public class OKVService
extends java.lang.Object
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
CLASS_NAME |
static java.lang.String |
DEMO_PROGRAM_STMT
Statement for Oracle Key Vault demo programs
|
static java.lang.String |
DEMO_PROGRAM_STMT_FOR_OBJECT
Statement for Oracle Key Vault demo programs created objects
|
static java.util.logging.Logger |
logger |
static java.lang.String |
OKV_JSDK_VERSION
Oracle Key Vault Java SDK Version
|
Modifier and Type | Method and Description |
---|---|
<TResponse> |
createOKVTransporter(oracle.okv.operation.OKVOperation<TResponse> inKMIPOperation)
Creates an OKVTransporter object, which is used to send and receive KMIP
operation messages.
|
oracle.okv.service.OKVEnv |
getOKVEnv()
Returns a OKVConnection object to the client.
|
OKVUidResponse |
okvActivate(java.lang.String uid)
API to perform the KMIP Activate operation on a KMIP object.
|
OKVUidResponse |
okvAddAttribute(java.lang.String uid,
OKVTTLV attr)
API to perform the KMIP Add attribute operation on a KMIP object.
|
OKVBatchResponse |
okvBatchExecute(OKVBatchOperation batchRequest)
API to execute the batched KMIP functions in the same order as set in
the OKVBatchOperation instance.
|
void |
okvConnect()
API to begin the session by creating a SSL connection
to the Oracle Key Vault server.
|
OKVUidResponse |
okvCreateKey(OKVTagEnum algorithm,
int keyLength,
int usageMask,
OKVTTLV attributeList,
java.lang.String walletName)
API to perform the KMIP Create operation for the KMIP symmetric
key object.
|
OKVKeyPairUidResponse |
okvCreateKeyPair(OKVTagEnum algorithm,
int keyLength,
int privateKeyUsageMask,
int publicKeyUsageMask,
OKVTTLV commonAttributeList,
OKVTTLV privateKeyAttributeList,
OKVTTLV publicKeyAttributeList,
java.lang.String walletName)
API to perform the KMIP Create Key Pair operation for creating a pair of
public and private key objects.
|
OKVDecryptResponse |
okvDecrypt(java.lang.String uid,
byte[] data,
OKVCryptoContext cryptoContext)
API to perform the decryption operation on the provided data using
KMIP object.
|
OKVResponse |
okvDeleteAttribute(java.lang.String uid,
java.lang.String attrName,
int attrIndex)
API to perform the KMIP Delete attribute operation on a KMIP object.
|
OKVResponse |
okvDestroy(java.lang.String uid)
API to perform the KMIP Destroy operation on a KMIP object.
|
void |
okvDisconnect()
API to end the Oracle Key Vault server session and disconnect the SSL
connection between the endpoint program and the Oracle Key Vault
server.
|
OKVEncryptResponse |
okvEncrypt(java.lang.String uid,
byte[] data,
OKVCryptoContext cryptoContext)
API to perform the encryption operation on the provided data using
KMIP object.
|
static OKVService |
okvEnvSetConfig()
API to create an OKVService instance and set the connection
with default configuration.
|
static OKVService |
okvEnvSetConfig(char[] password)
API to create a OKVService instance and set the default
connection configuration and specify the password for the SSL connection
wallet.
|
static OKVService |
okvEnvSetConfig(java.lang.String connConfigFile)
API to create a OKVService instance and specify connection
configuration file.
|
static OKVService |
okvEnvSetConfig(java.lang.String connConfigFile,
char[] password)
API to create a OKVService instance and specify connection
configuration file and the password for the SSL connection wallet.
|
OKVAttrListResponse |
okvGetAttributeList(java.lang.String uid)
API to perform the KMIP Get attribute list operation.
|
OKVAttrsResponse |
okvGetAttributes(java.lang.String uid,
java.util.List<java.lang.String> attrList)
API to perform the KMIP get attribute operation on a KMIP object.
|
OKVCertificateResponse |
okvGetCertificate(java.lang.String uid)
API to do the KMIP Get operation for the KMIP certificate object.
|
OKVCertificateRequestResponse |
okvGetCertificateRequest(java.lang.String uid)
API to do the KMIP Get operation for the certificate request object.
|
OKVKeyResponse |
okvGetKey(java.lang.String uid)
API to perform the KMIP Get operation for the KMIP symmetric
key object.
|
OKVOpaqueDataResponse |
okvGetOpaqueData(java.lang.String uid)
API to perform the KMIP Get operation for the KMIP opaque data object.
|
OKVPrivateKeyResponse |
okvGetPrivateKey(java.lang.String uid)
API to perform the KMIP Get operation for the KMIP private
key object.
|
OKVPublicKeyResponse |
okvGetPublicKey(java.lang.String uid)
API to perform the KMIP Get operation for the KMIP public
key object.
|
OKVSecretDataResponse |
okvGetSecretData(java.lang.String uid)
API to perform the the KMIP Get operation for the KMIP secret
data object.
|
OKVAttrsResponse |
okvGetTemplate(java.lang.String uid)
API to perform the KMIP Get operation for the KMIP template object.
|
OKVUidListResponse |
okvLocate(java.lang.Integer maxItems,
java.lang.Integer storageStatusMask,
OKVTagEnum objectGroupMember,
OKVTTLV attributeList)
API to find a KMIP object through the KMIP Locate operation.
|
OKVResponse |
okvModifyAttribute(java.lang.String uid,
OKVTTLV attr)
API to perform the KMIP Modify attribute operation on a KMIP object.
|
<TResponse> |
okvOpsExecuteOp(oracle.okv.operation.OKVOperation<TResponse> inKMIPOperation)
Executes the operation passed in OKVOperation.
|
OKVQueryResponse |
okvQueryCapability(java.util.List<OKVTagEnum> queryFuncs)
API to perform the the KMIP query operation.
|
OKVUidResponse |
okvRegCertificate(OKVTagEnum certificateType,
OKVTag certificateSubType,
byte[] certificateValue,
int usageMask,
OKVTTLV attributeList,
java.lang.String privateKeyUID,
java.lang.String walletName)
API to do the KMIP Register operation for the KMIP certificate object.
|
OKVUidResponse |
okvRegCertificateRequest(OKVTagEnum certificateRequestType,
byte[] certificateRequestValue,
OKVTTLV attributeList,
java.lang.String privateKeyUID,
java.lang.String walletName)
API to do the KMIP Register operation for the KMIP certificate request
object.
|
OKVUidResponse |
okvRegKey(byte[] keyValue,
OKVTagEnum algorithm,
int keyLength,
int usageMask,
OKVTTLV attributeList,
java.lang.String walletName)
API to perform the KMIP Register operation for the KMIP
symmetric key object.
|
OKVUidResponse |
okvRegOpaqueData(OKVTagEnum opaqueType,
byte[] opaqueValue,
OKVTTLV attributeList,
java.lang.String walletName)
API to perform the KMIP Register operation for the KMIP
opaque data object.
|
OKVUidResponse |
okvRegPrivateKey(byte[] privateKeyValue,
OKVTagEnum algorithm,
int privateKeyLength,
int usageMask,
OKVTTLV attributeList,
java.lang.String walletName)
API to perform the KMIP Register operation for the KMIP
private key object.
|
OKVUidResponse |
okvRegPublicKey(byte[] publicKeyValue,
OKVTagEnum algorithm,
int publicKeyLength,
int usageMask,
OKVTTLV attributeList,
java.lang.String privateKeyUID,
java.lang.String walletName)
API to perform the KMIP Register operation for the KMIP
public key object.
|
OKVUidResponse |
okvRegSecretData(OKVTagEnum secretDataType,
byte[] secretDataValue,
int usageMask,
OKVTTLV attributeList,
java.lang.String walletName)
API to perform the KMIP Register operation for the
KMIP secret data object.
|
OKVUidResponse |
okvRegTemplate(OKVTTLV attributeList,
java.lang.String walletName)
API to perform the KMIP Register operation for the KMIP
template object.
|
OKVUidResponse |
okvRekey(java.lang.String uid,
java.lang.Integer offset,
OKVTTLV attributeList)
API to perform the KMIP Rekey operation for the
symmetric key object.
|
OKVResponse |
okvRevoke(java.lang.String uid,
OKVTagEnum reasonCode,
java.lang.String reasonMessage,
java.util.Date compromiseOccurrenceDate)
API to perform the KMIP Revoke operation on a KMIP object.
|
OKVSignResponse |
okvSign(java.lang.String uid,
byte[] data,
DataType dataType,
OKVCryptoContext cryptoContext)
API to perform the signing operation on the provided data using
KMIP object.
|
OKVSignVerifyResponse |
okvSignVerify(java.lang.String uid,
byte[] data,
DataType dataType,
byte[] signatureData,
OKVCryptoContext cryptoContext)
API to perform the signature verify operation on the provided data using
KMIP object.
|
public static final java.lang.String CLASS_NAME
public static final java.util.logging.Logger logger
public static final java.lang.String OKV_JSDK_VERSION
public static final java.lang.String DEMO_PROGRAM_STMT
public static final java.lang.String DEMO_PROGRAM_STMT_FOR_OBJECT
public static final OKVService okvEnvSetConfig() throws OKVException
OKVException
public static final OKVService okvEnvSetConfig(char[] password) throws OKVException
password
- Password for the SSL connection walletOKVException
public static final OKVService okvEnvSetConfig(java.lang.String connConfigFile) throws OKVException
connConfigFile
- Absolute/Relative path of Oracle Key Vault
connection configuration fileOKVException
public static final OKVService okvEnvSetConfig(java.lang.String connConfigFile, char[] password) throws OKVException
connConfigFile
- Absolute/Relative path of Oracle Key Vault
connection configuration filepassword
- Password of the SSL connection walletOKVException
public OKVUidResponse okvActivate(java.lang.String uid) throws OKVException
uid
- Unique identifierOKVException
public OKVUidResponse okvAddAttribute(java.lang.String uid, OKVTTLV attr) throws OKVException
uid
- Unique Identifierattr
- Attribute to be addedOKVException
public void okvDisconnect() throws OKVConnectionException
OKVConnectionException
public OKVUidResponse okvCreateKey(OKVTagEnum algorithm, int keyLength, int usageMask, OKVTTLV attributeList, java.lang.String walletName) throws OKVException
algorithm
- symmetric key algorithmkeyLength
- key length of the symmetric keyusageMask
- cryptographic mask usage of the symmetric keyattributeList
- template names or attributes that will form the
Template-AttributewalletName
- wallet membership of the keyOKVException
public OKVKeyPairUidResponse okvCreateKeyPair(OKVTagEnum algorithm, int keyLength, int privateKeyUsageMask, int publicKeyUsageMask, OKVTTLV commonAttributeList, OKVTTLV privateKeyAttributeList, OKVTTLV publicKeyAttributeList, java.lang.String walletName) throws OKVException
algorithm
- asymmetric key algorithmkeyLength
- key length of the asymmetric key algorithmprivateKeyUsageMask
- cryptographic mask usage of the private keypublicKeyUsageMask
- cryptographic mask usage of the public keycommonAttributeList
- template names or attributes that are common
to both public and private keys and will form the
common template-attributeprivateKeyAttributeList
- template names or attributes of private
key and will form the private key template-attributepublicKeyAttributeList
- template names or attributes of public
key that will form the public key template-attributewalletName
- wallet membership of the keysOKVException
public <TResponse> OKVTransporter<TResponse> createOKVTransporter(oracle.okv.operation.OKVOperation<TResponse> inKMIPOperation)
TResponse
- the type of response object returned to the clientinKMIPOperation
- the OKVOperation object, which composes and
decomposes operation messages between the endpoint and the
serverpublic OKVResponse okvDeleteAttribute(java.lang.String uid, java.lang.String attrName, int attrIndex) throws OKVException
uid
- unique identifierattrName
- name of the attribute to be deletedattrIndex
- index of the attribute to be deletedOKVException
public OKVResponse okvDestroy(java.lang.String uid) throws OKVException
uid
- unique identifierOKVException
public OKVBatchResponse okvBatchExecute(OKVBatchOperation batchRequest) throws OKVException
batchRequest
- OKVBatchOperation containing the list of batch
operationsOKVException
public <TResponse> TResponse okvOpsExecuteOp(oracle.okv.operation.OKVOperation<TResponse> inKMIPOperation) throws OKVException
TResponse
- the type of response object returned to the clientinKMIPOperation
- the OKVOperation object, which composes and
decomposes operation messages between the endpoint and the
serverOKVException
public OKVAttrsResponse okvGetAttributes(java.lang.String uid, java.util.List<java.lang.String> attrList) throws OKVException
uid
- unique identifierattrList
- Names of the attributes to be retrievedOKVException
public OKVAttrListResponse okvGetAttributeList(java.lang.String uid) throws OKVException
uid
- unique identifierOKVException
public OKVCertificateResponse okvGetCertificate(java.lang.String uid) throws OKVException
uid
- unique identifierOKVException
public OKVCertificateRequestResponse okvGetCertificateRequest(java.lang.String uid) throws OKVException
uid
- unique identifierOKVException
public oracle.okv.service.OKVEnv getOKVEnv()
public OKVKeyResponse okvGetKey(java.lang.String uid) throws OKVException
uid
- unique identifierOKVException
public OKVPrivateKeyResponse okvGetPrivateKey(java.lang.String uid) throws OKVException
uid
- unique identifierOKVException
public OKVPublicKeyResponse okvGetPublicKey(java.lang.String uid) throws OKVException
uid
- unique identifierOKVException
public OKVOpaqueDataResponse okvGetOpaqueData(java.lang.String uid) throws OKVException
uid
- unique identifierOKVException
public OKVSecretDataResponse okvGetSecretData(java.lang.String uid) throws OKVException
uid
- unique identifierOKVException
public OKVAttrsResponse okvGetTemplate(java.lang.String uid) throws OKVException
uid
- unique identifierOKVException
public OKVUidListResponse okvLocate(java.lang.Integer maxItems, java.lang.Integer storageStatusMask, OKVTagEnum objectGroupMember, OKVTTLV attributeList) throws OKVException
maxItems
- maximum number of unique identifiers expectedstorageStatusMask
- look for archived or online objectsobjectGroupMember
- object group member typeattributeList
- template attributes that define the locate searchOKVException
public OKVResponse okvModifyAttribute(java.lang.String uid, OKVTTLV attr) throws OKVException
uid
- unique identifierattr
- Attribute to be modifiedOKVException
public void okvConnect() throws OKVConnectionException
OKVConnectionException
public OKVQueryResponse okvQueryCapability(java.util.List<OKVTagEnum> queryFuncs) throws OKVException
queryFuncs
- KMIP query functions requestedOKVException
public OKVUidResponse okvRegKey(byte[] keyValue, OKVTagEnum algorithm, int keyLength, int usageMask, OKVTTLV attributeList, java.lang.String walletName) throws OKVException
keyValue
- symmetric Keyalgorithm
- symmetric key algorithmkeyLength
- key length of the symmetric keyusageMask
- cryptographic mask usage of the symmetric keyattributeList
- template names or attributes that will form the
Template-AttributewalletName
- wallet membership of the keyOKVException
public OKVUidResponse okvRegPrivateKey(byte[] privateKeyValue, OKVTagEnum algorithm, int privateKeyLength, int usageMask, OKVTTLV attributeList, java.lang.String walletName) throws OKVException
privateKeyValue
- private key being registeredalgorithm
- private key algorithmprivateKeyLength
- key length of the private keyusageMask
- cryptographic mask usage of the private keyattributeList
- template names or attributes that will form the
Template-AttributewalletName
- wallet membership of the private keyOKVException
public OKVUidResponse okvRegPublicKey(byte[] publicKeyValue, OKVTagEnum algorithm, int publicKeyLength, int usageMask, OKVTTLV attributeList, java.lang.String privateKeyUID, java.lang.String walletName) throws OKVException
publicKeyValue
- public key being registeredalgorithm
- public key algorithmpublicKeyLength
- key length of the public keyusageMask
- cryptographic mask usage of the public keyattributeList
- template names or attributes that will form the
Template-AttributeprivateKeyUID
- UID of the private key associated with
the public keywalletName
- wallet membership of the public keyOKVException
public OKVUidResponse okvRegCertificate(OKVTagEnum certificateType, OKVTag certificateSubType, byte[] certificateValue, int usageMask, OKVTTLV attributeList, java.lang.String privateKeyUID, java.lang.String walletName) throws OKVException
certificateType
- type of certificate being registeredcertificateSubType
- sub type of the certificate being registered
OKVTag.OKV_CERT_SUBTYPE_USER_CERT represents User Certificate
OKVTag.OKV_CERT_SUBTYPE_TRUSTPOINT represents TrustpointcertificateValue
- certificate being registeredusageMask
- cryptographic mask usage of the certificateattributeList
- template names or attributes that will form the
Template-AttributeprivateKeyUID
- UID of the private key associated with certificatewalletName
- wallet membership of certificateOKVException
public OKVUidResponse okvRegCertificateRequest(OKVTagEnum certificateRequestType, byte[] certificateRequestValue, OKVTTLV attributeList, java.lang.String privateKeyUID, java.lang.String walletName) throws OKVException
certificateRequestType
- type of certificate request being
registered.certificateRequestValue
- certificate request being registeredattributeList
- template names or attributes that will form the
Template-AttributeprivateKeyUID
- UID of the private key associated with
certificate requestwalletName
- wallet membership of certificate requestOKVException
public OKVUidResponse okvRegSecretData(OKVTagEnum secretDataType, byte[] secretDataValue, int usageMask, OKVTTLV attributeList, java.lang.String walletName) throws OKVException
secretDataType
- type of secret data being registeredsecretDataValue
- secret data being registeredusageMask
- cryptographic mask usage of the secret dataattributeList
- template names or attributes that will form the
Template-AttributewalletName
- wallet membership of secret dataOKVException
public OKVUidResponse okvRegOpaqueData(OKVTagEnum opaqueType, byte[] opaqueValue, OKVTTLV attributeList, java.lang.String walletName) throws OKVException
opaqueType
- type of opaque object being registeredopaqueValue
- opaque object being registeredattributeList
- template names or attributes that will form the
Template-AttributewalletName
- wallet membership of opaque dataOKVException
public OKVUidResponse okvRegTemplate(OKVTTLV attributeList, java.lang.String walletName) throws OKVException
attributeList
- attributes of the templatewalletName
- wallet membership of the templateOKVException
public OKVUidResponse okvRekey(java.lang.String uid, java.lang.Integer offset, OKVTTLV attributeList) throws OKVException
uid
- unique identifieroffset
- time interval indicating the difference between the
Initialization Date and the Activation Date of the replacement
key to be createdattributeList
- template names or attributes that will form the
Template-AttributeOKVException
public OKVResponse okvRevoke(java.lang.String uid, OKVTagEnum reasonCode, java.lang.String reasonMessage, java.util.Date compromiseOccurrenceDate) throws OKVException
uid
- unique identifierreasonCode
- revocation reason for revoking the KMIP objectreasonMessage
- revocation message for revoking the KMIP objectcompromiseOccurrenceDate
- Date when the KMIP object compromise
occurredOKVException
public OKVEncryptResponse okvEncrypt(java.lang.String uid, byte[] data, OKVCryptoContext cryptoContext) throws OKVException
uid
- unique identifierdata
- data to be encryptedcryptoContext
- crypto context containing required parameters for
encryption like cryptographic parameters, IVOKVException
public OKVDecryptResponse okvDecrypt(java.lang.String uid, byte[] data, OKVCryptoContext cryptoContext) throws OKVException
uid
- unique identifierdata
- data to be decryptedcryptoContext
- crypto context containing required parameters for
decryption like cryptographic parameters, IVOKVException
public OKVSignResponse okvSign(java.lang.String uid, byte[] data, DataType dataType, OKVCryptoContext cryptoContext) throws OKVException
uid
- Unique Identifier of the key to be used for
signature operationdata
- data or digested data to be signeddataType
- Denotes the data type of the data argument
("RAW" or "DIGEST")cryptoContext
- cryptographic parametersOKVException
public OKVSignVerifyResponse okvSignVerify(java.lang.String uid, byte[] data, DataType dataType, byte[] signatureData, OKVCryptoContext cryptoContext) throws OKVException
uid
- Unique Identifier of the key to be used for the
signature verify operationdata
- Data or digested data passed to the signing operation (for
those algorithms which need the original data to
verify a signature)dataType
- Denotes the data type of the data argument
("RAW" or "DIGEST")signatureData
- Signature to be verifiedcryptoContext
- Cryptographic parametersOKVException