public class PKIMessage
extends java.lang.Object
implements oracle.security.crypto.asn1.ASN1Object
After creating a PKIMessage using one of the constructors, invoke the computeProtection()
method if message protection bits are to be used.
PKIMessageHeader
, PKIMessageBody
Modifier and Type | Class and Description |
---|---|
static class |
PKIMessage.Version
CMP message protocol version.
|
Constructor and Description |
---|
PKIMessage()
Create a new, empty
PKIMessage . |
PKIMessage(GeneralName sender, GeneralName recipient, PKIMessageBody body)
Create a new
PKIMessage with the specified sender, recipient and message body, using the default version PKIMessage.Version.CMP2000 . |
PKIMessage(GeneralName sender, GeneralName recipient, PKIMessageBody body, PKIMessage.Version version)
Create a new
PKIMessage with the specified sender, recipient, message body and version. |
PKIMessage(java.io.InputStream is) |
PKIMessage(PKIMessageHeader header, PKIMessageBody body) |
Modifier and Type | Method and Description |
---|---|
void |
addCertificate(java.security.cert.X509Certificate cert)
Add an extra certificate (to be used, for example, in certificate chain validation).
|
void |
computeProtection()
If the message is to be protected using the protection algorithm set in the
PKIMessageHeader , this method must be invoked before sending the message. |
PKIMessageBody |
getBody()
Returns the message body.
|
java.util.Vector |
getExtraCerts()
Return any extra certificates included for the end-entity's use in certificate chain verification.
|
PKIMessageHeader |
getHeader()
Returns the message header.
|
byte[] |
getProtectedPart()
Returns the bytes of the PKIMessage elements that are covered by the message protection.
|
oracle.security.crypto.core.AlgorithmIdentifier |
getProtectionAlgID()
Return the protection algorithm identifier from the message header, or
null if none was set. |
byte[] |
getProtectionBytes() |
PKIMessage.Version |
getVersion()
Returns the message version from the header.
|
void |
input(java.io.InputStream is) |
int |
length() |
void |
output(java.io.OutputStream os) |
java.lang.String |
toString() |
boolean |
verifyProtection(byte[] password)
Verifies the protection using the given password-based MAC key.
|
boolean |
verifyProtection(java.security.PublicKey pubKey)
Verifies the protection using the given public key.
|
public PKIMessage()
PKIMessage
. An object thus instantiated is not valid, and is intended primarily for use in conjunction with the input(java.io.InputStream)
method.public PKIMessage(GeneralName sender, GeneralName recipient, PKIMessageBody body) throws CMPException
PKIMessage
with the specified sender, recipient and message body, using the default version PKIMessage.Version.CMP2000
.CMPException
public PKIMessage(GeneralName sender, GeneralName recipient, PKIMessageBody body, PKIMessage.Version version) throws CMPException
PKIMessage
with the specified sender, recipient, message body and version.version
- The CMP protocol version, either PKIMessage.Version.CMP1999
or PKIMessage.Version.CMP2000
.CMPException
public PKIMessage(PKIMessageHeader header, PKIMessageBody body)
public PKIMessage(java.io.InputStream is) throws java.io.IOException
java.io.IOException
public PKIMessageHeader getHeader()
public PKIMessageBody getBody()
public PKIMessage.Version getVersion()
public void addCertificate(java.security.cert.X509Certificate cert)
Note the changes in the method signature
Previously public void addCertificate (X509)
Now public void addCertificate (X509Certificate )
public java.util.Vector getExtraCerts()
X509
certificates.public oracle.security.crypto.core.AlgorithmIdentifier getProtectionAlgID()
null
if none was set.public void computeProtection() throws java.security.SignatureException
PKIMessageHeader
, this method must be invoked before sending the message.
Note: Any changes to the message header or body will require that the message protection be recomputed. (Adding extra certificates does not modify the protected part of the message.)
java.security.SignatureException
public byte[] getProtectionBytes() throws java.security.SignatureException
java.security.SignatureException
public byte[] getProtectedPart()
public boolean verifyProtection(byte[] password) throws oracle.security.crypto.core.InvalidMACException
oracle.security.crypto.core.InvalidMACException
public boolean verifyProtection(java.security.PublicKey pubKey) throws java.security.SignatureException
Note the changes in the method signature
Previously public boolean verifyProtection (oracle.security.crypto.core.PublicKey)
Now public boolean verifyProtection (java.security.PublicKey )
java.security.SignatureException
public java.lang.String toString()
toString
in class java.lang.Object
public void input(java.io.InputStream is) throws java.io.IOException
input
in interface oracle.security.crypto.util.Streamable
java.io.IOException
public void output(java.io.OutputStream os) throws java.io.IOException
output
in interface oracle.security.crypto.util.Streamable
java.io.IOException
public int length()
length
in interface oracle.security.crypto.util.Streamable