Oracle Fusion Middleware Reference for Oracle Security Developer ?· Oracle® Fusion Middleware Reference…

Download Oracle Fusion Middleware Reference for Oracle Security Developer ?· Oracle® Fusion Middleware Reference…

Post on 12-Sep-2018

214 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

<ul><li><p>Oracle Fusion MiddlewareReference for Oracle Security Developer Tools </p><p>11g Release 1 (11.1.1) </p><p>E10037-02</p><p>October 2009</p></li><li><p>Oracle Fusion Middleware Reference for Oracle Security Developer Tools, 11g Release 1 (11.1.1) </p><p>E10037-02</p><p>Copyright 2005, 2009, Oracle and/or its affiliates. All rights reserved.</p><p>Primary Author: Vinaye Misra</p><p>Contributing Authors: Marc Chanliau, Pratik Datta, Ari Kermaier, Lakshmi Kethana, Valarie Moore, Vamsi Motukuru, Gary Truong</p><p>This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.</p><p>The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.</p><p>If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:</p><p>U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle USA, Inc., 500 Oracle Parkway, Redwood City, CA 94065.</p><p>This software is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications which may create a risk of personal injury. If you use this software in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure the safe use of this software. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software in dangerous applications.</p><p>Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.</p><p>This software and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.</p></li><li><p>iii</p><p>Contents</p><p>Preface .............................................................................................................................................................. xvii</p><p>Intended Audience................................................................................................................................... xviiDocumentation Accessibility .................................................................................................................. xviiRelated Documents ................................................................................................................................. xviiiConventions ............................................................................................................................................. xviii</p><p> Whats New in Oracle Security Developer Tools? ................................................................ xix</p><p>New Features for Release 11g (11.1.1) .................................................................................................... xixOracle SAML Changes.............................................................................................................................. xix</p><p>1 Introduction to Oracle Security Developer Tools</p><p>Cryptography ............................................................................................................................................ 1-1Types of Cryptographic Algorithms ............................................................................................... 1-2</p><p>Symmetric Cryptographic Algorithms .................................................................................... 1-2Asymmetric Cryptographic Algorithms ................................................................................. 1-3Hash Functions............................................................................................................................ 1-3</p><p>Additional Cryptography Resources .............................................................................................. 1-3Public Key Infrastructure (PKI)............................................................................................................. 1-3</p><p>Key Pairs.............................................................................................................................................. 1-4Certificate Authority.......................................................................................................................... 1-4Digital Certificates.............................................................................................................................. 1-4Related PKI Standards....................................................................................................................... 1-4Benefits of PKI .................................................................................................................................... 1-6</p><p>Web Services Security.............................................................................................................................. 1-6SAML .......................................................................................................................................................... 1-7</p><p>SAML Assertions................................................................................................................................ 1-7SAML Requests and Responses ....................................................................................................... 1-8</p><p>SAML Request and Response Cycle ........................................................................................ 1-8SAML Protocol Bindings and Profiles ..................................................................................... 1-9SAML and XML Security........................................................................................................... 1-9</p><p>Federation ............................................................................................................................................... 1-10Overview of Oracle Security Developer Tools ................................................................................ 1-10</p><p>Toolkit Architecture........................................................................................................................ 1-10Supported Standards ...................................................................................................................... 1-13Oracle Crypto................................................................................................................................... 1-14</p></li><li><p>iv</p><p>Oracle Security Engine ................................................................................................................... 1-14Oracle CMS ...................................................................................................................................... 1-15Oracle S/MIME ............................................................................................................................... 1-15Oracle PKI SDK ............................................................................................................................... 1-15</p><p>Oracle PKI LDAP SDK ............................................................................................................ 1-15Oracle PKI TSP SDK ................................................................................................................ 1-16Oracle PKI OCSP SDK............................................................................................................. 1-16Oracle PKI CMP SDK .............................................................................................................. 1-16</p><p>Oracle XML Security....................................................................................................................... 1-16Oracle SAML.................................................................................................................................... 1-17Oracle Web Services Security ........................................................................................................ 1-17Oracle Liberty SDK ......................................................................................................................... 1-17Oracle XKMS.................................................................................................................................... 1-17</p><p>2 Migrating to the JCE Framework </p><p>The JCE Framework ................................................................................................................................. 2-1JCE Keys ..................................................................................................................................................... 2-2</p><p>Converting an Existing Key Object to a JCE Key Object .............................................................. 2-2JCE Certificates ......................................................................................................................................... 2-4</p><p>Switching to a JCE Certificate........................................................................................................... 2-4JCE Certificate Revocation Lists (CRLs) .............................................................................................. 2-4JCE Keystores ............................................................................................................................................ 2-5</p><p>Working with standard KeyStore-type Wallets ............................................................................ 2-5Working with PKCS12 and PKCS8 Wallets ................................................................................... 2-6</p><p>3 Oracle Crypto </p><p>Oracle Crypto Features and Benefits .................................................................................................... 3-1Oracle Crypto Packages .................................................................................................................... 3-2</p><p>Setting Up Your Oracle Crypto Environment ..................................................................................... 3-2System Requirements for Oracle Crypto ........................................................................................ 3-2Setting the CLASSPATH Environment Variable........................................................................... 3-2</p><p>Setting the CLASSPATH on Windows .................................................................................... 3-2Setting the CLASSPATH on UNIX .......................................................................................... 3-2</p><p>Core Classes and Interfaces .................................................................................................................... 3-3Keys...................................................................................................................................................... 3-3</p><p>The oracle.security.crypto.core.Key Interface......................................................................... 3-3The oracle.security.crypto.core.PrivateKey Interface ............................................................ 3-3The oracle.security.crypto.core.PublicKey Interface ............................................................. 3-3The oracle.security.crypto.core.SymmetricKey Class............................................................ 3-3</p><p>Key Generation................................................................................................................................... 3-3The oracle.security.crypto.core.KeyPairGenerator Class...................................................... 3-4The oracle.security.crypto.core.SymmetricKeyGenerator Class.......................................... 3-4</p><p>Ciphers................................................................................................................................................. 3-5Symmetric Ciphers ..................................................................................................................... 3-5The RSA Cipher........................................................................................................................... 3-6Password Based Encryption...................................................................................................... 3-7</p><p>Signatures ............................................................................................................................................ 3-7</p></li><li><p>v</p><p>Message Digests ................................................................................................................................. 3-8The oracle.security.crypto.core.MessageDigest Class ........................................................... 3-8The oracle.security.crypto.core.MAC Class ............................................................................ 3-9</p><p>Key Agreement................................................................................................................................... 3-9Pseudo-Random Number Generators.......................................................................................... 3-10</p><p>The oracle.security.crypto.core.RandomBitsSource class .................................................. 3-10The oracle.security.crypto.core.EntropySource class ......................................................... 3-10</p><p>The Oracle Crypto Java API Ref...</p></li></ul>

Recommended

View more >