign(CertRequest certReq, oracle.security.crypto.core.PrivateKey privKey, oracle.security.crypto.core.RandomBitsSource rbs) throws oracle.security.crypto.core.SignatureException
SignaturePOP
using the the enclosing CertReqMsg
's CertRequest
. If this method is not invoked explicitly on the SignaturePOP
instance, it will be called by the enclosing CertReqMsg
's constructor.
Note: This method must be used only when the CertRequest
's CertTemplate
contains both the public key and subject name. If either value is missing from the template use the SignaturePOP(AlgorithmIdentifier, PublicKey, GeneralName)
or the SignaturePOP(AlgorithmIdentifier, PublicKey, byte[])
constructor, and the signing method sign(PrivateKey, RandomBitsSource)
.
oracle.security.crypto.core.SignatureException
public boolean verify(oracle.security.crypto.core.PublicKey pubKey, CertRequest certReq) throws oracle.security.crypto.core.SignatureException
CertReqMsg
's CertRequest
.pubKey
- The public key intended for the certificate, preferably taken from the CertRequest
's CertTemplate
.certReq
- The CertRequest
structure.oracle.security.crypto.core.SignatureException
public boolean verify(oracle.security.crypto.core.PublicKey pubKey, oracle.security.crypto.cert.GeneralName sender) throws oracle.security.crypto.core.SignatureException
pubKey
- The public key intended for the certificate, preferably taken from the CertRequest
's CertTemplate
.sender
- The sender's name, preferably taken from the message header.oracle.security.crypto.core.SignatureException
public boolean verify(oracle.security.crypto.core.PublicKey pubKey, byte[] password) throws oracle.security.crypto.core.SignatureException, oracle.security.crypto.core.InvalidMACException
pubKey
- The public key intended for the certificate, preferably taken from the CertRequest
's CertTemplate
.password
- The shared secret for the password-based-MAC on the public key.oracle.security.crypto.core.SignatureException
oracle.security.crypto.core.InvalidMACException
public oracle.security.crypto.core.AlgorithmIdentifier getSignatureAlgID()
public byte[] getSignatureBytes()
public oracle.security.crypto.cert.GeneralName getSenderName()
CertRequest
's CertTemplate
.GeneralName
if present, otherwise null
.public oracle.security.crypto.core.AlgorithmIdentifier getMacAlgID()
PBMacAlgID
if present, otherwise null
.public byte[] getMacBytes()
null
.public oracle.security.crypto.core.PublicKey getPublicKey()
CertRequest
's CertTemplate
.null
.public java.lang.String toString()
public void input(java.io.InputStream is) throws java.io.IOException
java.io.IOException
|
Oracle Security Developer Tools PKI SDK CMP Java API Reference 10g (10.1.4.0.1) B28166-01 |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |