TSPUtils (Oracle Security Developer Tools PKI SDK TSP Java API Reference)

Package

Class

Tree

Deprecated

Index

Help

Oracle Security Developer Tools PKI SDK TSP Java API Reference
10g Release 3 (10.1.3)
B25376-01

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

oracle.security.crypto.tsp
Class TSPUtils

java.lang.Object oracle.security.crypto.tsp.TSPUtils

public class TSPUtils
extends java.lang.Object

Defines various utility methods for the oracle.security.crypto.cert.tsp</code. package.

Constructor Summary
`TSPUtils()`

Method Summary
`static void`	`validateMessageImprint(MessageImprint mi)` Verifies that the algorithm specified in the given MessageImprint object is supported and that the length of the hash in the MessageImprint object is correct for the specified algorithm.
`static void`	`validateStatus(TSPTimeStampResp tsr)` Validates the status field for the given TimeStampResp message.
`static void`	`verifyKeyPurposeID(oracle.security.crypto.cert.X509 cert)` Verifies that the id-kp-timeStamping KeyPuposeID is present in the given X.509 certificate.
`static void`	`verifyTimeStampTokenSignature(oracle.security.crypto.cms.CMSSignedDataContentInfo timeStampToken, oracle.security.crypto.cert.X509 tsaCert)` Verifies the signature of the given timeStampToken using the given X.509 certificate.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

TSPUtils

public TSPUtils()

Method Detail

verifyKeyPurposeID

public static void verifyKeyPurposeID(oracle.security.crypto.cert.X509 cert)
                               throws TSPException

Verifies that the id-kp-timeStamping KeyPuposeID is present in the given X.509 certificate.

Parameters:: cert - The certificate
Throws:: TSPException - If the id-kp-timeStamping KeyPuposeID is not present.

validateMessageImprint

public static void validateMessageImprint(MessageImprint mi)
                                   throws TSPException,
                                          oracle.security.crypto.core.AlgorithmIdentifierException

Verifies that the algorithm specified in the given MessageImprint object is supported and that the length of the hash in the MessageImprint object is correct for the specified algorithm.

Parameters:: mi - The MessageImprint object.
Throws:: oracle.security.crypto.core.AlgorithmIdentifierException - If the algorithm is not supported.; TSPException - If the hash length is incorrect.

validateStatus

public static void validateStatus(TSPTimeStampResp tsr)
                           throws TSPException

Validates the status field for the given TimeStampResp message.

Parameters:: tsr - The TimeStampResp message.
Throws:: TSPException - Can occur under the following circumstances:
a) The PKIStatus value is unsupported. b) The PKIStatus is either GRANTED or GRANTED_WITH_MODS, and the failInfo field is present. c) The PKIStatus is neither GRANTED nor GRANTED_WITH_MODS, and the failInfo field is not present. d) The failInfo value is not supported.

verifyTimeStampTokenSignature

public static void verifyTimeStampTokenSignature(oracle.security.crypto.cms.CMSSignedDataContentInfo timeStampToken,
                                                 oracle.security.crypto.cert.X509 tsaCert)
                                          throws TSPException

Verifies the signature of the given timeStampToken using the given X.509 certificate. Also verifies that only one signature exists for the timeStampToken, that the TSA's certificate identifier (ESSCertID) is included as a signerInfo attribute, and that the certificate identifier corresponds to the given X.509 certificate.

Parameters:: timeStampToken - The given timeStampToken.; tsaCert - The given X.509 certificate.
Throws:: TSPException