Index (HSM Share 2.0)

A B C D E G H I K L M N O R S T V
All Classes and Interfaces|All Packages|Constant Field Values|Serialized Form

A

all() - Static method in class com.bfo.netkeystore.client.SignatureAlgorithm: Return a list of all defined algorithms
ANONYMOUS - Static variable in class com.bfo.netkeystore.server.Authorization: An anonymous principal.
Authorization - Class in com.bfo.netkeystore.server: The Authorization manages the authorization of users.
Authorization() - Constructor for class com.bfo.netkeystore.server.Authorization
authorize(HttpExchange) - Method in class com.bfo.netkeystore.server.Authorization: Authorize the HTTP exchange.
authorize(HttpExchange) - Method in class com.bfo.netkeystore.server.BasicAuthorization
authorize(HttpExchange) - Method in class com.bfo.netkeystore.server.OAuth2Authorization

B

BasicAuthorization - Class in com.bfo.netkeystore.server: An implementation of Authorization that supports "basic" authentication.
BasicAuthorization() - Constructor for class com.bfo.netkeystore.server.BasicAuthorization

C

canSign(NetPrivateKey, SignatureAlgorithm) - Method in interface com.bfo.netkeystore.client.Server: Given a signature algorithm, return the hash algorithm that should be used to generate the digest for the signature for the specified key, or (if the key is null) if any key owned by this server could support that algorithm.
clone() - Method in class com.bfo.netkeystore.client.OAuth2: Duplicate an OAuth2
com.bfo.netkeystore.client - package com.bfo.netkeystore.client: Contains the classes used by a NetKeyStore client
com.bfo.netkeystore.server - package com.bfo.netkeystore.server: Contains the classes used by a NetKeyStore server
configure(Json) - Method in class com.bfo.netkeystore.server.Authorization: Configure the Authorization.
configure(Json) - Method in class com.bfo.netkeystore.server.BasicAuthorization: The configuration should include a "users" list which contains zero or more objects with properties including "name", "plaintext" and "credentials"
configure(Json) - Method in interface com.bfo.netkeystore.server.KeyAuthorization: Configure the KeyAuthorization.
configure(Json) - Method in class com.bfo.netkeystore.server.OAuth2Authorization
configure(Json) - Method in class com.bfo.netkeystore.server.SampleOnlineOTP
configure(Json, File) - Method in class com.bfo.netkeystore.server.Server: Configure the Server
configure(InputStream, File) - Method in class com.bfo.netkeystore.server.Server: Configure the Server
configure(String) - Method in class com.bfo.netkeystore.client.NetProvider: Configure the NetProvider
configure(String, Json, boolean) - Method in interface com.bfo.netkeystore.client.Server: Configure the server
createPrincipal(String, Json) - Method in class com.bfo.netkeystore.server.OAuth2Authorization: Given the content of an access_token that has been verified, confirm that the token is actually appropriate for this service - for example, it should check the "scope", etc.
Credential - Interface in com.bfo.netkeystore.server: A Credential is effectively a wrapper around a PrivateKey
CredentialCollection - Class in com.bfo.netkeystore.server: Return the collection of Credentials available to the Server

D

digestAlgorithm() - Method in class com.bfo.netkeystore.client.SignatureAlgorithm: Return the digestAlgorithm for this algorithm

E

engineAliases() - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineContainsAlias(String) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineDeleteEntry(String) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineEntryInstanceOf(String, Class<? extends KeyStore.Entry>) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineGetCertificate(String) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineGetCertificateAlias(Certificate) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineGetCertificateChain(String) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineGetCreationDate(String) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineGetEntry(String, KeyStore.ProtectionParameter) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineGetKey(String, char[]) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineGetParameter(String) - Method in class com.bfo.netkeystore.client.NetSignatureSpi: Deprecated.
engineGetParameters() - Method in class com.bfo.netkeystore.client.NetSignatureSpi
engineInitSign(PrivateKey) - Method in class com.bfo.netkeystore.client.NetSignatureSpi
engineInitSign(PrivateKey, SecureRandom) - Method in class com.bfo.netkeystore.client.NetSignatureSpi
engineInitVerify(PublicKey) - Method in class com.bfo.netkeystore.client.NetSignatureSpi
engineIsCertificateEntry(String) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineIsKeyEntry(String) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineLoad(InputStream, char[]) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineLoad(KeyStore.LoadStoreParameter) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineProbe(InputStream) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineSetCertificateEntry(String, Certificate) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineSetEntry(String, KeyStore.Entry, KeyStore.ProtectionParameter) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineSetKeyEntry(String, byte[], Certificate[]) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineSetKeyEntry(String, Key, char[], Certificate[]) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineSetParameter(String, Object) - Method in class com.bfo.netkeystore.client.NetSignatureSpi: Deprecated.
engineSetParameter(AlgorithmParameterSpec) - Method in class com.bfo.netkeystore.client.NetSignatureSpi
engineSign() - Method in class com.bfo.netkeystore.client.NetSignatureSpi
engineSign(byte[], int, int) - Method in class com.bfo.netkeystore.client.NetSignatureSpi
engineSize() - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineStore(OutputStream, char[]) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineStore(KeyStore.LoadStoreParameter) - Method in class com.bfo.netkeystore.client.NetKeyStoreSpi
engineUpdate(byte) - Method in class com.bfo.netkeystore.client.NetSignatureSpi
engineUpdate(byte[], int, int) - Method in class com.bfo.netkeystore.client.NetSignatureSpi
engineUpdate(ByteBuffer) - Method in class com.bfo.netkeystore.client.NetSignatureSpi
engineVerify(byte[]) - Method in class com.bfo.netkeystore.client.NetSignatureSpi
engineVerify(byte[], int, int) - Method in class com.bfo.netkeystore.client.NetSignatureSpi
equals(Object) - Method in class com.bfo.netkeystore.client.SignatureAlgorithm
EXPLICIT - Static variable in interface com.bfo.netkeystore.server.KeyAuthorization: The default "Explicit" KeyAuthorization that uses the password sent by the client to unlock the key

G

generateOTP(Principal, Credential, String) - Method in class com.bfo.netkeystore.server.SampleOnlineOTP: Generate and store an OTP
get(String) - Static method in class com.bfo.netkeystore.client.SignatureAlgorithm: Return the SignatureAlgorithm matching the specified name
getAccessToken() - Method in class com.bfo.netkeystore.client.OAuth2: Return the "access_token" from the OAuth2.getAuthorization() method.
getAuthorization() - Method in class com.bfo.netkeystore.client.OAuth2: Return the authorization response from the OAuth2 server, updating it if necessary - this method may block.
getAuthorization() - Method in class com.bfo.netkeystore.server.Server: Return the Authorization in use by this server, which will never be null
getCallbackHandler() - Method in class com.bfo.netkeystore.client.OAuth2: Return the CallbackHandler set by OAuth2.setCallbackHandler(javax.security.auth.callback.CallbackHandler)
getCertificates() - Method in interface com.bfo.netkeystore.server.Credential: Return a read-only certificates for this Credential
getCredential(Principal, String) - Method in class com.bfo.netkeystore.server.CredentialCollection: Return the Credential corresponding to the Principal and the cid.
getCredentials() - Method in class com.bfo.netkeystore.server.Server: Return the CredentialCollection in use by this server, which will never be null
getCredentials(Principal, String) - Method in class com.bfo.netkeystore.server.CredentialCollection: Return a list of all credential IDs associated with this principal
getInfo() - Method in interface com.bfo.netkeystore.server.Credential: Return the info map for this key that should be returned in credentials/info
getKeyAuthorization() - Method in class com.bfo.netkeystore.server.Server: Return the KeyAuthorization in use by this server, which never be null
getKeyStore() - Method in interface com.bfo.netkeystore.server.Credential: Return the KeyStore this Credential comes from.
getKeyStoreAlias() - Method in interface com.bfo.netkeystore.server.Credential: Return the name of the KeyStore this Credential comes from.
getKeyStoreName() - Method in interface com.bfo.netkeystore.server.Credential: Return the name of the KeyStore this Credential comes from.
getName() - Method in class com.bfo.netkeystore.server.Server: Return the name of the server, as set in the configuration
getName(Principal, String) - Method in interface com.bfo.netkeystore.server.Credential: Return the name this Credential is known by for the specified Principal, or null if the Principal has no access to this key
getPort() - Method in class com.bfo.netkeystore.server.Server: Return the port the Webserver is listening on, or 0 if not started.
getPrivateKey(String) - Method in interface com.bfo.netkeystore.server.Credential: Return the Private Key.
getPrivateKey(Principal, Credential, String, Json) - Method in interface com.bfo.netkeystore.server.KeyAuthorization: Return the PrivateKey from the credential, or null if the key is not unlocked
getPrivateKey(Principal, Credential, String, Json) - Method in class com.bfo.netkeystore.server.SampleOnlineOTP
getProperties() - Method in class com.bfo.netkeystore.client.OAuth2: Return a copy of the properties set in OAuth2.setProperties(java.util.Map<java.lang.String, ?>)
getRandom() - Method in class com.bfo.netkeystore.client.OAuth2: Return the Random set by OAuth2.setRandom(java.util.Random)
getRandom() - Method in class com.bfo.netkeystore.server.Server: Return the Random used by the Server, which will never be null
getRedirectURLHandler() - Method in class com.bfo.netkeystore.client.OAuth2: Return the RedirectURLHandler set by OAuth2.setRedirectURLHandler(com.bfo.netkeystore.client.OAuth2.RedirectURLHandler)
getSecret() - Method in class com.bfo.netkeystore.server.Server: Return some secret bytes that apply only to this Server
getSignatureAlgorithm(String) - Method in interface com.bfo.netkeystore.client.Server: Return the SignatureAlgorithm corresponding to the specified name, or null if none exists
getSSLContext() - Method in class com.bfo.netkeystore.client.OAuth2: Return the SSLContext set by OAuth2.setSSLContext(javax.net.ssl.SSLContext)
getURL() - Method in class com.bfo.netkeystore.server.Server: Return the URL the Webserver thinks it's listening on when running.

H

handleRedirect(OAuth2, String) - Method in interface com.bfo.netkeystore.client.OAuth2.RedirectURLHandler: Initialize a callback, which will require the user to open a web-browser to continue OAuth2 authorization
handleRedirect(OAuth2, String) - Method in class com.bfo.netkeystore.client.OAuth2.SimpleRedirectURLHandler
hashCode() - Method in class com.bfo.netkeystore.client.SignatureAlgorithm

I

IMPLICIT - Static variable in interface com.bfo.netkeystore.server.KeyAuthorization: An "Implicit" KeyAuthorization that uses the password set in the configuration file to unlock the key
initialize(HttpServer, String, Json) - Method in class com.bfo.netkeystore.server.Authorization: Initialize the HttpServer on startup.
initialize(HttpServer, String, Json) - Method in class com.bfo.netkeystore.server.BasicAuthorization
initialize(HttpServer, String, Json) - Method in interface com.bfo.netkeystore.server.KeyAuthorization: Initialize the HttpServer on startup.
initialize(HttpServer, String, Json) - Method in class com.bfo.netkeystore.server.OAuth2Authorization
initialize(HttpServer, String, Json) - Method in class com.bfo.netkeystore.server.SampleOnlineOTP
isName(String) - Method in class com.bfo.netkeystore.client.SignatureAlgorithm: Return true if this SignatureAlgorithm matches the specified name
isOTP() - Method in interface com.bfo.netkeystore.server.KeyAuthorization: Return true if this an an "OTP" key, false if it's a "PIN"
isOTP() - Method in class com.bfo.netkeystore.server.SampleOnlineOTP
isStarted() - Method in class com.bfo.netkeystore.server.Server: Return true if the Webserver is started

K

keyAlgorithm() - Method in class com.bfo.netkeystore.client.SignatureAlgorithm: Return the keyAlgorithm for this algorithm
KeyAuthorization - Interface in com.bfo.netkeystore.server: The KeyAuthorization manages the unlocking strategey for keys.
KEYSTORE_TYPE - Static variable in class com.bfo.netkeystore.client.NetProvider: The name of the KeyStore type supported by this provider, which is "NetKeyStore"

L

load() - Method in interface com.bfo.netkeystore.client.Server: Load the keystore from the Core with keys
load(InputStream) - Method in class com.bfo.netkeystore.client.NetProvider: Configure the NetProvider
login(String, String) - Method in class com.bfo.netkeystore.server.BasicAuthorization: Verify the user/password.
login(Subject, KeyStore.ProtectionParameter) - Method in interface com.bfo.netkeystore.client.Server: Login to the server.
login(Subject, CallbackHandler) - Method in class com.bfo.netkeystore.client.NetProvider
logout() - Method in class com.bfo.netkeystore.client.NetProvider
logout() - Method in interface com.bfo.netkeystore.client.Server: Log out of the server.
logout(JWT) - Method in class com.bfo.netkeystore.server.BasicAuthorization: Log out the specified user

M

main(String[]) - Static method in class com.bfo.netkeystore.server.Server
matches(Principal, Credential) - Method in class com.bfo.netkeystore.server.Authorization: Return true if the specified credential is usable by this user.
matches(Principal, Credential) - Method in class com.bfo.netkeystore.server.BasicAuthorization
matches(Principal, Credential) - Method in class com.bfo.netkeystore.server.OAuth2Authorization
matches(Principal, String) - Method in interface com.bfo.netkeystore.server.Credential: Return true if this principal has access to the specified credential id

N

name() - Method in class com.bfo.netkeystore.client.SignatureAlgorithm: Return the preferred name - the first one, or the OID if no names are specified
NAME - Static variable in class com.bfo.netkeystore.client.NetProvider: The name of this provider, which is "NetProvider"
names() - Method in class com.bfo.netkeystore.client.SignatureAlgorithm: Return the list of all names that match this algorithm
NetKeyStoreSpi - Class in com.bfo.netkeystore.client: A KeyStoreSpi that simply wraps the keys supplied by one or more Server object
NetProvider - Class in com.bfo.netkeystore.client: An AuthProvider that wraps one or more Server objects
NetProvider() - Constructor for class com.bfo.netkeystore.client.NetProvider: Create a new NetProvider
NetProvider(String) - Constructor for class com.bfo.netkeystore.client.NetProvider: Creeate a new NetProvider
NetSignatureSpi - Class in com.bfo.netkeystore.client: A SignatureSpi that defers the signing process to the Server object
notifyOTP(Principal, Credential, String, String) - Method in class com.bfo.netkeystore.server.SampleOnlineOTP: Notify the user that a new OTP has been generated, by printing a message to the console.
notifyURL(String, String) - Method in class com.bfo.netkeystore.client.OAuth2: Notify the user that they have to open a URL.

O

OAuth2 - Class in com.bfo.netkeystore.client: A standalone OAuth2 authorization class with no external dependencies that supports "authorization", "refresh", "device", "client credentials" flows.
OAuth2() - Constructor for class com.bfo.netkeystore.client.OAuth2: Create a new OAuth2
OAuth2.RedirectURLHandler - Interface in com.bfo.netkeystore.client: The interface required for an OAuth2 "authorization" flow that requires a callback from the server
OAuth2.SimpleRedirectURLHandler - Class in com.bfo.netkeystore.client: An implementation of OAuth2.RedirectURLHandler.
OAuth2Authorization - Class in com.bfo.netkeystore.server: An OAuth2 Authorization that proxies the authorization to another server, then verifies the returned token has the appropriate scope.
OAuth2Authorization() - Constructor for class com.bfo.netkeystore.server.OAuth2Authorization
oid() - Method in class com.bfo.netkeystore.client.SignatureAlgorithm: Return the OID for this algorithm
OPEN - Static variable in class com.bfo.netkeystore.server.Authorization: The open authorization that allows anyone that is allowed to connect.

R

reload() - Method in class com.bfo.netkeystore.server.Server: Reload any KeyStores

S

SampleOnlineOTP - Class in com.bfo.netkeystore.server: A simple Online OTP KeyAuthorization which could be used as the basis for a useful implementation just by overriding the "notify" method.
SampleOnlineOTP() - Constructor for class com.bfo.netkeystore.server.SampleOnlineOTP
Server - Class in com.bfo.netkeystore.server: The Server is the core class for the NetKeyStore Server package, representing a standalone webserver that presents as a Cloud Signture Consortium RSSP
Server - Interface in com.bfo.netkeystore.client: A Server represents a network-based signature provider.
Server() - Constructor for class com.bfo.netkeystore.server.Server: Create a new Server
SERVICE - Static variable in class com.bfo.netkeystore.server.Server: The ZeroConf service used by this Server, which is "_netkeystore.
setAuthorization(Map<String, ?>) - Method in class com.bfo.netkeystore.client.OAuth2: Update the OAuth2 with new authorization properties.
setCallbackHandler(CallbackHandler) - Method in class com.bfo.netkeystore.client.NetProvider
setCallbackHandler(CallbackHandler) - Method in class com.bfo.netkeystore.client.OAuth2: Set the CallbackHandler which will be called with NameCallback, PasswordCallback or TextOutputCallback object to prompt for missing client_id or client_secret, or to prompt the user to open a URL to complete authorization
setCallbackHandler(CallbackHandler) - Method in class com.bfo.netkeystore.server.Server: Set the CallbackHandler to use for passwords, or null to retrieve them from the config file
setKeyInfo(Principal, Credential, String, Json) - Method in interface com.bfo.netkeystore.server.KeyAuthorization: Populate the map in the credentials/info request with details for the supplied credential.
setKeyInfo(Principal, Credential, String, Json) - Method in class com.bfo.netkeystore.server.SampleOnlineOTP
setProperties(Map<String, ?>) - Method in class com.bfo.netkeystore.client.OAuth2: Reset the OAuth2 with new properties, and resets the Authorization properties
setRandom(Random) - Method in class com.bfo.netkeystore.client.OAuth2: Set the Random used by this object (must not be null)
setRedirectURLHandler(OAuth2.RedirectURLHandler) - Method in class com.bfo.netkeystore.client.OAuth2: Set the OAuth2.RedirectURLHandler which will be used for "authorization" flow.
setServer(Server) - Method in class com.bfo.netkeystore.server.Authorization: Set the Server this Authorization is working for
setServer(Server) - Method in class com.bfo.netkeystore.server.BasicAuthorization
setServer(Server) - Method in interface com.bfo.netkeystore.server.KeyAuthorization: Set the Server this KeyAuthorization is working for.
setServer(Server) - Method in class com.bfo.netkeystore.server.OAuth2Authorization
setServer(Server) - Method in class com.bfo.netkeystore.server.SampleOnlineOTP
setSSLContext(SSLContext) - Method in class com.bfo.netkeystore.client.OAuth2: Set the SSLContext which will be used for all network traffic
shutdown(boolean) - Method in interface com.bfo.netkeystore.client.Server: Shut down the server and prepare it for removal from the KeyStore.
sign(byte[], Signature) - Method in class com.bfo.netkeystore.client.SignatureAlgorithm: Apply the digest to the signature, which may be as simple as calling sig.update(digest);
sign(NetPrivateKey, SignatureAlgorithm, AlgorithmParameters, byte[]) - Method in interface com.bfo.netkeystore.client.Server: This calls "credentials/authorize" then "signature/hash"
SignatureAlgorithm - Class in com.bfo.netkeystore.client: A helper class representing SignatureAlgorithm, with OID, zero or more friendly names and some other helper methods.
signingAlgorithmParameterClass() - Method in class com.bfo.netkeystore.client.SignatureAlgorithm: Return the Class to use for this algorithm's AlgorithmParameterSpec, or null if it has no parameters
signingAlgorithmWithExternalDigest() - Method in class com.bfo.netkeystore.client.SignatureAlgorithm: Return the name of the Java algorithm to use when creating this Signature if an external digest is used
SimpleRedirectURLHandler() - Constructor for class com.bfo.netkeystore.client.OAuth2.SimpleRedirectURLHandler: Create a new SimpleRedirectURLHandler which will listen on HTTPS if the OAuth2 server its used with has an SSLContext, or HTTP otherwise
SimpleRedirectURLHandler(SSLContext) - Constructor for class com.bfo.netkeystore.client.OAuth2.SimpleRedirectURLHandler: Create a new SimpleRedirectURLHandler that will use the specified SSLContext to create an HTTPS listener
start() - Method in class com.bfo.netkeystore.server.Server: Start the webserver
stop() - Method in class com.bfo.netkeystore.server.Server: Stop the webserver

T

toString() - Method in class com.bfo.netkeystore.client.SignatureAlgorithm
type() - Method in class com.bfo.netkeystore.server.Authorization: Return the type of authorization that should be reported to the client: "external", "basic", "digest", "oauth2", "TLS", or "oauth2client"
type() - Method in class com.bfo.netkeystore.server.BasicAuthorization: Returns "basic"
type() - Method in class com.bfo.netkeystore.server.OAuth2Authorization: Returns "oauth2code"

V

verifyAccessToken(String) - Method in class com.bfo.netkeystore.server.OAuth2Authorization: Given an access_token from the upstream authorization server, verify its integrity (by RFC7662, or if it's a JWT ideally by verifying its signature against a public key from the server) and return the "payload" it contains, which is expected to include fields at least including "exp" and "scope".

A B C D E G H I K L M N O R S T V
All Classes and Interfaces|All Packages|Constant Field Values|Serialized Form