PKIMessage (Oracle® Fusion Middleware Java API Reference for Oracle Security Developer Tools)

java.lang.Object
- oracle.security.crypto.cmp.PKIMessage

```
public class PKIMessage
extends java.lang.Object
```
Basic message class for the PKI certificate management protocols.
After creating a PKIMessage using one of the constructors, invoke the computeProtection() method if message protection bits are to be used.

See Also:

PKIMessageHeader, PKIMessageBody

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class PKIMessage.Version
CMP message protocol version.

Nested Classes
Modifier and Type	Class and Description
`static class`	`PKIMessage.Version` CMP message protocol version.

Constructor Summary

Constructors
Constructor and Description
`PKIMessage()` Create a new, empty `PKIMessage`.
`PKIMessage(GeneralName sender, GeneralName recipient, PKIMessageBody body)` Create a new `PKIMessage` with the specified sender, recipient and message body, using the default version `PKIMessage.Version.CMP2000`.
`PKIMessage(GeneralName sender, GeneralName recipient, PKIMessageBody body, PKIMessage.Version version)` Create a new `PKIMessage` with the specified sender, recipient, message body and version.
`PKIMessage(java.io.InputStream is)`
`PKIMessage(PKIMessageHeader header, PKIMessageBody body)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`addCertificate(java.security.cert.X509Certificate cert)` Add an extra certificate (to be used, for example, in certificate chain validation).
`void`	`computeProtection()` If the message is to be protected using the protection algorithm set in the `PKIMessageHeader`, this method must be invoked before sending the message.
`PKIMessageBody`	`getBody()` Returns the message body.
`java.util.Vector`	`getExtraCerts()` Return any extra certificates included for the end-entity's use in certificate chain verification.
`PKIMessageHeader`	`getHeader()` Returns the message header.
`byte[]`	`getProtectedPart()` Returns the bytes of the PKIMessage elements that are covered by the message protection.
`AlgorithmIdentifier`	`getProtectionAlgID()` Return the protection algorithm identifier from the message header, or `null` if none was set.
`byte[]`	`getProtectionBytes()`
`PKIMessage.Version`	`getVersion()` Returns the message version from the header.
`void`	`input(java.io.InputStream is)`
`int`	`length()`
`void`	`output(java.io.OutputStream os)`
`java.lang.String`	`toString()`
`boolean`	`verifyProtection(byte[] password)` Verifies the protection using the given password-based MAC key.
`boolean`	`verifyProtection(java.security.PublicKey pubKey)` Verifies the protection using the given public key.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Constructor Detail
  - PKIMessage
```
public PKIMessage()
```
    Create a new, empty PKIMessage. An object thus instantiated is not valid, and is intended primarily for use in conjunction with the input(java.io.InputStream) method.
  - PKIMessage
```
public PKIMessage(GeneralName sender,
                  GeneralName recipient,
                  PKIMessageBody body)
           throws CMPException
```
    Create a new PKIMessage with the specified sender, recipient and message body, using the default version PKIMessage.Version.CMP2000.
    
    Throws:
    
    CMPException
  - PKIMessage
```
public PKIMessage(GeneralName sender,
                  GeneralName recipient,
                  PKIMessageBody body,
                  PKIMessage.Version version)
           throws CMPException
```
    Create a new PKIMessage with the specified sender, recipient, message body and version.
    
    Parameters:
    
    version - The CMP protocol version, either PKIMessage.Version.CMP1999 or PKIMessage.Version.CMP2000.
    
    Throws:
    
    CMPException
  - PKIMessage
```
public PKIMessage(PKIMessageHeader header,
                  PKIMessageBody body)
```
  - PKIMessage
```
public PKIMessage(java.io.InputStream is)
           throws java.io.IOException
```
    Throws:
    
    java.io.IOException
- Method Detail
  - getHeader
```
public PKIMessageHeader getHeader()
```
    Returns the message header.
  - getBody
```
public PKIMessageBody getBody()
```
    Returns the message body.
  - getVersion
```
public PKIMessage.Version getVersion()
```
    Returns the message version from the header.
  - addCertificate
```
public void addCertificate(java.security.cert.X509Certificate cert)
```
    Add an extra certificate (to be used, for example, in certificate chain validation).
    Note the changes in the method signature
    Previously public void addCertificate (X509)
    Now public void addCertificate (X509Certificate )
  - getExtraCerts
```
public java.util.Vector getExtraCerts()
```
    Return any extra certificates included for the end-entity's use in certificate chain verification.
    
    Returns:
    
    a vector of X509 certificates.
  - getProtectionAlgID
```
public AlgorithmIdentifier getProtectionAlgID()
```
    Return the protection algorithm identifier from the message header, or null if none was set.
  - computeProtection
```
public void computeProtection()
                       throws java.security.SignatureException
```
    If the message is to be protected using the protection algorithm set in the PKIMessageHeader, this method must be invoked before sending the message.
    Note: Any changes to the message header or body will require that the message protection be recomputed. (Adding extra certificates does not modify the protected part of the message.)
    
    Throws:
    
    java.security.SignatureException
  - getProtectionBytes
```
public byte[] getProtectionBytes()
                          throws java.security.SignatureException
```
    Throws:
    
    java.security.SignatureException
  - getProtectedPart
```
public byte[] getProtectedPart()
```
    Returns the bytes of the PKIMessage elements that are covered by the message protection.
    
    Returns:
    
    The ASN.1 DER-encoded octets of a SEQUENCE of this PKIMessage's PKIHeader and PKIBody.
  - verifyProtection
```
public boolean verifyProtection(byte[] password)
                         throws InvalidMACException
```
    Verifies the protection using the given password-based MAC key.
    
    Throws:
    
    InvalidMACException
  - verifyProtection
```
public boolean verifyProtection(java.security.PublicKey pubKey)
                         throws java.security.SignatureException
```
    Verifies the protection using the given public key.
    Note the changes in the method signature
    Previously public boolean verifyProtection (oracle.security.crypto.core.PublicKey)
    Now public boolean verifyProtection (java.security.PublicKey )
    
    Throws:
    
    java.security.SignatureException
  - toString
```
public java.lang.String toString()
```
    Overrides:
    
    toString in class java.lang.Object
  - input
```
public void input(java.io.InputStream is)
           throws java.io.IOException
```
    Throws:
    
    java.io.IOException
  - output
```
public void output(java.io.OutputStream os)
            throws java.io.IOException
```
    Throws:
    
    java.io.IOException
  - length
```
public int length()
```

Class PKIMessage

Nested Class Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

PKIMessage

PKIMessage

PKIMessage

PKIMessage

PKIMessage

Method Detail

getHeader

getBody

getVersion

addCertificate

getExtraCerts

getProtectionAlgID

computeProtection

getProtectionBytes

getProtectedPart

verifyProtection

verifyProtection

toString

input

output

length