Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Security Developer Tools PKI SDK CMP Java API Reference
10g (10.1.4.0.1)
B28166-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.security.crypto.cmp
Class PKIMessage

java.lang.Object
  extended byoracle.security.crypto.cmp.PKIMessage

All Implemented Interfaces:
oracle.security.crypto.asn1.ASN1Object, oracle.security.crypto.util.Streamable
public class PKIMessage
extends java.lang.Object
implements oracle.security.crypto.asn1.ASN1Object

Basic message class for the PKI certificate management protocols.

After creating a PKIMessage using one of the constructors, invoke the computeProtection() method if message protection bits are to be used.

See Also:
PKIMessageHeader, PKIMessageBody

Nested Class Summary
static class PKIMessage.Version
          CMP message protocol version.

 

Constructor Summary
PKIMessage()
          Create a new, empty PKIMessage.
PKIMessage(oracle.security.crypto.cert.GeneralName sender, oracle.security.crypto.cert.GeneralName recipient, PKIMessageBody body)
          Create a new PKIMessage with the specified sender, recipient and message body, using the default version PKIMessage.Version.CMP2000.
PKIMessage(oracle.security.crypto.cert.GeneralName sender, oracle.security.crypto.cert.GeneralName recipient, PKIMessageBody body, PKIMessage.Version version)
          Create a new PKIMessage with the specified sender, recipient, message body and version.
PKIMessage(java.io.InputStream is)
           
PKIMessage(PKIMessageHeader header, PKIMessageBody body)
           

 

Method Summary
 void addCertificate(oracle.security.crypto.cert.X509 cert)
          Add an extra certificate (to be used, for example, in certificate chain validation).
 void computeProtection()
          If the message is to be protected using the protection algorithm set in the PKIMessageHeader, this method must be invoked before sending the message.
 PKIMessageBody getBody()
          Returns the message body.
 java.util.Vector getExtraCerts()
          Return any extra certificates included for the end-entity's use in certificate chain verification.
 PKIMessageHeader getHeader()
          Returns the message header.
 byte[] getProtectedPart()
          Returns the bytes of the PKIMessage elements that are covered by the message protection.
 oracle.security.crypto.core.AlgorithmIdentifier getProtectionAlgID()
          Return the protection algorithm identifier from the message header, or null if none was set.
 byte[] getProtectionBytes()
           
 PKIMessage.Version getVersion()
          Returns the message version from the header.
 void input(java.io.InputStream is)
           
 int length()
           
 void output(java.io.OutputStream os)
           
 java.lang.String toString()
           
 boolean verifyProtection(byte[] password)
          Verifies the protection using the given password-based MAC key.
 boolean verifyProtection(oracle.security.crypto.core.PublicKey pubKey)
          Verifies the protection using the given public key.

 

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

 

Constructor Detail

PKIMessage

public PKIMessage()
Create a new, empty PKIMessage. An object thus instantiated is not valid, and is intended primarily for use in conjunction with the input(java.io.InputStream) method.

PKIMessage

public PKIMessage(oracle.security.crypto.cert.GeneralName sender,
                  oracle.security.crypto.cert.GeneralName recipient,
                  PKIMessageBody body)
           throws CMPException
Create a new PKIMessage with the specified sender, recipient and message body, using the default version PKIMessage.Version.CMP2000.

PKIMessage

public PKIMessage(oracle.security.crypto.cert.GeneralName sender,
                  oracle.security.crypto.cert.GeneralName recipient,
                  PKIMessageBody body,
                  PKIMessage.Version version)
           throws CMPException
Create a new PKIMessage with the specified sender, recipient, message body and version.
Parameters:
version - The CMP protocol version, either PKIMessage.Version.CMP1999 or PKIMessage.Version.CMP2000.

PKIMessage

public PKIMessage(PKIMessageHeader header,
                  PKIMessageBody body)

PKIMessage

public PKIMessage(java.io.InputStream is)
           throws java.io.IOException

Method Detail

getHeader

public PKIMessageHeader getHeader()
Returns the message header.

getBody

public PKIMessageBody getBody()
Returns the message body.

getVersion

public PKIMessage.Version getVersion()
Returns the message version from the header.

addCertificate

public void addCertificate(oracle.security.crypto.cert.X509 cert)
Add an extra certificate (to be used, for example, in certificate chain validation).

getExtraCerts

public java.util.Vector getExtraCerts()
Return any extra certificates included for the end-entity's use in certificate chain verification.
Returns:
a vector of X509 certificates.

getProtectionAlgID

public oracle.security.crypto.core.AlgorithmIdentifier getProtectionAlgID()
Return the protection algorithm identifier from the message header, or null if none was set.

computeProtection

public void computeProtection()
                       throws oracle.security.crypto.core.SignatureException
If the message is to be protected using the protection algorithm set in the PKIMessageHeader, this method must be invoked before sending the message.

Note: Any changes to the message header or body will require that the message protection be recomputed. (Adding extra certificates does not modify the protected part of the message.)

Throws:
oracle.security.crypto.core.SignatureException

getProtectionBytes

public byte[] getProtectionBytes()
                          throws oracle.security.crypto.core.SignatureException
Throws:
oracle.security.crypto.core.SignatureException

getProtectedPart

public byte[] getProtectedPart()
Returns the bytes of the PKIMessage elements that are covered by the message protection.
Returns:
The ASN.1 DER-encoded octets of a SEQUENCE of this PKIMessage's PKIHeader and PKIBody.

verifyProtection

public boolean verifyProtection(byte[] password)
                         throws oracle.security.crypto.core.InvalidMACException
Verifies the protection using the given password-based MAC key.
Throws:
oracle.security.crypto.core.InvalidMACException

verifyProtection

public boolean verifyProtection(oracle.security.crypto.core.PublicKey pubKey)
                         throws oracle.security.crypto.core.SignatureException
Verifies the protection using the given public key.
Throws:
oracle.security.crypto.core.SignatureException

toString

public java.lang.String toString()

input

public void input(java.io.InputStream is)
           throws java.io.IOException
Specified by:
input in interface oracle.security.crypto.util.Streamable
Throws:
java.io.IOException

output

public void output(java.io.OutputStream os)
            throws java.io.IOException
Specified by:
output in interface oracle.security.crypto.util.Streamable
Throws:
java.io.IOException

length

public int length()
Specified by:
length in interface oracle.security.crypto.util.Streamable

Overview  Package   Class  Tree  Deprecated  Index  Help 
Oracle Security Developer Tools PKI SDK CMP Java API Reference
10g (10.1.4.0.1)
B28166-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2005 ,2006 , Oracle. All rights reserved.