Go to main content
1/21
Contents
List of Examples
List of Figures
List of Tables
Title and Copyright Information
Preface
Intended Audience
Documentation Accessibility
Related Documents
Conventions
What's New in Oracle Security Developer Tools?
New Features in 11g Release 1 (11.1.1.9.)
New Features in 11g Release 1 (11.1.1.7.0)
New Features in 11g Release 1 (11.1.1.6.0)
New Features for Release 11
g
(11.1.1)
Oracle SAML Changes
1
Introduction to Oracle Security Developer Tools
1.1
About Cryptography
1.1.1
Types of Cryptographic Algorithms
1.1.1.1
Symmetric Cryptographic Algorithms
1.1.1.2
Asymmetric Cryptographic Algorithms
1.1.1.3
Hash Functions
1.2
About Public Key Infrastructure (PKI)
1.2.1
Key Pairs
1.2.2
Certificate Authority
1.2.3
Digital Certificates
1.2.4
Related PKI Standards
1.2.5
Benefits of PKI
1.3
About Web Services Security
1.4
About the SAML Format
1.4.1
SAML Assertions
1.4.2
SAML Requests and Responses
1.4.2.1
SAML Request and Response Cycle
1.4.2.2
SAML Protocol Bindings and Profiles
1.4.2.3
SAML and XML Security
1.5
About Identity Federation
1.6
Overview of Oracle Security Developer Tools
1.6.1
Toolkit Architecture
1.6.2
Supported Standards
1.6.3
Oracle Crypto
1.6.4
Oracle Security Engine
1.6.5
Oracle CMS
1.6.6
Oracle S/MIME
1.6.7
Oracle PKI SDK
1.6.7.1
Oracle PKI LDAP SDK
1.6.7.2
Oracle PKI TSP SDK
1.6.7.3
Oracle PKI OCSP SDK
1.6.7.4
Oracle PKI CMP SDK
1.6.8
Oracle XML Security
1.6.9
Oracle SAML
1.6.10
Oracle Web Services Security
1.6.11
Oracle Liberty SDK
1.6.12
Oracle XKMS
1.6.13
Oracle JWT
1.7
References
2
Migrating to the JCE Framework
2.1
About The JCE Framework
2.2
Working with JCE Keys
2.2.1
Converting an Existing Key Object to a JCE Key Object
2.3
Working with JCE Certificates
2.3.1
Switching to a JCE Certificate
2.4
Creating JCE Certificate Revocation Lists (CRLs)
2.5
Working with JCE Keystores
2.5.1
Working with standard KeyStore-type Wallets
2.5.2
Working with PKCS12 and PKCS8 Wallets
2.6
The Oracle JCE Provider Java API Reference
3
Oracle Crypto
3.1
Oracle Crypto Features and Benefits
3.1.1
Oracle Crypto Packages
3.2
Setting Up Your Oracle Crypto Environment
3.2.1
System Requirements for Oracle Crypto
3.2.2
Setting the CLASSPATH Environment Variable
3.2.2.1
Setting the CLASSPATH on Windows
3.2.2.2
Setting the CLASSPATH on UNIX
3.3
Core Classes and Interfaces
3.3.1
About Key Classes and Interfaces
3.3.1.1
About the oracle.security.crypto.core.Key Interface
3.3.1.2
About the oracle.security.crypto.core.PrivateKey Interface
3.3.1.3
About the oracle.security.crypto.core.PublicKey Interface
3.3.1.4
About the oracle.security.crypto.core.SymmetricKey Class
3.3.2
Generating Keys and Key Pairs
3.3.2.1
Using the oracle.security.crypto.core.KeyPairGenerator Class
3.3.2.2
Using the oracle.security.crypto.core.SymmetricKeyGenerator Class
3.3.3
Working with Ciphers
3.3.3.1
Using Symmetric Ciphers
3.3.3.2
Using the RSA Cipher
3.3.3.3
Using Password-based Encryption
3.3.4
Using Signature Algorithms
3.3.5
Working with Message Digests
3.3.5.1
Using the oracle.security.crypto.core.MessageDigest Class
3.3.5.2
Using the oracle.security.crypto.core.MAC Class
3.3.6
Working with Key Agreement Schemes
3.3.7
Using Pseudo-Random Number Generators
3.3.7.1
Using the oracle.security.crypto.core.RandomBitsSource class
3.3.7.2
Using the oracle.security.crypto.core.EntropySource class
3.4
The Oracle Crypto and Crypto FIPS Java API References
4
Oracle Security Engine
4.1
Oracle Security Engine Features and Benefits
4.1.1
About Oracle Security Engine Packages
4.2
Setting Up Your Oracle Security Engine Environment
4.2.1
System Requirements for Oracle Security Engine
4.2.2
Setting the CLASSPATH Environment Variable
4.2.2.1
Setting the CLASSPATH on Windows
4.2.2.2
Setting the CLASSPATH on UNIX
4.3
Using Core Classes and Interfaces
4.3.1
Using the oracle.security.crypto.cert.X500RDN Class
4.3.2
Using the oracle.security.crypto.cert.X500Name Class
4.3.3
Using the oracle.security.crypto.cert.CertificateRequest Class
4.3.4
Using the java.security.cert.X509Certificate Class
4.4
The Oracle Security Engine Java API Reference
5
Oracle CMS
5.1
Oracle CMS Features and Benefits
5.1.1
Content Types
5.1.2
Understanding Differences Between Oracle CMS Implementation and RFCs
5.2
Setting Up Your Oracle CMS Environment
5.2.1
Understanding System Requirements
5.2.2
Setting the CLASSPATH Environment Variable
5.2.2.1
Setting the CLASSPATH on Windows
5.2.2.2
Setting the CLASSPATH on UNIX
5.3
Developing Applications with Oracle CMS
5.3.1
About CMS Object Types
5.3.2
Constructing CMS Objects using the CMS***ContentInfo Classes
5.3.2.1
Using the Abstract Base Class CMSContentInfo
5.3.2.2
Using the CMSDataContentInfo Class
5.3.2.3
Using the ESSReceipt Class
5.3.2.4
Using the CMSDigestedDataContentInfo Class
5.3.2.5
Using the CMSSignedDataContentInfo Class
5.3.2.6
Using the CMSEncryptedDataContentInfo Class
5.3.2.7
Using the CMSEnvelopedDataContentInfo Class
5.3.2.8
Using the CMSAuthenticatedDataContentInfo Class
5.3.2.9
Working with Wrapped (Triple or more) CMSContentInfo Objects
5.3.3
Constructing CMS Objects using the CMS***Stream and CMS***Connector Classes
5.3.3.1
Understand Limitations of the CMS***Stream and CMS***Connector Classes
5.3.3.2
Understand Difference between CMS***Stream and CMS***Connector Classes
5.3.3.3
Using the CMS***OutputStream and CMS***InputStream Classes
5.3.3.4
Wrapping (Triple or more) CMS***Connector Objects
5.4
The Oracle CMS Java API Reference
6
Oracle S/MIME
6.1
Oracle S/MIME Features and Benefits
6.2
Setting Up Your Oracle S/MIME Environment
6.2.1
Understanding System Requirements for Oracle S/MIME
6.2.2
Setting the CLASSPATH Environment Variable
6.2.2.1
Setting the CLASSPATH on Windows
6.2.2.2
Setting the CLASSPATH on UNIX
6.3
Developing Applications with Oracle S/MIME
6.3.1
Using the Core Classes and Interfaces
6.3.1.1
Using the oracle.security.crypto.smime.SmimeObject Interface
6.3.1.2
Using the oracle.security.crypto.smime.SmimeSignedObject Interface
6.3.1.3
Using the oracle.security.crypto.smime.SmimeSigned Class
6.3.1.4
Using the oracle.security.crypto.smime.SmimeEnveloped Class
6.3.1.5
Using the oracle.security.crypto.smime.SmimeMultipartSigned Class
6.3.1.6
Using the oracle.security.crypto.smime.SmimeSignedReceipt Class
6.3.1.7
Using the oracle.security.crypto.smime.SmimeCompressed Class
6.3.2
Supporting Classes and Interfaces
6.3.2.1
Using the oracle.security.crypto.smime.Smime Interface
6.3.2.2
Using the oracle.security.crypto.smime.SmimeUtils Class
6.3.2.3
Using the oracle.security.crypto.smime.MailTrustPolicy Class
6.3.2.4
Using the oracle.security.crypto.smime.SmimeCapabilities Class
6.3.2.5
Using the oracle.security.crypto.smime.SmimeDataContentHandler Class
6.3.2.6
Using the oracle.security.crypto.smime.ess Package
6.3.3
Using the Oracle S/MIME Classes
6.3.3.1
Using the Abstract Class SmimeObject
6.3.3.2
Signing Messages
6.3.3.3
Creating "Multipart/Signed" Entities
6.3.3.4
Creating Digital Envelopes
6.3.3.5
Creating "Certificates-Only" Messages
6.3.3.6
Reading Messages
6.3.3.7
Authenticating Signed Messages
6.3.3.8
Opening Digital Envelopes (Encrypted Messages)
6.3.3.9
Adding Enhanced Security Services (ESS)
6.3.3.10
Processing Enhanced Security Services (ESS)
6.4
The Oracle S/MIME Java API Reference
7
Oracle PKI SDK
7.1
Oracle PKI CMP SDK
7.1.1
Oracle PKI CMP SDK Features and Benefits
7.1.1.1
About Oracle PKI CMP SDK Packages
7.1.2
Setting Up Your Oracle PKI CMP SDK Environment
7.1.2.1
Understanding System Requirements for Oracle PKI CMP SDK
7.1.2.2
Setting the CLASSPATH Environment Variable
7.1.3
The Oracle PKI CMP SDK Java API Reference
7.2
Oracle PKI OCSP SDK
7.2.1
Oracle PKI OCSP SDK Features and Benefits
7.2.2
Setting Up Your Oracle PKI OCSP SDK Environment
7.2.2.1
Understanding System Requirements for Oracle PKI OCSP SDK
7.2.2.2
Setting the CLASSPATH Environment Variable
7.2.3
The Oracle PKI OCSP SDK Java API Reference
7.3
Oracle PKI TSP SDK
7.3.1
Oracle PKI TSP SDK Features and Benefits
7.3.1.1
About Oracle PKI TSP SDK Classes and Interfaces
7.3.2
Setting Up Your Oracle PKI TSP SDK Environment
7.3.2.1
Understanding System Requirements for Oracle PKI TSP SDK
7.3.2.2
Setting the CLASSPATH Environment Variable
7.3.3
The Oracle PKI TSP SDK Java API Reference
7.4
Oracle PKI LDAP SDK
7.4.1
Oracle PKI LDAP SDK Features and Benefits
7.4.1.1
About Oracle PKI LDAP SDK Classes
7.4.2
Setting Up Your Oracle PKI LDAP SDK Environment
7.4.2.1
Understanding System Requirements for Oracle PKI LDAP SDK
7.4.2.2
Setting the CLASSPATH Environment Variable
7.4.3
The Oracle PKI LDAP SDK Java API Reference
8
Oracle XML Security
8.1
About Oracle XML Security Features and Benefits
8.1.1
About the Supported XML Algorithms
8.1.2
Oracle XML Security API
8.2
Setting Up Your Oracle XML Security Environment
8.3
Signing Data
8.3.1
Identifying What to Sign
8.3.1.1
Determining the Signature Envelope
8.3.1.2
Deciding How to Sign Binary Data
8.3.1.3
Signing Multiple XML Fragments with a Signature
8.3.1.4
Excluding Elements from a Signature
8.3.2
Deciding on a Signing Key
8.3.2.1
Setting Up Key Exchange
8.3.2.2
Providing a Receiver Hint
8.4
Verifying Data
8.5
Encrypting Data
8.5.1
Identifying what to Encrypt
8.5.1.1
Using the Content Only Encryption Mode
8.5.1.2
Encrypting Binary Data
8.5.2
Deciding on the Encryption Key
8.6
Decrypting Data
8.7
Using Element Wrappers in the OSDT XML APIs
8.7.1
Constructing the Wrapper Object
8.7.2
Obtaining the DOM Element from the Wrapper Object
8.7.3
Parse Complex Elements
8.7.4
Construct Complex Elements
8.8
How to Sign Data with the Oracle XML Security API
8.8.1
Basic Procedure to Create a Detached Signature
8.8.2
Variations on the Basic Signing Procedure
8.8.2.1
Multiple References
8.8.2.2
Enveloped Signature
8.8.2.3
XPath Expression
8.8.2.4
Certificate Hint
8.8.2.5
Sign with HMAC Key
8.9
How to Verify Signatures with the Oracle XML Security API
8.9.1
Basic Procedure to Check What is Signed
8.9.2
Set Up Callbacks
8.9.3
Write a Custom Key Retriever
8.9.4
Check What is Signed
8.9.5
Verify the Signature
8.9.5.1
If Callbacks are Set Up
8.9.5.2
If Callbacks are Not Set Up
8.9.5.3
Debugging Verification
8.10
How to Encrypt Data with the Oracle XML Security API
8.10.1
Encrypt with a Shared Symmetric Key
8.10.2
Encrypt with a Random Symmetric Key
8.11
How to Decrypt Data with the Oracle XML Security API
8.11.1
Decrypt with a Shared Symmetric Key
8.11.2
Decrypt with a Random Symmetric Key
8.12
Supporting Classes and Interfaces
8.12.1
The oracle.security.xmlsec.util.XMLURI Interface
8.12.2
The oracle.security.xmlsec.util.XMLUtils class
8.13
Common XML Security Questions
8.14
Best Practices
8.15
The Oracle XML Security Java API Reference
9
Oracle SAML
9.1
Oracle SAML Features and Benefits
9.2
Oracle SAML 1.0/1.1
9.2.1
Oracle SAML 1.0/1.1 Packages
9.2.2
Setting Up Your Oracle SAML 1.0/1.1 Environment
9.2.2.1
System Requirements for Oracle SAML 1.0/1.1
9.2.2.2
Setting the CLASSPATH Environment Variable
9.2.3
Classes and Interfaces
9.2.3.1
Core Classes
9.2.3.2
Supporting Classes and Interfaces
9.2.4
The Oracle SAML 1.0/1.1 Java API Reference
9.3
Oracle SAML 2.0
9.3.1
Oracle SAML 2.0 Packages
9.3.2
Setting Up Your Oracle SAML 2.0 Environment
9.3.2.1
System Requirements for Oracle SAML 2.0
9.3.2.2
Setting the CLASSPATH Environment Variable
9.3.3
Classes and Interfaces
9.3.3.1
Core Classes
9.3.3.2
Supporting Classes and Interfaces
9.3.4
The Oracle SAML 2.0 Java API Reference
10
Oracle Web Services Security
10.1
Setting Up Your Oracle Web Services Security Environment
10.2
Classes and Interfaces
10.2.1
Element Wrappers
10.2.2
The <wsse:Security> header
10.2.2.1
Outgoing Messages
10.2.2.2
Incoming Messages
10.2.3
Security Tokens (ST)
10.2.3.1
Creating a Username Token
10.2.3.2
Creating an X509 Token
10.2.3.3
Creating a Kerberos Token
10.2.3.4
Creating a SAML Assertion Token
10.2.4
Security Token References (STR)
10.2.4.1
Creating a direct reference STR
10.2.4.2
Creating a Reference STR for a username token
10.2.4.3
Creating a Reference STR for a X509 Token
10.2.4.4
Creating a Reference STR for Kerberos Token
10.2.4.5
Creating a Reference STR for a SAML Assertion token
10.2.4.6
Creating a Reference STR for an EncryptedKey
10.2.4.7
Creating a Reference STR for a generic token
10.2.4.8
Creating a Key Identifier STR
10.2.4.9
Creating a KeyIdentifier STR for an X509 Token
10.2.4.10
Creating a KeyIdentifier STR for a Kerberos Token
10.2.4.11
Creating a KeyIdentifier STR for a SAML Assertion Token
10.2.4.12
Creating a KeyIdentifier STR for an EncryptedKey
10.2.4.13
Adding an STRTransform
10.2.5
Signing and Verifying
10.2.5.1
Signing SOAP Messages
10.2.5.2
Verifying SOAP Messages
10.2.5.3
Confirming Signatures
10.2.6
Encrypting and Decrypting
10.2.6.1
Encrypting SOAP messages with EncryptedKey
10.2.6.2
Encrypting SOAP messages without EncryptedKey
10.2.6.3
Encrypting SOAP Headers into an EncryptedHeader
10.2.6.4
Decrypting SOAP messages with EncryptedKey
10.2.6.5
Decrypting SOAP messages without EncryptedKey
10.3
The Oracle Web Services Security Java API Reference
11
Oracle Liberty SDK
11.1
Oracle Liberty SDK Features and Benefits
11.2
Oracle Liberty 1.1
11.2.1
Setting Up Your Oracle Liberty 1.1 Environment
11.2.1.1
System Requirements for Oracle Liberty 1.1
11.2.1.2
Setting the CLASSPATH Environment Variable
11.2.2
Overview of Oracle Liberty 1.1 Classes and Interfaces
11.2.2.1
Core Classes and Interfaces
11.2.2.2
Supporting Classes and Interfaces
11.2.3
The Oracle Liberty SDK 1.1 API Reference
11.3
Oracle Liberty 1.2
11.3.1
Setting Up Your Oracle Liberty 1.2 Environment
11.3.1.1
System Requirements for Oracle Liberty 1.2
11.3.1.2
Setting the CLASSPATH Environment Variable
11.3.2
Overview of Oracle Liberty 1.2 Classes and Interfaces
11.3.2.1
Core Classes and Interfaces
11.3.2.2
Supporting Classes and Interfaces
11.3.3
The Oracle Liberty SDK 1.2 API Reference
12
Oracle XKMS
12.1
Oracle XKMS Features and Benefits
12.1.1
Oracle XKMS Packages
12.2
Setting Up Your Oracle XKMS Environment
12.2.1
System Requirements for Oracle XKMS
12.2.2
Setting the CLASSPATH Environment Variable
12.2.2.1
Setting the CLASSPATH on Windows
12.2.2.2
Setting the CLASSPATH on UNIX
12.3
Core Classes and Interfaces
12.3.1
oracle.security.xmlsec.xkms.xkiss.LocateRequest
12.3.2
oracle.security.xmlsec.xkms.xkiss.LocateResult
12.3.3
oracle.security.xmlsec.xkms.xkiss.ValidateRequest
12.3.4
oracle.security.xmlsec.xkms.xkiss.ValidateResult
12.3.5
oracle.security.xmlsec.xkms.xkrss.RecoverRequest
12.3.6
oracle.security.xmlsec.xkms.xkrss.RecoverResult
12.4
The Oracle XKMS Java API Reference
13
Oracle JSON Web Token
13.1
Oracle JSON Web Token Features and Benefits
13.1.1
About JWT
13.1.2
Oracle JSON Web Token Features
13.2
Setting Up Your Oracle JSON Web Token Environment
13.2.1
System Requirements for Oracle JSON Web Token
13.2.2
Setting the CLASSPATH Environment Variable
13.2.2.1
Setting the CLASSPATH on Windows
13.2.2.2
Setting the CLASSPATH on UNIX
13.3
Core Classes and Interfaces
13.4
Examples of Usage
13.4.1
Creating the JWT Token
13.4.2
Signing the JWT Token
13.4.3
Verifying the JWT Token
13.4.4
Serializing the JWT Token without Signing
13.5
The Oracle JSON Web Token Reference
Index
Scripting on this page enhances content navigation, but does not change the content in any way.