Java(TM) PKI API Programmer's Guide. JavaTM PKI Programmer's Guide Overview Acknowledgments Who Should Read This DocumentRelated DocumentationIntroduction Core Classes and Interfaces Basic Classes Certification Path Validation Classes Certification Path Building Classes Certificate/CRL Storage Classes PKIX Classes Implementing a Service Provider Appendix A: Standard Names Appendix B: The "SUN" Provider Appendix C: On-Line Certificate Status Protocol (OCSP) Support Overview The JavaTM Certification Path API consists of classes and interfaces for handling certification paths (also known as "certificate chains").
This API defines interfaces and abstract classes for creating, building, and validating certification paths. The API also includes algorithm-specific classes for building and validating X.509 certification paths according to the PKIX standards. This API was originally specified using the Java Community ProcessSM program as JavaTM Specification Request (JSR) 000055. Figure 1: Certification Path Core Classes and Interfaces. Bouncycastle.org. Documentation The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms, it was developed by the Legion of the Bouncy Castle - with a little help!
The Legion also gratefully acknowledges the contributions made to this package by others. The package is organised so that it contains a light-weight API suitable for use in any environment (including the newly released J2ME) with the additional infrastructure to conform the algorithms to the JCE framework. Except where otherwise stated, this software is distributed under a license based on the MIT X Consortium license.
To view the license, see here. To view some examples, look at the test programs in the packages: Overview (Bouncy Castle Library 1.48 API Specification) Bouncycastle.org. Some general Java cryptography resources, which you may, or may not, find helpful.
If you have an article, book, or project you would like to see added below send a message to feedback-crypto@bouncycastle.org Complimentary Packages EJBCA EJBCA is a fully functional Certificate Authority using J2EE technology. EJBCA builds on the J2EE platform to create a robust, high performance, platform independent, flexible, and component based CA to be used standalone or integrated in any J2EE app. Novosec Extensions This package provides the following pure Java extensions to the Bouncy Castle framework and has been made freely available by www.novosec.com: OCSP (RFC 2560) server and client CMP (RFC 2510, RFC 2511) generator and parser. JCE taglib A JSP tag library with cryptographic funtions and X.509 certificate generation based on BouncyCastle JCE. LightCrypto A library of cryptographic functions based on the lightweight API, including some functions for use with HSQLDB embeddable database. Articles. ASN.1 - Structured Types. ASN.1 Previous: Simple Types Up: Built-in Types Next: Tagged Structured Types ASN.1's built-in structured types are shown in the following Table.
The universal class number (tag) and a typical use of each type are also included. Table: Structured types in ASN.1, their universal tags, and uses. * indicates more than one tag. For a full list of Universal Tags, see the Universal Tags page. Type SEQUENCE is an ordered list of zero or more component types. . { airline "American", flight "1106", seats { 320, 107, 213 }, airport { origin "BWI", destination "LAX" }, crewsize 10 } or { "American", "1106", { 320, 107, 213 }, { "BWI", "LAX" }, 10 } represent the same instance of the sequence type This instance of AirlineFlight indicates that American Airlines flight 1106 flies non-stop from Baltimore-Washington Airport to Los Angeles.
Type SEQUENCE OF is similar to SEQUENCE, except that all values in the ordered list must be of the same type. {"Maggie", 4, TRUE} {TRUE, "Maggie", 4} {4, TRUE,"Maggie"} and. Handbook: The Bouncy Castle ASN.1 API. The Bouncy Castle ASN.1 API evolved to deal with the ASN.1 binary encoding and binary decoding requirements of the other Bouncy Castle APIs and the provider implementation.
As such, although it does not represent a full implementation of ASN.1, it does cover most of the issues that seem to arrive when dealing with cryptographic protocols and structures. The main package for the API is org.bouncycastle.asn1, and there are a variety of packages off org.bouncycastle.asn1 that contain classes for assisting with the implementation of various message and data formats. Overview (Bouncy Castle Library 1.48 API Specification) Security - How does ASN.1 encode an object identifier. ASN.1.