IDIpkcs7Crypto (IBM Tivoli Directory Integrator API)

Overview

Package

Class

Use

Tree

Serialized

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.ibm.di.util
Class IDIpkcs7Crypto

java.lang.Object
  com.ibm.di.util.IDIpkcs7Crypto

public class IDIpkcs7Crypto
extends Object
extends Object

This class is used to decrypt a PKCS#7 SignedData object and obtain signed contents. The signature of the encrypted data is verified and the contents from the SignedData object are detached. Then the payload stream is DER decoded resulting in an object of type RacfCredential.

Main routine for testing takes following arguments:
Usage: IDIpkcs7Crypto

 [-receivecertKeystore=receiverCertificateKeystoreFileName]
 [-receivecertKeystorePW=receiverCertificateKeystorePassword]
 [-receivecertAlias=receiverCertificateAlias]
 [-receivecertPW=receiverCertificatePassword]
 [-signercertKeystore=signerCertificateKeystoreFileName]
 [-signercertKeystorePW=signerCertificateKeystorePassword]
 [-signercertAlias=signerCertificateAlias] [-envelope=pkcs7EnvelopeFileName]

To obtain the decrypted password/passphrase payload (RacfCredential.java) object:

 IDIpkcs7Crypto.getCredentialObject( ContentInfo contentInfo, String
 receiverKSPath, String receiverKSpw, String receiverCertAlias, String
 receivercertPW, String signerPath, String signerKSpw, String signerCertAlias)
 
 IDIpkcs7Crypto.getCredentialObject( String pkcs7EnvelopePath, String
 receiverKSPath, String receiverKSpw, String receiverCertAlias, String
 receivercertPW, String signerPath, String signerKSpw, String signerCertAlias)

See Also:: RacfCredential

Constructor Summary
`IDIpkcs7Crypto()`

Method Summary
`static RacfCredential`	`getCredentialObject(byte[] pkcs7EnvelopeBytes, String receiverPath, String receiverKSpw, String receiverCertAlias, String receivercertPW, String signerPath, String signerKSpw, String signerCertAlias)` This method obtains object representing plain ASCII text from a PKCS#7 encoded, encrypted and signed PKCS#7 payload.
`static RacfCredential`	`getCredentialObject(com.ibm.security.pkcs7.ContentInfo contentInfo, String receiverPath, String receiverKSpw, String receiverCertAlias, String receivercertPW, String signerPath, String signerKSpw, String signerCertAlias)` This method obtains object representing plain ASCII text from a PKCS#7 encoded, encrypted and signed pkcs7 payload.
`static RacfCredential`	`getCredentialObject(String pkcs7EnvelopePath, String receiverPath, String receiverKSpw, String receiverCertAlias, String receivercertPW, String signerPath, String signerKSpw, String signerCertAlias)` This method obtains a plain ASCII text from a PKCS#7 encoded, encrypted and signed PKCS#7 payload.
`static RacfPassword`	`getPasswordObject(byte[] pkcs7EnvelopeBytes, String receiverPath, String receiverKSpw, String receiverCertAlias, String receivercertPW, String signerPath, String signerKSpw, String signerCertAlias)` Deprecated.
`static RacfPassword`	`getPasswordObject(com.ibm.security.pkcs7.ContentInfo contentInfo, String receiverPath, String receiverKSpw, String receiverCertAlias, String receivercertPW, String signerPath, String signerKSpw, String signerCertAlias)` Deprecated.
`static RacfPassword`	`getPasswordObject(String pkcs7EnvelopePath, String receiverPath, String receiverKSpw, String receiverCertAlias, String receivercertPW, String signerPath, String signerKSpw, String signerCertAlias)` Deprecated.
`static void`	`main(String[] args)`
`static boolean`	`verifySignature(com.ibm.security.pkcs7.SignedData signeddata, Certificate signerCert)` This method verifies the signature of the data from the envelope.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

IDIpkcs7Crypto

public IDIpkcs7Crypto()

Method Detail

main

public static void main(String[] args)

getCredentialObject

public static RacfCredential getCredentialObject(byte[] pkcs7EnvelopeBytes,
                                                 String receiverPath,
                                                 String receiverKSpw,
                                                 String receiverCertAlias,
                                                 String receivercertPW,
                                                 String signerPath,
                                                 String signerKSpw,
                                                 String signerCertAlias)
                                          throws Exception

This method obtains object representing plain ASCII text from a PKCS#7 encoded, encrypted and signed PKCS#7 payload. See RacfCredential class for details of decoded contents. Note: use this constructor when enveloped data is in a byte array.

Parameters:: pkcs7EnvelopeBytes - byte[] containing PKCS#7 package to be decrypted; receiverPath - String representing file path to recipient's JKS keystore file; receiverKSpw - String representing the password to recipient's keystore file; receiverCertAlias - String representing the recipient's certificate alias name; receivercertPW - String representing the password to recipient's certificate; signerPath - String representing file path to signer's JKS keystore file; signerKSpw - String representing the password to signer's keystore file; signerCertAlias - String representing the signer's certificate alias name
Returns:: String representing the decrypted format of the received string. Null is returned when a null is received.
Throws:: Exception - when underlying function fails

getPasswordObject

@Deprecated
public static RacfPassword getPasswordObject(byte[] pkcs7EnvelopeBytes,
                                                        String receiverPath,
                                                        String receiverKSpw,
                                                        String receiverCertAlias,
                                                        String receivercertPW,
                                                        String signerPath,
                                                        String signerKSpw,
                                                        String signerCertAlias)
                                      throws Exception

Deprecated.

Deprecated. Use this method instead: getCredentialObject(ContentInfo, String, String, String, String, String, String, String)

Parameters:: pkcs7EnvelopeBytes -; receiverPath -; receiverKSpw -; receiverCertAlias -; receivercertPW -; signerPath -; signerKSpw -; signerCertAlias -
Returns:: String representing the decrypted format of the received string. Null is returned when a null is received.
Throws:: Exception

getCredentialObject

public static RacfCredential getCredentialObject(com.ibm.security.pkcs7.ContentInfo contentInfo,
                                                 String receiverPath,
                                                 String receiverKSpw,
                                                 String receiverCertAlias,
                                                 String receivercertPW,
                                                 String signerPath,
                                                 String signerKSpw,
                                                 String signerCertAlias)
                                          throws Exception

This method obtains object representing plain ASCII text from a PKCS#7 encoded, encrypted and signed pkcs7 payload. See RacfCredential class for details of decoded contents. Note: use this constructor when enveloped data is contained in a ContentInfoObject

Parameters:: contentInfo - ContentInfo object representing envelope to be decrypted; receiverPath - String representing file path to recipient's JKS keystore file; receiverKSpw - String which is password to recipient's keystore file; receiverCertAlias - String representing the recipient's certificate alias name; receivercertPW - String representing the password to recipient's certificate; signerPath - String representing file path to signer's JKS keystore file; signerKSpw - String representing the password to signer's keystore file; signerCertAlias - String representing the signer's certificate alias name
Returns:: String representing the decrypted format of the received string. Null is returned when a null is received.
Throws:: Exception - when underlying function fails

getPasswordObject

@Deprecated
public static RacfPassword getPasswordObject(com.ibm.security.pkcs7.ContentInfo contentInfo,
                                                        String receiverPath,
                                                        String receiverKSpw,
                                                        String receiverCertAlias,
                                                        String receivercertPW,
                                                        String signerPath,
                                                        String signerKSpw,
                                                        String signerCertAlias)
                                      throws Exception

Deprecated.

Deprecated. Use this method instead: getCredentialObject(ContentInfo, String, String, String, String, String, String, String)

Parameters:: contentInfo -; receiverPath -; receiverKSpw -; receiverCertAlias -; receivercertPW -; signerPath -; signerKSpw -; signerCertAlias -
Returns:: String representing the decrypted format of the received string. Null is returned when a null is received.
Throws:: Exception

getCredentialObject

public static RacfCredential getCredentialObject(String pkcs7EnvelopePath,
                                                 String receiverPath,
                                                 String receiverKSpw,
                                                 String receiverCertAlias,
                                                 String receivercertPW,
                                                 String signerPath,
                                                 String signerKSpw,
                                                 String signerCertAlias)
                                          throws Exception

This method obtains a plain ASCII text from a PKCS#7 encoded, encrypted and signed PKCS#7 payload. Note: Use this constructor when testing enveloped data contained in ASCII files.

Parameters:: pkcs7EnvelopePath - String representing path to file containing PKCS#7 package to be decrypted; receiverPath - String representing file path to recipient's JKS keystore file; receiverKSpw - String representing the password to recipient's keystore file; receiverCertAlias - String representing the receiver's certificate alias name; receivercertPW - String representing the password to recipient's certificate; signerPath - String representing file path to signer's JKS keystore file; signerKSpw - String representing the password to signer's keystore file; signerCertAlias - String signer certificate alias name
Returns:: String representing the decrypted format of the received string. Null is returned when a null is received.
Throws:: Exception - when underlying function fails
See Also:: class for details of decoded contents.

getPasswordObject

@Deprecated
public static RacfPassword getPasswordObject(String pkcs7EnvelopePath,
                                                        String receiverPath,
                                                        String receiverKSpw,
                                                        String receiverCertAlias,
                                                        String receivercertPW,
                                                        String signerPath,
                                                        String signerKSpw,
                                                        String signerCertAlias)
                                      throws Exception

Deprecated.

Deprecated. Use this method instead: getCredentialObject(String, String, String, String, String, String, String, String)

Parameters:: pkcs7EnvelopePath -; receiverPath -; receiverKSpw -; receiverCertAlias -; receivercertPW -; signerPath -; signerKSpw -; signerCertAlias -
Returns:: String representing the decrypted format of the received string. Null is returned when a null is received.
Throws:: Exception

verifySignature

public static boolean verifySignature(com.ibm.security.pkcs7.SignedData signeddata,
                                      Certificate signerCert)
                               throws Exception

This method verifies the signature of the data from the envelope.

Parameters:: signeddata - SignedData object from envelope; signerCert - X509Certificate from issuer/signer
Returns:: true if success verifying signers signature; false otherwise.
Throws:: Exception - when underlying function fails.

Overview

Package

Class

Use

Tree

Serialized

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.ibm.di.util Class IDIpkcs7Crypto

IDIpkcs7Crypto

main

getCredentialObject

getPasswordObject

getCredentialObject

getPasswordObject

getCredentialObject

getPasswordObject

verifySignature

com.ibm.di.util
Class IDIpkcs7Crypto