| Modifier and Type | Class and Description |
|---|---|
class |
EACLsException
A class represents an acls exception.
|
| Modifier and Type | Method and Description |
|---|---|
netscape.security.util.ObjectIdentifier |
ICMSEngine.checkOID(java.lang.String attrName,
java.lang.String value)
Checks if the given OID is valid.
|
static netscape.security.util.ObjectIdentifier |
CMS.checkOID(java.lang.String attrName,
java.lang.String value)
Checks if the given OID is valid.
|
IConfigStore |
ICMSEngine.createFileConfigStore(java.lang.String path)
Create configuration file.
|
static IConfigStore |
CMS.createFileConfigStore(java.lang.String path) |
IGeneralNameAsConstraintsConfig |
ICMSEngine.createGeneralNameAsConstraintsConfig(java.lang.String name,
IConfigStore config,
boolean isValueConfigured,
boolean isPolicyEnabled)
Created general name constraints configuration.
|
static IGeneralNameAsConstraintsConfig |
CMS.createGeneralNameAsConstraintsConfig(java.lang.String name,
IConfigStore config,
boolean isValueConfigured,
boolean isPolicyEnabled)
Created general name constraints configuration.
|
IGeneralNamesAsConstraintsConfig |
ICMSEngine.createGeneralNamesAsConstraintsConfig(java.lang.String name,
IConfigStore config,
boolean isValueConfigured,
boolean isPolicyEnabled)
Created general name constraints configuration.
|
static IGeneralNamesAsConstraintsConfig |
CMS.createGeneralNamesAsConstraintsConfig(java.lang.String name,
IConfigStore config,
boolean isValueConfigured,
boolean isPolicyEnabled)
Created general name constraints configuration.
|
IGeneralNamesConfig |
ICMSEngine.createGeneralNamesConfig(java.lang.String name,
IConfigStore config,
boolean isValueConfigured,
boolean isPolicyEnabled)
Created general names configuration.
|
static IGeneralNamesConfig |
CMS.createGeneralNamesConfig(java.lang.String name,
IConfigStore config,
boolean isValueConfigured,
boolean isPolicyEnabled)
Created general names configuration.
|
ISubjAltNameConfig |
ICMSEngine.createSubjAltNameConfig(java.lang.String name,
IConfigStore config,
boolean isValueConfigured)
Creates subject alt name configuration.
|
static ISubjAltNameConfig |
CMS.createSubjAltNameConfig(java.lang.String name,
IConfigStore config,
boolean isValueConfigured)
Creates subject alt name configuration.
|
static void |
CMS.disableSubsystem(java.lang.String id)
Disable the subsystem with the given ID.
|
static void |
CMS.enableSubsystem(java.lang.String id)
Enable the subsystem with the given ID.
|
netscape.security.x509.GeneralName |
ICMSEngine.form_GeneralName(java.lang.String generalNameChoice,
java.lang.String value)
Creates a general name.
|
static netscape.security.x509.GeneralName |
CMS.form_GeneralName(java.lang.String generalNameChoice,
java.lang.String value)
Creates a general name.
|
netscape.security.x509.GeneralName |
ICMSEngine.form_GeneralNameAsConstraints(java.lang.String generalNameChoice,
java.lang.String value)
Creates a general name constraints.
|
static netscape.security.x509.GeneralName |
CMS.form_GeneralNameAsConstraints(java.lang.String generalNameChoice,
java.lang.String value)
Creates a general name constraints.
|
ILdapConnInfo |
ICMSEngine.getLdapConnInfo(IConfigStore config)
Retrieves the ldap connection information from the configuration
store.
|
static ILdapConnInfo |
CMS.getLdapConnInfo(IConfigStore config)
Retrieves the ldap connection information from the configuration
store.
|
IPasswordStore |
ICMSEngine.getPasswordStore() |
static IPasswordStore |
CMS.getPasswordStore() |
static void |
CMS.init(ISubsystem owner,
IConfigStore config)
Initialize all static, dynamic and final static subsystems.
|
void |
ICMSEngine.reinit(java.lang.String id) |
static void |
CMS.reinit(java.lang.String id) |
void |
ICMSEngine.setId(java.lang.String id)
Sets the identifier of this subsystem.
|
static void |
CMS.setId(java.lang.String id)
Sets the identifier of this subsystem.
|
void |
ICMSEngine.setSubsystemEnabled(java.lang.String id,
boolean enabled)
Set whether the given subsystem is enabled.
|
static void |
CMS.start(java.lang.String path)
Loads the configuration file and starts CMS's core implementation.
|
static void |
CMS.startup()
Starts up all subsystems.
|
| Modifier and Type | Class and Description |
|---|---|
class |
EAuthException
This class represents authentication exceptions.
|
class |
EAuthInternalError
An exception for authentication internal error.
|
class |
EAuthMgrNotFound
Exception for authentication manager not found.
|
class |
EAuthMgrPluginNotFound
Exception for authentication manager not found.
|
class |
EAuthUserError
Exception for invalid attribute value
|
class |
ECompSyntaxErr
An exception for DN component syntax error.
|
class |
EFormSubjectDN
An exception for Error formulating the subject name (X500Name)
|
class |
EInvalidCredentials
An exception for invalid credentials.
|
class |
EMissingCredential
Exception for missing a required authentication credential.
|
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
IAuthManager.authenticate(IAuthCredentials authCred)
Authenticate the given credentials.
|
IAuthToken |
IAuthSubsystem.authenticate(IAuthCredentials authCred,
java.lang.String authMgrName)
Authenticate the given credentials using the given manager name.
|
IAuthManager |
IAuthSubsystem.getAuthManager(java.lang.String name)
Gets the Authentication manager instance of the specified name.
|
java.lang.String[] |
IAuthManager.getConfigParams()
Get configuration parameters for this implementation.
|
java.lang.String[] |
IAuthSubsystem.getConfigParams(java.lang.String implName)
Get configuration parameters for a authentication mgr plugin.
|
java.lang.String[] |
IAuthSubsystem.getRequiredCreds(java.lang.String authMgrName)
Gets the required credential attributes for the given authentication
manager.
|
void |
IAuthManager.init(java.lang.String name,
java.lang.String implName,
IConfigStore config)
Initialize this authentication manager.
|
| Modifier and Type | Method and Description |
|---|---|
netscape.security.x509.X509CertImpl |
ICertAuthority.getCACert()
Returns CA's certificate implementaion.
|
| Modifier and Type | Class and Description |
|---|---|
class |
EAuthzAccessDenied
Exception for authorization failure
|
class |
EAuthzException
This class represents authorization exceptions.
|
class |
EAuthzInternalError
An exception for internal error for authorization.
|
class |
EAuthzMgrNotFound
Exception for authorization manager not found.
|
class |
EAuthzMgrPluginNotFound
Exception for authorization manager plugin not found.
|
class |
EAuthzUnknownOperation
Exception for operation unknown to the authorization manager
|
class |
EAuthzUnknownProtectedRes
Exception for protected resource unknown to the authorization manager
|
class |
EAuthzUnknownRealm |
| Modifier and Type | Method and Description |
|---|---|
void |
IAuthzManager.accessInit(java.lang.String accessInfo)
accessInit is for servlets who want to initialize their
own authorization information before full operation. |
AuthzToken |
IAuthzSubsystem.authorize(java.lang.String authzMgrName,
IAuthToken authToken,
java.lang.String exp) |
AuthzToken |
IAuthzSubsystem.authorize(java.lang.String authzMgrName,
IAuthToken authToken,
java.lang.String resource,
java.lang.String operation)
authorize the user associated with the given authToken for a given
operation with the given authorization manager name
|
AuthzToken |
IAuthzSubsystem.authorize(java.lang.String authzMgrName,
IAuthToken authToken,
java.lang.String resource,
java.lang.String operation,
java.lang.String realm) |
void |
IAuthzSubsystem.authzMgrAccessInit(java.lang.String authzMgrName,
java.lang.String accessInfo)
Initialize authz info - usually used for BasicAclAuthz
|
void |
IAuthzSubsystem.checkRealm(java.lang.String realm,
IAuthToken authToken,
java.lang.String owner,
java.lang.String resource,
java.lang.String operation)
Authorize the user against the specified realm.
|
IAuthzManager |
IAuthzSubsystem.getAuthzManager(java.lang.String name)
Gets the Authorization manager instance of the specified name.
|
java.lang.String[] |
IAuthzManager.getConfigParams()
Get configuration parameters for this implementation.
|
void |
IAuthzManager.init(java.lang.String name,
java.lang.String implName,
IConfigStore config)
Initialize this authorization manager.
|
| Modifier and Type | Class and Description |
|---|---|
class |
BadRequestDataException |
class |
EPropertyNotDefined
This class represents an exception thrown when a
property is not defined (empty string) the configuration store.
|
class |
EPropertyNotFound
This class represents an exception thrown when a
property is not found in the configuration store.
|
| Modifier and Type | Method and Description |
|---|---|
void |
IConfigStore.commit(boolean createBackup)
Commits all the data into file immediately.
|
void |
MetaInfo.delete(java.lang.String name)
Deletes an attribute value from this CertAttrSet.
|
void |
IAttrSet.delete(java.lang.String name)
Deletes an attribute value from this AttrSet.
|
void |
IConfigStoreEventListener.doConfigParams(java.lang.String action,
java.util.Hashtable<java.lang.String,java.lang.String> params)
Validates the config store parameters that changed
|
java.lang.Object |
MetaInfo.get(java.lang.String name)
Gets an attribute value.
|
java.lang.Object |
IAttrSet.get(java.lang.String name)
Gets an attribute value.
|
java.math.BigInteger |
IConfigStore.getBigInteger(java.lang.String name)
Retrieves the given property as a big integer.
|
java.math.BigInteger |
IConfigStore.getBigInteger(java.lang.String name,
java.math.BigInteger defval)
Retrieves the given property as a big integer.
|
boolean |
IConfigStore.getBoolean(java.lang.String name)
Retrieves the given property as a boolean.
|
boolean |
IConfigStore.getBoolean(java.lang.String name,
boolean defval)
Retrieves the given property as a boolean.
|
byte[] |
IConfigStore.getByteArray(java.lang.String name)
Retrieves the value of a property as a byte array.
|
byte[] |
IConfigStore.getByteArray(java.lang.String name,
byte[] defval)
Retrieves the value of a property as a byte array, using the
given default value if property is not present.
|
int |
IConfigStore.getInteger(java.lang.String name)
Retrieves the given property as an integer.
|
int |
IConfigStore.getInteger(java.lang.String name,
int defval)
Retrieves the given property as an integer.
|
java.util.Map<java.lang.String,java.lang.String> |
IConfigStore.getProperties()
Get properties as a map.
|
java.lang.String |
IConfigStore.getString(java.lang.String name)
Retrieves the value of the given property as a string.
|
java.lang.String |
IConfigStore.getString(java.lang.String name,
java.lang.String defval)
Retrieves the value of a given property as a string or the
given default value if the property is not present.
|
java.lang.Object |
IArgBlock.getValue(java.lang.Object n)
Retrieves argument value as object
|
java.math.BigInteger |
IArgBlock.getValueAsBigInteger(java.lang.String n)
Retrieves argument value as big integer.
|
boolean |
IArgBlock.getValueAsBoolean(java.lang.String name)
Gets boolean value.
|
int |
IArgBlock.getValueAsInt(java.lang.String n)
Retrieves argument value as integer.
|
KeyGenInfo |
IArgBlock.getValueAsKeyGenInfo(java.lang.String name,
KeyGenInfo def)
Gets KeyGenInfo
|
netscape.security.pkcs.PKCS10 |
IArgBlock.getValueAsPKCS10(java.lang.String name,
boolean checkheader)
Retrieves PKCS10
|
netscape.security.pkcs.PKCS10 |
IArgBlock.getValueAsPKCS10(java.lang.String name,
boolean checkheader,
netscape.security.pkcs.PKCS10 def)
Retrieves PKCS10
|
netscape.security.pkcs.PKCS10 |
IArgBlock.getValueAsRawPKCS10(java.lang.String name)
Gets PKCS10 request.
|
netscape.security.pkcs.PKCS10 |
IArgBlock.getValueAsRawPKCS10(java.lang.String name,
netscape.security.pkcs.PKCS10 def)
Gets PKCS10 request.
|
java.lang.String |
IArgBlock.getValueAsString(java.lang.String n)
Retrieves argument value as string.
|
netscape.security.pkcs.PKCS10 |
IArgBlock.getValuePKCS10(java.lang.String name,
netscape.security.pkcs.PKCS10 def)
Retrieves PKCS10
|
void |
ISubsystem.init(ISubsystem owner,
IConfigStore config)
Initializes this subsystem with the given configuration
store.
|
void |
IPluginImpl.init(ISubsystem sys,
java.lang.String instanceName,
java.lang.String className,
IConfigStore config)
Initializes this plugin instance.
|
void |
MetaInfo.set(java.lang.String name,
java.lang.Object obj)
Sets an attribute value.
|
void |
IAttrSet.set(java.lang.String name,
java.lang.Object obj)
Sets an attribute value within this AttrSet.
|
void |
ISubsystem.setId(java.lang.String id)
Sets specific to this subsystem.
|
void |
ISubsystem.startup()
Notifies this subsystem if owner is in running mode.
|
void |
IConfigStoreEventListener.validateConfigParams(java.lang.String action,
java.util.Hashtable<java.lang.String,java.lang.String> params)
Called to validate the config store parameters that changed
|
| Modifier and Type | Class and Description |
|---|---|
class |
CADisabledException
Exception to throw when a (sub-)CA cannot perform an operation
because it is disabled.
|
class |
CAEnabledException
Exception to throw when an operation cannot be performed because
the CA to which the operation pertains is enabled.
|
class |
CAMissingCertException
Exception to throw when a (sub-)CA's signing certificate is not
(yet) present in the local NSSDB.
|
class |
CAMissingKeyException
Exception to throw when a (sub-)CA's signing key is not (yet)
present in the local NSSDB.
|
class |
CANotFoundException
Exception to throw when a (sub-)CA cannot be found.
|
class |
CANotLeafException
Exception to throw when an operation cannot be performed because
the CA to which the operation pertains is not a leaf CA (ie, has
sub-CAs).
|
class |
CATypeException
Exception to throw when an operation cannot be completed
because the CA is the wrong type (e.g., an operation that
only applies to lightweight CAs).
|
class |
ECAException
A class represents a CA exception.
|
class |
EErrorPublishCRL
A class represents a CA exception associated with publishing error.
|
class |
IssuerUnavailableException
Exception to throw during CA creation when requested CA
(issuer DN) already exists.
|
| Modifier and Type | Method and Description |
|---|---|
ICertificateAuthority |
ICertificateAuthority.createCA(IAuthToken authToken,
java.lang.String dn,
AuthorityID parentAID,
java.lang.String desc)
Create a new sub-CA under the specified parent CA.
|
ICertificateAuthority |
ICertificateAuthority.createSubCA(IAuthToken authToken,
java.lang.String dn,
java.lang.String desc)
Create a new sub-CA IMMEDIATELY beneath this one.
|
void |
ICertificateAuthority.deleteAuthority()
Delete this lightweight CA.
|
netscape.security.x509.X509CertImpl |
ICertificateAuthority.getCACert()
Retrieves the CA certificate.
|
IConnector |
ICAService.getConnector(IConfigStore cs) |
void |
ICRLIssuingPoint.init(ISubsystem ca,
java.lang.String id,
IConfigStore config)
Initializes CRL issuing point.
|
netscape.security.x509.X509CertImpl |
ICAService.issueX509Cert(AuthorityID aid,
netscape.security.x509.X509CertInfo certi,
java.lang.String profileId,
java.lang.String rid)
Issues certificate base on enrollment information,
creates certificate record, and stores all necessary data.
|
void |
ICertificateAuthority.modifyAuthority(java.lang.Boolean enabled,
java.lang.String desc)
Update authority configurables.
|
void |
ICRLIssuingPoint.processRevokedCerts(IElementProcessor cp)
Builds a list of revoked certificates to put them into CRL.
|
void |
ICertificateAuthority.publishCRLNow()
Publishes the CRL immediately for MasterCRL issuing point if it exists.
|
void |
ICertificateAuthority.renewAuthority(javax.servlet.http.HttpServletRequest httpReq)
Renew certificate of CA.
|
void |
ICAService.revokeCert(netscape.security.x509.RevokedCertImpl crlentry)
Marks certificate record as revoked by adding revocation information.
|
void |
ICAService.revokeCert(netscape.security.x509.RevokedCertImpl crlentry,
java.lang.String requestId)
Marks certificate record as revoked by adding revocation information.
|
void |
ICAService.serviceProfileRequest(IRequest request)
Services profile request.
|
void |
ICertificateAuthority.setDefaultAlgorithm(java.lang.String algorithm)
Sets the default signing algorithm of this certificate authority.
|
void |
ICertificateAuthority.setMaxSerial(java.lang.String serial)
Sets the last serial number that can be used for
certificate issuance in this certificate authority.
|
void |
ICertificateAuthority.setStartSerial(java.lang.String serial)
Sets the next available serial number.
|
void |
ICertificateAuthority.setValidity(java.lang.String enableCAPast)
Allows certificates to have validities that are longer
than this certificate authority's.
|
netscape.security.x509.X509CertImpl |
ICertificateAuthority.sign(netscape.security.x509.X509CertInfo certInfo,
java.lang.String algname)
Signs a X.509 certificate template.
|
netscape.security.x509.X509CRLImpl |
ICertificateAuthority.sign(netscape.security.x509.X509CRLImpl crl,
java.lang.String algname)
Signs the given CRL with the specific algorithm.
|
void |
ICertificateAuthority.updateCRLNow()
Updates the CRL immediately for MasterCRL issuing point if it exists.
|
void |
ICRLIssuingPoint.updateCRLNow()
Generates CRL now based on cache or local directory if cache
is not available.
|
void |
ICRLIssuingPoint.updateCRLNow(java.lang.String signingAlgorithm)
Generates CRL now based on cache or local directory if cache
is not available.
|
| Modifier and Type | Method and Description |
|---|---|
void |
ICrossCertPairSubsystem.importCert(byte[] certBytes)
"import" the CA cert cross-signed by another CA (potentially a
bridge CA) into internal ldap db.
|
void |
ICrossCertPairSubsystem.publishCertPairs()
publish all cert pairs, if publisher is on
|
| Modifier and Type | Method and Description |
|---|---|
IHttpConnection |
IHttpConnFactory.getConn()
Request access to a Ldap connection from the pool.
|
void |
IHttpConnFactory.returnConn(IHttpConnection conn)
Return connection to the factory.
|
IPKIMessage |
IHttpConnection.send(IPKIMessage tomsg)
Sends the PKI message to the remote authority.
|
boolean |
IConnector.send(IRequest req)
Sends the request to a remote authority.
|
HttpResponse |
IHttpConnection.send(java.lang.String msg)
Sends the message to the remote authority.
|
HttpResponse |
IConnector.send(java.lang.String op,
java.lang.String msg)
Sends the request to a remote authority.
|
void |
IHttpConnection.setRequestURI(java.lang.String uri)
Sets the HttpRequest URI before send
|
| Modifier and Type | Class and Description |
|---|---|
class |
EDBException
A class represents a database exception.
|
class |
EDBNotAvailException
Indicates internal db is down.
|
class |
EDBRecordNotFoundException
Indicates internal db is down.
|
| Modifier and Type | Method and Description |
|---|---|
void |
IDBSSession.abandon(netscape.ldap.LDAPSearchResults results) |
void |
IDBSSession.add(java.lang.String name,
IDBObj obj)
Adds object to backend database.
|
netscape.ldap.LDAPAttributeSet |
IDBRegistry.createLDAPAttributeSet(IDBObj obj)
Creates attribute set from object.
|
IDBObj |
IDBRegistry.createObject(netscape.ldap.LDAPAttributeSet attrs)
Creates object from attribute set.
|
<T> IDBVirtualList<T> |
IDBSSession.createVirtualList(java.lang.String base,
java.lang.String filter,
java.lang.String[] attrs)
Retrieves a list of objects.
|
<T> IDBVirtualList<T> |
IDBSSession.createVirtualList(java.lang.String base,
java.lang.String filter,
java.lang.String[] attrs,
java.lang.String[] sortKeys,
int pageSize)
Retrieves a list of objects.
|
<T> IDBVirtualList<T> |
IDBSSession.createVirtualList(java.lang.String base,
java.lang.String filter,
java.lang.String[] attrs,
java.lang.String sortKey,
int pageSize)
Retrieves a list of objects.
|
<T> IDBVirtualList<T> |
IDBSSession.createVirtualList(java.lang.String base,
java.lang.String filter,
java.lang.String[] attrs,
java.lang.String startFrom,
java.lang.String sortKey,
int pageSize)
Retrieves a list of objects.
|
void |
IDBSSession.delete(java.lang.String name)
Deletes object from database.
|
java.lang.String |
IDBRegistry.getFilter(java.lang.String filter)
Creates LDAP-based search filters with help of
registered mappers.
|
java.lang.String |
IDBRegistry.getFilter(java.lang.String filter,
IFilterConverter c)
Creates LDAP-based search filters with help of
registered mappers.
|
java.lang.String[] |
IDBRegistry.getLDAPAttributes(java.lang.String[] attrs)
Retrieves a list of LDAP attributes that are associated
with the given attributes.
|
void |
IDBAttrMapper.mapLDAPAttributeSetToObject(netscape.ldap.LDAPAttributeSet attrs,
java.lang.String name,
IDBObj parent)
Maps LDAP attributes into object, and puts the object
into 'parent'.
|
void |
IDBRegistry.mapObject(IDBObj parent,
java.lang.String name,
java.lang.Object obj,
netscape.ldap.LDAPAttributeSet attrs)
Maps object into LDAP attribute set.
|
void |
IDBAttrMapper.mapObjectToLDAPAttributeSet(IDBObj parent,
java.lang.String name,
java.lang.Object obj,
netscape.ldap.LDAPAttributeSet attrs)
Maps object attribute into LDAP attributes.
|
java.lang.String |
IDBAttrMapper.mapSearchFilter(java.lang.String name,
java.lang.String op,
java.lang.String value)
Maps search filters into LDAP search filter.
|
void |
IDBSSession.modify(java.lang.String name,
ModificationSet mods)
Modify an object in the database.
|
netscape.ldap.LDAPSearchResults |
IDBSSession.persistentSearch(java.lang.String base,
java.lang.String filter,
java.lang.String[] attrs)
Sets persistent search to retrieve modified
certificate records.
|
void |
IElementProcessor.process(java.lang.Object o)
Handles object
|
void |
IDBVirtualList.processElements(int startidx,
int endidx,
IElementProcessor ep)
Processes elements as soon as it arrives.
|
IDBObj |
IDBSSession.read(java.lang.String name)
Reads an object from the database.
|
IDBObj |
IDBSSession.read(java.lang.String name,
java.lang.String[] attrs)
Reads an object from the database, and only populates
the selected attributes.
|
IDBSearchResults |
IDBSSession.search(java.lang.String base,
java.lang.String filter)
Searchs for a list of objects that match the
filter.
|
IDBSearchResults |
IDBSSession.search(java.lang.String base,
java.lang.String filter,
int maxSize)
Searchs for a list of objects that match the
filter.
|
IDBSearchResults |
IDBSSession.search(java.lang.String base,
java.lang.String filter,
int maxSize,
int timeLimit)
Searchs for a list of objects that match the
filter.
|
IDBSearchResults |
IDBSSession.search(java.lang.String base,
java.lang.String filter,
int maxSize,
int timeLimit,
java.lang.String sortAttribute)
Searchs for a list of objects that match the
filter.
|
IDBSearchResults |
IDBSSession.search(java.lang.String base,
java.lang.String filter,
int maxSize,
java.lang.String sortAttribute)
Searchs for a list of objects that match the
filter.
|
IDBSearchResults |
IDBSSession.search(java.lang.String base,
java.lang.String filter,
java.lang.String[] attrs)
Retrieves a list of object that satifies the given
filter.
|
void |
IDBSubsystem.setEnableSerialMgmt(boolean value)
Sets whether serial number management is enabled for certs
and requests.
|
void |
IDBSubsystem.setMaxSerialConfig(int repo,
java.lang.String serial)
Records maximum serial number limit in config file
|
void |
IDBSubsystem.setMinSerialConfig(int repo,
java.lang.String serial)
Records minimum serial number limit in config file
|
void |
IDBSubsystem.setNextMaxSerialConfig(int repo,
java.lang.String serial)
Records maximum serial number limit for the next range in config file
|
void |
IDBSubsystem.setNextMinSerialConfig(int repo,
java.lang.String serial)
Records minimum serial number limit for the next range in config file
|
void |
IDBSubsystem.setNextSerialConfig(java.math.BigInteger serial)
Records next serial number in config file
|
void |
IDBVirtualList.setSortKey(java.lang.String sortKey)
Sets the sort key
|
void |
IDBVirtualList.setSortKey(java.lang.String[] sortKeys)
Sets the sort key
|
| Modifier and Type | Method and Description |
|---|---|
void |
ICertificateRepository.addCertificateRecord(ICertRecord record)
Adds a certificate record to the repository.
|
boolean |
ICertificateRepository.containsCertificate(java.math.BigInteger serialNo)
Checks if the certificate exists in this repository.
|
void |
ICertificateRepository.deleteCertificateRecord(java.math.BigInteger serialNo)
Deletes certificate from this repository.
|
java.util.Enumeration<netscape.security.x509.X509CertImpl> |
ICertificateRepository.findCertificates(java.lang.String filter)
Finds all certificates given a filter.
|
java.util.Enumeration<ICertRecord> |
ICertificateRepository.findCertRecords(java.lang.String filter)
Finds all certificate records given a filter.
|
ICertRecordList |
ICertificateRepository.findCertRecordsInList(java.lang.String filter,
java.lang.String[] attrs,
int pageSize)
Finds a list of certificate records that satisifies
the filter.
|
ICertRecordList |
ICertificateRepository.findCertRecordsInList(java.lang.String filter,
java.lang.String[] attrs,
java.lang.String jumpTo,
boolean hardJumpTo,
java.lang.String sortKey,
int pageSize) |
ICertRecordList |
ICertificateRepository.findCertRecordsInList(java.lang.String filter,
java.lang.String[] attrs,
java.lang.String sortKey,
int pageSize)
Finds a list of certificate records that satisifies
the filter.
|
ICertRecordList |
ICertificateRepository.findCertRecordsInList(java.lang.String filter,
java.lang.String[] attrs,
java.lang.String jumpTo,
java.lang.String sortKey,
int pageSize)
Finds a list of certificate records that satisifies
the filter.
|
ICertRecordList |
ICertificateRepository.findCertRecordsInListRawJumpto(java.lang.String filter,
java.lang.String[] attrs,
java.lang.String jumpTo,
java.lang.String sortKey,
int pageSize)
Finds a list of certificate records that satisifies
the filter.
|
java.util.Enumeration<java.lang.Object> |
ICertificateRepository.findCertRecs(java.lang.String filter)
Finds certificate records.
|
java.util.Enumeration<ICertRecord> |
ICertificateRepository.getAllRevokedCertificates()
Retrieves all revoked certificates including ones that have expired
or that are not yet valid.
|
java.util.Enumeration<ICertRecord> |
ICertificateRepository.getAllRevokedNonExpiredCertificates()
Retrieves all revoked but not expired certificates.
|
ICertRecord |
ICertRecordList.getCertRecord(int index)
Gets one single record at a time similar to
processCertRecords but no extra class needed.
|
java.util.Enumeration<ICertRecord> |
ICertRecordList.getCertRecords(int startidx,
int endidx)
Retrieves requests.
|
java.util.Enumeration<ICertRecord> |
ICertificateRepository.getExpiredCertificates(java.lang.String from,
java.lang.String to)
Retrieves expired certificates.
|
java.util.Enumeration<ICertRecord> |
ICertificateRepository.getExpiredPublishedCertificates(java.lang.String from,
java.lang.String to)
Retrieves expired and published certificates.
|
ICertRecordList |
ICertificateRepository.getInvalidCertsByNotBeforeDate(java.util.Date date,
int pageSize)
Gets Invalid certs orderes by noAfter date, jumps to records
where notAfter date is greater than current.
|
java.math.BigInteger |
ICertificateRepository.getNextSerialNumber()
Retrieves the next certificate serial number, and also increases
the serial number by one.
|
java.util.Hashtable<java.lang.String,RenewableCertificateCollection> |
ICertificateRepository.getRenewableCertificates(java.lang.String renewalTime)
Retrieves renewable certificates.
|
java.util.Enumeration<ICertRecord> |
ICertificateRepository.getRevokedCertificates(java.util.Date asOfDate)
Retrieves all the revoked certificates that have not expired.
|
java.util.Enumeration<ICertRecord> |
ICertificateRepository.getRevokedCertificates(java.lang.String from,
java.lang.String to)
Retrieves revoked certificates.
|
ICertRecordList |
ICertificateRepository.getRevokedCertsByNotAfterDate(java.util.Date date,
int pageSize)
Gets Revoked certs orderes by noAfter date, jumps to records
where notAfter date is greater than current.
|
java.util.Enumeration<ICertRecord> |
ICertificateRepository.getRevokedPublishedCertificates(java.lang.String from,
java.lang.String to)
Retrieves revoked and published certificates.
|
java.util.Enumeration<ICertRecord> |
ICertificateRepository.getValidCertificates(java.lang.String from,
java.lang.String to)
Retrieves valid certificates.
|
ICertRecordList |
ICertificateRepository.getValidCertsByNotAfterDate(java.util.Date date,
int pageSize)
Gets valid certs orderes by noAfter date, jumps to records
where notAfter date is greater than current.
|
java.util.Enumeration<ICertRecord> |
ICertificateRepository.getValidNotPublishedCertificates(java.lang.String from,
java.lang.String to)
Retrieves valid and not published certificates.
|
netscape.security.x509.X509CertImpl |
ICertificateRepository.getX509Certificate(java.math.BigInteger serialNo)
Reads the certificate identified by the given serial no.
|
netscape.security.x509.X509CertImpl[] |
ICertificateRepository.getX509Certificates(java.lang.String subjectDN,
int validityType)
Gets all valid and unexpired certificates pertaining
to a subject DN.
|
void |
ICertificateRepository.markAsRevoked(java.math.BigInteger id,
IRevocationInfo info)
Marks certificate as revoked.
|
void |
ICertificateRepository.markAsRevoked(java.math.BigInteger id,
IRevocationInfo info,
boolean isAlreadyOnHold) |
void |
ICertificateRepository.markCertificateAsNotRenewable(ICertRecord record)
Marks certificate as not renewable.
|
void |
ICertificateRepository.markCertificateAsRenewable(ICertRecord record)
Marks certificate as renewable.
|
void |
ICertificateRepository.markCertificateAsRenewalNotified(java.lang.String serialNo)
Marks certificate as renewed and notified.
|
void |
ICertificateRepository.markCertificateAsRenewed(java.lang.String serialNo)
Marks certificate as renewed.
|
void |
ICertificateRepository.modifyCertificateRecord(java.math.BigInteger serialNo,
ModificationSet mods)
Modifies certificate record.
|
void |
ICertRecordList.processCertRecords(int startidx,
int endidx,
IElementProcessor ep)
Process certificate record as soon as it is returned.
|
ICertRecord |
ICertificateRepository.readCertificateRecord(java.math.BigInteger serialNo)
Reads certificate from repository.
|
void |
ICertificateRepository.removeCertRecords(java.math.BigInteger beginS,
java.math.BigInteger endS)
Removes certificate records with this repository.
|
java.util.Enumeration<java.lang.Object> |
ICertificateRepository.searchCertificates(java.lang.String filter,
int maxSize)
Finds a list of certificate records that satisifies
the filter.
|
java.util.Enumeration<ICertRecord> |
ICertificateRepository.searchCertificates(java.lang.String filter,
int maxSize,
int timeLimit)
Finds a list of certificate records that satisifies
the filter.
|
java.util.Enumeration<ICertRecord> |
ICertificateRepository.searchCertificates(java.lang.String filter,
int maxSize,
int timeLimit,
java.lang.String sortAttribute)
Finds a list of certificate records that satisifies
the filter.
|
java.util.Enumeration<java.lang.Object> |
ICertificateRepository.searchCertificates(java.lang.String filter,
int maxSize,
java.lang.String sortAttribute)
Finds a list of certificate records that satisifies
the filter.
|
void |
ICertificateRepository.unmarkRevoked(java.math.BigInteger id,
IRevocationInfo info,
java.util.Date revokedOn,
java.lang.String revokedBy)
Unmark a revoked certificates.
|
void |
ICertificateRepository.updateCertStatus()
Updates certificate status now.
|
void |
ICertificateRepository.updateStatus(java.math.BigInteger id,
java.lang.String status)
Updates certificate status.
|
| Modifier and Type | Method and Description |
|---|---|
void |
ICRLRepository.addCRLIssuingPointRecord(ICRLIssuingPointRecord rec)
Adds CRL issuing point record.
|
void |
ICRLRepository.deleteCRLIssuingPointRecord(java.lang.String id)
Deletes issuing point record.
|
java.util.Vector<java.lang.String> |
ICRLRepository.getIssuingPointsNames()
Retrieves all the issuing points' names.
|
void |
ICRLRepository.modifyCRLIssuingPointRecord(java.lang.String id,
ModificationSet mods)
Modifies issuing point record.
|
ICRLIssuingPointRecord |
ICRLRepository.readCRLIssuingPointRecord(java.lang.String id)
Reads issuing point record.
|
void |
ICRLRepository.updateCRLCache(java.lang.String id,
java.lang.Long crlSize,
java.util.Hashtable<java.math.BigInteger,netscape.security.x509.RevokedCertificate> revokedCerts,
java.util.Hashtable<java.math.BigInteger,netscape.security.x509.RevokedCertificate> unrevokedCerts,
java.util.Hashtable<java.math.BigInteger,netscape.security.x509.RevokedCertificate> expiredCerts)
Updates CRL issuing point record.
|
void |
ICRLRepository.updateCRLIssuingPointRecord(java.lang.String id,
byte[] newCRL,
java.util.Date thisUpdate,
java.util.Date nextUpdate,
java.math.BigInteger crlNumber,
java.lang.Long crlSize)
Updates CRL issuing point record.
|
void |
ICRLRepository.updateCRLIssuingPointRecord(java.lang.String id,
byte[] newCRL,
java.util.Date thisUpdate,
java.util.Date nextUpdate,
java.math.BigInteger crlNumber,
java.lang.Long crlSize,
java.util.Hashtable<java.math.BigInteger,netscape.security.x509.RevokedCertificate> revokedCerts,
java.util.Hashtable<java.math.BigInteger,netscape.security.x509.RevokedCertificate> unrevokedCerts,
java.util.Hashtable<java.math.BigInteger,netscape.security.x509.RevokedCertificate> expiredCerts)
Updates CRL issuing point record.
|
void |
ICRLRepository.updateDeltaCRL(java.lang.String id,
java.math.BigInteger deltaCRLNumber,
java.lang.Long deltaCRLSize,
java.util.Date nextUpdate,
byte[] deltaCRL)
Updates CRL issuing point record with delta-CRL.
|
void |
ICRLRepository.updateExpiredCerts(java.lang.String id,
java.util.Hashtable<java.math.BigInteger,netscape.security.x509.RevokedCertificate> expiredCerts)
Updates CRL issuing point record.
|
void |
ICRLRepository.updateFirstUnsaved(java.lang.String id,
java.lang.String firstUnsaved)
Updates CRL issuing point record with reference to the first
unsaved data.
|
void |
ICRLRepository.updateRevokedCerts(java.lang.String id,
java.util.Hashtable<java.math.BigInteger,netscape.security.x509.RevokedCertificate> revokedCerts,
java.util.Hashtable<java.math.BigInteger,netscape.security.x509.RevokedCertificate> unrevokedCerts)
Updates CRL issuing point record.
|
| Modifier and Type | Method and Description |
|---|---|
void |
IKeyRepository.addKeyRecord(IKeyRecord record)
Archives a key to the repository.
|
void |
IKeyRepository.deleteKeyRecord(java.math.BigInteger serialno)
Deletes a key record.
|
IKeyRecordList |
IKeyRepository.findKeyRecordsInList(java.lang.String filter,
java.lang.String[] attrs,
int pageSize)
Searchs for a list of key records.
|
IKeyRecordList |
IKeyRepository.findKeyRecordsInList(java.lang.String filter,
java.lang.String[] attrs,
java.lang.String sortKey,
int pageSize)
Searchs for a list of key records.
|
java.lang.String |
IKeyRecord.getClientId()
Retrieves client ID.
|
java.lang.String |
IKeyRecord.getDataType()
Retrieves key data type.
|
java.util.Date[] |
IKeyRecord.getDateOfRevocation()
Retrieves dates of recovery.
|
java.util.Enumeration<IKeyRecord> |
IKeyRecordList.getKeyRecords(int startidx,
int endidx)
Retrieves key records.
|
java.lang.Integer |
IKeyRecord.getKeySize()
Retrieves key length.
|
java.lang.String |
IKeyRecord.getKeyStatus()
Retrieves key status.
|
java.lang.String |
IKeyRecord.getOwnerName()
Retrieves key owner name.
|
byte[] |
IKeyRecord.getPublicKeyData()
Retrieves public key data.
|
java.lang.String |
IKeyRecord.getRealm()
Retrieves authorization realm.
|
java.math.BigInteger |
IKeyRecord.getSerialNumber()
Retrieves key identifier.
|
KeyState |
IKeyRecord.getState()
Retrieves the state of the key.
|
void |
IKeyRepository.modifyKeyRecord(java.math.BigInteger serialNo,
ModificationSet mods)
Modifies key record in this repository.
|
IKeyRecord |
IKeyRepository.readKeyRecord(java.math.BigInteger serialNo)
Reads an archived key by serial number.
|
IKeyRecord |
IKeyRepository.readKeyRecord(java.security.PublicKey publicKey)
Reads archived key using public key.
|
IKeyRecord |
IKeyRepository.readKeyRecord(java.lang.String cert)
Reads an archived key by b64 encoded cert.
|
IKeyRecord |
IKeyRepository.readKeyRecord(netscape.security.x509.X500Name ownerName)
Reads an archived key by owner name.
|
java.util.Enumeration<IKeyRecord> |
IKeyRepository.searchKeys(java.lang.String filter,
int maxSize)
Searches for private keys.
|
java.util.Enumeration<IKeyRecord> |
IKeyRepository.searchKeys(java.lang.String filter,
int maxSize,
int timeLimt)
Searches for private keys.
|
| Modifier and Type | Method and Description |
|---|---|
void |
IRepository.checkRanges()
Checks to see if a new range is needed, or if we have reached the end of the
current range, or if a range conflict has occurred.
|
java.math.BigInteger |
IRepository.getNextSerialNumber()
Retrieves the next serial number, and also increase the
serial number by one.
|
java.math.BigInteger |
IRepository.getTheSerialNumber()
Retrieves the next serial number without increasing the serial number.
|
void |
IRepository.resetSerialNumber(java.math.BigInteger serial)
Resets serial number.
|
void |
IRepository.setEnableSerialMgmt(boolean value)
Sets whether serial number management is enabled for certs
and requests.
|
void |
IRepository.setMaxSerial(java.lang.String serial)
Set the maximum serial number.
|
void |
IRepository.setNextMaxSerial(java.lang.String serial)
Set the maximum serial number in next range.
|
| Modifier and Type | Class and Description |
|---|---|
class |
EExtensionsException
This represents the extensions exception.
|
| Modifier and Type | Method and Description |
|---|---|
netscape.security.x509.Extension |
ICMSExtension.getExtension(IArgBlock argblock)
Get an instance of the extension given http input.
|
IArgBlock |
ICMSExtension.getFormParams(netscape.security.x509.Extension extension)
Get Javascript name value pairs to put into the request processing
template.
|
void |
ICMSExtension.init(ISubsystem owner,
IConfigStore config)
initialize from configuration file
|
| Modifier and Type | Class and Description |
|---|---|
class |
EJobsException
A class represents a jobs exception.
|
| Modifier and Type | Method and Description |
|---|---|
IJobCron |
IJobsScheduler.createJobCron(java.lang.String cs)
Creates a job cron.
|
void |
IJob.init(ISubsystem owner,
java.lang.String id,
java.lang.String implName,
IConfigStore config)
Initialize from the configuration file.
|
| Modifier and Type | Class and Description |
|---|---|
class |
EKRAException
A class represents a KRA exception.
|
| Modifier and Type | Method and Description |
|---|---|
void |
IKeyService.addAgentAsyncKeyRecovery(java.lang.String reqID,
java.lang.String agentID)
add approving agent in asynchronous key recovery
|
void |
IKeyService.addDistributedCredential(java.lang.String recoveryID,
java.lang.String uid,
java.lang.String pwd)
Adds password in the distributed recovery operation.
|
void |
IKeyRecoveryAuthority.createError(java.lang.String recoveryID,
java.lang.String error)
Creates error for a specific recovery operation.
|
void |
IKeyRecoveryAuthority.createPk12(java.lang.String recoveryID,
byte[] pk12)
Creates PKCS12 package in memory.
|
java.util.Hashtable<java.lang.String,java.lang.Object> |
IKeyService.createRecoveryParams(java.lang.String recoveryID)
Creates recovery parameters for the given recovery operation.
|
void |
ProofOfArchival.decode(java.io.InputStream in)
Decodes the input stream.
|
void |
ProofOfArchival.delete(java.lang.String name)
Deletes an attribute.
|
void |
IKeyService.destroyRecoveryParams(java.lang.String recoveryID)
Destroys recovery parameters for the given recovery operation.
|
byte[] |
IKeyService.doKeyRecovery(java.math.BigInteger kid,
Credential[] creds,
java.lang.String pwd,
netscape.security.x509.X509CertImpl cert,
java.lang.String delivery,
java.lang.String nickname,
java.lang.String agent)
Performs administrator-initiated key recovery.
|
byte[] |
IKeyService.doKeyRecovery(java.lang.String reqID,
java.lang.String password)
Async Recovers key for administrators.
|
void |
ProofOfArchival.encode(netscape.security.util.DerOutputStream out)
Encodes this proof of escrow into the given
output stream.
|
void |
ProofOfArchival.encodeAndSign(java.security.PrivateKey key,
java.lang.String algorithm,
java.lang.String provider,
netscape.security.util.DerOutputStream out)
Encodes and signs this proof of escrow.
|
java.lang.Object |
ProofOfArchival.get(java.lang.String name)
Retrieves the value of an named attribute.
|
java.util.Vector<Credential> |
IKeyRecoveryAuthority.getAppAgents(java.lang.String recoveryID) |
Credential[] |
IKeyService.getDistributedCredentials(java.lang.String recoveryID)
Retrieves credentials in the distributed recovery operation.
|
java.lang.String |
IKeyRecoveryAuthority.getError(java.lang.String recoveryID)
Retrieves error by recovery identifier.
|
java.lang.String |
IKeyService.getInitAgentAsyncKeyRecovery(java.lang.String reqID)
get async recovery request initiating agent
|
java.lang.String |
IKeyRecoveryAuthority.getNewNickName()
Returns the new nickname of the transport certifiate.
|
int |
IKeyService.getNoOfRequiredAgents()
Retrieves number of agent required to perform
key recovery operation.
|
int |
IKeyRecoveryAuthority.getNoOfRequiredAgents()
Returns the number of required agents.
|
byte[] |
IKeyRecoveryAuthority.getPk12(java.lang.String recoveryID)
Retrieves PKCS12 package by recovery identifier.
|
java.util.Hashtable<java.lang.String,java.lang.Object> |
IKeyService.getRecoveryParams(java.lang.String recoveryID)
Retrieves recovery parameters for the given recovery operation.
|
java.lang.String |
IKeyService.initAsyncKeyRecovery(java.math.BigInteger kid,
netscape.security.x509.X509CertImpl cert,
java.lang.String agent,
java.lang.String realm)
Initiate asynchronous key recovery
|
boolean |
IKeyService.isApprovedAsyncKeyRecovery(java.lang.String reqID)
is async recovery request status APPROVED -
i.e.
|
void |
ProofOfArchival.set(java.lang.String name,
java.lang.Object obj)
Sets an attribute value.
|
void |
IKeyRecoveryAuthority.setNoOfRequiredAgents(int number)
Sets the number of required recovery agents
|
| Constructor and Description |
|---|
ProofOfArchival(java.io.InputStream in)
Constructs proof of escrow from input stream.
|
| Modifier and Type | Class and Description |
|---|---|
class |
ELdapException
A class that represents a Ldap exception.
|
class |
ELdapServerDownException
This represents exception which indicates Ldap server is down.
|
| Modifier and Type | Method and Description |
|---|---|
void |
ILdapConnInfo.init(IConfigStore config)
Initializes an instance from a config store.
|
void |
ILdapConnFactory.init(IConfigStore config)
Initialize the poll from the config store.
|
void |
ILdapAuthInfo.init(IConfigStore config)
Initialize this class from the config store.
|
void |
ILdapAuthInfo.init(IConfigStore config,
java.lang.String host,
int port,
boolean secure)
Initialize this class from the config store.
|
void |
ILdapConnModule.init(ISubsystem owner,
IConfigStore config)
Initialize ldap publishing module with config store.
|
| Modifier and Type | Class and Description |
|---|---|
class |
EListenersException
A class represents a listener exception.
|
| Modifier and Type | Method and Description |
|---|---|
java.lang.String[] |
IRequestListenerPlugin.getConfigParams()
get the configuration parameters of the plug-in.
|
void |
IRequestListenerPlugin.init(java.lang.String name,
java.lang.String implName,
IConfigStore config)
the subsystem call this method to initialize the plug-in.
|
| Modifier and Type | Class and Description |
|---|---|
class |
ELogException
This class implements a Log exception.
|
class |
ELogNotFound
Exception for log not found.
|
class |
ELogPluginNotFound
Exception for log plugin not found.
|
| Modifier and Type | Method and Description |
|---|---|
void |
ILogEventListener.init(ISubsystem owner,
IConfigStore config)
Initialize this log listener
|
void |
ConsoleLog.init(ISubsystem owner,
IConfigStore config) |
NameValuePairs |
ILogEventListener.retrieveLogContent(java.util.Hashtable<java.lang.String,java.lang.String> req)
Retrieve last "maxLine" number of system logs with log level >"level"
and from source "source".
|
NameValuePairs |
ConsoleLog.retrieveLogContent(java.util.Hashtable<java.lang.String,java.lang.String> req)
Retrieve last "maxLine" number of system log with log lever >"level"
and from source "source".
|
NameValuePairs |
ILogEventListener.retrieveLogList(java.util.Hashtable<java.lang.String,java.lang.String> req)
Retrieve list of log files.
|
NameValuePairs |
ConsoleLog.retrieveLogList(java.util.Hashtable<java.lang.String,java.lang.String> req)
Retrieve log file list.
|
void |
ILogEventListener.startup()
Startup the instance.
|
void |
ConsoleLog.startup() |
| Modifier and Type | Class and Description |
|---|---|
class |
ENotificationException
A class represents a notification exception.
|
| Modifier and Type | Method and Description |
|---|---|
java.lang.String |
IEmailResolver.getEmail(IEmailResolverKeys keys)
returns an email address by using the resolver keys.
|
| Modifier and Type | Method and Description |
|---|---|
void |
IDefStore.addCRLIssuingPoint(java.lang.String name,
ICRLIssuingPointRecord rec)
This method adds a CRL issuing point
|
void |
IDefStore.addRepository(java.lang.String name,
java.lang.String thisUpdate,
IRepositoryRecord rec)
This method adds a request to the default OCSP store repository.
|
void |
IDefStore.deleteCRLIssuingPointRecord(java.lang.String id)
This method deletes a CRL issuing point record
|
ICRLIssuingPointRecord |
IDefStore.readCRLIssuingPoint(java.lang.String name)
This method attempts to read the CRL issuing point.
|
java.util.Enumeration<ICRLIssuingPointRecord> |
IDefStore.searchAllCRLIssuingPointRecord(int maxSize)
This method searches all CRL issuing points.
|
java.util.Enumeration<ICRLIssuingPointRecord> |
IDefStore.searchCRLIssuingPointRecord(java.lang.String filter,
int maxSize)
This method searches all CRL issuing points constrained by the specified
filtering mechanism.
|
void |
IOCSPStore.setConfigParameters(NameValuePairs pairs)
This method stores the configuration parameters specified by the
passed-in Name Value pairs object.
|
void |
IOCSPAuthority.setDefaultAlgorithm(java.lang.String algorithm)
This method sets the supplied algorithm as the default signing algorithm.
|
BasicOCSPResponse |
IOCSPAuthority.sign(ResponseData rd)
This method signs the basic OCSP response data provided as a parameter.
|
void |
IDefStore.updateCRL(java.security.cert.X509CRL crl)
This method updates the specified CRL.
|
OCSPResponse |
IOCSPStore.validate(OCSPRequest req)
This method validates the information associated with the specified
OCSP request and returns an OCSP response.
|
OCSPResponse |
IOCSPService.validate(OCSPRequest r)
This method validates the information associated with the specified
OCSP request and returns an OCSP response.
|
| Modifier and Type | Class and Description |
|---|---|
class |
EPasswordCheckException
A class represents a password checker exception.
|
| Modifier and Type | Class and Description |
|---|---|
class |
EPolicyException
Deprecated.
|
| Modifier and Type | Method and Description |
|---|---|
void |
IPolicyRule.setPolicyException(IRequest req,
EBaseException ex)
Deprecated.
|
| Modifier and Type | Method and Description |
|---|---|
void |
IPolicyProcessor.addPolicyImpl(java.lang.String id,
java.lang.String classPath)
Deprecated.
Adds a policy implementation identified by an impl id.
|
void |
IPolicyProcessor.addPolicyInstance(java.lang.String id,
java.util.Hashtable<java.lang.String,java.lang.String> ht)
Deprecated.
Adds a policy instance
|
void |
IPolicyProcessor.changePolicyInstanceOrdering(java.lang.String policyOrderStr)
Deprecated.
Modifies policy ordering.
|
void |
IPolicyProcessor.deletePolicyImpl(java.lang.String id)
Deprecated.
Deletes a policy implementation identified by an impl id.
|
void |
IPolicyProcessor.deletePolicyInstance(java.lang.String id)
Deprecated.
Deletes a policy instance identified by an instance id.
|
netscape.security.x509.GeneralName |
IGeneralNameConfig.formGeneralName(java.lang.String value)
Deprecated.
Forms a general name from string.
|
java.util.Vector<netscape.security.x509.GeneralName> |
IGeneralNameConfig.formGeneralNames(java.lang.Object value)
Deprecated.
Forms general names from the given value.
|
void |
IPolicyRule.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes the policy rule.
|
void |
IPolicyProcessor.modifyPolicyInstance(java.lang.String id,
java.util.Hashtable<java.lang.String,java.lang.String> ht)
Deprecated.
Modifies a policy instance
|
| Modifier and Type | Class and Description |
|---|---|
class |
EDeferException
This represents a profile specific exception.
|
class |
EProfileException
This represents a generic profile exception.
|
class |
ERejectException
This represents a profile specific exception.
|
| Modifier and Type | Method and Description |
|---|---|
void |
IProfile.init(IProfileSubsystem owner,
IConfigStore config)
Initializes this profile.
|
void |
IProfileEx.populate()
Called after initialization.
|
void |
ICertInfoPolicyDefault.populate(IRequest request,
netscape.security.x509.X509CertInfo info)
Populates certificate info directly.
|
| Modifier and Type | Class and Description |
|---|---|
class |
EPropertyException
This is the base exception for property handling.
|
| Modifier and Type | Class and Description |
|---|---|
class |
EMapperNotFound
Exception for Publish Mapper not found.
|
class |
EMapperPluginNotFound
Exception for Mapper Plugin not found.
|
class |
EPublisherNotFound
Exception for Publisher not found.
|
class |
EPublisherPluginNotFound
Exception for Publisher Plugin not found.
|
class |
ERuleNotFound
Exception for Ldap Publishing Rule not found.
|
class |
ERulePluginNotFound
Exception for Publisher Rule plugin not found.
|
| Modifier and Type | Method and Description |
|---|---|
void |
ILdapPluginImpl.init(IConfigStore config)
initialize from config store and Isubsystem.
|
void |
ILdapPlugin.init(IConfigStore config)
Initialize from config store.
|
void |
ILdapCrlMapper.init(IConfigStore config)
initialize from config store.
|
void |
ILdapRule.init(IPublisherProcessor processor,
IConfigStore config)
Initialize the plugin.
|
void |
IPublishRuleSet.init(ISubsystem sys,
IConfigStore conf) |
void |
ILdapPluginImpl.init(ISubsystem sys,
IConfigStore config)
initialize from config store.
|
void |
ICRLPublisher.init(ISubsystem owner,
IConfigStore config)
Initializes this CRL publisher.
|
void |
ICRLPublisher.publish(java.lang.String issuingPointId,
netscape.security.x509.X509CRLImpl crl)
Publishes CRL.
|
| Modifier and Type | Method and Description |
|---|---|
java.lang.String |
IRegistrationAuthority.getNewNickName()
Retrieves the nickname of the RA certificate from configuration store.
|
void |
IRAService.serviceProfileRequest(IRequest request)
Services profile request.
|
| Modifier and Type | Class and Description |
|---|---|
class |
ERegistryException
This represents a registry exception.
|
| Modifier and Type | Class and Description |
|---|---|
class |
PolicyMessage
A (localizable) message recorded by a policy module that describes
the reason for rejecting a request.
|
| Modifier and Type | Method and Description |
|---|---|
void |
IRequestQueue.approveRequest(IRequest request)
Approves a request.
|
void |
IRequestQueue.cancelRequest(IRequest request)
Cancels a request.
|
IRequest |
IRequestQueue.cloneAndMarkPending(IRequest r)
Clones a request object and mark it pending.
|
IRequest |
IRequestQueue.cloneRequest(IRequest r)
Clones a request object.
|
void |
IRequestSubsystem.createRequestQueue(java.lang.String name)
Creates a new request queue.
|
void |
IRequestRecord.delete(java.lang.String name)
Removes attribute from the request.
|
IRequest |
IRequestQueue.findRequest(RequestId id)
Gets the Request corresponding to id.
|
IRequestQueue |
IRequestSubsystem.getRequestQueue(java.lang.String name,
int increment,
IPolicy p,
IService s,
INotify n,
INotify pendingNotifier)
Retrieves a request queue.
|
void |
IRequestListener.init(ISubsystem sub,
IConfigStore config)
Initializes request listener for the specific subsystem
and configuration store.
|
void |
IRequestQueue.markRequestPending(IRequest req)
Puts a new request into the PENDING state.
|
IRequest |
IRequestQueue.newRequest(java.lang.String requestType)
Creates a new request object.
|
void |
IRequestQueue.processRequest(IRequest req)
Begins processing for this request.
|
void |
IRequestQueue.rejectRequest(IRequest request)
Rejects a request.
|
void |
IRequestQueue.removeAllObjects()
Removes all objects with this repository.
|
void |
IRequestQueue.resetSerialNumber(java.math.BigInteger serial)
Resets serial number.
|
boolean |
IService.serviceRequest(IRequest request)
Performs the service (such as certificate generation)
represented by this request.
|
void |
IRequestQueue.updateRequest(IRequest request)
Updates the request in the permanent data store.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
IStorageKeyUnit.changeAgentMN(int n,
int m,
Credential[] oldcreds,
Credential[] newcreds)
Changes M-N recovery scheme.
|
boolean |
IStorageKeyUnit.changeAgentPassword(java.lang.String id,
java.lang.String oldpwd,
java.lang.String newpwd)
Changes agent password.
|
void |
ICryptoSubsystem.checkCertificateExt(java.lang.String ext)
Checks if the given base-64 encoded string contains an extension
or a sequence of extensions.
|
org.mozilla.jss.crypto.SignatureAlgorithm |
ISigningUnit.checkSigningAlgorithmFromName(java.lang.String algname)
Checks if the given algorithm name is supported.
|
byte[] |
IEncryptionUnit.decryptExternalPrivate(byte[] sessionKey,
java.lang.String symmAlgOID,
byte[] symmAlgParams,
byte[] privateKey)
Decrypts the external private key (private key from the end-user).
|
byte[] |
IEncryptionUnit.decryptExternalPrivate(byte[] sessionKey,
java.lang.String symmAlgOID,
byte[] symmAlgParams,
byte[] privateKey,
org.mozilla.jss.crypto.X509Certificate transportCert)
Decrypts the external private key (private key from the end-user).
|
byte[] |
IEncryptionUnit.decryptInternalPrivate(byte[] wrappedPrivateData)
Decrypts the internal private key (private key from the KRA's
internal storage).
|
void |
ICryptoSubsystem.deleteCert(java.lang.String nickname,
java.lang.String notAfterTime)
Delete certificate of the given nickname.
|
void |
ICryptoSubsystem.deleteRootCert(java.lang.String nickname,
java.lang.String serialno,
java.lang.String issuername) |
void |
ICryptoSubsystem.deleteTokenCertificate(java.lang.String nickname,
java.lang.String pathname)
Deletes certificate of the given nickname.
|
void |
ICryptoSubsystem.deleteUserCert(java.lang.String nickname,
java.lang.String serialno,
java.lang.String issuername) |
byte[] |
IEncryptionUnit.encryptInternalPrivate(byte[] rawPrivate)
Encrypts the internal private key (private key to the KRA's
internal storage).
|
netscape.security.x509.AlgorithmId |
ICryptoSubsystem.getAlgorithmId(java.lang.String algname,
IConfigStore store)
Retrieves CA's signing algorithm id.
|
java.lang.String[] |
ISigningUnit.getAllAlgorithms()
Retrieves all supported signing algorithm of this unit.
|
java.lang.String |
ICryptoSubsystem.getAllCerts()
Retrieves a list of nicknames of certificates that are
in the installed tokens.
|
NameValuePairs |
ICryptoSubsystem.getAllCertsManage()
Gets all certificates on all tokens for Certificate Database Management.
|
NameValuePairs |
ICryptoSubsystem.getCACerts()
Gets all CA certificates on all tokens.
|
org.mozilla.jss.crypto.PQGParams |
ICryptoSubsystem.getCAPQG(int keysize,
IConfigStore store)
Retrieves PQG parameters based on key size.
|
java.lang.String |
ICryptoSubsystem.getCertListWithoutTokenName(java.lang.String name)
Retrieves all certificates.
|
java.lang.String |
ICryptoSubsystem.getCertPrettyPrint(java.lang.String b64E,
java.util.Locale locale)
Retrieves the certificate in the pretty print format.
|
java.lang.String |
ICryptoSubsystem.getCertPrettyPrint(java.lang.String nickname,
java.lang.String date,
java.util.Locale locale)
Retrieves certificate in pretty-print format by the nickname.
|
java.lang.String |
ICryptoSubsystem.getCertPrettyPrint(java.lang.String nickname,
java.lang.String serialno,
java.lang.String issuername,
java.util.Locale locale) |
java.lang.String |
ICryptoSubsystem.getCertPrettyPrintAndFingerPrint(java.lang.String nickname,
java.lang.String serialno,
java.lang.String issuername,
java.util.Locale locale) |
java.lang.String |
ICryptoSubsystem.getCertRequest(java.lang.String subjectName,
java.security.KeyPair kp)
Generates certificate request from the given key pair.
|
java.lang.String |
ICryptoSubsystem.getCertSubjectName(java.lang.String tokenname,
java.lang.String nickname)
Retrieves subject name of the certificate that is identified by
the given nickname.
|
java.lang.String |
ICryptoSubsystem.getCipherPreferences()
Retrieves the cipher preferences.
|
java.lang.String |
ICryptoSubsystem.getCipherVersion()
Retrieves the SSL cipher version.
|
java.security.KeyPair |
ICryptoSubsystem.getECCKeyPair(KeyCertData properties)
Generates an ECC key pair based on the given parameters.
|
java.security.KeyPair |
ICryptoSubsystem.getECCKeyPair(java.lang.String token,
java.lang.String curveName,
java.lang.String certType)
Generates an ECC key pair based on the given parameters.
|
netscape.security.x509.CertificateExtensions |
ICryptoSubsystem.getExtensions(java.lang.String tokenname,
java.lang.String nickname)
Retrieves extensions of the certificate that is identified by
the given nickname.
|
java.lang.String |
ICryptoSubsystem.getInternalTokenName()
Retrieves the token name of the internal (software) token.
|
java.security.KeyPair |
ICryptoSubsystem.getKeyPair(KeyCertData properties)
Generates a key pair based on the given parameters.
|
java.security.KeyPair |
ICryptoSubsystem.getKeyPair(java.lang.String nickname)
Retrieves the key pair based on the given nickname.
|
java.security.KeyPair |
ICryptoSubsystem.getKeyPair(java.lang.String tokenName,
java.lang.String alg,
int keySize)
Generates a key pair based on the given parameters.
|
java.security.KeyPair |
ICryptoSubsystem.getKeyPair(java.lang.String tokenName,
java.lang.String alg,
int keySize,
org.mozilla.jss.crypto.PQGParams pqg)
Generates a key pair based on the given parameters.
|
java.lang.String |
ISigningUnit.getNewNickName()
Retrieves the new nickname in the renewal process.
|
int |
IStorageKeyUnit.getNoOfAgents()
Retrieves total number of recovery agents.
|
int |
IStorageKeyUnit.getNoOfRequiredAgents()
Retrieves number of recovery agents required to
perform recovery operation.
|
NameValuePairs |
ICryptoSubsystem.getRootCerts() |
java.lang.String |
ICryptoSubsystem.getRootCertTrustBit(java.lang.String nickname,
java.lang.String serialno,
java.lang.String issuerName) |
java.lang.String |
ICryptoSubsystem.getSignatureAlgorithm(java.lang.String nickname)
Retrieves the signature algorithm of the certificate named
by the given nickname.
|
netscape.security.x509.X509CertImpl |
ICryptoSubsystem.getSignedCert(KeyCertData data,
java.lang.String certType,
java.security.PrivateKey priKey)
Signs the certificate template into the given data and returns
a signed certificate.
|
java.lang.String |
ITransportKeyUnit.getSigningAlgorithm()
Returns this Unit's signing algorithm in String format.
|
java.lang.String |
ICryptoSubsystem.getSubjectDN(java.lang.String nickname)
Retrieves the subject DN of the certificate identified by
the nickname.
|
java.lang.String |
ICryptoSubsystem.getTokenList()
Retrieves a list of currently registered token names.
|
java.lang.String |
ISigningUnit.getTokenName()
Retrieves the token name of this unit.
|
NameValuePairs |
ICryptoSubsystem.getUserCerts() |
void |
ICryptoSubsystem.importCert(java.lang.String b64E,
java.lang.String nickname,
java.lang.String certType)
Imports certificate into the server.
|
void |
ICryptoSubsystem.importCert(netscape.security.x509.X509CertImpl signedCert,
java.lang.String nickname,
java.lang.String certType)
Imports certificate into the server.
|
boolean |
ICryptoSubsystem.isCACert(java.lang.String fullNickname)
Checks to see if the certificate of the given nickname is a
CA certificate.
|
java.lang.String |
ICryptoSubsystem.isCipherFortezza()
Checks if fortezza is enabled.
|
boolean |
ICryptoSubsystem.isTokenLoggedIn(java.lang.String name)
Checks if the given token is logged in.
|
void |
ICryptoSubsystem.isX500DN(java.lang.String dn)
Checks if the given dn is a valid distinguished name.
|
void |
ICryptoSubsystem.loggedInToken(java.lang.String tokenName,
java.lang.String pwd)
Logs into token.
|
void |
IStorageKeyUnit.login(Credential[] ac)
Logins to this unit.
|
void |
IToken.login(java.lang.String pin)
Logins to the token unit.
|
void |
ICryptoSubsystem.setCipherPreferences(java.lang.String cipherPrefs)
Sets the current SSL cipher preferences.
|
void |
ISigningUnit.setDefaultAlgorithm(java.lang.String algorithm)
Set default signing algorithm.
|
void |
ICryptoSubsystem.setRootCertTrust(java.lang.String nickname,
java.lang.String serialno,
java.lang.String issuername,
java.lang.String trust) |
void |
ITransportKeyUnit.setSigningAlgorithm(java.lang.String str)
Sets this Unit's signing algorithm.
|
byte[] |
ISigningUnit.sign(byte[] data,
java.lang.String algname)
Signs the given data in specific algorithm.
|
void |
ICryptoSubsystem.trustCert(java.lang.String nickname,
java.lang.String date,
java.lang.String trust)
Trusts a certificate for all available purposes.
|
org.mozilla.jss.crypto.SymmetricKey |
IEncryptionUnit.unwrap_symmetric(byte[] sessionKey,
java.lang.String symmAlgOID,
byte[] symmAlgParams,
byte[] symmetricKey,
org.mozilla.jss.crypto.SymmetricKey.Type type,
int strength)
Unwraps symmetric key .
|
org.mozilla.jss.crypto.PrivateKey |
ITransportKeyUnit.unwrap_temp(byte[] wrappedKeyData,
java.security.PublicKey pubKey)
Unwraps temporary private key .
|
org.mozilla.jss.crypto.PrivateKey |
IEncryptionUnit.unwrap(byte[] privateKey,
java.security.PublicKey pubKey)
Unwraps data.
|
org.mozilla.jss.crypto.PrivateKey |
IEncryptionUnit.unwrap(byte[] sessionKey,
java.lang.String symmAlgOID,
byte[] symmAlgParams,
byte[] privateKey,
java.security.PublicKey pubKey)
Unwraps data.
|
org.mozilla.jss.crypto.PrivateKey |
IEncryptionUnit.unwrap(byte[] encSymmKey,
java.lang.String symmAlgOID,
byte[] symmAlgParams,
byte[] encValue,
java.security.PublicKey pubKey,
org.mozilla.jss.crypto.X509Certificate transportCert)
Unwraps data.
|
org.mozilla.jss.crypto.SymmetricKey |
IEncryptionUnit.unwrap(byte[] wrappedKeyData,
org.mozilla.jss.crypto.SymmetricKey.Type algorithm,
int keySize)
Unwraps symmetric key data.
|
boolean |
ISigningUnit.verify(byte[] data,
byte[] signature,
java.lang.String algname)
Verifies the signed data.
|
void |
IEncryptionUnit.verify(java.security.PublicKey publicKey,
org.mozilla.jss.crypto.PrivateKey privateKey)
Verifies the given key pair.
|
byte[] |
IEncryptionUnit.wrap(org.mozilla.jss.crypto.PrivateKey priKey)
Wraps data.
|
byte[] |
IEncryptionUnit.wrap(org.mozilla.jss.crypto.SymmetricKey symKey)
Wraps data.
|
| Modifier and Type | Class and Description |
|---|---|
class |
EDuplicateSelfTestException
This class implements a duplicate self test exception.
|
class |
EInvalidSelfTestException
This class implements an invalid self test exception.
|
class |
EMissingSelfTestException
This class implements a missing self test exception.
|
class |
ESelfTestException
This class implements a self test exception.
|
| Modifier and Type | Class and Description |
|---|---|
class |
EUsrGrpException
A class represents a Identity exception.
|
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
TokenAuthentication.authenticate(IAuthCredentials authCred)
authenticates user(agent) by certificate
|
IAuthToken |
SSLclientCertAuthentication.authenticate(IAuthCredentials authCred)
authenticates user by certificate
|
IAuthToken |
HashAuthentication.authenticate(IAuthCredentials authCreds)
Authenticates a user based on uid, pwd in the directory.
|
IAuthToken |
FlatFileAuth.authenticate(IAuthCredentials authCred)
Authenticate the request
|
IAuthToken |
DirBasedAuthentication.authenticate(IAuthCredentials authCred)
Authenticates user through LDAP by a set of credentials.
|
IAuthToken |
CMCAuth.authenticate(IAuthCredentials authCred)
Authenticates user by their CMC;
resulting AuthToken sets a TOKEN_SUBJECT for the subject name.
|
IAuthToken |
AgentCertAuthentication.authenticate(IAuthCredentials authCred)
authenticates user(agent) by certificate
|
protected java.lang.String |
UserPwdDirAuthentication.authenticate(netscape.ldap.LDAPConnection conn,
IAuthCredentials authCreds,
AuthToken token)
Authenticates a user based on attr, pwd in the directory.
|
protected java.lang.String |
UidPwdPinDirAuthentication.authenticate(netscape.ldap.LDAPConnection conn,
IAuthCredentials authCreds,
AuthToken token)
Authenticates a user based on its uid, pwd, pin in the directory.
|
protected java.lang.String |
UidPwdDirAuthentication.authenticate(netscape.ldap.LDAPConnection conn,
IAuthCredentials authCreds,
AuthToken token)
Authenticates a user based on uid, pwd in the directory.
|
protected java.lang.String |
PortalEnroll.authenticate(netscape.ldap.LDAPConnection conn,
IAuthCredentials authCreds,
AuthToken token)
Authenticates a user based on uid, pwd in the directory.
|
protected abstract java.lang.String |
DirBasedAuthentication.authenticate(netscape.ldap.LDAPConnection conn,
IAuthCredentials authCreds,
AuthToken token)
Authenticates a user through directory based a set of credentials.
|
protected void |
UidPwdPinDirAuthentication.checkpin(netscape.ldap.LDAPConnection conn,
java.lang.String userdn,
java.lang.String uid,
java.lang.String pin) |
protected void |
DirBasedAuthentication.formCertInfo(netscape.ldap.LDAPConnection conn,
java.lang.String userdn,
netscape.security.x509.X509CertInfo certinfo,
AuthToken token)
Formulate the cert info.
|
protected boolean |
FlatFileAuth.getPropertyB(java.lang.String propertyName,
boolean b)
Get the named property,
If the property is not set, use b as the default, and create
a new value for the property in the config file.
|
protected java.lang.String |
FlatFileAuth.getPropertyS(java.lang.String propertyName,
java.lang.String s)
Get the named property
If the property is not set, use s as the default, and create
a new value for the property in the config file.
|
void |
UserPwdDirAuthentication.init(java.lang.String name,
java.lang.String implName,
IConfigStore config)
Initializes the UdnPwdDirAuthentication auth manager.
|
void |
UidPwdPinDirAuthentication.init(java.lang.String name,
java.lang.String implName,
IConfigStore config) |
void |
TokenAuthentication.init(java.lang.String name,
java.lang.String implName,
IConfigStore config)
initializes the TokenAuthentication auth manager
|
void |
SSLclientCertAuthentication.init(java.lang.String name,
java.lang.String implName,
IConfigStore config)
initializes the SSLClientCertAuthentication auth manager
|
void |
PortalEnroll.init(java.lang.String name,
java.lang.String implName,
IConfigStore config)
Initializes the PortalEnrollment auth manager.
|
void |
HashAuthentication.init(java.lang.String name,
java.lang.String implName,
IConfigStore config) |
void |
FlatFileAuth.init(java.lang.String name,
java.lang.String implName,
IConfigStore config) |
void |
DirBasedAuthentication.init(java.lang.String name,
java.lang.String implName,
IConfigStore config)
Initializes the UidPwdDirBasedAuthentication auth manager.
|
void |
CMCAuth.init(java.lang.String name,
java.lang.String implName,
IConfigStore config)
Initializes the CMCAuth authentication plug-in.
|
void |
AgentCertAuthentication.init(java.lang.String name,
java.lang.String implName,
IConfigStore config)
initializes the CertUserDBAuthentication auth manager
|
void |
DirBasedAuthentication.init(java.lang.String name,
java.lang.String implName,
IConfigStore config,
boolean needBaseDN) |
protected IAuthToken |
CMCAuth.verifySignerInfo(AuthToken authToken,
org.mozilla.jss.pkix.cms.SignedData cmcFullReq) |
| Constructor and Description |
|---|
PortalEnroll()
Default constructor, initialization must follow.
|
| Modifier and Type | Method and Description |
|---|---|
void |
BasicGroupAuthz.accessInit(java.lang.String accessInfo) |
void |
AAclAuthz.accessInit(java.lang.String accessInfo) |
void |
AAclAuthz.addACLs(java.lang.String resACLs)
Parse ACL resource attributes, then update the ACLs memory store
This is intended to be used if storing ACLs on ldap is not desired,
and the caller is expected to call this method to add resource
and acl info into acls memory store.
|
abstract AuthzToken |
AAclAuthz.authorize(IAuthToken authToken,
java.lang.String resource,
java.lang.String operation)
an abstract class that enforces implementation of the
authorize() method that will authorize an operation on a
particular resource
|
java.lang.String[] |
BasicGroupAuthz.getConfigParams() |
protected void |
AAclAuthz.init(IConfigStore config)
Initializes
|
void |
DirAclAuthz.init(java.lang.String name,
java.lang.String implName,
IConfigStore config) |
void |
BasicGroupAuthz.init(java.lang.String name,
java.lang.String implName,
IConfigStore config) |
void |
BasicAclAuthz.init(java.lang.String name,
java.lang.String implName,
IConfigStore config) |
| Modifier and Type | Method and Description |
|---|---|
void |
UnpublishExpiredJob.init(ISubsystem owner,
java.lang.String id,
java.lang.String implName,
IConfigStore config)
initialize from the configuration file
|
void |
RequestInQueueJob.init(ISubsystem owner,
java.lang.String id,
java.lang.String implName,
IConfigStore config)
initialize from the configuration file
|
void |
RenewalNotificationJob.init(ISubsystem owner,
java.lang.String id,
java.lang.String implName,
IConfigStore config)
Initialize from the configuration file.
|
void |
PublishCertsJob.init(ISubsystem owner,
java.lang.String id,
java.lang.String implName,
IConfigStore config)
initialize from the configuration file
|
abstract void |
AJobBase.init(ISubsystem owner,
java.lang.String id,
java.lang.String implName,
IConfigStore config)
abstract methods
|
protected void |
RenewalNotificationJob.mailUser(java.lang.String subject,
java.lang.String msg,
java.lang.String sender,
IRequest req,
ICertRecord cr) |
| Modifier and Type | Method and Description |
|---|---|
java.lang.String[] |
PinRemovalListener.getConfigParams() |
void |
RequestInQListener.init(ISubsystem sub,
IConfigStore config)
initializes the listener from the configuration
|
void |
PinRemovalListener.init(ISubsystem sub,
IConfigStore config) |
void |
CertificateRevokedListener.init(ISubsystem sub,
IConfigStore config) |
void |
CertificateIssuedListener.init(ISubsystem sub,
IConfigStore config) |
void |
PinRemovalListener.init(java.lang.String name,
java.lang.String ImplName,
IConfigStore config) |
| Modifier and Type | Method and Description |
|---|---|
void |
RollingLogFile.init(IConfigStore config)
Initialize and open a RollingLogFile using the prop config store
|
void |
LogFile.init(IConfigStore config)
Initialize and open the log using the parameters from a config store
|
void |
LogFile.init(ISubsystem owner,
IConfigStore config) |
NameValuePairs |
LogFile.retrieveLogContent(java.util.Hashtable<java.lang.String,java.lang.String> req)
Retrieve last "maxLine" number of system log with log lever >"level"
and from source "source".
|
NameValuePairs |
RollingLogFile.retrieveLogList(java.util.Hashtable<java.lang.String,java.lang.String> req)
Retrieve log file list.
|
NameValuePairs |
LogFile.retrieveLogList(java.util.Hashtable<java.lang.String,java.lang.String> req)
Retrieve log file list.
|
void |
RollingLogFile.startup() |
void |
LogFile.startup()
Startup the instance
|
| Modifier and Type | Method and Description |
|---|---|
void |
DefStore.addCertRecord(java.lang.String name,
java.lang.String thisUpdate,
java.lang.String sno,
ICertRecord rec)
Creates a new issuing point in OCSP.
|
void |
LDAPStore.addCRLIssuingPoint(java.lang.String name,
ICRLIssuingPointRecord rec) |
void |
DefStore.addCRLIssuingPoint(java.lang.String name,
ICRLIssuingPointRecord rec)
Creates a new issuing point in OCSP.
|
void |
LDAPStore.addRepository(java.lang.String name,
java.lang.String thisUpdate,
IRepositoryRecord rec) |
void |
DefStore.addRepository(java.lang.String name,
java.lang.String thisUpdate,
IRepositoryRecord rec)
Creates a new issuing point in OCSP.
|
void |
DefStore.deleteAllCRLsInCA(java.lang.String caName) |
void |
LDAPStore.deleteCRLIssuingPointRecord(java.lang.String id) |
void |
DefStore.deleteCRLIssuingPointRecord(java.lang.String id) |
void |
DefStore.deleteCRLsInCA(java.lang.String caName,
boolean oldCRLs) |
void |
DefStore.deleteOldCRLs()
This store will not delete the old CRL until the
new one is totally committed.
|
void |
DefStore.deleteOldCRLsInCA(java.lang.String caName) |
boolean |
LDAPStore.includeNextUpdate() |
void |
LDAPStore.init(ISubsystem owner,
IConfigStore config)
Fetch CA certificate and CRL from LDAP server.
|
void |
DefStore.init(ISubsystem owner,
IConfigStore config) |
boolean |
LDAPStore.isNotFoundGood1() |
netscape.security.x509.X509CertImpl |
LDAPStore.locateCACert(netscape.ldap.LDAPConnection conn,
java.lang.String baseDN)
Locates the CA certificate.
|
netscape.security.x509.X509CRLImpl |
LDAPStore.locateCRL(netscape.ldap.LDAPConnection conn,
java.lang.String baseDN)
Locates the CRL.
|
void |
DefStore.modifyCertRecord(java.lang.String name,
java.lang.String thisUpdate,
java.lang.String sno,
ModificationSet mods) |
void |
DefStore.modifyCRLIssuingPointRecord(java.lang.String name,
ModificationSet mods) |
ICertRecord |
DefStore.readCertRecord(java.lang.String name,
java.lang.String thisUpdate,
java.lang.String sno) |
ICRLIssuingPointRecord |
LDAPStore.readCRLIssuingPoint(java.lang.String name) |
ICRLIssuingPointRecord |
DefStore.readCRLIssuingPoint(java.lang.String name)
Returns an issuing point.
|
java.util.Enumeration<ICRLIssuingPointRecord> |
LDAPStore.searchAllCRLIssuingPointRecord(int maxSize) |
java.util.Enumeration<ICRLIssuingPointRecord> |
DefStore.searchAllCRLIssuingPointRecord(int maxSize) |
java.util.Enumeration<ICertRecord> |
DefStore.searchCertRecord(java.lang.String name,
java.lang.String thisUpdate,
java.lang.String filter) |
java.util.Enumeration<ICRLIssuingPointRecord> |
LDAPStore.searchCRLIssuingPointRecord(java.lang.String filter,
int maxSize) |
java.util.Enumeration<ICRLIssuingPointRecord> |
DefStore.searchCRLIssuingPointRecord(java.lang.String filter,
int maxSize) |
java.util.Enumeration<IRepositoryRecord> |
DefStore.searchRepository(java.lang.String name,
java.lang.String filter) |
void |
LDAPStore.setConfigParameters(NameValuePairs pairs) |
void |
DefStore.setConfigParameters(NameValuePairs pairs) |
void |
LDAPStore.setId(java.lang.String id) |
void |
DefStore.setId(java.lang.String id) |
void |
LDAPStore.startup() |
void |
DefStore.startup() |
void |
LDAPStore.updateCRL(java.security.cert.X509CRL crl) |
void |
DefStore.updateCRL(java.security.cert.X509CRL crl) |
void |
LDAPStore.updateCRLHash(netscape.security.x509.X509CertImpl caCert,
netscape.security.x509.X509CRLImpl crl) |
OCSPResponse |
LDAPStore.validate(OCSPRequest request)
Validate an OCSP request.
|
OCSPResponse |
DefStore.validate(OCSPRequest request)
Validate an OCSP request.
|
| Modifier and Type | Method and Description |
|---|---|
void |
APolicyRule.setPolicyException(IRequest req,
EBaseException ex)
Deprecated.
|
| Modifier and Type | Method and Description |
|---|---|
protected netscape.security.x509.KeyIdentifier |
APolicyRule.formSHA1KeyId(netscape.security.x509.X509CertInfo certInfo)
Deprecated.
Form a byte array of octet string key identifier from the sha-1 hash of
the Subject Public Key BIT STRING.
|
protected netscape.security.x509.KeyIdentifier |
APolicyRule.formSpkiSHA1KeyId(netscape.security.x509.X509CertInfo certInfo)
Deprecated.
Form a byte array of octet string key identifier from the sha-1 hash of
the Subject Public Key INFO.
|
abstract void |
APolicyRule.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes the policy rule.
|
| Modifier and Type | Method and Description |
|---|---|
void |
UniqueSubjectNameConstraints.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
SubCANameConstraints.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
SigningAlgorithmConstraints.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
RSAKeyConstraints.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
AttributePresentConstraints.init(ISubsystem owner,
IConfigStore config)
Deprecated.
|
| Modifier and Type | Method and Description |
|---|---|
protected netscape.security.x509.KeyIdentifier |
AuthorityKeyIdentifierExt.formKeyIdentifier(netscape.security.x509.X509CertImpl caCertImpl)
Deprecated.
Form the Key Identifier in the Authority Key Identifier extension.
|
protected netscape.security.x509.KeyIdentifier |
SubjectKeyIdentifierExt.formKeyIdentifier(netscape.security.x509.X509CertInfo certInfo,
IRequest req)
Deprecated.
Form the Key Identifier in the Subject Key Identifier extension.
|
protected netscape.security.x509.KeyIdentifier |
SubjectKeyIdentifierExt.formTypeFieldKeyId(netscape.security.x509.X509CertInfo certInfo)
Deprecated.
Form key identifier from a type field value of 0100 followed by
the least significate 60 bits of the sha-1 hash of the subject
public key BIT STRING in accordance with RFC 2459.
|
protected netscape.security.x509.KeyIdentifier |
AuthorityKeyIdentifierExt.getKeyIdentifier(netscape.security.x509.X509CertInfo certInfo)
Deprecated.
Get the Key Identifier in a subject key identifier extension from a
CertInfo.
|
void |
SubjectKeyIdentifierExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
SubjectDirectoryAttributesExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
|
void |
SubjectAltNameExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
SubjAltNameExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
RemoveBasicConstraintsExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
|
void |
PrivateKeyUsagePeriodExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
PresenceExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
|
void |
PolicyMappingsExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
PolicyConstraintsExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
OCSPNoCheckExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Performs one-time initialization of the policy.
|
void |
NameConstraintsExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
NSCertTypeExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
NSCCommentExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
KeyUsageExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
IssuerAltNameExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
GenericASN1Ext.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
ExtendedKeyUsageExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Performs one-time initialization of the policy.
|
void |
CertificateScopeOfUseExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
CertificateRenewalWindowExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
CertificatePoliciesExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
CRLDistributionPointsExt.init(ISubsystem owner,
IConfigStore config)
Performs one-time initialization of the policy.
|
void |
BasicConstraintsExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
AuthorityKeyIdentifierExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
void |
AuthInfoAccessExt.init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
protected netscape.security.extensions.GenericASN1Extension |
GenericASN1Ext.mkExtension()
Deprecated.
Construct GenericASN1Extension with value from CMS.cfg
|
| Modifier and Type | Method and Description |
|---|---|
void |
BasicProfile.init(IProfileSubsystem owner,
IConfigStore config)
Initializes this profile.
|
void |
UserCertCAEnrollProfile.populate()
Called after initialization.
|
void |
ServerCertCAEnrollProfile.populate()
Called after initialization.
|
void |
CACertCAEnrollProfile.populate()
Called after initialization.
|
| Modifier and Type | Method and Description |
|---|---|
netscape.security.x509.X509CertImpl |
CAEnrollConstraint.getCACert()
Retrieves the CA certificate.
|
| Modifier and Type | Method and Description |
|---|---|
netscape.security.x509.AuthorityKeyIdentifierExtension |
AuthorityKeyIdentifierExtDefault.createExtension(ICertificateAuthority ca,
netscape.security.x509.X509CertInfo info) |
netscape.security.x509.KeyIdentifier |
CAEnrollDefault.getCAKeyIdentifier(ICertificateAuthority ca) |
| Modifier and Type | Method and Description |
|---|---|
void |
NoMap.init(IConfigStore config)
for initializing from config store.
|
void |
LdapSimpleMap.init(IConfigStore config)
for initializing from config store.
|
void |
LdapEnhancedMap.init(IConfigStore config)
for initializing from config store.
|
void |
LdapDNCompsMap.init(IConfigStore config)
for initializing from config store.
|
void |
LdapCertSubjMap.init(IConfigStore config) |
void |
LdapCertExactMap.init(IConfigStore config) |
void |
LdapCaSimpleMap.init(IConfigStore config)
for initializing from config store.
|
protected void |
LdapSimpleMap.init(java.lang.String dnPattern)
common initialization routine.
|
protected void |
LdapEnhancedMap.init(java.lang.String dnPattern)
common initialization routine.
|
protected void |
LdapCaSimpleMap.init(java.lang.String dnPattern)
common initialization routine.
|
| Modifier and Type | Method and Description |
|---|---|
void |
LdapUserCertPublisher.init(IConfigStore config) |
void |
LdapEncryptCertPublisher.init(IConfigStore config) |
void |
LdapCrlPublisher.init(IConfigStore config) |
void |
LdapCertificatePairPublisher.init(IConfigStore config) |
void |
LdapCertSubjPublisher.init(IConfigStore config) |
void |
LdapCaCertPublisher.init(IConfigStore config) |
| Modifier and Type | Method and Description |
|---|---|
void |
KRAConnectorProcessor.addConnector(KRAConnectorInfo info) |
void |
KRAConnectorProcessor.addHost(java.lang.String newHost,
java.lang.String newPort) |
boolean |
AdminServlet.authorize(IAuthToken token)
authorize a user based on its authentication credentials.
|
protected void |
AdminServlet.commit(boolean createBackup)
FileConfigStore functionality
The original config file is moved to
|
static AuthCredentials |
AdminServlet.getAuthCreds(IAuthManager authMgr,
java.security.cert.X509Certificate clientCert) |
protected void |
AdminServlet.getConfig(IConfigStore config,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp)
Generic configuration store get operation.
|
KRAConnectorInfo |
KRAConnectorProcessor.getConnectorInfo() |
protected void |
AdminServlet.listConfig(IConfigStore config,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp)
Lists configuration store.
|
void |
KRAConnectorProcessor.removeConnector(java.lang.String newHost,
java.lang.String newPort) |
void |
KRAConnectorProcessor.replaceConnector() |
void |
AuthCredentials.set(java.lang.String name,
java.lang.Object cred)
sets a credential with credential name and the credential
|
protected void |
AdminServlet.setConfig(IConfigStore config,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp)
Generic configuration store set operation.
|
void |
CMSAdminServlet.setRootCertTrust(javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp) |
| Constructor and Description |
|---|
GroupMemberProcessor(java.util.Locale locale) |
KRAConnectorProcessor(java.util.Locale locale) |
| Modifier and Type | Method and Description |
|---|---|
protected void |
CMSServlet.renderException(CMSRequest cmsReq,
EBaseException e)
Output exception (unexpected error) template
This is different from other templates in that if an exception occurs
while rendering the exception a message is printed out directly.
|
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
CMSServlet.authenticate(CMSRequest req) |
IAuthToken |
CMSServlet.authenticate(CMSRequest req,
java.lang.String authMgrName) |
IAuthToken |
CMSServlet.authenticate(javax.servlet.http.HttpServletRequest httpReq) |
IAuthToken |
CMSServlet.authenticate(javax.servlet.http.HttpServletRequest httpReq,
java.lang.String authMgrName)
Authentication
|
AuthzToken |
CMSServlet.authorize(java.lang.String authzMgrName,
IAuthToken authToken,
java.lang.String resource,
java.lang.String operation)
Authorize must occur after Authenticate
|
AuthzToken |
CMSServlet.authorize(java.lang.String authzMgrName,
java.lang.String resource,
IAuthToken authToken,
java.lang.String exp) |
protected boolean |
CMSServlet.certIsRevoked(java.math.BigInteger serialNum)
check if a certificate (serial number) is revoked on a CA.
|
protected boolean |
CMSServlet.checkImportCertToNav(javax.servlet.http.HttpServletResponse httpResp,
IArgBlock httpParams,
netscape.security.x509.X509CertImpl cert) |
protected netscape.security.x509.RevokedCertImpl |
CMSServlet.formCRLEntry(java.math.BigInteger serialNo,
netscape.security.x509.RevocationReason reason)
make a CRL entry from a serial number and revocation reason.
|
static AuthCredentials |
CMSServlet.getAuthCreds(IAuthManager authMgr,
IArgBlock argBlock,
java.security.cert.X509Certificate clientCert)
construct a authentication credentials to pass into authentication
manager.
|
protected java.security.cert.X509Certificate |
CMSServlet.getSSLClientCertificate(javax.servlet.http.HttpServletRequest httpReq)
get ssl client authenticated certificate
|
protected CMSTemplate |
CMSServlet.getTemplate(java.lang.String templateName,
javax.servlet.http.HttpServletRequest httpReq,
java.util.Locale[] locale)
get a template based on result status.
|
void |
CMSServlet.importCertToNav(javax.servlet.http.HttpServletResponse httpResp,
netscape.security.x509.X509CertImpl cert,
java.lang.String contentType,
boolean importCAChain)
handy routine to import cert to old navigator in nav mime type.
|
protected boolean |
CMSServlet.isSystemCertificate(java.math.BigInteger serialNo)
A system certificate such as the CA signing certificate
should not be allowed to delete.
|
void |
PortsServlet.process(CMSRequest cmsReq)
Serves HTTP request.
|
void |
IndexServlet.process(CMSRequest cmsReq)
Serves HTTP request.
|
protected void |
GetStats.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
DisplayHtmlServlet.process(CMSRequest cmsReq)
Serves HTTP request.
|
protected void |
CMSServlet.saveHttpHeaders(javax.servlet.http.HttpServletRequest httpReq,
IRequest req)
save http headers in a IRequest.
|
| Modifier and Type | Method and Description |
|---|---|
protected void |
EnrollServlet.addAdminAgent(CMSRequest cmsReq,
netscape.security.x509.X509CertImpl[] issuedCerts) |
void |
RevocationProcessor.addSerialNumberToUnrevoke(java.math.BigInteger serialNumber) |
void |
CertRequestDAO.changeRequestState(RequestId id,
javax.servlet.http.HttpServletRequest request,
CertReviewResponse data,
java.util.Locale locale,
java.lang.String op) |
protected void |
EnrollServlet.checkAdminEnroll(CMSRequest cmsReq,
netscape.security.x509.X509CertImpl[] issuedCerts)
check if this is first enroll from admin enroll.
|
static CertReviewResponse |
CertReviewResponseFactory.create(IRequest request,
IProfile profile,
javax.ws.rs.core.UriInfo uriInfo,
java.util.Locale locale) |
void |
RevocationProcessor.createRevocationRequest() |
void |
RevocationProcessor.createUnrevocationRequest() |
protected void |
HashEnrollServlet.fillCertInfoFromAuthToken(netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken)
fill subject name, validity, extensions from authoken if any,
overriding what was in pkcs10.
|
protected netscape.security.x509.X509CertInfo[] |
HashEnrollServlet.fillCRMF(java.lang.String crmf,
IAuthToken authToken,
IArgBlock httpParams,
IRequest req) |
ICertRecord |
RevocationProcessor.getCertificateRecord(java.math.BigInteger serialNumber) |
ICertRecord |
RevocationProcessor.getCertificateRecord(CertId id) |
ICertRecord[] |
RevocationProcessor.getCertificateRecords(java.math.BigInteger[] serialNumbers) |
netscape.security.x509.X509CertImpl[] |
RevocationProcessor.getCertificates(ICertRecord[] records) |
protected java.math.BigInteger |
RenewalServlet.getRenewedCert(ICertRecord certRec) |
CertRequestInfo |
CertRequestDAO.getRequest(RequestId id,
javax.ws.rs.core.UriInfo uriInfo)
Gets info for a specific request
|
boolean |
RevocationProcessor.isSystemCertificate(java.security.cert.X509Certificate cert)
A system certificate such as the CA signing certificate
should not be allowed to delete.
|
CertRequestInfos |
CertRequestDAO.listRequests(java.lang.String filter,
RequestId start,
int pageSize,
int maxResults,
int maxTime,
javax.ws.rs.core.UriInfo uriInfo)
Finds list of requests matching the specified search filter.
|
protected void |
CertProcessor.populateRequests(CertEnrollmentRequest data,
boolean isRenewal,
java.util.Locale locale,
java.util.Date origNotAfter,
java.lang.String origSubjectDN,
IRequest origReq,
java.lang.String profileId,
IProfile profile,
IProfileContext ctx,
IProfileAuthenticator authenticator,
IAuthToken authToken,
IRequest[] reqs) |
void |
UpdateDir.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
UpdateCRL.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
SrchCerts.process(CMSRequest cmsReq)
Serves HTTP request.
|
protected void |
RevocationServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
RenewalServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
RemoteAuthConfig.process(CMSRequest cmsReq)
Serves HTTPS request.
|
void |
ReasonToRevoke.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
Monitor.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
ListCerts.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
HashEnrollServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
GetInfo.process(CMSRequest cmsReq)
XXX Process the HTTP request.
|
protected void |
GetEnableStatus.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
GetCertFromRequest.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
GetCRL.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
GetCAChain.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
GetBySerial.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
EnrollServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
EnableEnrollResult.process(CMSRequest cmsReq)
Services the request
|
void |
DoUnrevokeTPS.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
DoUnrevoke.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
DoRevokeTPS.process(CMSRequest cmsReq)
Serves HTTP request.
|
void |
DoRevoke.process(CMSRequest cmsReq)
Serves HTTP request.
|
protected void |
DisplayHashUserEnroll.process(CMSRequest cmsReq)
Services the request
|
void |
DisplayCRL.process(CMSRequest cmsReq)
Process the HTTP request
http.param crlIssuingPoint number
http.param crlDisplayType entireCRL or crlHeader or base64Encoded or deltaCRL
http.param pageStart which page to start displaying from
http.param pageSize number of entries to show per page
|
void |
DisplayBySerial.process(CMSRequest cmsReq)
Serves HTTP request.
|
protected void |
DisableEnrollResult.process(CMSRequest cmsReq)
Services the request
|
protected void |
DirAuthServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
CloneRedirect.process(CMSRequest cmsReq)
Serves HTTP request.
|
protected void |
ChallengeRevocationServlet1.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
CMCRevReqServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
java.util.HashMap<java.lang.String,java.lang.Object> |
EnrollmentProcessor.processEnrollment(CertEnrollmentRequest data,
javax.servlet.http.HttpServletRequest request,
AuthorityID aid,
AuthCredentials credentials) |
java.util.HashMap<java.lang.String,java.lang.Object> |
EnrollmentProcessor.processEnrollment(CertEnrollmentRequest data,
javax.servlet.http.HttpServletRequest request,
AuthorityID aid,
AuthCredentials credentials,
IAuthToken authToken)
Process the HTTP request
|
java.util.HashMap<java.lang.String,java.lang.Object> |
RenewalProcessor.processRenewal(CertEnrollmentRequest data,
javax.servlet.http.HttpServletRequest request,
AuthCredentials credentials) |
CertReviewResponse |
RequestProcessor.processRequest(CMSRequest cmsReq,
IRequest request,
java.lang.String op) |
void |
RequestProcessor.processRequest(javax.servlet.http.HttpServletRequest request,
CertReviewResponse data,
IRequest req,
java.lang.String op) |
void |
RevocationProcessor.processRevocationRequest() |
void |
RevocationProcessor.processUnrevocationRequest() |
protected void |
HashEnrollServlet.processX509(CMSRequest cmsReq) |
protected void |
EnrollServlet.processX509(CMSRequest cmsReq)
Process X509 certificate enrollment request
|
CertReviewResponse |
CertRequestDAO.reviewRequest(javax.servlet.http.HttpServletRequest servletRequest,
RequestId id,
javax.ws.rs.core.UriInfo uriInfo,
java.util.Locale locale)
Gets info for a specific request
|
CertRequestInfos |
CertRequestDAO.submitRequest(AuthorityID aid,
CertEnrollmentRequest data,
javax.servlet.http.HttpServletRequest request,
javax.ws.rs.core.UriInfo uriInfo,
java.util.Locale locale)
Submits an enrollment request and processes it.
|
void |
RevocationProcessor.validateCertificateToRevoke(java.lang.String subjectDN,
ICertRecord targetRecord,
boolean revokingCACert) |
| Constructor and Description |
|---|
CertProcessor(java.lang.String id,
java.util.Locale locale) |
EnrollmentProcessor(java.lang.String id,
java.util.Locale locale) |
RenewalProcessor(java.lang.String id,
java.util.Locale locale) |
RequestProcessor(java.lang.String id,
java.util.Locale locale) |
RevocationProcessor(java.lang.String id,
java.util.Locale locale) |
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
CRSEnrollment.authenticate(AuthCredentials credentials,
IProfileAuthenticator authenticator,
javax.servlet.http.HttpServletRequest request) |
IRequest |
CRSEnrollment.findRequestByTransactionID(java.lang.String txid,
boolean ignoreRejected)
finds a request with this transaction ID.
|
| Modifier and Type | Class and Description |
|---|---|
class |
ECMSGWException
A class represents a CMS gateway exception.
|
| Modifier and Type | Method and Description |
|---|---|
void |
CMSRequest.setError(EBaseException error) |
| Modifier and Type | Method and Description |
|---|---|
static void |
ServletUtils.addACLInfo(IAuthzSubsystem authz,
java.lang.String aclMethod,
java.lang.String aclInfo) |
static AuthToken |
CMSGateway.checkAuthManager(javax.servlet.http.HttpServletRequest httpReq,
IArgBlock httpParams,
java.security.cert.X509Certificate cert,
java.lang.String authMgrName) |
static void |
CMSGateway.disableAdminEnroll() |
byte[] |
CMSFileLoader.get(java.io.File file,
java.lang.String enc) |
byte[] |
CMSFileLoader.get(java.lang.String absPath,
java.lang.String enc) |
static java.lang.String |
ServletUtils.getACLMethod(java.lang.String aclInfo,
java.lang.String authzMgr,
java.lang.String id) |
static AuthCredentials |
CMSGateway.getAuthCreds(IAuthManager authMgr,
IArgBlock argBlock,
java.security.cert.X509Certificate clientCert)
construct a authentication credentials to pass into authentication
manager.
|
CMSFile |
CMSFileLoader.getCMSFile(java.io.File file,
java.lang.String enc) |
protected static CMSTemplate |
CMSGateway.getTemplate(java.lang.String templateName,
javax.servlet.http.HttpServletRequest httpReq,
javax.servlet.ServletConfig servletConfig,
CMSFileLoader fileLoader,
java.util.Locale[] locale)
get a template
|
boolean |
CMSTemplate.init(java.io.File template) |
void |
CMSFileLoader.init(IConfigStore config) |
static void |
CMSGateway.renderTemplate(java.lang.String templateName,
javax.servlet.http.HttpServletRequest req,
javax.servlet.http.HttpServletResponse resp,
javax.servlet.ServletConfig servletConfig,
CMSFileLoader fileLoader) |
static void |
CMSGateway.setEnableAdminEnroll(boolean enableAdminEnroll) |
void |
CMSRequest.setIRequestStatus()
set default CMS status according to IRequest status.
|
| Constructor and Description |
|---|
CMSFile(java.io.File file) |
CMSTemplate(java.io.File file,
java.lang.String charset)
Constructor
|
| Modifier and Type | Method and Description |
|---|---|
protected IAuthToken |
CloneServlet.authenticate(java.security.cert.X509Certificate peerCert) |
protected java.security.cert.X509Certificate |
ConnectorServlet.getPeerCert(javax.servlet.http.HttpServletRequest req) |
protected java.security.cert.X509Certificate |
CloneServlet.getPeerCert(javax.servlet.http.HttpServletRequest req) |
void |
TokenKeyRecoveryServlet.process(CMSRequest cmsReq) |
void |
GenerateKeyPairServlet.process(CMSRequest cmsReq) |
protected IPKIMessage |
ConnectorServlet.processRequest(java.lang.String source,
java.lang.String sourceUserId,
IPKIMessage msg,
IAuthToken token)
Process request
|
protected IPKIMessage |
CloneServlet.processRequest(java.lang.String source,
java.lang.String sourceUserId,
IPKIMessage msg,
IAuthToken token) |
| Modifier and Type | Method and Description |
|---|---|
static void |
ConfigurationUtils.createAdmin(java.lang.String uid,
java.lang.String email,
java.lang.String name,
java.lang.String pwd) |
static void |
ConfigurationUtils.createECCKeyPair(java.lang.String token,
java.lang.String curveName,
IConfigStore config,
java.lang.String ct) |
static IRequest |
CertUtil.createLocalRequest(IRequestQueue queue,
java.lang.String serialNum,
netscape.security.x509.X509CertInfo info) |
static void |
ConfigurationUtils.createRSAKeyPair(java.lang.String token,
int keysize,
IConfigStore config,
java.lang.String ct) |
static void |
ConfigurationUtils.createSecurityDomain() |
static void |
ConfigurationUtils.deleteBootstrapServerCert() |
static void |
ConfigurationUtils.deleteExistingCerts() |
static void |
ConfigurationUtils.deleteSubtree(netscape.ldap.LDAPConnection conn,
java.lang.String dn) |
static void |
ConfigurationUtils.enableUSNPlugin() |
static boolean |
ConfigurationUtils.findBootstrapServerCert() |
static java.lang.String |
CertUtil.getAdminProfileAlgorithm(IConfigStore config)
reads from the admin cert profile caAdminCert.profile and determines the algorithm as follows:
1.
|
DomainInfo |
SecurityDomainProcessor.getDomainInfo() |
XMLObject |
SecurityDomainProcessor.getDomainXML() |
static netscape.security.x509.X509Key |
ConfigurationUtils.getECCX509Key(IConfigStore config,
java.lang.String certTag) |
static java.util.ArrayList<java.lang.String> |
ConfigurationUtils.getMasterCertKeyList() |
static java.lang.String |
ConfigurationUtils.getNickname(IConfigStore config,
java.lang.String certTag) |
static netscape.security.x509.X509Key |
ConfigurationUtils.getRSAX509Key(IConfigStore config,
java.lang.String certTag) |
static void |
ConfigurationUtils.getSharedSecret(java.lang.String tksHost,
int tksPort,
boolean importKey) |
static java.lang.String |
ConfigurationUtils.getSubsystemCert() |
static void |
ConfigurationUtils.importAndSetCertPermissionsFromHSM() |
static void |
ConfigurationUtils.importCACertToOCSP() |
static void |
ConfigurationUtils.importKeyCert(java.util.Vector<java.util.Vector<java.lang.Object>> pkeyinfo_collection,
java.util.Vector<java.util.Vector<java.lang.Object>> cert_collection) |
static void |
ConfigurationUtils.importLDIFS(java.lang.String param,
netscape.ldap.LDAPConnection conn) |
static void |
ConfigurationUtils.importLDIFS(java.lang.String param,
netscape.ldap.LDAPConnection conn,
boolean suppressErrors) |
static boolean |
ConfigurationUtils.isAuditSigningCert(java.lang.String name) |
static boolean |
ConfigurationUtils.isCASigningCert(java.lang.String name) |
static boolean |
ConfigurationUtils.isValidCloneURI(java.lang.String domainXML,
java.lang.String cloneHost,
int clonePort) |
static void |
ConfigurationUtils.populateDB() |
protected void |
UpdateOCSPConfig.process(CMSRequest cmsReq) |
protected void |
UpdateNumberRange.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
UpdateDomainXML.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
UpdateConnector.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
RegisterUser.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
MainPageServlet.process(CMSRequest cmsReq) |
protected void |
ImportTransportCert.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
GetTransportCert.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
GetTokenInfo.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
GetSubsystemCert.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
GetStatus.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
GetDomainXML.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
GetCookie.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
GetConfigEntries.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
GetCertChain.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
DownloadPKCS12.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
CheckIdentity.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
GetCookie.processImpl(CMSRequest cmsReq) |
static void |
ConfigurationUtils.reInitSubsystem(java.lang.String csType) |
static void |
ConfigurationUtils.removeOldDBUsers(java.lang.String subjectDN) |
static void |
ConfigurationUtils.removePreopConfigEntries()
save variables needed for cloning and remove preops
|
static void |
ConfigurationUtils.restoreCertsFromP12(java.lang.String p12File,
java.lang.String p12Pass) |
static void |
ConfigurationUtils.setCertPermissions(java.lang.String tag) |
static void |
ConfigurationUtils.setSigningAlgorithm(java.lang.String ct,
java.lang.String keyAlgo,
IConfigStore config) |
static void |
ConfigurationUtils.setupDBUser() |
static void |
ConfigurationUtils.setupReplication() |
static void |
ConfigurationUtils.storeKeyPair(IConfigStore config,
java.lang.String tag,
java.security.KeyPair pair) |
static void |
ConfigurationUtils.updateCloneConfig() |
static void |
ConfigurationUtils.updateConfig(IConfigStore config,
java.lang.String certTag) |
static void |
ConfigurationUtils.updateNextRanges() |
| Constructor and Description |
|---|
SecurityDomainProcessor(java.util.Locale locale) |
| Modifier and Type | Method and Description |
|---|---|
void |
KeyRequestDAO.approveRequest(RequestId id,
java.lang.String requestor,
IAuthToken authToken) |
void |
KeyRequestDAO.cancelRequest(RequestId id,
IAuthToken authToken) |
static void |
KeyRecordParser.fillRecordIntoArg(IKeyRecord rec,
IArgBlock rarg)
Fills key record into argument block.
|
KeyRequestInfo |
KeyRequestDAO.getRequest(RequestId id,
javax.ws.rs.core.UriInfo uriInfo,
IAuthToken authToken)
Gets info for a specific request
|
KeyRequestInfoCollection |
KeyRequestDAO.listRequests(java.lang.String filter,
RequestId start,
int pageSize,
int maxResults,
int maxTime,
javax.ws.rs.core.UriInfo uriInfo)
Finds list of requests matching the specified search filter.
|
void |
SrchKeyForRecovery.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
SrchKey.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
RecoverBySerial.process(CMSRequest cmsReq)
Serves HTTP request.
|
void |
GrantRecovery.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
GrantAsyncRecovery.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
GetPk12.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
GetAsyncPk12.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
GetApprovalStatus.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
ExamineRecovery.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
DisplayTransport.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
DisplayBySerialForRecovery.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
DisplayBySerial.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
ConfirmRecoverBySerial.process(CMSRequest cmsReq)
Serves HTTP request.
|
void |
KeyRequestDAO.rejectRequest(RequestId id,
IAuthToken authToken) |
KeyRequestResponse |
KeyRequestDAO.submitAsyncKeyRecoveryRequest(KeyRecoveryRequest data,
javax.ws.rs.core.UriInfo uriInfo,
java.lang.String requestor,
IAuthToken authToken) |
KeyRequestResponse |
KeyRequestDAO.submitRequest(AsymKeyGenerationRequest data,
javax.ws.rs.core.UriInfo uriInfo,
java.lang.String owner) |
KeyRequestResponse |
KeyRequestDAO.submitRequest(KeyArchivalRequest data,
javax.ws.rs.core.UriInfo uriInfo,
java.lang.String owner)
Submits an archival request and processes it.
|
KeyRequestResponse |
KeyRequestDAO.submitRequest(KeyRecoveryRequest data,
javax.ws.rs.core.UriInfo uriInfo,
java.lang.String requestor,
IAuthToken authToken)
Submits a key recovery request.
|
KeyRequestResponse |
KeyRequestDAO.submitRequest(SymKeyGenerationRequest data,
javax.ws.rs.core.UriInfo uriInfo,
java.lang.String owner) |
| Modifier and Type | Method and Description |
|---|---|
protected void |
RemoveCAServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
OCSPServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
ListCAServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
GetOCSPInfo.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
CheckCertServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
AddCRLServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
protected void |
AddCAServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
CAProcessor.authenticate(javax.servlet.http.HttpServletRequest httpReq) |
IAuthToken |
CAProcessor.authenticate(javax.servlet.http.HttpServletRequest request,
IRequest origReq,
IProfileAuthenticator authenticator,
SessionContext context,
boolean isRenewal,
AuthCredentials credentials) |
IAuthToken |
CAProcessor.authenticate(javax.servlet.http.HttpServletRequest httpReq,
java.lang.String authMgrName) |
IAuthToken |
CAProcessor.authenticate(IProfileAuthenticator authenticator,
javax.servlet.http.HttpServletRequest request,
AuthCredentials credentials) |
IAuthToken |
CAProcessor.authenticate(IProfileAuthenticator authenticator,
javax.servlet.http.HttpServletRequest request,
IRequest origReq,
SessionContext context,
AuthCredentials credentials)
AUTHENTICATION FUNCTIONS (move to Realm?)
|
void |
CAProcessor.authorize(java.lang.String profileId,
IProfile profile,
IAuthToken authToken) |
AuthzToken |
CAProcessor.authorize(java.lang.String authzMgrName,
java.lang.String resource,
IAuthToken authToken,
java.lang.String exp)
AUTHZ FNCTIONS (to be moved to Realm?)
|
void |
PKCS10Processor.fillCertInfo(netscape.security.pkcs.PKCS10 pkcs10,
netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken,
IArgBlock httpParams) |
protected void |
PKIProcessor.fillCertInfo(java.lang.String protocolString,
netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken,
IArgBlock httpParams) |
void |
PKCS10Processor.fillCertInfo(java.lang.String protocolString,
netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken,
IArgBlock httpParams) |
void |
KeyGenProcessor.fillCertInfo(java.lang.String protocolString,
netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken,
IArgBlock httpParams) |
void |
CMCProcessor.fillCertInfo(java.lang.String protocolString,
netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken,
IArgBlock httpParams) |
protected netscape.security.x509.X509CertInfo[] |
PKIProcessor.fillCertInfoArray(java.lang.String protocolString,
IAuthToken authToken,
IArgBlock httpParams,
IRequest req) |
netscape.security.x509.X509CertInfo[] |
CRMFProcessor.fillCertInfoArray(java.lang.String protocolString,
IAuthToken authToken,
IArgBlock httpParams,
IRequest req) |
netscape.security.x509.X509CertInfo[] |
CMCProcessor.fillCertInfoArray(java.lang.String protocolString,
IAuthToken authToken,
IArgBlock httpParams,
IRequest req) |
static void |
PKIProcessor.fillCertInfoFromAuthToken(netscape.security.x509.X509CertInfo certInfo,
IAuthToken authToken)
fill subject name, validity, extensions from authoken if any,
overriding what was in pkcs10.
|
static void |
PKIProcessor.fillCertInfoFromForm(netscape.security.x509.X509CertInfo certInfo,
IArgBlock httpParams)
fill subject name, extension from form.
|
static void |
PKIProcessor.fillValidityFromForm(netscape.security.x509.X509CertInfo certInfo,
IArgBlock httpParams) |
protected IRequest |
CAProcessor.getOriginalRequest(java.math.BigInteger certSerial,
ICertRecord rec) |
IRequest |
CAProcessor.getRequest(java.lang.String rid)
Utility Functions
|
static java.security.cert.X509Certificate |
CAProcessor.getSSLClientCertificate(javax.servlet.http.HttpServletRequest httpReq)
get ssl client authenticated certificate
|
void |
PKIProcessor.process(ICMSRequest cmsReq) |
void |
PKCS10Processor.process(ICMSRequest cmsReq) |
void |
KeyGenProcessor.process(ICMSRequest cmsReq) |
void |
IPKIProcessor.process(ICMSRequest cmsReq) |
void |
CRMFProcessor.process(ICMSRequest cmsReq) |
void |
CMCProcessor.process(ICMSRequest cmsReq) |
netscape.security.x509.X509CertInfo |
CRMFProcessor.processIndividualRequest(org.mozilla.jss.pkix.crmf.CertReqMsg certReqMsg,
IAuthToken authToken,
IArgBlock httpParams) |
void |
CAProcessor.validateNonce(javax.servlet.http.HttpServletRequest servletRequest,
java.lang.String name,
java.lang.Object id,
java.lang.Long nonce) |
| Constructor and Description |
|---|
CAProcessor(java.lang.String id,
java.util.Locale locale) |
Processor(java.lang.String id,
java.util.Locale locale) |
| Modifier and Type | Method and Description |
|---|---|
IAuthToken |
ProfileSubmitCMCServlet.authenticate(IProfileAuthenticator authenticator,
javax.servlet.http.HttpServletRequest request) |
void |
ProfileServlet.outputTemplate(boolean isXML,
javax.servlet.http.HttpServletResponse response,
ArgSet args) |
void |
ProfileServlet.outputTemplate(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
ArgSet args) |
void |
ProfileSubmitServlet.process(CMSRequest cmsReq)
Process the HTTP request
|
void |
ProfileSubmitCMCServlet.process(CMSRequest cmsReq)
Process the HTTP request
|
void |
ProfileSelectServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
ProfileReviewServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
ProfileProcessServlet.process(CMSRequest cmsReq) |
void |
ProfileListServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
ProfileApproveServlet.process(CMSRequest cmsReq)
Process the HTTP request.
|
java.util.HashMap<java.lang.String,java.lang.Object> |
ProfileSubmitServlet.processEnrollment(CMSRequest cmsReq) |
java.util.HashMap<java.lang.String,java.lang.Object> |
ProfileSubmitServlet.processRenewal(CMSRequest cmsReq) |
| Modifier and Type | Method and Description |
|---|---|
void |
ReqParser.fillRequestIntoArg(java.util.Locale l,
IRequest req,
CMSTemplateParams argSet,
IArgBlock arg)
Maps request object into argument block.
|
void |
KeyReqParser.fillRequestIntoArg(java.util.Locale l,
IRequest req,
CMSTemplateParams argSet,
IArgBlock arg)
Fills in certificate specific request attributes.
|
void |
IReqParser.fillRequestIntoArg(java.util.Locale l,
IRequest req,
CMSTemplateParams argSet,
IArgBlock arg)
Maps request object into argument block.
|
void |
CertReqParser.fillRequestIntoArg(java.util.Locale l,
IRequest req,
CMSTemplateParams argSet,
IArgBlock arg)
Fills in certificate specific request attributes.
|
protected int |
ProcessCertReq.grant_privileges(CMSRequest cmsReq,
IRequest req,
java.security.cert.Certificate[] certs,
IArgBlock header) |
CMSRequestInfos |
CMSRequestDAO.listCMSRequests(java.lang.String filter,
RequestId start,
int pageSize,
int maxResults,
int maxTime,
javax.ws.rs.core.UriInfo uriInfo)
Finds list of requests matching the specified search filter.
|
void |
SearchReqs.process(CMSRequest cmsReq)
Serves HTTP request.
|
void |
QueryReq.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
ProcessReq.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
ProcessCertReq.process(CMSRequest cmsReq)
Process the HTTP request.
|
void |
CheckRequest.process(CMSRequest cmsReq)
Process the HTTP request.
|
| Constructor and Description |
|---|
CheckRequest()
Constructs request query servlet.
|
ProcessCertReq()
Process request.
|
| Modifier and Type | Method and Description |
|---|---|
org.mozilla.jss.crypto.SymmetricKey |
StandardKDF.computeCardKey(org.mozilla.jss.crypto.SymmetricKey masterKey,
byte[] derivationData,
org.mozilla.jss.crypto.CryptoToken token,
int protocol) |
org.mozilla.jss.crypto.SymmetricKey |
StandardKDF.computeCardKeyOnSoftToken(org.mozilla.jss.crypto.SymmetricKey masterKey,
byte[] data,
int protocol) |
org.mozilla.jss.crypto.SymmetricKey |
StandardKDF.computeCardKeyOnToken(org.mozilla.jss.crypto.SymmetricKey masterKey,
byte[] data,
int protocol) |
java.util.Map<java.lang.String,org.mozilla.jss.crypto.SymmetricKey> |
NistSP800_108KDF.computeCardKeys(org.mozilla.jss.crypto.SymmetricKey masterKey,
byte[] context,
org.mozilla.jss.crypto.CryptoToken token)
Generates three PK11SymKey objects using the KDF_CM_SHA256HMAC_L384() function for key data.
|
byte[] |
SecureChannelProtocol.computeCryptogram_SCP01(java.lang.String selectedToken,
java.lang.String keyNickName,
byte[] card_challenge,
byte[] host_challenge,
byte[] keyInfo,
byte nistSP800_108KdfOnKeyVersion,
boolean nistSP800_108KdfUseCuidAsKdd,
byte[] xCUID,
byte[] xKDD,
int cryptogramType,
byte[] authKeyArray,
java.lang.String useSoftToken_s,
java.lang.String keySet,
java.lang.String transportKeyName) |
byte[] |
SecureChannelProtocol.computeDes3EcbEncryption(org.mozilla.jss.crypto.SymmetricKey desKey,
java.lang.String selectedToken,
byte[] input) |
org.mozilla.jss.crypto.SymmetricKey |
SecureChannelProtocol.computeKEKKey_SCP01(java.lang.String selectedToken,
java.lang.String keyNickName,
byte[] keyInfo,
byte nistSP800_108KdfOnKeyVersion,
boolean nistSP800_108KdfUseCuidAsKdd,
byte[] xCUID,
byte[] xKDD,
byte[] devKeyArray,
java.lang.String useSoftToken_s,
java.lang.String keySet,
java.lang.String transportKeyName) |
byte[] |
SecureChannelProtocol.computeKeyCheck(org.mozilla.jss.crypto.SymmetricKey desKey,
java.lang.String selectedToken) |
byte[] |
SecureChannelProtocol.computeMAC_SCP01(org.mozilla.jss.crypto.SymmetricKey symKey,
byte[] input,
byte[] icv,
java.lang.String selectedToken) |
org.mozilla.jss.crypto.SymmetricKey |
SecureChannelProtocol.computeSessionKey_SCP01(java.lang.String keyType,
java.lang.String selectedToken,
java.lang.String keyNickName,
byte[] card_challenge,
byte[] host_challenge,
byte[] keyInfo,
byte nistSP800_108KdfOnKeyVersion,
boolean nistSP800_108KdfUseCuidAsKdd,
byte[] xCUID,
byte[] xKDD,
byte[] devKeyArray,
java.lang.String useSoftToken_s,
java.lang.String keySet,
java.lang.String transportKeyName) |
org.mozilla.jss.crypto.SymmetricKey |
SecureChannelProtocol.computeSessionKey_SCP02(java.lang.String selectedToken,
java.lang.String keyNickName,
byte[] keyInfo,
byte nistSP800_108KdfOnKeyVersion,
boolean nistSP800_108KdfUseCuidAsKdd,
byte[] xCUID,
byte[] xKDD,
byte[] macKeyArray,
byte[] sequenceCounter,
byte[] derivationConstant,
java.lang.String useSoftToken_s,
java.lang.String keySet,
java.lang.String transportKeyName) |
byte[] |
SecureChannelProtocol.diversifyKey(java.lang.String tokenName,
java.lang.String newTokenName,
java.lang.String oldMasterKeyName,
java.lang.String newMasterKeyName,
byte[] oldKeyInfo,
byte[] newKeyInfo,
byte nistSP800_108KdfOnKeyVersion,
boolean nistSP800_108KdfUseCuidAsKdd,
byte[] CUIDValue,
byte[] KDD,
byte[] kekKeyArray,
java.lang.String useSoftToken,
java.lang.String keySet,
byte protocol) |
byte[] |
SecureChannelProtocol.ecbEncrypt(org.mozilla.jss.crypto.SymmetricKey devKey,
org.mozilla.jss.crypto.SymmetricKey symKey,
java.lang.String selectedToken) |
byte[] |
SecureChannelProtocol.encryptData(java.lang.String selectedToken,
java.lang.String keyNickName,
byte[] data,
byte[] keyInfo,
byte nistSP800_108KdfOnKeyVersion,
boolean nistSP800_108KdfUseCuidAsKdd,
byte[] xCUID,
byte[] xKDD,
byte[] kekKeyArray,
java.lang.String useSoftToken_s,
java.lang.String keySet) |
org.mozilla.jss.crypto.SymmetricKey |
SecureChannelProtocol.extractDes2FromDes3(org.mozilla.jss.crypto.SymmetricKey baseKey,
java.lang.String selectedToken) |
org.mozilla.jss.crypto.SymmetricKey |
SecureChannelProtocol.generateSymKey(java.lang.String selectedToken) |
org.mozilla.jss.CryptoManager |
SecureChannelProtocol.getCryptoManger() |
static byte[] |
KDF.getDesParity(byte[] key) |
static byte[] |
KDF.getDiversificationData(byte[] context,
java.lang.String type) |
org.mozilla.jss.crypto.SymmetricKey |
SecureChannelProtocol.getSharedSecretKey(org.mozilla.jss.crypto.CryptoToken token) |
static java.lang.String |
SecureChannelProtocol.getSharedSecretKeyName(java.lang.String name) |
static org.mozilla.jss.crypto.SymmetricKey |
SecureChannelProtocol.getSymKeyByName(org.mozilla.jss.crypto.CryptoToken token,
java.lang.String name) |
org.mozilla.jss.crypto.SymmetricKey |
SecureChannelProtocol.makeDes3KeyDerivedFromDes2(org.mozilla.jss.crypto.SymmetricKey des3Key,
java.lang.String selectedToken) |
void |
TokenServlet.process(CMSRequest cmsReq) |
static java.lang.String |
SecureChannelProtocol.setSharedSecretKeyName(java.lang.String name) |
org.mozilla.jss.crypto.SymmetricKey |
SecureChannelProtocol.unwrapSymKeyOnToken(org.mozilla.jss.crypto.CryptoToken token,
byte[] inputKeyArray,
boolean isPerm) |
org.mozilla.jss.crypto.SymmetricKey |
SecureChannelProtocol.unwrapSymKeyOnToken(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.SymmetricKey unwrappingKey,
byte[] inputKeyArray,
boolean isPerm) |
org.mozilla.jss.crypto.SymmetricKey |
SecureChannelProtocol.unwrapWrappedSymKeyOnToken(org.mozilla.jss.crypto.CryptoToken token,
org.mozilla.jss.crypto.SymmetricKey unwrappingKey,
byte[] inputKeyArray,
boolean isPerm) |
byte[] |
SecureChannelProtocol.wrapSessionKey(java.lang.String tokenName,
org.mozilla.jss.crypto.SymmetricKey sessionKey,
org.mozilla.jss.crypto.SymmetricKey wrappingKey) |
| Modifier and Type | Method and Description |
|---|---|
AuditConfig |
AuditService.createAuditConfig() |
AuditConfig |
AuditService.createAuditConfig(java.util.Map<java.lang.String,java.lang.String> auditParams) |
| Constructor and Description |
|---|
SystemConfigService() |
| Modifier and Type | Method and Description |
|---|---|
void |
APDU.secureMessage(org.mozilla.jss.pkcs11.PK11SymKey encKey,
byte protocol) |
void |
APDU.secureMessageSCP02(org.mozilla.jss.pkcs11.PK11SymKey encKey) |
| Modifier and Type | Class and Description |
|---|---|
class |
TPSException |
| Modifier and Type | Method and Description |
|---|---|
static TPSBuffer |
Util.computeEncEcbDes(org.mozilla.jss.pkcs11.PK11SymKey symKey,
TPSBuffer input) |
static TPSBuffer |
Util.computeMAC(org.mozilla.jss.pkcs11.PK11SymKey symKey,
TPSBuffer input,
TPSBuffer icv) |
static TPSBuffer |
Util.computeMACdes3des(org.mozilla.jss.pkcs11.PK11SymKey symKey,
TPSBuffer input,
TPSBuffer initialIcv) |
static TPSBuffer |
Util.encryptData(TPSBuffer dataToEnc,
org.mozilla.jss.pkcs11.PK11SymKey encKey) |
static java.lang.String |
Util.getCertAkiString(netscape.security.x509.X509CertImpl cert) |
static java.lang.String |
Util.getCertSkiString(netscape.security.x509.X509CertImpl cert) |