GISBSender Class

Properties   Methods   Events   Config Settings   Errors  

The GISBSender class implements an GISB / EDM client.

Syntax

ipworksedi.Gisbsender

Remarks

The GISBSender component is used to send EDI or other documents using the GISB (Gas Industry Standards Board) / NAESB (North American Energy Standards Board) EDM (Electronic Delivery Mechanism) protocol.

When sending an EDI message, the client should specify, at a minimum, DataFrom, DataTo, URL, Data, and EDIType. The Post method should then be invoked.

Basic Features: GISB Versions 1.4 and above

Security is provided via the use of PGP. If you want to sign and/or encrypt your message set the SignData and EncryptData properties to true. The class does not itself implement PGP, instead it uses a

The following table defines possible values that may be passed to the SetPGPParam.

homedirThe directory containing the public keyring, secret keyring and trust database. Please note this defaults to the application preferences directory of the user, hence if the GNUPG provider is being used from a ASP.NET application, homedir should be specified.
passphraseThe passphrase to access the secret keys in the secret-keyring.
useridThe identifier used to identify a secret key within the secret-keyring. Note: When decrypting if this value is not specified the class will attempt to find the key within the keyring automatically based on information available in the PGP message itself.
recipient-useridThe identifier used to identify a public key within the public keyring. Note: When verifying a signature if this value is not specified the class will attempt to find the key within the keyring automatically based on information available in the PGP message itself.
timeoutThe timeout in milliseconds that the provider will wait for a response from the OpenPGP executable. The default is 5000 (5 seconds).
usetempfileIf set to "true" the provider will write data to be processed to a temporary file on disk. This is useful when working with large files or binary files.
signingalgorithmThe signing algorithm to use when SignData is True. Possible values are:
  • SHA1
  • MD5
  • SHA256 (default)
  • SHA384
  • SHA512
  • SHA224
  • RIPEMD160
encryptingalgorithmThe encrypting algorithm to use when EncryptData is True. Possible values are:
  • CAST5
  • 3DES
  • AES256
  • AES192
  • AES128 (default)
  • BLOWFISH
  • TWOFISH
  • IDEA
compressionmethodThe compression method to use. Possible values are:
  • zip (default)
  • zlib
  • bzip2
  • none
to allow you to process the PGP data with a library of your choice.

TLS/SSL will also be used if the scheme in URL is "https". In case your trading partner is using a self-signed certificate you may set SSLAcceptServerCert or trap the SSLServerAuthentication event to accept the certificate.

After you Post the server will issue a brief reply. If the server indicates some sort of an error an exception will be thrown. However, the absence of an error message does not necessarily mean that the server was able to read the EDI data. The server may attempt to process the data after closing the connection; if it finds an error it might send a separate error notification which may be processed by the GISBReceiver component.

Extended Security Options: NAESB Version 1.6

Version 1.6 of the NAESB/GISB protocol includes extensions to allow additional security. Like the AS2 protocol, version 1.6 allows for the use of receipts.

To request a receipt, set the ReceiptTo property. The ReceiptType and ReceiptSecurity properties may be used to customize the receipt request; by default, the class will request a GISB-Acknowledgement-Receipt signed over an SHA-1 hash. The receipt will be returned in the HTTP reply, and will automatically be verified by the class.

Property List


The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

CookiesThis property includes a collection of cookies.
DataElementsCollection of extra data elements for the outgoing request.
DataFromThe identity of the sending system.
DataToThe identity of the receiving system.
EncryptDataWhether or not to encrypt the data.
FirewallA set of properties related to firewall access.
GISBDataThe EDI Payload of the message.
GISBVersionThe version of GISB/NAESB being used.
LocalHostThe name of the local host or user-assigned IP interface through which connections are initiated or accepted.
LogDirectoryThe path to a directory for logging.
LogFileThe log file written.
ProxyThis property includes a set of properties related to proxy access.
PublicKeyringDataPublic keyring data.
ReceiptSecurity[1.6] Used to indicate the security options requested for the receipt.
ReceiptSigningProtocol[1.6] Indicates the protocol used to sign the receipt.
ReceiptTo[1.6] Used to request a receipt.
ReceiptType[1.6] The type of receipt requested.
ReplyHeadersThe HTTP headers provided for the Response .
RequestStatusThe status of the request.
ResponseContentThe response returned from the server.
SecretKeyringDataSecret keyring data.
SignDataWhether or not to sign the data.
SSLAcceptServerCertInstructs the class to unconditionally accept the server certificate that matches the supplied certificate.
SSLCertThe certificate to be used during SSL negotiation.
SSLProviderThis specifies the SSL/TLS implementation to use.
SSLServerCertThe server certificate for the last established connection.
SubjectThe subject of the message.
TimeoutA timeout for the class.
TransactionIdThe transaction ID of the message.
URLThe URL to post to.
UserAgentInformation about the user agent.

Method List


The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

ConfigSets or retrieves a configuration setting.
DoEventsProcesses events from the internal message queue.
PostPost data to the server, and check the receipt.
ResetResets the state of the control.
SetPGPParamSets a parameter in the PGP provider.
SetUploadStreamSets the stream to be uploaded to the server.

Event List


The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

ConnectedThis event is fired immediately after a connection completes (or fails).
DisconnectedThis event is fired when a connection is closed.
EndTransferThis event is fired when a document finishes transferring.
ErrorInformation about errors during data delivery.
HeaderThis event is fired every time a header line comes in.
LogFired with log information while processing a message.
SetCookieThis event is fired for every cookie set by the server.
SSLServerAuthenticationFired after the server presents its certificate to the client.
SSLStatusShows the progress of the secure connection.
StartTransferThis event is fired when a document starts transferring (after the headers).
TransferThis event is fired while a document transfers (delivers document).

Config Settings


The following is a list of config settings for the class with short descriptions. Click on the links for further details.

AllowOldPacketTypeWhether to allow the older encrypted packet type.
AuthorizationThe Authorization string to be sent to the server.
AuthSchemeThe authorization scheme to be used when server authorization is to be performed.
ForceV3SignatureWhether to use v3 signatures.
LogFilenameThe base name of the log file.
LogLevelSpecifies the level of detail that is logged.
PasswordA password if authentication is to be used.
PGPCombineSignAndEncryptWhether to sign and encrypt in a single step or not.
UserA user name if authentication is to be used.
BuildInfoInformation about the product's build.
GUIAvailableTells the class whether or not a message loop is available for processing events.
LicenseInfoInformation about the current license.
MaskSensitiveWhether sensitive data is masked in log messages.
UseDaemonThreadsWhether threads created by the class are daemon threads.
UseFIPSCompliantAPITells the class whether or not to use FIPS certified APIs.
UseInternalSecurityAPITells the class whether or not to use the system security libraries or an internal implementation.

Cookies Property (GISBSender Class)

This property includes a collection of cookies.

Syntax


public HTTPCookieList getCookies();


public void setCookies(HTTPCookieList cookies);

Remarks

This property contains a collection of cookies. To add cookies to outgoing HTTP requests, add cookies (of type HTTPCookie) to this collection.

To see cookies that are set by the server, use the SetCookie event, which displays the cookies and their properties as set by the server. Those cookies also are added to Cookies.

MaxHTTPCookies can be used to control the maximum number of cookies saved.

This collection is indexed from 0 to size -1.

This property is not available at design time.

Please refer to the HTTPCookie type for a complete list of fields.

DataElements Property (GISBSender Class)

Collection of extra data elements for the outgoing request.

Syntax


public GISBElementList getDataElements();


public void setDataElements(GISBElementList dataElements);

Remarks

When you Post to the server the data elements in DataElements will be added to the standard data elements and included with the request.

The following data elements are configured using the appropriate properties, will be added automatically by the class, and should not be included in DataElements:

from, to, receipt-disposition-to, receipt-report-type, input-format, input-data, receipt-security-selection.

This property is not available at design time.

Please refer to the GISBElement type for a complete list of fields.

DataFrom Property (GISBSender Class)

The identity of the sending system.

Syntax


public String getDataFrom();


public void setDataFrom(String dataFrom);

Default Value

""

Remarks

Will generally be the DUNS number of the sending trading partner. Required.

DataTo Property (GISBSender Class)

The identity of the receiving system.

Syntax


public String getDataTo();


public void setDataTo(String dataTo);

Default Value

""

Remarks

Will generally be the DUNS number of the receiving trading partner. Required.

EncryptData Property (GISBSender Class)

Whether or not to encrypt the data.

Syntax


public boolean isEncryptData();


public void setEncryptData(boolean encryptData);

Default Value

False

Remarks

If true, then the data will be encrypted before sending to the server.

Firewall Property (GISBSender Class)

A set of properties related to firewall access.

Syntax


public Firewall getFirewall();


public void setFirewall(Firewall firewall);

Remarks

This is a Firewall type property which contains fields describing the firewall through which the class will attempt to connect.

Please refer to the Firewall type for a complete list of fields.

GISBData Property (GISBSender Class)

The EDI Payload of the message.

Syntax


public GISBData getGISBData();


public void setGISBData(GISBData GISBData);

Remarks

The EDI Payload of the message.

This property is not available at design time.

Please refer to the GISBData type for a complete list of fields.

GISBVersion Property (GISBSender Class)

The version of GISB/NAESB being used.

Syntax


public String getGISBVersion();


public void setGISBVersion(String GISBVersion);

Default Value

"1.6"

Remarks

The version of the GISB/NAESB EDM being used. Supported values are "1.4", "1.6", "2.0", and "2.1". Note that requesting a receipt is only supported in version 1.6 and up.

LocalHost Property (GISBSender Class)

The name of the local host or user-assigned IP interface through which connections are initiated or accepted.

Syntax


public String getLocalHost();


public void setLocalHost(String localHost);

Default Value

""

Remarks

The LocalHost property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multi-homed hosts (machines with more than one IP interface) setting LocalHost to the value of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface.

If the class is connected, the LocalHost property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multi-homed hosts (machines with more than one IP interface).

NOTE: LocalHost is not persistent. You must always set it in code, and never in the property window.

The LocalHost property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multi-homed hosts (machines with more than one IP interface) setting LocalHost to the value of an interface will make the class initiate connections (or accept in the case of server classs) only through that interface.

If the class is connected, the LocalHost property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multi-homed hosts (machines with more than one IP interface).

NOTE: LocalHost is not persistent. You must always set it in code, and never in the property window.

LogDirectory Property (GISBSender Class)

The path to a directory for logging.

Syntax


public String getLogDirectory();


public void setLogDirectory(String logDirectory);

Default Value

""

Remarks

Setting LogDirectory will instruct the component to log the details of each transmission to unique files in the specified directory. For each request processed, the class will log the original EDI data, the complete text of the outgoing request and the incoming response.

The class will write a single file for each transmission, with extension ".log". In case of error an additional file will be written with extension ".err", and the error will be reported in both files.

The filenames will be chosen automatically by the class. Each filename will be the system time, in the format YYYY-MM-DD-HH-MM-SS-MMMM, with extensions "-2", "-3", used in case files of those names already exist. After each transaction is processed LogFile will contain the name of the files just written, minus the extension ".log" or ".err".

If logs cannot be written an exception will be thrown.

LogFile Property (GISBSender Class)

The log file written.

Syntax


public String getLogFile();


Default Value

""

Remarks

In case LogDirectory is specified a log file will be written in the specified directory and LogFile will contain the path. A diagnostic log will be written with filename LogFile + ".log", and in case of error, an additional file will be written with filename LogFile + ".dat".

This property is read-only.

Proxy Property (GISBSender Class)

This property includes a set of properties related to proxy access.

Syntax


public Proxy getProxy();


public void setProxy(Proxy proxy);

Remarks

This property contains fields describing the proxy through which the class will attempt to connect.

Please refer to the Proxy type for a complete list of fields.

PublicKeyringData Property (GISBSender Class)

Public keyring data.

Syntax


public byte[] getPublicKeyringData();


public void setPublicKeyringData(byte[] publicKeyringData);

Default Value

""

Remarks

This property allows the public keyring data to be specific in the form of a byte array. Use this in conjunction with SecretKeyringData and the keyring will be loaded from this data instead of the homedir.

ReceiptSecurity Property (GISBSender Class)

[1.6] Used to indicate the security options requested for the receipt.

Syntax


public String getReceiptSecurity();


public void setReceiptSecurity(String receiptSecurity);

Default Value

"signed-receipt-protocol=optional, pgp-signature; signed-receipt-micalg=optional, sha1, md5"

Remarks

Only supported for Version 1.6.

By default, the class will request that the receipt be signed with a PGP signature over an SHA1 or MD5 hash (if these algorithms are supported by the server).

Set ReceiptSecurity to an empty string to request an unsigned receipt.

The string format is that of the Disposition-notification-options HTTP header, as specified in RFC 3335.

ReceiptSigningProtocol Property (GISBSender Class)

[1.6] Indicates the protocol used to sign the receipt.

Syntax


public String getReceiptSigningProtocol();


Default Value

""

Remarks

Only supported for Version 1.6.

This property will be populated after a receipt is received from the server and validated. It will contain the MIME type of the signature used, if any (i.e., "application/pgp-signature"). It will contain an empty string if the receipt is unsigned.

This property is read-only.

ReceiptTo Property (GISBSender Class)

[1.6] Used to request a receipt.

Syntax


public String getReceiptTo();


public void setReceiptTo(String receiptTo);

Default Value

""

Remarks

Only supported for Version 1.6.

If this property is set, a Receipt-Notification-To form variable will be added to the request, and a receipt will be requested. Generally this should be the same as DataFrom.

By default, the class will request a GISB-Acknowledgement-Receipt, signed with PGP and delivered synchronously in the HTTP reply. You may set ReceiptSecurity to request a different type of signature, or no signature at all.

ReceiptType Property (GISBSender Class)

[1.6] The type of receipt requested.

Syntax


public String getReceiptType();


public void setReceiptType(String receiptType);

Default Value

"gisb-acknowledgement-receipt"

Remarks

Only supported for Version 1.6.

If ReceiptTo is set, the class will request a receipt of the indicated type. Note that the only type of receipt readable by the class is a gisb-acknowledgement-receipt, and only if using version 1.6 of the GISB/NAESB protocol.

The security settings for the receipt (signed or unsigned) may be configured by setting ReceiptSecurity.

ReplyHeaders Property (GISBSender Class)

The HTTP headers provided for the Response .

Syntax


public String getReplyHeaders();


Default Value

""

Remarks

The HTTP headers provided for the Response.

This property is read-only.

RequestStatus Property (GISBSender Class)

The status of the request.

Syntax


public String getRequestStatus();


Default Value

"ok"

Remarks

RequestStatus will be determined from the server response after a Post. If the request status is anything other than "ok" the class will throw an exception. Note that servers are not required to process data immediately, and a RequestStatus of "ok" is not a guarantee that the server was able to process your data.

The following is the complete list of error codes defined by the GISB 1.4 and NAESB 1.6 specifications.

The following is the complete list of error codes defined by the GISB 1.4 and NAESB 1.6 specification. Error codes only defined in version 1.6 are notated with "1.6" below, and errors that will be detected and reported automatically by the GISBReceiver class are indicated with an asterisk.

The following is the complete list of error codes defined by the GISB 1.4 specification.

EEDM100*: Missing From Common Code Identifier Code

EEDM101*: Missing To Common Code Identifier Code

EEDM102*: Missing Input Format

EEDM103*: Missing Data File

EEDM104: Missing Transaction Set

EEDM105: Invalid From Common Code Identifier

EEDM106: Invalid To Common Code Identifier

EEDM107: Invalid Input Format

EEDM108: Invalid Transaction Set

EEDM109: No Parameters Supplied

EEDM110: (1.6) Invalid "version"

EEDM111: (1.6) Missing "version"

EEDM112: (1.6) "receipt-security-selection" not mutually agreed

EEDM113*: (1.6) Invalid "receipt-security-selection"

EEDM114: (1.6) Missing "receipt-disposition-to"

EEDM115: (1.6) Invalid "receipt-disposition-to"

EEDM116: (1.6) Missing "receipt-report-type"

EEDM117: (1.6) Invalid "receipt-report-type"

EEDM118: (1.6) Missing "receipt-security-selection"

EEDM119: (1.6) Mutually agreed element, refnum, not present

EEDM601: Public Key Invalid

EEDM602: File Not Encrypted

EEDM603: Encrypted File Truncated

EEDM604*: Encrypted File Not Signed Or Signature Not Matched

EEDM699: Decryption Error

EEDM701: EDM Party Not Associated With EDI Party

EEDM702: Data Structure Error

EEDM703: Data Set Exchange Not Established For Trading Partner

EEDM999: System Error

WEDM100: Transaction Set Sent Not Mutually Agreed

WEDM102: (1.6) "receipt-security-selection" not mutually agreed

WEDM103: (1.6) Missing "receipt-security-selection"

WEDM104: (1.6) Element refnum received; not mutually agreed; ignored

This property is read-only.

ResponseContent Property (GISBSender Class)

The response returned from the server.

Syntax


public byte[] getResponseContent();


Default Value

""

Remarks

This property will be populated after a response is received from the server. If a receipt was requested this property will contain the receipt; otherwise this property will contain at least a small bit of HTML describing whether or not the transmission succeeded.

In case the receipt was signed, ResponseContent will contain the unsigned receipt, together with its MIME headers.

Note that if a signature was requested but an unsigned receipt is received the class will throw an exception.

This property is read-only.

SecretKeyringData Property (GISBSender Class)

Secret keyring data.

Syntax


public byte[] getSecretKeyringData();


public void setSecretKeyringData(byte[] secretKeyringData);

Default Value

""

Remarks

This property allows the secret keyring data to be specific in the form of a byte array. Use this in conjunction with PublicKeyringData and the keyring will be loaded from this data instead of the homedir.

SignData Property (GISBSender Class)

Whether or not to sign the data.

Syntax


public boolean isSignData();


public void setSignData(boolean signData);

Default Value

False

Remarks

If true, then the data will be signed before sending to the server.

SSLAcceptServerCert Property (GISBSender Class)

Instructs the class to unconditionally accept the server certificate that matches the supplied certificate.

Syntax


public Certificate getSSLAcceptServerCert();


public void setSSLAcceptServerCert(Certificate SSLAcceptServerCert);

Remarks

If it finds any issues with the certificate presented by the server, the class will normally terminate the connection with an error.

You may override this behavior by supplying a value for SSLAcceptServerCert. If the certificate supplied in SSLAcceptServerCert is the same as the certificate presented by the server, then the server certificate is accepted unconditionally, and the connection will continue normally.

Please note that this functionality is provided only for cases where you otherwise know that you are communicating with the right server. If used improperly, this property may create a security breach. Use it at your own risk.

Please refer to the Certificate type for a complete list of fields.

SSLCert Property (GISBSender Class)

The certificate to be used during SSL negotiation.

Syntax


public Certificate getSSLCert();


public void setSSLCert(Certificate SSLCert);

Remarks

The digital certificate that the class will use during SSL negotiation. Set this property to a valid certificate before starting SSL negotiation. To set a certificate, you may set the Encoded field to the encoded certificate. To select a certificate, use the store and subject fields.

Please refer to the Certificate type for a complete list of fields.

SSLProvider Property (GISBSender Class)

This specifies the SSL/TLS implementation to use.

Syntax


public int getSSLProvider();


public void setSSLProvider(int SSLProvider);


Enumerated values:
  public final static int sslpAutomatic = 0;
  public final static int sslpPlatform = 1;
  public final static int sslpInternal = 2;

Default Value

0

Remarks

This property specifies the SSL/TLS implementation to use. In most cases the default value of 0 (Automatic) is recommended and should not be changed. When set to 0 (Automatic) the class will select whether to use the platform implementation or the internal implementation depending on the operating system as well as the TLS version being used.

Possible values are:

0 (sslpAutomatic - default)Automatically selects the appropriate implementation.
1 (sslpPlatform) Uses the platform/system implementation.
2 (sslpInternal) Uses the internal implementation.
Additional Notes

In most cases using the default value (Automatic) is recommended. The class will select a provider depending on the current platform.

When Automatic is selected the platform implementation is used by default. When TLS 1.3 is enabled via SSLEnabledProtocols the internal implementation is used.

SSLServerCert Property (GISBSender Class)

The server certificate for the last established connection.

Syntax


public Certificate getSSLServerCert();


Remarks

SSLServerCert contains the server certificate for the last established connection.

SSLServerCert is reset every time a new connection is attempted.

This property is read-only.

Please refer to the Certificate type for a complete list of fields.

Subject Property (GISBSender Class)

The subject of the message.

Syntax


public String getSubject();


public void setSubject(String subject);

Default Value

""

Remarks

The optional human-readable subject of the message.

Timeout Property (GISBSender Class)

A timeout for the class.

Syntax


public int getTimeout();


public void setTimeout(int timeout);

Default Value

60

Remarks

If the Timeout property is set to 0, all operations will run uninterrupted until successful completion or an error condition is encountered.

If Timeout is set to a positive value, the class will wait for the operation to complete before returning control.

The class will use DoEvents to enter an efficient wait loop during any potential waiting period, making sure that all system events are processed immediately as they arrive. This ensures that the host application does not "freeze" and remains responsive.

If Timeout expires, and the operation is not yet complete, the class throws an exception.

Please note that by default, all timeouts are inactivity timeouts, i.e. the timeout period is extended by Timeout seconds when any amount of data is successfully sent or received.

The default value for the Timeout property is 60 seconds.

TransactionId Property (GISBSender Class)

The transaction ID of the message.

Syntax


public String getTransactionId();


Default Value

""

Remarks

A unique ID for the transaction. In GISB the TransactionId will be generated by the server, so this property will be populated whenever you receive a response from the server.

This property is read-only.

URL Property (GISBSender Class)

The URL to post to.

Syntax


public String getURL();


public void setURL(String URL);

Default Value

""

Remarks

SSL will be used if and only if the URL scheme is "https". Note that generally signed, unencrypted messages would be sent using SSL, as encrypting the message would be redundant.

UserAgent Property (GISBSender Class)

Information about the user agent.

Syntax


public String getUserAgent();


public void setUserAgent(String userAgent);

Default Value

"IPWorks EDI GISBSender Component - www.nsoftware.com"

Remarks

Override the default with the name and version of your software.

Config Method (Gisbsender Class)

Sets or retrieves a configuration setting.

Syntax

public String config(String configurationString);

Remarks

Config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

DoEvents Method (Gisbsender Class)

Processes events from the internal message queue.

Syntax

public void doEvents();

Remarks

When DoEvents is called, the class processes any available events. If no events are available, it waits for a preset period of time, and then returns.

Post Method (Gisbsender Class)

Post data to the server, and check the receipt.

Syntax

public void post();

Remarks

Post will generate the request and post it to the server. The reply will be checked; if a receipt was requested it will be validated, and any response will be checked for error messages.

Reset Method (Gisbsender Class)

Resets the state of the control.

Syntax

public void reset();

Remarks

Resets all HTTP headers as well as EDIData, etc. After invoking this method the class may be reused as if it were newly created.

SetPGPParam Method (Gisbsender Class)

Sets a parameter in the PGP provider.

Syntax

public void setPGPParam(String name, String value);

Remarks

Invoke SetPGPParam to set parameters of your PGP provider. Please refer to the documentation provided with the PGP provider for the parameters required.

The following table defines possible values that may be passed to the SetPGPParam.

homedirThe directory containing the public keyring, secret keyring and trust database. Please note this defaults to the application preferences directory of the user, hence if the GNUPG provider is being used from a ASP.NET application, homedir should be specified.
passphraseThe passphrase to access the secret keys in the secret-keyring.
useridThe identifier used to identify a secret key within the secret-keyring. Note: When decrypting if this value is not specified the class will attempt to find the key within the keyring automatically based on information available in the PGP message itself.
recipient-useridThe identifier used to identify a public key within the public keyring. Note: When verifying a signature if this value is not specified the class will attempt to find the key within the keyring automatically based on information available in the PGP message itself.
timeoutThe timeout in milliseconds that the provider will wait for a response from the OpenPGP executable. The default is 5000 (5 seconds).
usetempfileIf set to "true" the provider will write data to be processed to a temporary file on disk. This is useful when working with large files or binary files.
signingalgorithmThe signing algorithm to use when SignData is True. Possible values are:
  • SHA1
  • MD5
  • SHA256 (default)
  • SHA384
  • SHA512
  • SHA224
  • RIPEMD160
encryptingalgorithmThe encrypting algorithm to use when EncryptData is True. Possible values are:
  • CAST5
  • 3DES
  • AES256
  • AES192
  • AES128 (default)
  • BLOWFISH
  • TWOFISH
  • IDEA
compressionmethodThe compression method to use. Possible values are:
  • zip (default)
  • zlib
  • bzip2
  • none

SetUploadStream Method (Gisbsender Class)

Sets the stream to be uploaded to the server.

Syntax

public void setUploadStream(java.io.InputStream uploadStream);

Remarks

If you specify EDIData the data will be taken from there instead. Otherwise the contents of the stream will be written to EDIData before transmission. The stream should be open and normally set to position 0.

The class will automatically close this stream if CloseStreamAfterTransfer is true (default). If the stream is closed, you will need to call SetUploadStream again before the next send.

The content of the stream will be read from the current position all the way to the end.

Connected Event (Gisbsender Class)

This event is fired immediately after a connection completes (or fails).

Syntax

public class DefaultGisbsenderEventListener implements GisbsenderEventListener {
  ...
  public void connected(GisbsenderConnectedEvent e) {}
  ...
}

public class GisbsenderConnectedEvent {
  public int statusCode;
  public String description;
}

Remarks

If the connection is made normally, StatusCode is 0 and Description is "OK".

If the connection fails, StatusCode has the error code returned by the Transmission Control Protocol (TCP)/IP stack. Description contains a description of this code. The value of StatusCode is equal to the value of the error.

Please refer to the Error Codes section for more information.

Disconnected Event (Gisbsender Class)

This event is fired when a connection is closed.

Syntax

public class DefaultGisbsenderEventListener implements GisbsenderEventListener {
  ...
  public void disconnected(GisbsenderDisconnectedEvent e) {}
  ...
}

public class GisbsenderDisconnectedEvent {
  public int statusCode;
  public String description;
}

Remarks

If the connection is broken normally, StatusCode is 0 and Description is "OK".

If the connection is broken for any other reason, StatusCode has the error code returned by the Transmission Control Protocol (TCP/IP) subsystem. Description contains a description of this code. The value of StatusCode is equal to the value of the TCP/IP error.

Please refer to the Error Codes section for more information.

EndTransfer Event (Gisbsender Class)

This event is fired when a document finishes transferring.

Syntax

public class DefaultGisbsenderEventListener implements GisbsenderEventListener {
  ...
  public void endTransfer(GisbsenderEndTransferEvent e) {}
  ...
}

public class GisbsenderEndTransferEvent {
  public int direction;
}

Remarks

The EndTransfer event is fired first when the client finishes sending data to the server (in a POST or PUT request) and then when the document text finishes transferring from the server to the local host.

The Direction parameter shows whether the client (0) or the server (1) is sending the data.

Error Event (Gisbsender Class)

Information about errors during data delivery.

Syntax

public class DefaultGisbsenderEventListener implements GisbsenderEventListener {
  ...
  public void error(GisbsenderErrorEvent e) {}
  ...
}

public class GisbsenderErrorEvent {
  public int errorCode;
  public String description;
}

Remarks

The Error event is fired in case of exceptional conditions during message processing. Normally the class throws an exception.

ErrorCode contains an error code and Description contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

Header Event (Gisbsender Class)

This event is fired every time a header line comes in.

Syntax

public class DefaultGisbsenderEventListener implements GisbsenderEventListener {
  ...
  public void header(GisbsenderHeaderEvent e) {}
  ...
}

public class GisbsenderHeaderEvent {
  public String field;
  public String value;
}

Remarks

The Field parameter contains the name of the HTTP header (which is the same as it is delivered). The Value parameter contains the header contents.

If the header line being retrieved is a continuation header line, then the Field parameter contains "" (empty string).

Log Event (Gisbsender Class)

Fired with log information while processing a message.

Syntax

public class DefaultGisbsenderEventListener implements GisbsenderEventListener {
  ...
  public void log(GisbsenderLogEvent e) {}
  ...
}

public class GisbsenderLogEvent {
  public String logType;
  public byte[] logMessage;
}

Remarks

This event fires once for each log message generated by the class. The verbosity is controlled by the LogLevel setting.

Log messages available through this event correspond to log files written to LogDirectory. This event provides a way to obtain log messages without relying on files on disk. This event fires regardless of the value of LogDirectory (i.e. when LogDirectory is empty the event will still fire).

The LogMessage event parameter holds the raw log data.

The LogType event parameter indicates the type of log. Possible values are:

"LOG" Information about the status of the process.
"ERR" An error was encountered.
"DAT" The EDI payload.
"REQ" The raw request
"MDN" The MDN response.
"DEBUG" Debug information.
"DAT.INPUT" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.ENCRYPT" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.COMPRESS" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.SIGN" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.DECRYPT" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.DECOMPRESS" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.VERIFY" Debug information when processing payload. Only applicable when LogDebug is True.
"DAT.DEBUG" Debug information when processing payload. Only applicable when LogDebug is True.

SetCookie Event (Gisbsender Class)

This event is fired for every cookie set by the server.

Syntax

public class DefaultGisbsenderEventListener implements GisbsenderEventListener {
  ...
  public void setCookie(GisbsenderSetCookieEvent e) {}
  ...
}

public class GisbsenderSetCookieEvent {
  public String name;
  public String value;
  public String expires;
  public String domain;
  public String path;
  public boolean secure;
}

Remarks

The SetCookie event is fired for every Set-Cookie: header received from the HTTP server.

The Name parameter contains the name of the cookie, with the corresponding value supplied in the Value parameter.

The Expires parameter contains an expiration time for the cookie (if provided by the server). The time format used is "Weekday, DD-Mon-YY HH:MM:SS GMT". If the server does not provide an expiration time, the Expires parameter will be an empty string. In this case, the convention is to drop the cookie at the end of the session.

The Domain parameter contains a domain name to limit the cookie to (if provided by the server). If the server does not provide a domain name, the Domain parameter will be an empty string. The convention in this case is to use the server specified in the URL (URLServer) as the cookie domain.

The Path parameter contains a path name to limit the cookie to (if provided by the server). If the server does not provide a cookie path, the Path parameter will be an empty string. The convention in this case is to use the path specified in the URL (URLPath) as the cookie path.

The Secure parameter specifies whether the cookie is secure. If the value of this parameter is True, the cookie value must be submitted only through a secure (HTTPS) connection.

SSLServerAuthentication Event (Gisbsender Class)

Fired after the server presents its certificate to the client.

Syntax

public class DefaultGisbsenderEventListener implements GisbsenderEventListener {
  ...
  public void SSLServerAuthentication(GisbsenderSSLServerAuthenticationEvent e) {}
  ...
}

public class GisbsenderSSLServerAuthenticationEvent {
  public byte[] certEncoded;
  public String certSubject;
  public String certIssuer;
  public String status;
  public boolean accept;
}

Remarks

This event is where the client can decide whether to continue with the connection process or not. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether to continue or not.

When Accept is False, Status shows why the verification failed (otherwise, Status contains the string "OK").

SSLStatus Event (Gisbsender Class)

Shows the progress of the secure connection.

Syntax

public class DefaultGisbsenderEventListener implements GisbsenderEventListener {
  ...
  public void SSLStatus(GisbsenderSSLStatusEvent e) {}
  ...
}

public class GisbsenderSSLStatusEvent {
  public String message;
}

Remarks

The event is fired for informational and logging purposes only. Used to track the progress of the connection.

StartTransfer Event (Gisbsender Class)

This event is fired when a document starts transferring (after the headers).

Syntax

public class DefaultGisbsenderEventListener implements GisbsenderEventListener {
  ...
  public void startTransfer(GisbsenderStartTransferEvent e) {}
  ...
}

public class GisbsenderStartTransferEvent {
  public int direction;
}

Remarks

The StartTransfer event is fired first when the client starts sending data to the server (in a POST or PUT request) and then when the document text starts transferring from the server to the local host.

The Direction parameter shows whether the client (0) or the server (1) is sending the data.

Transfer Event (Gisbsender Class)

This event is fired while a document transfers (delivers document).

Syntax

public class DefaultGisbsenderEventListener implements GisbsenderEventListener {
  ...
  public void transfer(GisbsenderTransferEvent e) {}
  ...
}

public class GisbsenderTransferEvent {
  public int direction;
  public long bytesTransferred;
  public int percentDone;
  public byte[] text;
}

Remarks

The Text parameter contains the portion of the document text being received. It is empty if data are being posted to the server.

The BytesTransferred parameter contains the number of bytes transferred in this Direction since the beginning of the document text (excluding HTTP response headers).

The Direction parameter shows whether the client (0) or the server (1) is sending the data.

The PercentDone parameter shows the progress of the transfer in the corresponding direction. If PercentDone can not be calculated the value will be -1.

Note: Events are not re-entrant. Performing time-consuming operations within this event will prevent it from firing again in a timely manner and may affect overall performance.

Certificate Type

This is the digital certificate being used.

Remarks

This type describes the current digital certificate. The certificate may be a public or private key. The fields are used to identify or select certificates.

Fields

EffectiveDate
String (read-only)

Default Value: ""

This is the date on which this certificate becomes valid. Before this date, it is not valid. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

Encoded
String

Default Value: ""

This is the certificate (PEM/base64 encoded). This field is used to assign a specific certificate. The Store and Subject fields also may be used to specify a certificate.

When Encoded is set, a search is initiated in the current Store for the private key of the certificate. If the key is found, Subject is updated to reflect the full subject of the selected certificate; otherwise, Subject is set to an empty string.

EncodedB
byte[]

Default Value: ""

This is the certificate (PEM/base64 encoded). This field is used to assign a specific certificate. The Store and Subject fields also may be used to specify a certificate.

When Encoded is set, a search is initiated in the current Store for the private key of the certificate. If the key is found, Subject is updated to reflect the full subject of the selected certificate; otherwise, Subject is set to an empty string.

ExpirationDate
String (read-only)

Default Value: ""

This is the date the certificate expires. After this date, the certificate will no longer be valid. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

ExtendedKeyUsage
String

Default Value: ""

This is a comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

Fingerprint
String (read-only)

Default Value: ""

This is the hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

FingerprintSHA1
String (read-only)

Default Value: ""

This is the hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

FingerprintSHA256
String (read-only)

Default Value: ""

This is the hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

Issuer
String (read-only)

Default Value: ""

This is the issuer of the certificate. This field contains a string representation of the name of the issuing authority for the certificate.

KeyPassword
String

Default Value: ""

This is the password for the certificate's private key (if any).

Some certificate stores may individually protect certificates' private keys, separate from the standard protection offered by the StorePassword. KeyPassword. This field can be used to read such password-protected private keys.

Note: this property defaults to the value of StorePassword. To clear it, you must set the property to the empty string (""). It can be set at any time, but when the private key's password is different from the store's password, then it must be set before calling PrivateKey.

PrivateKey
String (read-only)

Default Value: ""

This is the private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The PrivateKey may be available but not exportable. In this case, PrivateKey returns an empty string.

PrivateKeyAvailable
boolean (read-only)

Default Value: False

This field shows whether a PrivateKey is available for the selected certificate. If PrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

PrivateKeyContainer
String (read-only)

Default Value: ""

This is the name of the PrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

PublicKey
String (read-only)

Default Value: ""

This is the public key of the certificate. The key is provided as PEM/Base64-encoded data.

PublicKeyAlgorithm
String

Default Value: ""

This field contains the textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

PublicKeyLength
int (read-only)

Default Value: 0

This is the length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

SerialNumber
String (read-only)

Default Value: ""

This is the serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

SignatureAlgorithm
String (read-only)

Default Value: ""

The field contains the text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

Store
String

Default Value: "MY"

This is the name of the certificate store for the client certificate.

The StoreType field denotes the type of the certificate store specified by Store. If the store is password protected, specify the password in StorePassword.

Store is used in conjunction with the Subject field to specify client certificates. If Store has a value, and Subject or Encoded is set, a search for a certificate is initiated. Please see the Subject field for details.

Designations of certificate stores are platform-dependent.

The following are designations of the most common User and Machine certificate stores in Windows:

MYA certificate store holding personal certificates with their associated private keys.
CACertifying authority certificates.
ROOTRoot certificates.

In Java, the certificate store normally is a file containing certificates and optional private keys.

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).

StoreB
byte[]

Default Value: "MY"

This is the name of the certificate store for the client certificate.

The StoreType field denotes the type of the certificate store specified by Store. If the store is password protected, specify the password in StorePassword.

Store is used in conjunction with the Subject field to specify client certificates. If Store has a value, and Subject or Encoded is set, a search for a certificate is initiated. Please see the Subject field for details.

Designations of certificate stores are platform-dependent.

The following are designations of the most common User and Machine certificate stores in Windows:

MYA certificate store holding personal certificates with their associated private keys.
CACertifying authority certificates.
ROOTRoot certificates.

In Java, the certificate store normally is a file containing certificates and optional private keys.

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).

StorePassword
String

Default Value: ""

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

StoreType
int

Default Value: 0

This is the type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used the class will automatically determine the type. This field can take one of the following values:

0 (cstUser - default)For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: this store type is not available in Java.
1 (cstMachine)For Windows, this specifies that the certificate store is a machine store. Note: this store type is not available in Java.
2 (cstPFXFile)The certificate store is the name of a PFX (PKCS12) file containing certificates.
3 (cstPFXBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in PFX (PKCS12) format.
4 (cstJKSFile)The certificate store is the name of a Java Key Store (JKS) file containing certificates. Note: this store type is only available in Java.
5 (cstJKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in Java Key Store (JKS) format. Note: this store type is only available in Java.
6 (cstPEMKeyFile)The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.
7 (cstPEMKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a private key and an optional certificate.
8 (cstPublicKeyFile)The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate.
9 (cstPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a PEM- or DER-encoded public key certificate.
10 (cstSSHPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains an SSH-style public key.
11 (cstP7BFile)The certificate store is the name of a PKCS7 file containing certificates.
12 (cstP7BBlob)The certificate store is a string (binary) representing a certificate store in PKCS7 format.
13 (cstSSHPublicKeyFile)The certificate store is the name of a file that contains an SSH-style public key.
14 (cstPPKFile)The certificate store is the name of a file that contains a PPK (PuTTY Private Key).
15 (cstPPKBlob)The certificate store is a string (binary) that contains a PPK (PuTTY Private Key).
16 (cstXMLFile)The certificate store is the name of a file that contains a certificate in XML format.
17 (cstXMLBlob)The certificate store is a string that contains a certificate in XML format.
18 (cstJWKFile)The certificate store is the name of a file that contains a JWK (JSON Web Key).
19 (cstJWKBlob)The certificate store is a string that contains a JWK (JSON Web Key).
21 (cstBCFKSFile)The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store). Note: this store type is only available in Java and .NET.
22 (cstBCFKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format. Note: this store type is only available in Java and .NET.
23 (cstPKCS11)The certificate is present on a physical security key accessible via a PKCS11 interface.

To use a security key the necessary data must first be collected using the CertMgr class. The ListStoreCertificates method may be called after setting CertStoreType to cstPKCS11, CertStorePassword to the PIN, and CertStore to the full path of the PKCS11 dll. The certificate information returned in the CertList event's CertEncoded parameter may be saved for later use.

When using a certificate, pass the previously saved security key information as the Store and set StorePassword to the PIN.

Code Example: SSH Authentication with Security Key certmgr.CertStoreType = CertStoreTypes.cstPKCS11; certmgr.OnCertList += (s, e) => { secKeyBlob = e.CertEncoded; }; certmgr.CertStore = @"C:\Program Files\OpenSC Project\OpenSC\pkcs11\opensc-pkcs11.dll"; certmgr.CertStorePassword = "123456"; //PIN certmgr.ListStoreCertificates(); sftp.SSHCert = new Certificate(CertStoreTypes.cstPKCS11, secKeyBlob, "123456", "*"); sftp.SSHUser = "test"; sftp.SSHLogon("myhost", 22);

99 (cstAuto)The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically.

Subject
String

Default Value: ""

This is the subject of the certificate used for client authentication.

This field will be populated with the full subject of the loaded certificate. When loading a certificate the subject is used to locate the certificate in the store.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma separated list of distinguished name fields and values. For instance "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are displayed below.

FieldMeaning
CNCommon Name. This is commonly a host name like www.server.com.
OOrganization
OUOrganizational Unit
LLocality
SState
CCountry
EEmail Address

If a field value contains a comma it must be quoted.

SubjectAltNames
String (read-only)

Default Value: ""

This field contains comma-separated lists of alternative subject names for the certificate.

ThumbprintMD5
String (read-only)

Default Value: ""

This field contains the MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

ThumbprintSHA1
String (read-only)

Default Value: ""

This field contains the SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

ThumbprintSHA256
String (read-only)

Default Value: ""

This field contains the SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

Usage
String

Default Value: ""

This field contains the text description of UsageFlags.

This value will be of one or more of the following strings and will be separated by commas:

  • Digital Signatures
  • Key Authentication
  • Key Encryption
  • Data Encryption
  • Key Agreement
  • Certificate Signing
  • Key Signing

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

UsageFlags
int

Default Value: 0

This field contains the flags that show intended use for the certificate. The value of UsageFlags is a combination of the following flags:

0x80Digital Signatures
0x40Key Authentication (Non-Repudiation)
0x20Key Encryption
0x10Data Encryption
0x08Key Agreement
0x04Certificate Signing
0x02Key Signing

Please see the Usage field for a text representation of UsageFlags.

This functionality currently is not available when the provider is OpenSSL.

Version
String (read-only)

Default Value: ""

This field contains the certificate's version number. The possible values are the strings "V1", "V2", and "V3".

Constructors

public Certificate();

Creates a Certificate instance whose properties can be set. This is useful for use with CERTMGR when generating new certificates.

public Certificate( certificateFile);

Opens CertificateFile and reads out the contents as an X509 public key.

public Certificate( certificateData);

Parses CertificateData as an X509 public key.

public Certificate( certStoreType,  store,  storePassword,  subject);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. Store is a file containing the certificate store. StorePassword is the password used to protect the store. After the store has been successfully opened, the class will attempt to find the certificate identified by Subject . This can be either a complete or a substring match of the X509 certificate's subject Distinguished Name (DN).

public Certificate( certStoreType,  store,  storePassword,  subject,  configurationString);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. Store is a file containing the certificate store. StorePassword is the password used to protect the store. ConfigurationString is a newline separated list of name-value pairs that may be used to modify the default behavior. Possible values include "PersistPFXKey", which shows whether or not the PFX key is persisted after performing operations with the private key. This correlates to the PKCS12_NO_PERSIST_KEY CyrptoAPI option. The default value is True (the key is persisted). "Thumbprint" - a MD5, SHA1, or SHA256 thumbprint of the certificate to load. When specified, this value is used to select the certificate in the store. This is applicable to cstUser, cstMachine, cstPublicKeyFile, and cstPFXFile store types. "UseInternalSecurityAPI" shows whether the platform (default) or the internal security API is used when performing certificate-related operations. After the store has been successfully opened, the class will attempt to find the certificate identified by Subject . This can be either a complete or a substring match of the X509 certificate's subject Distinguished Name (DN).

public Certificate( certStoreType,  store,  storePassword,  encoded);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. Store is a file containing the certificate store. StorePassword is the password used to protect the store. After the store has been successfully opened, the class will load Encoded as an X509 certificate and search the opened store for a corresponding private key.

public Certificate( certStoreType,  storeBlob,  storePassword,  subject);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. StoreBlob is a string (binary- or base64-encoded) containing the certificate data. StorePassword is the password used to protect the store. After the store has been successfully opened, the class will attempt to find the certificate identified by Subject . This can be either a complete or a substring match of the X509 certificate's subject Distinguished Name (DN).

public Certificate( certStoreType,  storeBlob,  storePassword,  subject,  configurationString);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. StoreBlob is a string (binary- or base64-encoded) containing the certificate data. StorePassword is the password used to protect the store. After the store has been successfully opened, the class will attempt to find the certificate identified by Subject . This can be either a complete or a substring match of the X509 certificate's subject Distinguished Name (DN).

public Certificate( certStoreType,  storeBlob,  storePassword,  encoded);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. Store is a string (binary- or base64-encoded) containing the certificate store. StorePassword is the password used to protect the store. After the store has been successfully opened, the class will load Encoded as an X509 certificate and search the opened store for a corresponding private key.

Firewall Type

This is the firewall the class will connect through.

Remarks

When connecting through a firewall, this type is used to specify different properties of the firewall, such as the firewall Host and the FirewallType.

Fields

AutoDetect
boolean

Default Value: False

This field tells the class whether or not to automatically detect and use firewall system settings, if available.

Connection information will first be obtained from Java system properties, such as http.proxyHost and https.proxyHost. Java properties may be set in a variety of ways; please consult the Java documentation for information about how firewall and proxy values can be specified.

If no Java system properties define connection information, the class will inspect the Windows registry for connection information that may be present on the system (applicable only on Windows systems).

FirewallType
int

Default Value: 0

This field determines the type of firewall to connect through. The applicable values are as follows:

fwNone (0)No firewall (default setting).
fwTunnel (1)Connect through a tunneling proxy. Port is set to 80.
fwSOCKS4 (2)Connect through a SOCKS4 Proxy. Port is set to 1080.
fwSOCKS5 (3)Connect through a SOCKS5 Proxy. Port is set to 1080.
fwSOCKS4A (10)Connect through a SOCKS4A Proxy. Port is set to 1080.

Host
String

Default Value: ""

This field contains the name or IP address of firewall (optional). If a Host is given, the requested connections will be authenticated through the specified firewall when connecting.

If this field is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, this field is set to the corresponding address. If the search is not successful, the class throws an exception.

Password
String

Default Value: ""

This field contains a password if authentication is to be used when connecting through the firewall. If Host is specified, the User and Password fields are used to connect and authenticate to the given firewall. If the authentication fails, the class throws an exception.

Port
int

Default Value: 0

This field contains the transmission control protocol (TCP) port for the firewall Host. See the description of the Host field for details.

Note: This field is set automatically when FirewallType is set to a valid value. See the description of the FirewallType field for details.

User
String

Default Value: ""

This field contains a user name if authentication is to be used connecting through a firewall. If the Host is specified, this field and Password fields are used to connect and authenticate to the given Firewall. If the authentication fails, the class throws an exception.

Constructors

public Firewall();



GISBData Type

The EDI payload of the message.

Remarks

The EDI payload of the message.

Fields

Data
String

Default Value: ""

This field contains the EDI payload of the transmission.

In a receiver, this field will only be populated if OutputStream has not been specified and ParseRequest finishes without an error. Data will contain the full decrypted text of the EDI message.

DataB
byte[]

Default Value: ""

This field contains the EDI payload of the transmission.

In a receiver, this field will only be populated if OutputStream has not been specified and ParseRequest finishes without an error. Data will contain the full decrypted text of the EDI message.

EDIType
String

Default Value: "X12"

The EDIType of the EDI message. The default value is "X12". EDIType may also be set to "error", in which case the message is an error relating to a previous message. In this case the ErrorMessage property and related properties will provide more information.

Filename
String

Default Value: ""

In a sender, if Filename is specified, the file specified will be used for the EDI payload of the transmission. Name will be populated with the name of the file.

In a receiver, if this field is set prior to calling ParseFormData and ParseRequest the incoming data will be decrypted and written to the file at the specified path.

Note: When OutputStream is set, the data will be written to the stream and this field will not be populated.

InputStream
java.io.InputStream

Default Value: ""

In a sender, if InputStream is specified, the data from the specified stream will be used for the EDI payload of the transmission.

Name
String

Default Value: "rfc1767.edi"

Name is the final name to be associated with the contents of either the Data or FileName fields. This corresponds to the filename attribute of the Content-Disposition header for the EDI payload.

When constructing EDI data to be sent, Name will be set to the same value as FileName, but can be overridden after setting FileName to indicate that another name should be used in the outbound request's Content-Disposition MIME header.

When receiving EDI data, Name will be read out of the "filename" attribute of the inbound request's Content-Disposition MIME header.

OutputStream
java.io.OutputStream

Default Value: ""

In a receiver, if this field is set, the EDI payload will be written to this stream if ParseRequest finishes without an error. The specified stream will contain the full decrypted text of the EDI message.

Constructors

public GISBData();



public GISBData( data,  EDIType);



public GISBData( filename,  EDIType);



GISBElement Type

A name-value pair for extra data to be sent with a GISB message.

Remarks

A name-value pair for extra data to be sent with a GISB message.

Fields

Name
String

Default Value: ""

The name of the current data element.

Value
String

Default Value: ""

The value of the current data element.

Constructors

public GISBElement();



public GISBElement( name,  value);



HTTPCookie Type

An HTTP cookie can be either sent to or received from the server.

Remarks

An HTTP cookie can store the cookies that are to be sent to the server. It also may store the cookies sent by the server.

Cookies that are to be sent to the server must have the Name and Value fields supplied before submitting the URL. When the SetCookie event is fired, however, all of the fields of an HTTPCookie are filled out accordingly.

Fields

Domain
String (read-only)

Default Value: ""

This is the domain of a received cookie. This field contains a domain name to limit the cookie to (if provided by the server). If the server does not provide a domain name, this field will contain an empty string. The convention in this case is to use the server name specified by URLServer as the cookie domain.

Expiration
String (read-only)

Default Value: ""

This field contains an expiration time for the cookie (if provided by the server). The time format used is "Weekday, DD-Mon-YY HH:MM:SS GMT". If the server does not provide an expiration time, this field will contain an empty string. The convention is to drop the cookie at the end of the session.

Name
String

Default Value: ""

This field, contains the name of the cookie.

This field, along with Value, stores the cookie that is to be sent to the server. The SetCookie event displays the cookies sent by the server and their properties.

Path
String (read-only)

Default Value: ""

This field contains a path name to limit the cookie to (if provided by the server). If the server does not provide a cookie path, the path field will be an empty string. The convention in this case is to use the path specified by URLPath as the cookie path.

Secure
boolean (read-only)

Default Value: False

This field contains the security flag of the received cookie. This field specifies whether the cookie is secure. If the value of this field is True, the cookie value must be submitted only through a secure (HTTPS) connection.

Value
String

Default Value: ""

This field contains the value of the cookie. A corresponding value is associated with the cookie specified by Name. This property holds that value.

The SetCookie event provides the cookies set by the server.

Constructors

public HTTPCookie();



public HTTPCookie( name,  value);



Proxy Type

This is the proxy the class will connect to.

Remarks

When connecting through a proxy, this type is used to specify different properties of the proxy, such as the Server and the AuthScheme.

Fields

AuthScheme
int

Default Value: 0

This field is used to tell the class which type of authorization to perform when connecting to the proxy. This is used only when the User and Password fields are set.

AuthScheme should be set to authNone (3) when no authentication is expected.

By default, AuthScheme is authBasic (0), and if the User and Password fields are set, the component will attempt basic authentication.

If AuthScheme is set to authDigest (1), digest authentication will be attempted instead.

If AuthScheme is set to authProprietary (2), then the authorization token will not be generated by the class. Look at the configuration file for the class being used to find more information about manually setting this token.

If AuthScheme is set to authNtlm (4), NTLM authentication will be used.

For security reasons, setting this field will clear the values of User and Password.

AutoDetect
boolean

Default Value: False

This field tells the class whether or not to automatically detect and use proxy system settings, if available. The default value is false.

Note: This setting is applicable only in Windows.

Password
String

Default Value: ""

This field contains a password if authentication is to be used for the proxy.

If AuthScheme is set to Basic Authentication, the User and Password are Base64 encoded and the proxy authentication token will be generated in the form Basic [encoded-user-password].

If AuthScheme is set to Digest Authentication, the User and Password fields are used to respond to the Digest Authentication challenge from the server.

If AuthScheme is set to NTLM Authentication, the User and Password fields are used to authenticate through NTLM negotiation.

Port
int

Default Value: 80

This field contains the Transmission Control Protocol (TCP) port for the proxy Server (default 80). See the description of the Server field for details.

Server
String

Default Value: ""

If a proxy Server is given, then the HTTP request is sent to the proxy instead of the server otherwise specified.

If the Server field is set to a domain name, a DNS request is initiated. Upon successful termination of the request, the Server field is set to the corresponding address. If the search is not successful, an error is returned.

SSL
int

Default Value: 0

This field determines when to use a Secure Sockets Layer (SSL) for the connection to the proxy. The applicable values are as follows:

psAutomatic (0)Default setting. If the URL is an https URL, the class will use the psTunnel option. If the URL is an http URL, the class will use the psNever option.
psAlways (1)The connection is always SSL enabled.
psNever (2)The connection is not SSL enabled.
psTunnel (3)The connection is made through a tunneling (HTTP) proxy.

User
String

Default Value: ""

This field contains a user name, if authentication is to be used for the proxy.

If AuthScheme is set to Basic Authentication, the User and Password are Base64 encoded and the proxy authentication token will be generated in the form Basic [encoded-user-password].

If AuthScheme is set to Digest Authentication, the User and Password fields are used to respond to the Digest Authentication challenge from the server.

If AuthScheme is set to NTLM Authentication, the User and Password fields are used to authenticate through NTLM negotiation.

Constructors

public Proxy();



public Proxy( server,  port);



public Proxy( server,  port,  user,  password);



Config Settings (Gisbsender Class)

The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

GISBSender Config Settings

AllowOldPacketType:   Whether to allow the older encrypted packet type.

By default the class will only encrypt data using the newer and more secure integrity protected data packet type. Old implementations such as PGP 6.5.8 may require the older less secure data packet type.

When set to True the class will read the features from the recipient key to determine if the older packet type is required. If the key does require the old packet type, then the older packet type will be used. If the key does not require the old packet type, then the new integrity protected packet type will still be used.

By default this value is False. This means under no conditions is the older less secure packet type used. The newer integrity protected packet type is always used.

Only enable this setting if you have a requirement to do so.

Authorization:   The Authorization string to be sent to the server.

If the Authorization setting contains a non-empty string, an Authorization HTTP request header is added to the request. This header conveys Authorization information to the server.

This setting is provided so that the class can be extended with other security schemes in addition to the authorization schemes already implemented by the class.

The AuthScheme; setting defines the authentication scheme used. In the case of HTTP Basic Authentication (default), every time User and Password are set, they are Base64 encoded, and the result is put in the Authorization setting in the form "Basic [encoded-user-password]".

AuthScheme:   The authorization scheme to be used when server authorization is to be performed.

Use the AuthScheme property to tell the component which type of authorization to perform when the User and Password properties are set. Possible values are:

0 (default)Basic
1Digest
2Proprietary
3None
4NTLM
5Negotiate
6OAuth
By default, AuthScheme is Basic (0), and if the User and Password configuration settings are set, the component will attempt basic authentication. If AuthScheme is set to Digest (1), digest authentication will be attempted instead.

For security reasons, setting this value will clear the values of User and Password.

ForceV3Signature:   Whether to use v3 signatures.

This setting is used to force v3 signatures for compatibility with older PGP implementations (versions 5 through 7).

The default value is False.

LogFilename:   The base name of the log file.

If set, this will be used as for the filename of the log file.

Note that only the base name should be specified as the component will append the appropriate file extension.

LogLevel:   Specifies the level of detail that is logged.

This setting is only applicable if PGPProviderType is set to Internal (1). This setting controls the level of detail that is logged through the Status event. Possible values are:

0 (None)No events are logged.
1 (Info - default)Informational events are logged.
2 (Verbose)Detailed data is logged.
3 (Debug)Debug data is logged.
Password:   A password if authentication is to be used.

If AuthScheme is set to Basic, the User and Password are Base64 encoded and the result is put in the Authorization configuration setting in the form "Basic [encoded-user-password]".

If AuthScheme is set to Digest, the User and Password properties are used to respond to the HTTP Digest Authentication challenge from the server.

The User and Password properties must be set only after the URL property is set. When the URL property is set, for security reasons, User and Password are immediately cleared.

PGPCombineSignAndEncrypt:   Whether to sign and encrypt in a single step or not.

By default, when signing and encrypting the GISB data, the class will sign first and then encrypt the signed message in a separate step. When this property is set to true, signing and encrypting will be combined into a single step.

Note that if you are using an external provider (i.e. PGPProviderType is set to 0), setting PGPCombineSignAndEncrypt to true will cause the class to call the PGPProvider's SignAndEncrypt method.

User:   A user name if authentication is to be used.

If AuthScheme is set to Basic, the User and Password are Base64 encoded and the result is put in the Authorization configuration setting in the form "Basic [encoded-user-password]".

If AuthScheme is set to Digest, the User and Password properties are used to respond to the HTTP Digest Authentication challenge from the server.

The User and Password properties must be set only after the URL property is set. When the URL property is set, for security reasons, User and Password are immediately cleared.

Base Config Settings

BuildInfo:   Information about the product's build.

When queried, this setting will return a string containing information about the product's build.

GUIAvailable:   Tells the class whether or not a message loop is available for processing events.

In a GUI-based application, long-running blocking operations may cause the application to stop responding to input until the operation returns. The class will attempt to discover whether or not the application has a message loop and, if one is discovered, it will process events in that message loop during any such blocking operation.

In some non-GUI applications, an invalid message loop may be discovered that will result in errant behavior. In these cases, setting GUIAvailable to false will ensure that the class does not attempt to process external events.

LicenseInfo:   Information about the current license.

When queried, this setting will return a string containing information about the license this instance of a class is using. It will return the following information:

  • Product: The product the license is for.
  • Product Key: The key the license was generated from.
  • License Source: Where the license was found (e.g., RuntimeLicense, License File).
  • License Type: The type of license installed (e.g., Royalty Free, Single Server).
  • Last Valid Build: The last valid build number for which the license will work.
MaskSensitive:   Whether sensitive data is masked in log messages.

In certain circumstances it may be beneficial to mask sensitive data, like passwords, in log messages. Set this to true to mask sensitive data. The default is true.

This setting only works on these classes: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer.

UseDaemonThreads:   Whether threads created by the class are daemon threads.

If set to True (default), when the class creates a thread, the thread's Daemon property will be explicitly set to True. When set to False, the class will not set the Daemon property on the created thread. The default value is True.

UseFIPSCompliantAPI:   Tells the class whether or not to use FIPS certified APIs.

When set to true, the class will utilize the underlying operating system's certified APIs. Java editions, regardless of OS, utilize Bouncy Castle FIPS, while all the other Windows editions make use of Microsoft security libraries.

The Java edition requires installation of the FIPS certified Bouncy Castle library regardless of the target operating system. This can be downloaded from https://www.bouncycastle.org/fips-java/. Only the "Provider" library is needed. The jar file should then be installed in a JRE search path.

In the application where the component will be used the following classes must be imported:

import java.security.Security; import org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider;

The Bouncy Castle provider must be added as a valid provider and must also be configured to operate in FIPS mode:

System.setProperty("org.bouncycastle.fips.approved_only","true"); Security.addProvider(new BouncyCastleFipsProvider());

When UseFIPSCompliantAPI is true, SSL enabled classes can optionally be configured to use the TLS Bouncy Castle library. When SSLProvider is set to sslpAutomatic (default) or sslpInternal an internal TLS implementation is used, but all cryptographic operations are offloaded to the BCFIPS provider in order to achieve FIPS compliant operation. If SSLProvider is set to sslpPlatform the Bouncy Castle JSSE will be used in place of the internal TLS implementation.

To enable the use of the Bouncy Castle JSSE take the following steps in addition to the steps above. Both the Bouncy Castle FIPS provider and the Bouncy Castle JSSE must be configured to use the Bouncy Castle TLS library in FIPS mode. Obtain the Bouncy Castle TLS library from https://www.bouncycastle.org/fips-java/. The jar file should then be installed in a JRE search path.

In the application where the component will be used the following classes must be imported:

import java.security.Security; import org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider; //required to use BCJSSE when SSLProvider is set to sslpPlatform import org.bouncycastle.jsse.provider.BouncyCastleJsseProvider;

The Bouncy Castle provider must be added as a valid provider and must also be configured to operate in FIPS mode:

System.setProperty("org.bouncycastle.fips.approved_only","true"); Security.addProvider(new BouncyCastleFipsProvider()); //required to use BCJSSE when SSLProvider is set to sslpPlatform Security.addProvider(new BouncyCastleJsseProvider("fips:BCFIPS")); //optional - configure logging level of BCJSSE Logger.getLogger("org.bouncycastle.jsse").setLevel(java.util.logging.Level.OFF); //configure the class to use BCJSSE component.setSSLProvider(1); //platform component.config("UseFIPSCompliantAPI=true"); Note: TLS 1.3 support requires the Bouncy Castle TLS library version 1.0.14 or later.

FIPS mode can be enabled by setting the UseFIPSCompliantAPI configuration setting to true. This is a static setting which applies to all instances of all classes of the toolkit within the process. It is recommended to enable or disable this setting once before the component has been used to establish a connection. Enabling FIPS while an instance of the component is active and connected may result in unexpected behavior.

For more details please see the FIPS 140-2 Compliance article.

Note: Enabling FIPS-compliance requires a special license; please contact sales@nsoftware.com for details.

UseInternalSecurityAPI:   Tells the class whether or not to use the system security libraries or an internal implementation.

When set to false, the class will use the system security libraries by default to perform cryptographic functions where applicable.

Setting this setting to true tells the class to use the internal implementation instead of using the system security libraries.

This setting is set to false by default on all platforms.

Trappable Errors (Gisbsender Class)

GISBSender Errors

651   Required field unspecified (by client).
662   Invalid request status reported by server (details follow).
664   Data was not processed by PGP.
701   Unable to write log file.
713   Unable to decompress message.

MIME Errors

3   Can't create the file for write (illegal name or disk is write-protected).
4   Can't open the file for read (doesn't exist?).
5   Can't read from file.
6   Can't write to file (disk full?).
280   Invalid Part Index.
281   Unknown MIME type.
282   No MIME-boundary found.
283   No file given.
284   The class is busy.
285   Can't create a temporary file to decode the data.
286   Can't read Message file.
287   No header separator found.
289   No separator found.
290   Input stream must have seeking enabled.

HTTP Errors

118   Firewall Error. Error description contains detailed message.
143   Busy executing current method.
151   HTTP protocol error. The error message has the server response.
152   No server specified in URL
153   Specified URLScheme is invalid.
155   Range operation is not supported by server.
156   Invalid cookie index (out of range).
301   Interrupted.
302   Can't open AttachedFile.

TCPClient Errors

100   You cannot change the RemotePort at this time. A connection is in progress.
101   You cannot change the RemoteHost (Server) at this time. A connection is in progress.
102   The RemoteHost address is invalid (0.0.0.0).
104   Already connected. If you want to reconnect, close the current connection first.
106   You cannot change the LocalPort at this time. A connection is in progress.
107   You cannot change the LocalHost at this time. A connection is in progress.
112   You cannot change MaxLineLength at this time. A connection is in progress.
116   RemotePort cannot be zero. Please specify a valid service port number.
117   You cannot change the UseConnection option while the class is active.
135   Operation would block.
201   Timeout.
211   Action impossible in control's present state.
212   Action impossible while not connected.
213   Action impossible while listening.
301   Timeout.
303   Could not open file.
434   Unable to convert string to selected CodePage.
1105   Already connecting. If you want to reconnect, close the current connection first.
1117   You need to connect first.
1119   You cannot change the LocalHost at this time. A connection is in progress.
1120   Connection dropped by remote host.

TCP/IP Errors

10004   [10004] Interrupted system call.
10009   [10009] Bad file number.
10013   [10013] Access denied.
10014   [10014] Bad address.
10022   [10022] Invalid argument.
10024   [10024] Too many open files.
10035   [10035] Operation would block.
10036   [10036] Operation now in progress.
10037   [10037] Operation already in progress.
10038   [10038] Socket operation on non-socket.
10039   [10039] Destination address required.
10040   [10040] Message too long.
10041   [10041] Protocol wrong type for socket.
10042   [10042] Bad protocol option.
10043   [10043] Protocol not supported.
10044   [10044] Socket type not supported.
10045   [10045] Operation not supported on socket.
10046   [10046] Protocol family not supported.
10047   [10047] Address family not supported by protocol family.
10048   [10048] Address already in use.
10049   [10049] Can't assign requested address.
10050   [10050] Network is down.
10051   [10051] Network is unreachable.
10052   [10052] Net dropped connection or reset.
10053   [10053] Software caused connection abort.
10054   [10054] Connection reset by peer.
10055   [10055] No buffer space available.
10056   [10056] Socket is already connected.
10057   [10057] Socket is not connected.
10058   [10058] Can't send after socket shutdown.
10059   [10059] Too many references, can't splice.
10060   [10060] Connection timed out.
10061   [10061] Connection refused.
10062   [10062] Too many levels of symbolic links.
10063   [10063] File name too long.
10064   [10064] Host is down.
10065   [10065] No route to host.
10066   [10066] Directory not empty
10067   [10067] Too many processes.
10068   [10068] Too many users.
10069   [10069] Disc Quota Exceeded.
10070   [10070] Stale NFS file handle.
10071   [10071] Too many levels of remote in path.
10091   [10091] Network subsystem is unavailable.
10092   [10092] WINSOCK DLL Version out of range.
10093   [10093] Winsock not loaded yet.
11001   [11001] Host not found.
11002   [11002] Non-authoritative 'Host not found' (try again or check DNS setup).
11003   [11003] Non-recoverable errors: FORMERR, REFUSED, NOTIMP.
11004   [11004] Valid name, no data record (check DNS setup).