Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.rsa.swsj.profiles.wss
Class X509Token

java.lang.Object
  com.rsa.swsj.profiles.wss.Token
      com.rsa.swsj.profiles.wss.X509Token

public final class X509Token
extends Token

X509Token provides a container for X.509 certificates.

When creating an X509Token object, applications must provide an X.509 certificate in some form. In most cases, the form is an X509Certificate object. When an application only has the Base64 encoding of the certificate, it can provide that encoding.

The following examples demonstrate the creation of X509Token objects with different types of certificates.

 
   Certificate cert = <application provided Certificate>
   X509Token token = new X509Token (context);
 
   token.setX509Certificate (cert);

 
   byte[] certEncoding = <application provided encoding>
   X509Token token = new X509Token (context);
 
   token.setCertificateData (certEncoding, X509Token.X509V3_TYPE, true);

 
   byte[] certEncoding = <application provided encoding>
   X509Token token = new X509Token (context);
 
   token.setCertificateData (certEncoding, X509Token.X509V3_TYPE, false);

 
   byte[] certData = <application provided encoding>
   X509Token token = new X509Token (context);
 
   token.setCertificateData (certData, X509Token.PKCS7_TYPE, false);

An application can examine the contents of an X509Token object by extracting the X509Certificate object, as shown in the following example.

 
   X509Token token = <get the X509 token>
   X509Certificate[] certs = token.getCertificates();

Note: XML documents can be encrypted for multiple recipients by specifying separate KeyInfo objects. However, WSS documents cannot specify separate X509Token objects, since only one token can be attached to an XMLEncryption operation.

Field Summary

static java.lang.String
BASE64_BINARY

A String that indicates the encoding type.

static java.lang.String
PKCS7_TYPE

A String that indicates a ValueType attribute value is X.509 certificate chain packaged in a PKCS#7 wrapper.

static java.lang.String
PKIPATH_TYPE

A String that indicates a ValueType attribute value is X.509 certificate chain packaged in a PKIPATH wrapper.

static java.lang.String
X509V3_TYPE

A String that indicates a ValueType attribute value is X.509 v3 certificate belonging to the signer.

Constructor Summary

X509Token(SWSJContext context)

Creates an empty X509Token object initialized only with context.

X509Token(SWSJContext context, byte[] certData, java.lang.String valueType, boolean isBase64)

Creates an X509Token object initialized with certificate data.

X509Token(SWSJContext context, java.security.cert.X509Certificate cert)

Creates an X509Token object initialized with the signer's certificate.

Method Summary

java.security.cert.X509Certificate[]
getCertificates()

Gets the certificate value.

java.lang.String
getEncodingType()

Returns the encoding type of a certificate data.

java.lang.String
getValueType()

Gets the ValueType value.

void
setCertificateData(byte[] cert, java.lang.String valueType, boolean isBase64)

Sets the certificate data that can be in X509V3, PKCS#7 or PKIPath format.

void
setX509Certificate(java.security.cert.X509Certificate cert)

Sets the certificate value.

Methods inherited from class com.rsa.swsj.profiles.wss.Token

getContext, getId, getNamespacePrefix, setId, setNamespacePrefix

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

X509V3_TYPE

public static final java.lang.String X509V3_TYPE

A String that indicates a ValueType attribute value is X.509 v3 certificate belonging to the signer.

See Also:: Constant Field Values

PKIPATH_TYPE

public static final java.lang.String PKIPATH_TYPE

A String that indicates a ValueType attribute value is X.509 certificate chain packaged in a PKIPATH wrapper.

See Also:: Constant Field Values

PKCS7_TYPE

public static final java.lang.String PKCS7_TYPE

A String that indicates a ValueType attribute value is X.509 certificate chain packaged in a PKCS#7 wrapper.

See Also:: Constant Field Values

BASE64_BINARY

public static final java.lang.String BASE64_BINARY

A String that indicates the encoding type.

See Also:: Constant Field Values

Constructor Detail

X509Token

public X509Token(SWSJContext context)
          throws InvalidParameterException

Creates an empty X509Token object initialized only with context.
Parameters:: context - An object that collects a number of common parameters and state variables; for example, JCE provider.
Throws:: InvalidParameterException - If context is invalid.

X509Token

public X509Token(SWSJContext context,
                 java.security.cert.X509Certificate cert)
          throws InvalidParameterException,
                 TokenException

Creates an X509Token object initialized with the signer's certificate.
Parameters:: context - A SWSJContextobject that collects a number of common parameters and state variables; for example, JCE provider.; cert - An X509Certificate object that holds the certificate value.
Throws:: InvalidParameterException - If an invalid value is set.; TokenException - If the certificate data cannot be set.

X509Token

public X509Token(SWSJContext context,
                 byte[] certData,
                 java.lang.String valueType,
                 boolean isBase64)
          throws TokenException,
                 InvalidParameterException

Creates an X509Token object initialized with certificate data.
Parameters:: context - An object that collects a number of common parameters and state variables; for example, JCE provider.; certData - A byte array that contains the certificate data in base64-encoding or DER-encoding.; valueType - A String value that specifies the type of the certificate data. The possible values are X509V3, PKCS7, and PKIPATH.; isBase64 - A boolean value that specifies if the certificate data is base64 encoded.
Throws:: TokenException - If the certificate data cannot be set.; InvalidParameterException - If an invalid value is set.

Method Detail

getCertificates

public java.security.cert.X509Certificate[] getCertificates()
                                                     throws TokenException

Gets the certificate value.

Returns:: An array of certificates that forms a validation path.
Throws:: TokenException - If the certificate cannot be generated from the input bytes.

setX509Certificate

public void setX509Certificate(java.security.cert.X509Certificate cert)
                        throws InvalidParameterException,
                               TokenException

Sets the certificate value.

Parameters:: cert - An X509Certificate object that holds the certificate value.
Throws:: InvalidParameterException - If an invalid value is set.; TokenException - If the certificate data cannot be set.

setCertificateData

public void setCertificateData(byte[] cert,
                               java.lang.String valueType,
                               boolean isBase64)
                        throws TokenException

Sets the certificate data that can be in X509V3, PKCS#7 or PKIPath format.

Parameters:: cert - A byte array that contains the certificate data in base64-encoding or DER-encoding.; valueType - A String value that specifies the type of the certificate data. The possible values are X509V3, PKCS7 and PKIPATH.; isBase64 - A boolean value that specifies if the certificate data is base64 encoded.
Throws:: TokenException - If an unsupported value type is set.

getEncodingType

public java.lang.String getEncodingType()

Returns the encoding type of a certificate data.

Returns:: A String value that specifies the encoding of a certificate data. As Base64Binary is only the type currently supported this method always returns a Base64Binary type.

getValueType

public java.lang.String getValueType()

Gets the ValueType value.

Returns:: A String value that defines the value type of this token. The possible returned values are defined in this class.

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

Field Summary
static java.lang.String	`BASE64_BINARY` A `String` that indicates the encoding type.
static java.lang.String	`PKCS7_TYPE` A `String` that indicates a ValueType attribute value is X.509 certificate chain packaged in a PKCS#7 wrapper.
static java.lang.String	`PKIPATH_TYPE` A `String` that indicates a ValueType attribute value is X.509 certificate chain packaged in a PKIPATH wrapper.
static java.lang.String	`X509V3_TYPE` A `String` that indicates a ValueType attribute value is X.509 v3 certificate belonging to the signer.

Constructor Summary
`X509Token(SWSJContext context)` Creates an empty `X509Token` object initialized only with context.
`X509Token(SWSJContext context, byte[] certData, java.lang.String valueType, boolean isBase64)` Creates an `X509Token` object initialized with certificate data.
`X509Token(SWSJContext context, java.security.cert.X509Certificate cert)` Creates an `X509Token` object initialized with the signer's certificate.

Method Summary
java.security.cert.X509Certificate[]	`getCertificates()` Gets the certificate value.
java.lang.String	`getEncodingType()` Returns the encoding type of a certificate data.
java.lang.String	`getValueType()` Gets the ValueType value.
void	`setCertificateData(byte[] cert, java.lang.String valueType, boolean isBase64)` Sets the certificate data that can be in X509V3, PKCS#7 or PKIPath format.
void	`setX509Certificate(java.security.cert.X509Certificate cert)` Sets the certificate value.

com.rsa.swsj.profiles.wss Class X509Token

X509V3_TYPE

PKIPATH_TYPE

PKCS7_TYPE

BASE64_BINARY

X509Token

X509Token

X509Token

getCertificates

setX509Certificate

setCertificateData

getEncodingType

getValueType

com.rsa.swsj.profiles.wss
Class X509Token