A bit position in a ReasonFlags bit string.
A CRLReason
, which can be used in the reason
field.
A bag containing a certificate.
Creates a CertBag from a type and a cert.
This exception is thrown if the certificate database does not exist,
or if an error occurs while opening it.
Constructs a new CertId
from its components.
An X.509 signed certificate.
Creates and signs an X.509 Certificate.
A bit position in a ReasonFlags bit string.
A CRLReason
, which can be used in the reason
field.
A TBSCertificate (to-be-signed certificate), the actual information in
a certificate apart from the signature.
Creates a CertificateInfo with the required fields.
A pkcs10 signed CertificationRequest.
Creates and signs an X.509 CertificationRequest.
A TBSCertificationRequest (to-be-signed CertificationRequest),
the actual information in
a CertificationRequest apart from the signature.
Creates a CertificationRequestInfo with the required fields.
Creates a new CertRepContent
.
Creates a new CertRepContent
.
Creates a new CertRepContent
This class models a CRMF CertReqMsg structure.
Constructs a CertReqmsg from a CertRequest and, optionally,
a pop>/i> and a regInfo.
This class models a CRMF CertTemplate structure.
Creates an empty CertTemplate.
A bit position in a ReasonFlags bit string.
A CRLReason
, which can be used in the reason
field.
The SubsequentMessage field is challengeResp
.
An exception thrown when challenge response pop is requested.
Change the password on the token from the old one to the new one.
Change the password of this token.
An abstract base class for all character string types in ASN.1.
Converts a char array to a null-terminated byte array using a standard
encoding, which is currently UTF8.
Objects of this class are generated by CHOICE.Template.decode().
Create a CHOICE whose chosen element has no implicit tag.
Create a CHOICE whose chosen element has an implicit tag.
A context for performing symmetric encryption and decryption.
Clears the password so that sensitive data is no longer present
in memory.
Empties the SSL client session ID cache.
Cloning is not supported yet
Allows a SymmetricKey to be cloned on a different token.
Allows a SymmetricKey to be cloned on a different token.
Allows a SymmetricKey to be cloned on a different token.
Clones a SymmetricKey from a different token onto this token.
Allows a SymmetricKey to be cloned on a different token.
This flushes the stream and closes the next stream downstream.
Closes the certificate and key databases.
CMC
CMCStatusInfo:
CMCStatusInfo ::= SEQUENCE {
cMCStatus CMCStatus,
bodyList SEQUENCE SIZE (1..MAX) OF BodyPartID,
statusString UTF8String OPTIONAL,
otherInfo CHOICE {
failInfo CMCFailInfo,
pendInfo PendInfo } OPTIONAL
}
PendInfo ::= SEQUENCE {
pendToken OCTET STRING,
pendTime GeneralizedTime
}
Create a CMCStatusInfo from decoding.
commonName - static field in class org.mozilla.jss.pkix.primitive.
Name The OID for the common name (CN) attribute.
Computes the macData field and adds it to the PFX.
Configures the session ID cache.
Enables OCSP, note when you Initialize JSS for the first time, for
backwards compatibility, the initialize will enable OCSP if you
previously set values.ocspCheckingEnabled and
values.ocspResponderURL/values.ocspResponderCertNickname
configureOCSP will allow changing of the the OCSPResponder at runtime.
A password callback that obtains its password from the console.
A PKCS #7 ContentInfo structure.
A PKCS #7 ContentInfo structure.
Creates a ContentInfo of type data
.
Creates a ContentInfo of type data
.
Creates a ContentInfo with the given type and content.
Creates a ContentInfo with the given type and content.
Creates a ContentInfo of type digestedData
.
Creates a ContentInfo of type encryptedData
.
Creates a ContentInfo of type envelopedData
.
Creates a ContentInfo of type signedAndEnvelopedData
.
Creates a ContentInfo of type signedData
.
Creates a ContentInfo of type digestedData
.
Creates a ContentInfo of type encryptedData
.
Creates a ContentInfo of type envelopedData
.
Creates a ContentInfo of type signedAndEnvelopedData
.
Creates a ContentInfo of type signedData
.
Converts a password of Java characters into a password of
bytes, using some encoding scheme.
This class keeps track of the number of bytes that have been read from
a stream.
The OID for the country name (C) attribute.
Creates a SafeBag that contains an X.509 Certificate.
Creates a SafeBag that contains an X.509 Certificate.
Creates a new POPOPrivKey with the given dhMAC field.
Creates a SafeBag containing a PKCS-8ShroudedKeyBag, which is
an EncryptedPrivateKeyInfo.
Creates a new SignerIdentifier with the given IssuerAndSerialNumber field.
Creates a new ProofOfPossesion with the given keyAgreement field.
Creates a new ProofOfPossesion with the given keyEncipherment field.
Creates a new EncryptedContentInfo, where the data is encrypted
with a password-based key.
Creates a new EncryptedContentInfo, where the data is encrypted
with a password-based key.
Creates a new EncryptedPrivateKeyInfo, where the data is encrypted
with a password-based key.
Retrieves a FIPS-140-1 validated random number generator.
Creates a new ProofOfPossesion with an raVerified field.
Creates a new ProofOfPossesion with the given signature field.
Creates a new SignerIdentifier with the given SubjectKeyIdentifier field.
Creates a new POPOPrivKey with the given subsequentMessage field.
Creates a new POPOPrivKey with the given thisMessage field.
A bag containing a certificate revocation list.
Thrown if a CRL cannot be imported
This class is the starting poing for the crypto package.
Constructor, for internal use only.
This is an interface for a permanent repository of cryptographic objects,
such as keys, certs, and passwords.
A CryptoToken performs cryptographic operations and stores
cryptographic items, such as keys and certs.
Returns the RDN at the given index in the Name.
Returns the element at the given index in the SET.
Returns the element with the given Tag, or null if no element exists
with the given tag.
Enables SSL v2 on this socket.
Enables SSL v2 on this socket.
Sets the default for SSL v2 for all new sockets.
Enables SSL v3 on this socket.
Enables SSL v3 on this socket.
Sets the default for SSL v2 for all new sockets.
A CMS EncapsulatedContentInfo structure.
Creates a EncapsulatedContentInfo with the given type and content.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Encodes this CertReqMsg to the given OutputStream using
DER encoding, with the given implicit tag.
This method is not yet supported.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
DER-encodes a PKIArchiveOptions.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Should not be called, because POPOPrivKey is a CHOICE and cannot have
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Writes the DER encoding to the given output stream,
using the given implicit tag.
Writes the DER encoding to the given output stream,
using the given implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write this value's DER encoding to an output stream using
an implicit tag.
Write the DER-encoding of this TimeBase.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Encodes this CertReqMsg to the given OutputStream using
DER encoding.
This method is not yet supported.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
DER-encodes a PKIArchiveOptions.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Writes the DER encoding to the given output stream.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Write this value's DER encoding to an output stream using
its own base tag.
Extracts the contents from the ANY and encodes them with
the provided tag.
An ASN.1 class for encoding the SecretDecoderRing result.
The SubsequentMessage field is encrCert
.
Encrypts the given plaintext with the Secret Decoder Ring key stored
in the NSS key database.
Encrypts the given plaintext string with the Secret Decoder Ring key
stored in the NSS key database.
The PKCS #7 type EncryptedContentInfo, which encapsulates
encrypted data.
The PKCS #7 type EncryptedContentInfo, which encapsulates
encrypted data.
Create a EnvelopedData ASN1 object.
Create a EnvelopedData ASN1 object.
The PKCS #7 structure EncryptedData.
The PKCS #7 structure EncryptedData.
Creates a new EncryptedData.
Creates a new EncryptedData.
Creates an EncryptedData with the default version.
Creates an EncryptedData with the default version.
PKCS #8 EncryptedPrivateKeyInfo.
Creates an EncryptedPrivateKeyInfo from its components.
The CRMF structure EncryptedValue for storing the encrypted
key to be archived.
An algorithm for performing symmetric encryption.
Encrypts data with the SecretDecoderRing.
Creates an Encryptor on the given CryptoToken, using the key with
the given keyID and algorithm
The end-of-contents marker for indefinite length encoding.
Returns a list of unique aliases.
We don't support RSAPrivateKeySpec because it doesn't have enough
information.
This is just here for JCA compliance, we don't take randoms this way.
Returns true if there is a cert with this nickname but there is no
key associated with the cert.
Returns true if there is a key with this alias, or if
there is a cert with this alias that has an associated key.
Performs raw verification of the signature of a hash using the
given public key, on the given token.
NSS doesn't have a way of storing a certificate on a specific token
unless it has an associated private key.
Translates key by calling getEncoded() to get its encoded form,
then importing the key from its encoding.
Represents an ASN.1 ENUMERATED
value.
Creates a new ENUMERATED value from a long.
Create a EnvelopedData ASN1 object.
Create a EnvelopedData ASN1 object.
EOC - static field in class org.mozilla.jss.asn1.
Tag An alias for END_OF_CONTENTS.
Deep comparison operation.
Deep comparison operator.
Compares this password to another and returns true if they
are the same.
Deep-comparison operator.
Compares two tags for equality.
ERROR - static field in class org.mozilla.jss.util.
Debug Need to provide a password before each crypto operation.
Creates an EXPLICIT tag wrapping some other ASN1Value.
Exports one or more certificates into a PKCS #7 certificate container.
Returns the ith extension.
The ASN.1 type GeneralizedTime
Creates a GeneralizedTime
from a Date.
Generates P, Q, and G parameters for DSA key generation.
Generates P, Q, and G parameters for DSA key generation.
Generates a b64 encoded PKCS10 blob used for making cert
request.
Generates a PKCS#10 certificate request including Begin/End brackets
Generates an SDR key with the default algorithm and key size.
Generates an SDR key with the given algorithm and key size.
Generates a key pair on a token.
Generates an Initialization Vector using a PBE algorithm.
Generates an Initialization Vector using a PBE algorithm.
Generates a new key pair.
Returns an instance of a context-specific tag with the given number.
Returns the action field.
Returns the base algorithm, without the parameters.
Returns the algorithm family for a given key pair generation algorithm.
Returns the algorithm that this digest uses.
Returns the algorithm that this digest uses.
Returns the name of the algorithm to be used for signing.
Returns the algorithm to be used for signing.
Retrieves the algorithm identifier for the signature.
Returns the key gen parameters.
May return null if no attributes are present.
Retrieves the authenticated attributes, if they exist.
Returns the attributes of this bag.
Returns the contents of this bag as an ANY.
Returns the bits packed into an array of bytes, with padding
at the end.
The blocksize of the algorithm in bytes.
Retrieves all CA certificates in the trust database.
Returns the caPubs
field, which is an array of
DER-encoded X.509 Certificates.
Returns the cert field of the CertBag.
Returns all user certificates stored on this token.
Returns all user certificates stored on this token.
Returns the certificates field, which is a SET of
X.509 certificates (org.mozilla.jss.pkix.cert.Certificate).
Returns the certificates field, which is a SET of
X.509 certificates (org.mozilla.jss.pkix.cert.Certificate).
Returns the optional certified key pair.
Retrieves the CertRequest contained in this structure.
Returns the certReqId (certificate request ID) field.
Returns the certReqId
field, which may be null
.
Returns the CertTemplate field.
Returns the certType field of the CertBag.
Returns a char array that is a copy of the password.
Returns the char array underlying this password.
Query which cipher is being used in this session.
Creates a Cipher object, which can be used for encryption and
decryption.
Creates a Cipher object, which can be used for encryption and
decryption.
Returns whether this cipher is enabled or disabled on this socket.
Returns the default for whether this cipher is enabled or disabled.
Returns the comment
field.
Returns the content encoded as an ANY.
Returns the content encoded as an ANY.
Returns the content encoded as an OCTET_STRING.
Returns the ASN1Value that is wrapped by this EXPLICIT tag.
Returns the ContentInfo containing the signed content.
Returns the EncapsulatedContentInfo containing the signed content.
Returns -1 for indefinite length encoding.
Returns the contentType field, which determines what kind of content
is contained in this ContentInfo.
Returns the contentType field, which determines what kind of content
is contained in this ContentInfo.
Returns the contentType field, which determines what kind of content
is contained in this EncapsulatedContentInfo.
Constructs a GetCRL
from its components.
Returns the cRLName
field, which may be null
.
The crls
field, which is a SEQUENCE
of
ANY
.
Returns the crls field, which contains a SET of certificate
revocation lists represented by ANYs (org.mozilla.jss.asn1.ANY).
Returns the crls field, which contains a SET of certificate
revocation lists represented by ANYs (org.mozilla.jss.asn1.ANY).
If type == CRMF, returns the crm field.
Get the CryptoStore interface to this token's objects.
Get the CryptoStore interface to this token's objects.
If type==DHMAC, returns the dhMAC field.
The digest portion of the signature algorithm.
Retrieves the DigestAlgorithm used in this SignerInfo.
Retrieves the DigestAlgorithm used in this SignerInfo.
Retrieves the DigestAlgorithmIdentifier used in this SignerInfo.
Retrieves the DigestAlgorithmIdentifier used in this SignerInfo.
Returns the digest algorithms used by the signers to digest the
signed content.
Returns the digest algorithms used by the signers to digest the
signed content.
Returns a SET of AlgorithmIdentifier.
Returns a SET of AlgorithmIdentifier.
Returns the raw signature (digest encryption) algorithm used in this
SignerInfo.
Returns the raw signature (digest encryption) algorithm used in this
SignerInfo.
Returns the DigestEncryptionAlgorithmIdentifier used in this SignerInfo.
Returns the DigestEncryptionAlgorithmIdentifier used in this SignerInfo.
Get the email (S/MIME) trust flags for this certificate.
Get the email (S/MIME) trust flags for this certificate.
Returns the complete encoding of header and contents, as passed into
the constructor or read from a BER input stream.
Subclasses that support encoding can overload this method.
Returns a DER-encoded SubjectPublicKeyInfo representing this key.
Returns the DER encoding of this certificate.
Returns the encrypted content.
Returns the encrypted content.
Retrieves the encrypted digest.
Retrieves the encrypted digest.
Returns the encrypted key.
Should only be called if getType
returns
ENCRYPTED_VALUE
.
Returns the EncryptionAlgorithm that should be used with keys
generated with this PBEAlgorithm.
Should only be called if getType
returns
ENVELOPED_DATA
.
Returns an error code, as defined in class
org.mozilla.jss.util.NativeErrcodes.
Linearly searches the extension list for an extension with the given
object identifier.
Returns the extensions of this certificate.
Retrieves all tokens except those built into NSS.
Returns the extension identifier.
If type == FAIL, returns the failInfo field.
Returns the Form, PRIMITIVE or CONSTRUCTED.
Subclasses that support encoding can overload this method.
The name of the primary encoding format of this key.
Returns the ASN.1 header from the encoding.
Returns a list of cipher suites that are implemented by NSS.
Returns the information (TBSCertificate) contained in this certificate.
Returns the information (TBSCertificationRequest) contained in this CertificationRequest.
Returns the input stream for reading from this socket.
Retrieve the single instance of CryptoManager.
Retrieves the internal cryptographic services token.
Retrieves the internal key storage token.
Returns the bagContent interpreted by type.
Returns the cert field of the CertBag based on its type.
Returns the content, interpreted based on its type.
Returns the content, interpreted based on its type.
Returns the invalidityDate field.
Returns the issuer
field as an ANY
.
Returns the issuer field of this CertTemplate.
Returns the issuer
field.
If type == ISSUER_AND_SERIALNUMBER, returns the IssuerAndSerialNumber
field.
Retrieves the issuer and serial number of the certificate whose
private key was used to sign the SignerInfo.
Returns the RFC 1485 ASCII encoding of the issuer's Subject Name.
Returns the issuerName
field.
Returns the issuerName
field as an ANY.
Returns the issuerUID field of this CertTemplate.
Should only be called if this field is present.
Returns the iteration count.
Returns a reference to an internal copy of the initialization vector.
Returns the number of bytes that this algorithm expects in
its initialization vector.
Returns the current setting of the SO_KEEPALIVE socket option.
If type == KEY_AGREEMENT, returns the keyAgreement field.
If type == KEY_ENCIPHERMENT, returns the keyEncipherment field.
Creates a KeyGenerator object, which can be used to generate
symmetric encryption keys.
Creates a KeyGenerator object, which can be used to generate
symmetric encryption keys.
Creates a KeyPairGenerator object, which can be used to generate
key pairs.
Creates a KeyPairGenerator object, which can be used to generate
key pairs.
Returns the size of the modulus in bits.
Returns the key strength of this algorithm in bits.
Returns the KeyType corresponding to the given Algorithm.
Returns the length of the key in bytes, as returned by
PK11_GetKeyLength().
Get debugging level of the application.
Returns the name of the shared library implementing this module.
Computes the LocalKeyID attribute that should be stored with a key
and certificate.
Returns the login mode of this token: ONE_TIME, TIMEOUT, or
EVERY_TIME.
Returns the login mode of this token: ONE_TIME, TIMEOUT, or
EVERY_TIME.
Returns the login timeout period.
Returns the login timeout period.
Returns the MacData of this PFX, which is used to verify the contents.
Returns the mode of this algorithm.
Retrieves all installed cryptographic modules.
Obtain the nickname, or label, of this token.
The name of the file or token that is being logged into.
Returns the common name of this module.
Obtain the nickname, or label, of this token.
Returns the possibly-null nickname of this certificate.
Returns the notAfter field of this CertTemplate.
Returns the notBefore field of this CertTemplate.
Get the object signing trust flags for this certificate.
Get the object signing trust flags for this certificate.
getOID() - method in class org.mozilla.jss.pkix.primitive.
AVA Returns the output size in bytes for this algorithm.
Returns the length of the digest created by this digest's
digest algorithm.
Returns the output stream for writing to this socket.
Returns a new CryptoToken where this key resides.
Returns the CryptoToken that owns this private key.
Returns the CryptoToken that owns this certificate.
Returns the number of padding bits at the end of the array.
Returns the padding type of this algorithm.
Returns the type of padding for this algorithm.
The type of parameter that this algorithm expects.
The types of parameter that this algorithm expects.
If this instance was constructed, returns the
parameter passed in to the constructer.
If this fails, we just return null, since no exceptions are allowed.
Returns the passphrase
field.
Returns a reference to the password, not a copy.
Tries supplying a password again.
An implementation of PasswordCallback.getPasswordAgain
.
Tries supplying a password again.
Returns the currently registered password callback.
An implementation of
PasswordCallback.getPasswordFirstAttempt
.
Retrieve certificate presented by the other other end
of the socket
Not Supported in NSS 2.0 Beta release.
If type == PEND, returns the pendInfo field.
Retrieves all certificates in the trust database.
Returns the value of this control as a PKIArchiveOptions, if it
actually is a PKIArchiveOptions.
Returns the value of this control as a PKIPublicationInfo, if it
actually is a PKIPublicationInfo.
Retrieves the input to the Proof-of-Possession of the signing key.
Returns all private keys stored on this token.
Returns all private keys stored on this token.
This is not supported yet.
Returns the public exponent e.
Returns the publicKey field of this CertTemplate.
Extracts the Public Key from this certificate.
Returns the pubLocation in the SinglePubInfo at the given index.
Returns the pubMethod in the SinglePubInfo at the given index.
Returns the reason
field, which should indicate the
reason for the revocation.
Returns the reasons
field, which may be null
.
Returnst he size (in bytes) of the receive buffer.
Returns a SET of RecipientInfo.
Returns a SET of RecipientInfo.
Returns the regInfo field.
Get the distinguished name of the remote certificate's issuer
Get the distinguished name of the subject of the remote certificate
Determines whether the DER-encoding of this bitstring will have
its trailing zeroes removed.
Returns the response
field, which is a SEQUENCE
of CertResponse
The revCerts
field, which is a SEQUENCE
of CertId
.
Returns the SafeContents at the given index in the AuthenticatedSafes,
decrypting it if necessary.
Returns a reference to the salt.
Returns the number of bytes of salt that should be supplied when
generating keys with this algorithm.
Returns the secret stored in the SecretBag.
Returns the type of secret stored in the SecretBag.
Retrieves a FIPS-140-1 validated random number generator.
Get exact security status of socket.
Returns the size (in bytes) of the send buffer.
Returns the raw SEQUENCE which constitutes this
AuthenticatedSafes.
Returns the serialNumber
field.
Returns the serialNumber field of this CertTemplate.
Returns the serialNumber
field.
Get the serial number of the remote certificate
Returns the serial number of this certificate.
Query how many bits long the session key is.
To satisfy export restrictions, some of the session key may
be revealed.
Returns the sharedSecret
field.
If type == SIGNATURE, returns the signature field.
Creates a Signature object, which can perform signing and signature
verification.
Creates a Signature object, which can perform signing and signature
verification.
Retrieves the signed attributes, if they exist.
Retrieves the SignerIdentifier.
Returns a SET of SignerInfo.
Returns a SET of SignerInfo.
Returns the signerInfos field, which is a SET of
org.mozilla.jss.pkcs7.SignerInfo.
Returns the signerInfos field, which is a SET of
org.mozilla.jss.pkcs7.SignerInfo.
Returns the signingAlg field of this CertTemplate.
The raw encryption portion of the signature algorithm.
Returns the size of the sequence, which is the number of SafeContents
in this AuthenticatedSafes.
get socket on which the event occured
Returns the current value of the SO_LINGER socket option.
Returns the current value of the SO_TIMEOUT socket option.
Returns the current value of the SO_TIMEOUT socket option.
Get the SSL trust flags for this certificate.
Get the SSL trust flags for this certificate.
The status
field, which is a SEQUENCE
of PKIStatusInfo
.
get security information about this socket, including
cert data
Returns the security status of this socket.
Returns the size in bits of the modulus of an RSA Private key.
Returns key strength, measured as the number of bits of secret material.
Returns the size, in bits, of the modulus of an RSA key.
Sets the subject field of this CertTemplate.
Returns the subject
field.
Returns the RFC 1485 ASCII encoding of the Subject Name.
If type == SUBJECT_KEY_IDENTIFIER, returns the SubjectKeyIdentifier
field.
Returns the subjectUID field of this CertTemplate.
If type==SUBSEQUENT_MESSAGE, returns the subsequentMessage field.
Returns the tag of this value.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
getTag() - method in class org.mozilla.jss.pkix.primitive.
AVA Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the tag that the chosen element is encoded with, which is
either the underlying tag of the element or an implicit tag.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the Tag of this EXPLICIT tag.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
getTag() - method in class org.mozilla.jss.pkix.primitive.
Name Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
getTag() - method in class org.mozilla.jss.pkix.primitive.
RDN Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the base tag for this type, not counting any tags
that may be imposed on it by its context.
Returns the current setting of the TCP_NO_DELAY socket option.
If type == PKCS10, returns the tcr field.
Returns a singleton instance of a decoding template.
Returns a singleton instance of BMPString.Template.
Returns a singleton instance of a decoding template for ContentInfo.
Returns a singleton instance of a decoding template for ContentInfo.
Returns a singleton instance of the decoding template for this class.
Returns a singleton instance of a decoding template for EncapsulatedContentInfo.
Returns a singleton template instance.
Returns a singleton template instance.
Returns a singleton instance of the decoding template for this class.
Returns a singleton instance of the decoding template for this class.
Returns a singleton instance of the decoding template for this class.
Returns a singleton instance of UTF8String.Template.
If type==THIS_MESSAGE, returns the thisMessage field.
Returns the default token for the current thread.
Returns the time
field, which may be null
.
Looks up the CryptoToken with the given name.
Get the CryptoTokens provided by this module.
Retrieves all tokens that support the given algorithm.
Returns the length of the header plus the length of the contents;
the total length of the DER encoding of an ASN1 value.
Gets the trust flags for this cert.
Returns the type of OtherInfo:
The type of object that is being logged into, FILE
or TOKEN
.
Returns the type (RSA or DSA) of this private key.
Returns the type of PKIArchiveOptions.
Returns the type of POPOPrivKey: THIS_MESSAGE, SUBSEQUENT_MESSAGE,
or DHMAC.
Returns the type (RSA or DSA) of this private key.
Returns the type of ProofOfPossesion:
RA_VERIFIED
SIGNATURE
KEY_ENCIPHERMENT
KEY_AGREEMENT
Returns the type of SignerIdentifier:
ISSUER_AND_SERIALNUMBER
SUBJECT_KEY_IDENTIFIER
Returns the type of TaggedRequest:
Retrieves the unauthenticated attributes, if they exist.
Returns the unique ID of this key.
Returns the unique ID of this key.
Returns the unique ID of this key.
Retrieves the unsigned attributes, if they exist.
Returns the value of this control as a UTF8String, if it actually
is a UTF8String.
Returns the value of this AVA, encoded as an ANY.
Returns the chosen value.
Returns the value as a long.
If this AVA was constructed, returns the SET of ASN1Values passed to the
constructor.
If this AVA was constructed, returns the SET of ASN1Values passed to the
constructor.
If this AVA was constructed, returns the SET of ASN1Values passed to the
constructor.
Returns the version field of this CertTemplate.
Returns the version number.
Returns the version number.
Returns the version of this SignedData.
Returns the version of this SignedData.
Retrieves the version number of this SignerInfo.
Retrieves the version number of this SignerInfo.
A bag containing a nested SafeContent .
A PKCS #12 SafeBag structure.
Creates a new SafeBag from its components.
Returns true if the SafeContents at the given index in the
AuthenticatedSafes is encrypted.
SDR - class org.mozilla.jss.tests.
SDR A bag containing an arbitrary secret.
Creates a SecretBag with the given secret type and secret.
This is a proprietary NSS interface.
This method will be called from the native callback code
when a certificate is requested.
this method will be called form the native callback code
when a certificate is requested.
SET - class org.mozilla.jss.asn1.
SET An ASN.1 SET, which is an unordered collection of ASN.1 values.
Sets the character to byte converter for passwords.
Sets the character to byte converter for passwords.
Sets the SSL cipher policy.
Enables/disables the cipher on this socket.
Sets the default for whether this cipher is enabled or disabled.
Sets the certificate to use for client authentication.
Sets the certificate to use for client authentication.
Sets the nickname of the certificate to use for client authentication.
Sets the nickname of the certificate to use for client authentication.
Sets the nickname of the certificate to use for client authentication.
Set the email (S/MIME) trust flags for this certificate.
Set the email (S/MIME) trust flags for this certificate.
Sets the extensions field of this CertTemplate.
Sets the issuer field of this CertTemplate.
Sets the issuerUID field of this CertTemplate.
Enables or disables the SO_KEEPALIVE socket option.
Set the debugging level of the application.
Sets the login mode of this token.
Sets the login mode of this token.
Sets the timeout period for logging in.
Sets the timeout period for logging in.
Enables/disables the request of client authentication.
Enables/disables the request of client authentication.
Sets the notAfter field of this CertTemplate.
Sets the version field of this CertTemplate.
Set the object signing trust flags for this certificate.
Set the object signing trust flags for this certificate.
Set parameters for the signing algorithm.
This function sets the global password callback.
Sets the publicKey field of this CertTemplate.
Sets the size (in bytes) of the receive buffer.
Determines whether the DER-encoding of this bitstring will have
its trailing zeroes removed.
Seed the RNG with the given seed bytes.
Seed the RNG with the given seed bytes.
Seed the RNG with the eight bytes contained in seed
.
Seed the RNG with the eight bytes contained in seed
.
Sets the size (in bytes) of the send buffer.
Sets the serialNumber field of this CertTemplate.
Sets the certificate to use for server authentication.
Sets the certificate to use for server authentication.
Sets the signingAlg field of this CertTemplate.
Sets the SO_LINGER socket option.
Sets the SO_TIMEOUT socket option.
Sets the SO_TIMEOUT socket option.
Set the SSL trust flags for this certificate.
Set the SSL trust flags for this certificate.
Sets the statusString
field.
Sets the statusString
field.
Sets the subject field of this CertTemplate.
Extracts the SubjectPublicKeyInfo from the given public key and
stores it in the CertificateInfo.
Extracts the SubjectPublicKeyInfo from the given public key and
stores it in the CertificationRequestInfo.
Sets the subjectUID field of this CertTemplate.
Enables or disables the TCP_NO_DELAY socket option.
Sets the default token for the current thread.
Sets the trust flags for this cert.
Determines whether this end of the socket is the client or the server
for purposes of the SSL protocol.
Determines whether this end of the socket is the client or the server
for purposes of the SSL protocol.
Sets the version field of this CertTemplate.
The SHA-1 digest algorithm, from Uncle Sam.
This class is a placeholder for javax.crypto.ShortBufferException until
we move to JDK 1.2.
Shuts down the input side of the socket.
Shuts down the output side of the socket.
Finish a signing operation and return the signature.
Finish a signing operation and store the signature in the provided
buffer.
A class for producing and verifying digital signatures.
Algorithms that can be used for signing.
You don't need to use this unless you are hacking JSS.
A PKCS #7 SignedData structure.
A CMS SignedData structure.
Create a SignedData ASN1 object.
Create a SignedData ASN1 object.
CMS
SignerIdentifier:
SignerIdentifier ::= CHOICE {
issuerAndSerialNumber IssuerAndSerialNumber,
subjectKeyIdentifier [0] SubjectKeyIdentifier }
A constructor for creating a new SignerInfo from scratch.
A constructor for creating a new SignerInfo from scratch.
size() - method in class org.mozilla.jss.pkix.primitive.
Name Returns the number of RDNs in the Name.
size() - method in class org.mozilla.jss.pkix.primitive.
RDN size() - method in class org.mozilla.jss.asn1.
SET Returns the number of elements in this SET.
Create a NativeProxy from a byte array representing a C pointer.
This interface is what you should implement if you want to
be able to decide whether or not you want to approve the peer's cert,
instead of having NSS do that.
Parameters supported by this socket test:
filename file to be read from https server (default: /index.html)
port port to connect to (default: 443)
ipaddr address to connect to (overrides hostname, no default)
hostname host to connect to (no default)
clientauth do client-auth or not (default: no client-auth)
The following parameters are used for regression testing, so
we can print success or failure of the test.
Implement this if you want to specify dynamically which certificate
should be presented for client authentication.
This class represents the event telling you a handshake
operation is complete.
This interface is used when you want to know that a security
handshake is complete.
This class represents the known state of an SSL connection: what cipher
is being used, how secure it is, and who's on the other end.
This constructor is called from the native SSL code
It's not necessary for you to call this.
Parameters supported by this socket test:
filename file to be read from https server (default: /index.html)
port port to connect to (default: 443)
clientauth do client-auth or not (default: no client-auth)
The following parameters are used for regression testing, so
we can print success or failure of the test.
Creates a server socket listening on the given port.
Creates a server socket listening on the given port.
Creates a server socket listening on the given port.
Creates a server socket listening on the given port.
Creates a server socket listening on the given port.
Creates an SSL client socket and connects to the specified address and
port.
Creates an SSL client socket and connects to the specified address and
port.
Creates an SSL client socket and connects to the specified host and
port.
Creates an SSL client socket and connects to the specified address and
port.
Creates an SSL client socket using the given Java socket for underlying
I/O.
Creates an SSL client socket and connects to the specified host and
port.
Creates an SSL client socket and connects to the specified host and
port.
Creates an SSL client socket and connects to the specified host and
port.
A subclass of java.net.SocketException that contains an error code
from the native (NSS/NSPR) code.
The OID for the state or province name (S) attribute.
Creates a new OBJECT_IDENTIFIER that is a sub-branch of this one.
Creates a new OBJECT_IDENTIFIER that is a sub-branch of this one.
Represent the Subject Key Identifier Extension.
Constructs an SubjectKeyIdentifier from its components.
A SubjectPublicKeyInfo, which stores information about a public key.
A bit position in a ReasonFlags bit string.
A CRLReason
, which can be used in the reason
field.
Returns an array of algorithms supported by this key type.