1/19

Contents

List of Tables

Title and Copyright Information

Preface

• Intended Audience
• Documentation Accessibility
• Related Documents
• Conventions

What's New in Oracle Security Developer Tools?

• New Features in 12c (12.2.1)
• Updates in September 2014 Documentation Refresh for 12c (12.1.3)
• New Features in 12c (12.1.3)

1 Introduction to Oracle Security Developer Tools

• 1.1 About Cryptography
  • 1.1.1 Types of Cryptographic Algorithms
  • 1.1.2 Additional Cryptography Resources
• 1.2 About Public Key Infrastructure (PKI)
  • 1.2.1 Understanding Key Pairs
  • 1.2.2 About the Certificate Authority
  • 1.2.3 What are Digital Certificates?
  • 1.2.4 Related PKI Standards
  • 1.2.5 Benefits of PKI
• 1.3 About Web Services Security
• 1.4 About SAML
  • 1.4.1 Understanding SAML Assertions
  • 1.4.2 Understanding SAML Requests and Responses
• 1.5 About Identity Federation
• 1.6 About Oracle Security Developer Tools
  • 1.6.1 Understanding Toolkit Architecture
  • 1.6.2 Tools for XML, SAML, and Web Services Security Applications
  • 1.6.3 Tools for Public Key Cryptography (PKI) Applications
  • 1.6.4 Tools for E-mail Security Applications
  • 1.6.5 Tools for Low-level Cryptographic Applications
  • 1.6.6 Tools for Web Tokens
• 1.7 About Supported Standards
• 1.8 Setting the CLASSPATH Environment Variable
  • 1.8.1 Setting the CLASSPATH on Windows
  • 1.8.2 Setting the CLASSPATH on UNIX
• 1.9 References for OSDT Standards

2 Oracle Crypto

• 2.1 About Oracle Crypto Features and Benefits
• 2.2 About the Oracle Crypto Packages
• 2.3 Setting Up Your Oracle Crypto Environment
• 2.4 Understanding and Using Core Classes and Interfaces of Oracle Crypto
  • 2.4.1 About Oracle Crypto Key Classes
  • 2.4.2 Using the Oracle Crypto Key Generation Classes
  • 2.4.3 Using Oracle Crypto Cipher Classes
  • 2.4.4 Using the Oracle Crypto Signature Classes
  • 2.4.5 Using Oracle Crypto Message Digest Classes
  • 2.4.6 Using the Oracle Crypto Key Agreement Class
  • 2.4.7 Using Oracle Crypto Pseudo-Random Number Generator Classes
• 2.5 The Oracle Crypto and Crypto FIPS Java API References

3 Oracle Security Engine

• 3.1 Oracle Security Engine Features and Benefits
• 3.2 Setting Up Your Oracle Security Engine Environment
• 3.3 Core Classes and Interfaces of Oracle Security Engine
  • 3.3.1 Using the oracle.security.crypto.cert.X500RDN Class
  • 3.3.2 Using the oracle.security.crypto.cert.X500Name Class
  • 3.3.3 Using the oracle.security.crypto.cert.CertificateRequest Class
  • 3.3.4 Using the java.security.cert.X509Certificate Class
• 3.4 The Oracle Security Engine Java API Reference

4 Oracle CMS

• 4.1 Oracle CMS Features and Benefits
  • 4.1.1 Content Types in Oracle CMS
  • 4.1.2 Differences Between Oracle CMS Implementation and RFCs
• 4.2 Setting Up Your Oracle CMS Environment
• 4.3 Understanding and Developing Applications with Oracle CMS
  • 4.3.1 About Oracle CMS Classes
  • 4.3.2 About CMS Object Types
  • 4.3.3 Constructing CMS Objects using the CMS***ContentInfo Classes
  • 4.3.4 CMS Objects using the CMS***Stream and CMS***Connector Classes
• 4.4 The Oracle CMS Java API Reference

5 Oracle S/MIME

• 5.1 Oracle S/MIME Features and Benefits
• 5.2 Setting Up Your Oracle S/MIME Environment
• 5.3 Developing Applications with Oracle S/MIME
  • 5.3.1 Core Classes and Interfaces of Oracle S/MIME
  • 5.3.2 Supporting Classes and Interfaces
  • 5.3.3 Using the Oracle S/MIME Classes
• 5.4 The Oracle S/MIME Java API Reference

6 Oracle PKI SDK

• 6.1 Oracle PKI CMP SDK
  • 6.1.1 Oracle PKI CMP SDK Features and Benefits
  • 6.1.2 Setting Up Your Oracle PKI CMP SDK Environment
  • 6.1.3 The Oracle PKI CMP SDK Java API Reference
• 6.2 Oracle PKI OCSP SDK
  • 6.2.1 Oracle PKI OCSP SDK Features and Benefits
  • 6.2.2 Setting Up Your Oracle PKI OCSP SDK Environment
  • 6.2.3 The Oracle PKI OCSP SDK Java API Reference
• 6.3 Oracle PKI TSP SDK
  • 6.3.1 Oracle PKI TSP SDK Features and Benefits
  • 6.3.2 Setting Up Your Oracle PKI TSP SDK Environment
  • 6.3.3 The Oracle PKI TSP SDK Java API Reference
• 6.4 Oracle PKI LDAP SDK
  • 6.4.1 Oracle PKI LDAP SDK Features and Benefits
  • 6.4.2 Setting Up Your Oracle PKI LDAP SDK Environment
  • 6.4.3 The Oracle PKI LDAP SDK Java API Reference

7 Oracle XML Security

• 7.1 Oracle XML Security Features and Benefits
• 7.2 Setting Up Your Oracle XML Security Environment
• 7.3 Signing Data with Oracle XML Security
  • 7.3.1 Identifying What to Sign
  • 7.3.2 Deciding on a Signing Key
• 7.4 Verifying XML Data
• 7.5 Understanding how Data is Encrypted
  • 7.5.1 Identifying what to Encrypt
  • 7.5.2 Decide on the Encryption Key
• 7.6 Understanding Data Decryption with Oracle XML Security
• 7.7 Understanding and Using Element Wrappers in the OSDT XML APIs
  • 7.7.1 Constructing the Wrapper Object
  • 7.7.2 Obtaining the DOM Element from the Wrapper Object
  • 7.7.3 Parsing Complex Elements
  • 7.7.4 Constructing Complex Elements
• 7.8 Signing Data with the Oracle XML Security API
  • 7.8.1 Creating a Detached Signature, Basic Procedure
  • 7.8.2 Using Variations on the Basic Signing Procedure
• 7.9 Verifying Signatures with the Oracle XML Security API
  • 7.9.1 Checking What is Signed, Basic Procedure
  • 7.9.2 Setting Up Callbacks
  • 7.9.3 Writing a Custom Key Retriever
  • 7.9.4 Checking What is Signed
  • 7.9.5 Verifying the Signature
• 7.10 Encrypting Data with the Oracle XML Security API
  • 7.10.1 Encrypting with a Shared Symmetric Key
  • 7.10.2 Encrypting with a Random Symmetric Key
• 7.11 Decrypting Data with the Oracle XML Security API
  • 7.11.1 Decrypting with a Shared Symmetric Key
  • 7.11.2 Decrypting with a Random Symmetric Key
• 7.12 About Supporting Classes and Interfaces
  • 7.12.1 About the oracle.security.xmlsec.util.XMLURI Interface
  • 7.12.2 About the oracle.security.xmlsec.util.XMLUtils class
• 7.13 Common XML Security Questions
• 7.14 Best Practices for Oracle XML Security
• 7.15 The Oracle XML Security Java API Reference

8 Oracle SAML

• 8.1 Oracle SAML Features and Benefits
• 8.2 Oracle SAML 1.0/1.1
  • 8.2.1 Oracle SAML 1.0/1.1 Packages
  • 8.2.2 Setting Up Your Oracle SAML 1.0/1.1 Environment
  • 8.2.3 Classes and Interfaces of Oracle SAML 1.x
  • 8.2.4 The Oracle SAML 1.0/1.1 Java API Reference
• 8.3 Oracle SAML 2.0
  • 8.3.1 Oracle SAML 2.0 Packages
  • 8.3.2 Setting Up Your Oracle SAML 2.0 Environment
  • 8.3.3 Classes and Interfaces of Oracle SAML 2.0
  • 8.3.4 The Oracle SAML 2.0 Java API Reference

9 Oracle Web Services Security

• 9.1 Setting Up Your Oracle Web Services Security Environment
• 9.2 Classes and Interfaces of Oracle Web Services Security
  • 9.2.1 Element Wrappers in Oracle Web Services Security
  • 9.2.2 The <wsse:Security> header
  • 9.2.3 Security Tokens (ST) in Oracle Web Services Security
  • 9.2.4 Security Token References (STR)
  • 9.2.5 Signing and Verifying
  • 9.2.6 Encrypting and Decrypting
• 9.3 Additional Resources for Web Services Security
• 9.4 The Oracle Web Services Security Java API Reference

10 Oracle Liberty SDK

• 10.1 Oracle Liberty SDK Features and Benefits
• 10.2 Oracle Liberty 1.1
  • 10.2.1 Setting Up Your Oracle Liberty 1.1 Environment
  • 10.2.2 Overview of Oracle Liberty 1.1 Classes and Interfaces
  • 10.2.3 The Oracle Liberty 1.1 API Reference
• 10.3 Oracle Liberty 1.2
  • 10.3.1 Setting Up Your Oracle Liberty 1.2 Environment
  • 10.3.2 Overview of Oracle Liberty 1.2 Classes and Interfaces
  • 10.3.3 The Oracle Liberty SDK 1.2 API Reference

11 Oracle XKMS

• 11.1 Understanding Oracle XKMS Features and Benefits
• 11.2 Setting Up Your Oracle XKMS Environment
• 11.3 Core Classes and Interfaces
  • 11.3.1 oracle.security.xmlsec.xkms.xkiss.LocateRequest
  • 11.3.2 Using the oracle.security.xmlsec.xkms.xkiss.LocateResult Class
  • 11.3.3 Using the oracle.security.xmlsec.xkms.xkiss.ValidateRequest Class
  • 11.3.4 Using the oracle.security.xmlsec.xkms.xkiss.ValidateResult Class
  • 11.3.5 Using the oracle.security.xmlsec.xkms.xkrss.RecoverRequest Class
  • 11.3.6 Using the oracle.security.xmlsec.xkms.xkrss.RecoverResult Class
• 11.4 The Oracle XKMS Java API Reference

12 Oracle JSON Web Token

• 12.1 Oracle JSON Web Token Features and Benefits
  • 12.1.1 About JSON Web Token
  • 12.1.2 Oracle JSON Web Token Features
• 12.2 Setting Up Your Oracle JSON Web Token Environment
• 12.3 Using Core Classes and Interfaces
• 12.4 Examples of Oracle JSON Web Token Usage
  • 12.4.1 Creating the JWT Token
  • 12.4.2 Signing the JWT Token
  • 12.4.3 Verifying the JWT Token
  • 12.4.4 Serializing the JWT Token without Signing
• 12.5 The Oracle JSON Web Token Java API Reference

A Migrating to the JCE Framework

• A.1 About The JCE Framework
• A.2 Understanding JCE Keys
• A.3 Converting Between OSDT Key Objects and JCE Key Objects
  • A.3.1 Converting a Private Key from OSDT to JCE Object
  • A.3.2 Converting a Private Key from JCE Object to OSDT Object
• A.4 Working with JCE Certificates
• A.5 Working with JCE Certificate Revocation Lists (CRLs)
• A.6 Using JCE Keystores
  • A.6.1 Working with standard KeyStore-type Wallets
  • A.6.2 Working with PKCS12 and PKCS8 Wallets
• A.7 The Oracle JCE Java API Reference

B References